Terraform Interview Questions

Written by Zayan Ahmed | 7 min read

Introduction

Terraform is one of the most popular Infrastructure as Code (IaC) tools used by DevOps
engineers to automate and manage infrastructure. Below is a comprehensive list of
Terraform interview questions categorised by difficulty level, along with some explanation to
better prepare for technical interviews.

1. Basic Terraform Questions

Q1. What is Terraform?

Terraform is an open-source Infrastructure as Code tool developed by HashiCorp. It allows

users to define and provision infrastructure using a high-level configuration language (HCL -
HashiCorp Configuration Language).

Q2. What are the main components of Terraform?

● Providers: Interface between Terraform and the infrastructure being managed (e.g.,
AWS, Azure, GCP).
● Resources: Define the infrastructure objects like EC2 instances, VPCs, etc.
● Modules: Logical groupings of resources used to create reusable code.
 ● State: Stores the status of your infrastructure to map your configuration with the
real-world resources.

Q3. What are Terraform Providers?

Providers are plugins responsible for interacting with APIs of cloud platforms or other
services. For example, AWS, Azure, and Kubernetes have their own providers.

Q4. Explain the purpose of the terraform init command.

terraform init initializes the working directory containing Terraform configuration files. It
downloads necessary provider plugins and prepares the environment for subsequent
commands.

Q5. What is the purpose of the Terraform state file?

The state file (terraform.tfstate) tracks the current state of the infrastructure. It helps
Terraform determine what changes need to be made in order to achieve the desired state.

2. Intermediate Terraform Questions

Q6. What is the difference between terraform plan and terraform

apply?

● terraform plan: Shows the execution plan by outlining the changes Terraform will
make without actually applying them.
● terraform apply: Executes the plan and applies the infrastructure changes
described in the configuration.

Q7. How do you use variables in Terraform?

Variables allow the configuration to be dynamic and reusable. You define variables using
variable blocks, and you can pass values through:

● Command-line flags (terraform apply -var)

● Environment variables
● Variable files (.tfvars)

Q8. What is remote state in Terraform, and why is it useful?

Remote state allows Terraform to store its state file in a remote location (e.g., S3, GCS,
Azure Blob Storage). It enables collaboration across teams and ensures the state file is
backed up securely.
Q9. Explain the use of terraform destroy.

terraform destroy is a command that destroys all resources managed by Terraform

within the configuration. It’s typically used when you want to clean up the environment.

Q10. How do you handle dependencies between resources in Terraform?

Terraform automatically handles dependencies using a Directed Acyclic Graph (DAG). You
can also explicitly specify dependencies using the depends_on attribute in the resource
block.

3. Advanced Terraform Questions

Q11. What is the purpose of a Terraform module?

A Terraform module is a reusable piece of code that groups resources together. Modules
help organize complex configurations, make the code more readable, and promote code
reusability.

Q12. How do you manage secrets in Terraform?

Sensitive values such as API keys or database passwords should be stored securely.
Methods to manage secrets include:

● Using environment variables or secret managers (e.g., AWS Secrets Manager, Azure
Key Vault).
● Utilizing Terraform’s built-in sensitive type to mark variables as sensitive.
● Encrypting state files if stored remotely.

Q13. Can Terraform handle multi-cloud deployments?

Yes, Terraform is cloud-agnostic and can handle multi-cloud environments. You can define
resources for different providers (AWS, Azure, GCP, etc.) in the same configuration, and
Terraform will orchestrate the infrastructure across multiple clouds.

Q14. What is a Terraform workspace and when would you use it?

Terraform workspaces allow you to manage multiple environments (like development,

staging, production) with a single configuration. Each workspace maintains its own state.

Q15. What are some strategies to handle large-scale Terraform

deployments?

● Workspaces: Manage different environments.

● Modules: Break down configurations into reusable modules.
 ● Remote state: Share state between teams for large, distributed infrastructures.
● State locking: Use state locking (e.g., S3 with DynamoDB for locking) to prevent
multiple people from running Terraform commands at the same time.

4. Scenario-Based Terraform Questions

Q16. How would you implement blue/green deployment using
Terraform?

Using Terraform, you can create two identical environments (blue and green). Route traffic to
the green environment, and after verifying the new version works, switch traffic to the blue
environment. This can be managed via load balancers, and Terraform can orchestrate
infrastructure changes.

Q17. How do you roll back changes in Terraform?

Terraform doesn’t provide a built-in rollback command. However, you can:

● Modify the configuration to the previous state and run terraform apply.
● If using version control, revert to the previous commit and apply the changes.
● Manually restore resources using the state file.

Q18. Your team needs to track infrastructure costs for each project. How
would you achieve this using Terraform?

You can tag resources with metadata such as project name, environment, or owner. Cloud
providers (like AWS) allow cost tracking based on tags. Terraform can automate the process
of adding these tags to resources.

Q19. How would you integrate Terraform with a CI/CD pipeline?

You can integrate Terraform with CI/CD tools (e.g., Jenkins, GitLab CI, CircleCI) by:

● Running terraform plan in the build pipeline to check for changes.

● Using terraform apply to automatically deploy changes to the infrastructure.
● Storing state files in a remote backend for team collaboration.

Q20. Explain how you would handle drift detection in Terraform.

Drift occurs when changes are made directly in the infrastructure, bypassing Terraform. To
detect drift:

● Run terraform plan regularly, which will show any discrepancies between the
state file and the actual resources.
● Implement automation to trigger drift checks on a schedule.
5. Best Practices in Terraform
Q21. What are some best practices when writing Terraform code?

● Use modules to organize and reuse code.

● Version control your configurations (GitHub, GitLab).
● Use remote state to collaborate and ensure state is secured.
● Apply state locking to prevent concurrent updates.
● Tag resources to manage cost and resource identification.
● Use workspaces to separate different environments (e.g., dev, prod).
● Secure sensitive data by using secret management solutions.

Conclusion

These questions provide a solid foundation for any Terraform interview. Being able to explain
the concepts, showcase real-world experience, and understand best practices is crucial.
Ensure to practice these and relate them to your own use cases for a successful DevOps
interview.

Follow me on LinkedIn for more 😊