Terraform-Associate-003 Pre-Exam Practice Tests | (Updated 140 Questions) Valid Terraform-Associate-003 Exam Q A PDF - One Year Free Update NEW QUESTION # 66 Which of these ate secure options for storing secrets for connecting to a Terraform remote backend? Choose two correct answers. A. Defined in Environment variables B. A variable file C. Inside the backend block within the Terraform configuration [...]

All Products Contact now

Terraform-Associate-003 Pre-Exam Practice Tests (Updated 140 Questions) [Q66-Q86]

Share

Terraform-Associate-003 Pre-Exam Practice Tests | (Updated 140 Questions)

Valid Terraform-Associate-003 Exam Q&A PDF - One Year Free Update

NEW QUESTION # 66
Which of these ate secure options for storing secrets for connecting to a Terraform remote backend? Choose two correct answers.

  • A. Defined in Environment variables
  • B. A variable file
  • C. Inside the backend block within the Terraform configuration
  • D. Defined in a connection configuration outside of Terraform

Answer: A,D

Explanation:
Explanation
Environment variables and connection configurations outside of Terraform are secure options for storing secrets for connecting to a Terraform remote backend. Environment variables can be used to set values for input variables that contain secrets, such as backend access keys or tokens. Terraform will read environment variables that start with TF_VAR_ and match the name of an input variable. For example, if you have an input variable called backend_token, you can set its value with the environment variable TF_VAR_backend_token1.
Connection configurations outside of Terraform are files or scripts that provide credentials or other information for Terraform to connect to a remote backend. For example, you can use a credentials file for the S3 backend2, or a shell script for the HTTP backend3. These files or scripts are not part of the Terraform configuration and can be stored securely in a separate location. The other options are not secure for storing secrets. A variable file is a file that contains values for input variables. Variable files are usually stored in the same directory as the Terraform configuration or in a version control system. This exposes the secrets to anyone who can access the files or the repository. You should not store secrets in variable files1. Inside the backend block within the Terraform configuration is where you specify the type and settings of the remote backend. The backend block is part of the Terraform configuration and is usually stored in a version control system. This exposes the secrets to anyone who can access the configuration or the repository. You should not store secrets in the backend block4. References = [Terraform Input Variables]1, [Backend Type: s3]2,
[Backend Type: http]3, [Backend Configuration]4


NEW QUESTION # 67
Which command should you run to check if all code in a Terraform configuration that references multiple modules is properly formatted without making changes?

  • A. terraform fmt -check -recursive
  • B. terraform fmt -check
  • C. terraform fmt -write-false
  • D. terraform fmt -list -recursive

Answer: A

Explanation:
Explanation
This command will check if all code in a Terraform configuration that references multiple modules is properly formatted without making changes, and will return a non-zero exit code if any files need formatting. The other commands will either make changes, list the files that need formatting, or not check the modules.


NEW QUESTION # 68
What kind of configuration block will create an infrastructure object with settings specified within the block?

  • A. resource
  • B. data
  • C. state
  • D. provider

Answer: A

Explanation:
Explanation
This is the kind of configuration block that will create an infrastructure object with settings specified within the block. The other options are not used for creating infrastructure objects, but for configuring providers, accessing state data, or querying data sources.


NEW QUESTION # 69
If a module declares a variable with a default, that variable must also be defined within the module.

  • A. False
  • B. True

Answer: A

Explanation:
Explanation
A module can declare a variable with a default value without requiring the caller to define it. This allows the module to provide a sensible default behavior that can be customized by the caller if needed. References =
[Module Variables]


NEW QUESTION # 70
When you use a remote backend that needs authentication, HashiCorp recommends that you:

  • A. Write the authentication credentials in the Terraform configuration files
  • B. Use partial configuration to load the authentication credentials outside of the Terraform code
  • C. Push your Terraform configuration to an encrypted git repository
  • D. Keep the Terraform configuration files in a secret store

Answer: B

Explanation:
Explanation
This is the recommended way to use a remote backend that needs authentication, as it allows you to provide the credentials via environment variables, command-line arguments, or interactive prompts, without storing them in the Terraform configuration files.


NEW QUESTION # 71
Terraform can only manage resource dependencies if you set them explicitly with the depends_on argument.

  • A. False
  • B. True

Answer: A

Explanation:
Explanation
Terraform can manage resource dependencies implicitly or explicitly. Implicit dependencies are created when a resource references another resource or data source in its arguments. Terraform can infer the dependency from the reference and create or destroy the resources in the correct order. Explicit dependencies are created when you use the depends_on argument to specify that a resource depends on another resource or module.
This is useful when Terraform cannot infer the dependency from the configuration or when you need to create a dependency for some reason outside of Terraform's scope. References = : Create resource dependencies : Terraform Resource Dependencies Explained


NEW QUESTION # 72
Terraform providers are part of the Terraform core binary.

  • A. False
  • B. True

Answer: A

Explanation:
Explanation
Terraform providers are not part of the Terraform core binary. Providers are distributed separately from Terraform itself and have their own release cadence and version numbers. Providers are plugins that Terraform uses to interact with various APIs, such as cloud providers, SaaS providers, and other services. You can find and install providers from the Terraform Registry, which hosts providers for most major infrastructure platforms. You can also load providers from a local mirror or cache, or develop your own custom providers.
To use a provider in your Terraform configuration, you need to declare it in the provider requirements block and optionally configure its settings in the provider block. References = : Providers - Configuration Language | Terraform : Terraform Registry - Providers Overview | Terraform


NEW QUESTION # 73
You're building a CI/CD (continuous integration/continuous delivery) pipeline and need to inject sensitive variables into your Terraform run. How can you do this safely?

  • A. Pass variables to Terraform with a -var flag
  • B. Store the sensitive variables in a secure_varS.tf file
  • C. Store the sensitive variables as plain text in a source code repository
  • D. Copy the sensitive variables into your Terraform code

Answer: A

Explanation:
Explanation
This is a secure way to inject sensitive variables into your Terraform run, as they will not be stored in any file or source code repository. You can also use environment variables or variable files with encryption to pass sensitive variables to Terraform.


NEW QUESTION # 74
A module can always refer to all variables declared in its parent module.

  • A. False
  • B. True

Answer: A

Explanation:
Explanation
A module cannot always refer to all variables declared in its parent module, as it needs to explicitly declare input variables and assign values to them from the parent module's arguments. A module cannot access the parent module's variables directly, unless they are passed as input arguments.


NEW QUESTION # 75
Your security team scanned some Terraform workspaces and found secrets stored in plaintext in state files.
How can you protect that data?

  • A. Edit your state file to scrub out the sensitive data
  • B. Delete the state file every time you run Terraform
  • C. Store the state in an encrypted backend
  • D. Always store your secrets in a secrets.tfvars file

Answer: C

Explanation:
Explanation
This is a secure way to protect sensitive data in the state file, as it will be encrypted at rest and in transit2. The other options are not recommended, as they could lead to data loss, errors, or security breaches.


NEW QUESTION # 76
Which parameters does terraform import require? Choose two correct answers.

  • A. Provider
  • B. Path
  • C. Resource address
  • D. Resource ID

Answer: C,D

Explanation:
Explanation
These are the parameters that terraform import requires, as they allow Terraform to identify the existing resource that you want to import into your state file, and match it with the corresponding configuration block in your files.


NEW QUESTION # 77
You must use different Terraform commands depending on the cloud provider you use.

  • A. False
  • B. True

Answer: A

Explanation:
Explanation
You do not need to use different Terraform commands depending on the cloud provider you use. Terraform commands are consistent across different providers, as they operate on the Terraform configuration files and state files, not on the provider APIs directly.


NEW QUESTION # 78
What does Terraform not reference when running a terraform apply -refresh-only ?

  • A. Terraform resource definitions in configuration files
  • B. Cloud provider
  • C. State file
  • D. Credentials

Answer: A

Explanation:
Explanation
When running a terraform apply -refresh-only, Terraform does not reference the configuration files, but only the state file, credentials, and cloud provider. The purpose of this command is to update the state file with the current status of the real resources, without making any changes to them1.


NEW QUESTION # 79
Terraform variable names are saved in the state file.

  • A. False
  • B. True

Answer: A

Explanation:
Explanation
Terraform variable names are not saved in the state file, only their values are. The state file only stores the attributes of the resources and data sources that are managed by Terraform, not the variables that are used to configure them.


NEW QUESTION # 80
When should you write Terraform configuration files for existing infrastructure that you want to start managing with Terraform?

  • A. You can import infrastructure without corresponding Terraform code
  • B. After you run terraform import
  • C. Terraform will generate the corresponding configuration files for you
  • D. Before you run terraform Import

Answer: D

Explanation:
Explanation
You need to write Terraform configuration files for the existing infrastructure that you want to import into Terraform, otherwise Terraform will not know how to manage it. The configuration files should match the type and name of the resources that you want to import.


NEW QUESTION # 81
Why does this backend configuration not follow best practices?

  • A. An alias meta-argument should be included in backend blocks whenever possible
  • B. The backend configuration should contain multiple credentials so that more than one user can execute terraform plan and terraform apply
  • C. You should use the local enhanced storage backend whenever possible
  • D. You should not store credentials in Terraform configuration

Answer: D

Explanation:
Explanation
This is a bad practice, as it exposes your credentials to anyone who can access your configuration files or state files. You should use environment variables, credential files, or other mechanisms to provide credentials to Terraform.


NEW QUESTION # 82
What value does the Terraform Cloud private registry provide over the public Terraform Module Registry?

  • A. The ability to restrict modules to members of Terraform Cloud or Enterprise organizations
  • B. The ability to tag modules by version or release
  • C. The ability to share modules publicly with any user of Terraform
  • D. The ability to share modules with public Terraform users and members of Terraform Cloud Organizations

Answer: A

Explanation:
Explanation
The Terraform Cloud private registry provides the ability to restrict modules to members of Terraform Cloud or Enterprise organizations. This allows you to share modules within your organization without exposing them to the public. The private registry also supports importing modules from your private VCS repositories. The public Terraform Module Registry, on the other hand, publishes modules from public Git repositories and makes them available to any user of Terraform. References = : Private Registry - Terraform Cloud : Terraform Registry - Provider Documentation


NEW QUESTION # 83
Which two steps are required to provision new infrastructure in the Terraform workflow? Choose two correct answers.

  • A. Init
  • B. Alidate
  • C. apply
  • D. Plan
  • E. Import

Answer: A,C

Explanation:
Explanation
The two steps that are required to provision new infrastructure in the Terraform workflow are init and apply.
The terraform init command initializes a working directory containing Terraform configuration files. It downloads and installs the provider plugins that are needed for the configuration, and prepares the backend for storing the state. The terraform apply command applies the changes required to reach the desired state of the configuration, as described by the resource definitions in the configuration files. It shows a plan of the proposed changes and asks for confirmation before making any changes to the infrastructure. References =
[The Core Terraform Workflow], [Initialize a Terraform working directory with init], [Apply Terraform Configuration with apply]


NEW QUESTION # 84
A developer accidentally launched a VM (virtual machine) outside of the Terraform workflow and ended up with two servers with the same name. They don't know which VM Terraform manages but do have a list of all active VM IDs.
Which of the following methods could you use to discover which instance Terraform manages?

  • A. Run terraform state list to find the names of all VMs, then run terraform state show for each of them to find which VM ID Terraform manages
  • B. Run terraform taint/code on all the VMs to recreate them
  • C. Use terraform refresh/code to find out which IDs are already part of state
  • D. Update the code to include outputs for the ID of all VMs, then run terraform plan to view the outputs

Answer: A

Explanation:
Explanation
The terraform state list command lists all resources that are managed by Terraform in the current state file1. The terraform state show command shows the attributes of a single resource in the state file2. By using these two commands, you can compare the VM IDs in your list with the ones in the state file and identify which one is managed by Terraform.


NEW QUESTION # 85
It is best practice to store secret data in the same version control repository as your Terraform configuration.

  • A. False
  • B. True

Answer: A

Explanation:
Explanation
It is not a best practice to store secret data in the same version control repository as your Terraform configuration, as it could expose your sensitive information to unauthorized parties or compromise your security. You should use environment variables, vaults, or other mechanisms to store and provide secret data to Terraform.


NEW QUESTION # 86
......

HashiCorp Certified: Terraform Associate (003) Free Update Certification Sample Questions: https://lead2pass.guidetorrent.com/Terraform-Associate-003-dumps-questions.html

Related Articles

more
HashiCorp Terraform-Associate-003 Certification Practice Exam