Terraform Associate Exam 1

1 / 10

Question

Your organization is using Terraform to manage AWS infrastructure. You are tasked with deploying an S3 bucket as part of your Terraform configuration. Your team wants to ensure that the S3 bucket is encrypted by default using AWS-managed keys (SSE-S3) for data-at-rest encryption.

Which Terraform resource block is the BEST way to configure an S3 bucket with default server-side encryption using AWS-managed keys?

2 / 10

Question

You have a Terraform module that creates an AWS VPC, subnets, and EC2 instances. The team follows Infrastructure as Code (IaC) practices and has a requirement to ensure that changes made to the subnet configuration are reviewed before being deployed. You need a solution that allows changes to be proposed, reviewed, and approved without applying changes immediately.

Which Terraform feature allows you to achieve this?

3 / 10

Question

You are working with Terraform in a production environment and have deployed AWS infrastructure. Your team uses a CI/CD pipeline to deploy Terraform changes. During a deployment, you encounter an error related to a resource not being properly destroyed or updated due to a dependency issue.

How should you address these issues to ensure Terraform handles resource creation, updates, and destruction safely?

4 / 10

Question

Your team is working on a Terraform project to provision AWS EC2 instances. You’ve created a module that provisions EC2 instances and outputs their public IP addresses. After running terraform apply, the team notices that the EC2 instances are provisioned but the terraform output command doesn’t return the expected output.

What is the MOST likely reason why the terraform output command isn’t showing the expected data?

5 / 10

Question

You are creating a new Terraform module that provisions AWS resources. To make the module reusable across different environments (e.g., production, staging, and testing), you need to pass variable values dynamically during execution.

Which Terraform feature is the BEST way to dynamically pass environment-specific values, such as AWS region, to your module?

6 / 10

Question

Your team has deployed infrastructure with Terraform using a remote backend for state management. You need to change the backend configuration for Terraform from S3 to Terraform Cloud. After making the configuration change, you execute terraform init, but Terraform returns an error.

What should you do to resolve the issue safely without losing any infrastructure state?

7 / 10

Question

You are implementing Terraform in a collaborative team environment to manage AWS infrastructure. Your team has a policy to ensure that different development branches can work independently without interfering with each other’s infrastructure changes. This includes isolating state, allowing team members to test changes safely, and maintaining an isolated environment per branch or feature.

Which of the following approaches is the BEST way to ensure safe and independent Terraform state management for each team member’s development branch?

8 / 10

Question

You are creating a Terraform module that provisions AWS S3 buckets. The team requires that every S3 bucket you create must have versioning enabled by default. How can you ensure versioning is enabled on all S3 buckets created by Terraform?

9 / 10

Question

Your team is deploying multiple AWS resources using Terraform. The infrastructure team wants to ensure that Terraform’s execution plan must be approved before any actual changes are applied to the infrastructure. This would allow the team to validate the proposed changes before they are executed.

Which Terraform command ensures that the execution plan is reviewed and approved before making any changes?

10 / 10

Question

You are working on a Terraform configuration to deploy a virtual private cloud (VPC) with a CIDR block of 10.0.0.0/16. Your team needs to ensure that the VPC is created only if it doesn’t already exist, preventing accidental overwrites or recreation during deployments.

Which Terraform feature allows you to check the existence of a resource or conditionally create resources based on certain preconditions?

Your score is

The average score is 45%

0%