30 Terraform Q&A
30 Terraform Q&A
30 Terraform Q&A
```terraform
ami = "ami-12345678"
instance_type = "t2.micro"
```
```terraform
variable "region" {
default = "us-west-2"
provider "aws" {
region = var.region
```
3. Q: How can you create multiple instances with di erent con gurations
using Terraform?
```terraform
count = 3
ami = "ami-12345678"
instance_type = "t2.micro"
subnet_id = "subnet-12345678"
ff
fi
fl
fi
ff
fi
fi
availability_zone = "us-west-2${count.index}"
```
```terraform
ami = "ami-12345678"
instance_type = "t2.micro"
provisioner "remote-exec" {
inline = [
```
```terraform
ami = "ami-12345678"
instance_type = "t2.micro"
name = "web_sg"
depends_on = [aws_instance.web]
```
ff
fi
A: You can use Terraform workspaces or separate directories for each
environment. Workspaces allow you to maintain separate state les and
manage environment-speci c variables. Here's an example using
workspaces:
```terraform
terraform {
backend "s3" {
bucket = "terraform-state"
key = "dev/terraform.tfstate"
region = "us-west-2"
```
7. Q: How can you reference outputs from one Terraform module in another
module?
A: To reference outputs from one module in another module, you can use the
`module` syntax. Here's an example:
```terraform
module "vpc" {
source = "./modules/vpc"
module "ec2
" {
source = "./modules/ec2"
vpc_id = module.vpc.vpc_id
```
```terraform
provider "aws" {
access_key = var.aws_access_key
secret_key = var.aws_secret_key
fi
fi
fi
fi
```
```terraform
instance_type = "t2.micro"
```
```terraform
# ...
lifecycle {
create_before_destroy = true
# ...
```
11. Q: How can you manage secrets or sensitive data within Terraform?
A: Terraform has a feature called "Sensitive Data" that allows you to mark
sensitive values, preventing them from being shown in the Terraform output
or stored in the Terraform state le. Here's an example:
```terraform
fi
fi
ff
fi
fi
fi
ff
ffi
fi
bucket = "my-bucket"
access_key = sensitive("my-access-key")
```
```terraform
terraform {
backend "s3" {
bucket = "my-terraform-state"
key = "example.tfstate"
region = "us-west-2"
```
13. Q: How can you use Terraform to manage infrastructure across multiple
cloud providers?
```terraform
provider "aws" {
access_key = "AWS_ACCESS_KEY"
secret_key = "AWS_SECRET_KEY"
region = "us-west-2"
provider "azurerm" {
subscription_id = "AZURE_SUBSCRIPTION_ID"
client_id = "AZURE_CLIENT_ID"
client_secret = "AZURE_CLIENT_SECRET"
tenant_id = "AZURE_TEN
ANT_ID"
fi
fi
resource "aws_instance" "example" {
# ...
# ...
```
```shell
```
```terraform
module "network" {
source = "./modules/network"
module "compute" {
source = "./modules/compute"
depends_on = [module.network]
```
16. Q: How can you perform a dry-run in Terraform without making any
changes to the infrastructure?
```shell
fi
fi
fi
fi
fl
fi
fl
terraform plan -detailed-exitcode
```
A: You can use input variables with sensitive values and mark them as
sensitive in the module de nition. This prevents the values from being shown
in the Terraform output or stored in the state le. Here's an example:
```terraform
variable "secret_value" {
type = string
sensitive = true
module "example" {
source = "./modules/example"
secret_value = var.secret_value
```
18. Q: How can you handle changes to Terraform con gurations that require
re-creating resources?
```shell
```
```shell
terraform init
```
20. Q: How can you retrieve outputs from a Terraform state le?
fi
fi
fi
fi
fi
fi
fi
A: Terraform provides the `terraform output` command, which can be used to
retrieve the values of outputs de ned in the con guration. Here's an
example:
```shell
```
```shell
terraform destroy
```
actions to be taken before or after resource creation or deletion. You can use
the `prevent_destroy` lifecycle setting to prevent accidental deletion of critical
resources. Here's an example:
```terraform
# ...
lifecycle {
prevent_destroy = true
```
A: Terraform supports state locking and versioning through the use of remote
backends. By using a remote backend like Terraform Cloud or Amazon S3
with versioning enabled, you can ensure safe collaboration and track
changes to the infrastructure state. Here's an example con guration with an
S3 backend:
fi
fi
fi
fi
fi
fi
fi
fi
```terraform
terraform {
backend "s3" {
bucket = "terraform-state"
key = "example.tfstate"
region = "us-west-2"
dynamodb_table = "terraform-state-lock"
encrypt = true
versioning = true
```
24. Q: How can you use Terraform modules from the Terraform Registry?
A: The Terraform Registry allows you to discover and use pre-built modules
created by the community. To use a module from the registry, you can
specify its source in your Terraform con guration. Here's an example:
```terraform
module "example" {
source = "terraform-aws-modules/vpc/aws"
version = "2.0.0"
# ...
```
```shell
terraform plan
terraform apply
```
26. Q: How can you enforce naming conventions for resources created by
Terraform?
fi
fi
ff
fi
fi
fi
```terraform
variable "environment" {
type = string
ami = "ami-12345678"
instance_type = "t2.micro"
tags = {
Name = "web-${var.environment}-instance"
```
```terraform
terraform {
backend "s3" {
bucket = "my-terraform-state"
key = "example.tfstate"
region = "us-west-2"
```
28. Q: How can you enable debugging and verbose logging in Terraform?
```shell
export
TF_LOG=DEBUG
```
fi
fi
fi
fi
fi
fi
29. Q: How do you handle dependencies on external resources not managed
by Terraform?
```terraform
ami = "ami-12345678"
instance_type = "t2.micro"
user_data = data.external.example.result
```
```terraform
module "network" {
source = "./modules/network"
# ...
module "compute" {
source = "./modules/compute"
subnet_ids = module.network.subnet_ids
# ...
```