Terraform

Interview Questions

1. What is Terraform?

Answer: Terraform is an open-source Infrastructure as Code (IaC) tool developed by HashiCorp. It

allows users to define, provision, and manage infrastructure using declarative configuration files.
Terraform supports a wide range of providers, including cloud services, and manages the
infrastructure lifecycle through a command-line interface.

2. How does Terraform work?

Answer: Terraform works by using configuration files written in HashiCorp Configuration Language
(HCL) or JSON to define the desired state of infrastructure. It performs the following steps:

Initialize: Use terraform init to initialize the working directory and download the necessary providers.

Plan: Use terraform plan to create an execution plan, showing changes required to achieve the
desired state.

Apply: Use terraform apply to execute the changes and provision or update infrastructure.

Destroy: Use terraform destroy to tear down the infrastructure managed by Terraform.

3. What are Terraform providers?

Answer: Providers are plugins that Terraform uses to interact with cloud platforms, SaaS providers, or
other APIs. Each provider defines the resources and data sources available for use in Terraform
configurations. Examples include AWS, Azure, Google Cloud, and Kubernetes providers.

4. What is a Terraform module?

Answer: A Terraform module is a container for multiple resources that are used together. Modules
help organize and reuse configurations. They can be defined locally within a Terraform configuration
or retrieved from the Terraform Registry or other sources.

5. What is the purpose of the terraform init command?

Answer: The terraform init command initializes a Terraform working directory. It downloads and
installs provider plugins, initializes the backend configuration, and sets up the directory for use with
other Terraform commands.
6. How do you manage state in Terraform?

Answer: Terraform manages state through a state file (terraform.tfstate) that records the current
state of the infrastructure. The state file is crucial for tracking changes and ensuring that Terraform
can accurately update or destroy resources. Remote state storage options include AWS S3, Azure
Blob Storage, and Terraform Cloud.

7. What is the purpose of the terraform plan command?

Answer: The terraform plan command creates an execution plan that shows what changes will be
made to the infrastructure based on the current state and the configuration files. It helps users
review and confirm changes before applying them.

8. What is a Terraform workspace?

Answer: Terraform workspaces allow you to manage multiple environments (e.g., development,
staging, production) within the same configuration. Each workspace has its own state file and
configuration, enabling isolated infrastructure management.

9. How does Terraform handle dependencies between resources?

Answer: Terraform automatically manages dependencies between resources based on the references
and relationships defined in the configuration files. It determines the correct order of resource
creation and updates to ensure that dependencies are satisfied.

10. What is the purpose of the terraform apply command?

Answer: The terraform apply command applies the changes required to reach the desired state of
the infrastructure, as defined in the configuration files. It executes the actions necessary to create,
update, or destroy resources.

11. What is a Terraform variable, and how do you define it?

Answer: A Terraform variable is a parameter that can be used to customize configurations. Variables
are defined in a variables.tf file and can be assigned values through variable files, environment
variables, or directly in the configuration.

variable "region" {

description = "The AWS region"

type = string

default = "us-east-1"

}
12. What is a Terraform output?

Answer: Outputs in Terraform are used to return information about the resources created or
managed by Terraform. They are defined in the configuration and can be accessed after terraform
apply to obtain useful information such as resource IDs or IP addresses.

output "instance_ip" {

value = aws_instance.my_instance.public_ip

13. What is a Terraform provider block?

Answer: A provider block in Terraform specifies the provider being used and its configuration. It is
where you define credentials, region, and other settings required for Terraform to interact with the
provider.

provider "aws" {

region = "us-east-1"

14. What are Terraform data sources?

Answer: Data sources in Terraform allow you to retrieve and use information from existing resources
or services. They are useful for querying data that is not managed by Terraform but needed for
configuration.

data "aws_ami" "latest_amazon_linux" {

most_recent = true

owners = ["amazon"]

15. How do you manage sensitive data in Terraform?

Answer: Sensitive data in Terraform can be managed using Terraform variables marked as sensitive.
Terraform also provides options to secure state files and use encrypted remote backends. For
example:

variable "db_password" {

type = string

sensitive = true

}
16. What are Terraform resource blocks?

Answer: Resource blocks in Terraform define individual resources to be managed, such as virtual
machines, storage, or databases. They specify the resource type and its configuration.

resource "aws_instance" "my_instance" {

ami = "ami-123456"

instance_type = "t2.micro"

17. How do you use Terraform modules?

Answer:

Modules are used to encapsulate and reuse Terraform configurations. You can create modules by
defining a directory with main.tf, variables.tf, and outputs.tf, and then use them in other
configurations.

module "network" {

source = "./modules/network"

cidr = "10.0.0.0/16"

18. What is the Terraform registry?

Answer:

The Terraform Registry is a repository of publicly available Terraform modules and providers. It allows
users to find, share, and reuse modules and providers. The registry can be accessed at
registry.terraform.io.

19. How do you handle resource changes in Terraform?

Answer:

Terraform handles resource changes by using the state file to compare the current infrastructure
with the desired state defined in the configuration. Changes are identified during the terraform plan
phase and applied during terraform apply.

20. What is the terraform refresh command used for?

Answer:
The terraform refresh command updates the state file with the latest information from the
infrastructure. It synchronizes the state file with the actual state of the resources.
21. How do you perform a rolling update with Terraform?

Answer:

Rolling updates can be performed using Terraform by managing resource dependencies and
leveraging features like count and depends_on to ensure proper update sequences. For instance,
updating instances while ensuring that a minimum number of instances are available during the
process.

22. How do you handle secrets and credentials in Terraform configurations?

Answer:

Secrets and credentials should be managed securely using environment variables, Terraform Vault, or
other secret management tools. Avoid hardcoding sensitive information directly in configuration
files.

23. What is the Terraform terraform fmt command?

Answer:

The terraform fmt command formats Terraform configuration files to ensure consistent style and
readability. It helps to maintain code quality and conformity to HCL syntax standards.

24. What is a terraform state file?

Answer:

The terraform state file (terraform.tfstate) records the current state of the infrastructure managed by
Terraform. It maps the resources defined in the configuration to real-world resources and tracks
changes.

25. How do you use Terraform with multiple environments?

Answer:

Terraform supports multiple environments through workspaces or by using different configuration

directories. Workspaces allow managing different state files for each environment within the same
configuration, while separate directories can isolate configurations for each environment.

26. What are terraform taint and terraform untaint used for?

Answer:

The terraform taint command marks a resource for recreation on the next terraform apply. The
terraform untaint command removes the taint mark, preventing the resource from being recreated.
27. What is the terraform destroy command used for?

Answer:

The terraform destroy command is used to delete all resources defined in the Terraform
configuration. It removes infrastructure and resources managed by Terraform, based on the current
state.

28. How do you use Terraform’s count parameter?

Answer:

The count parameter allows creating multiple instances of a resource. It can be used to scale
resources dynamically based on conditions or input variables.

resource "aws_instance" "web" {

count = 3

ami = "ami-123456"

29. What is the terraform import command?

Answer:

The terraform import command imports existing infrastructure into Terraform management. It allows
Terraform to create a state file entry for a resource that was created outside of Terraform.

>> terraform import aws_instance.my_instance i-12345678

30. What is a terraform output variable?

Answer: An output variable in Terraform is used to extract and display information about resources
created or managed by Terraform. It can be used to pass information to other configurations or
modules.

output "instance_ip" {

value = aws_instance.my_instance.public_ip

31. What are Terraform provisioners?

Answer: Provisioners in Terraform are used to execute scripts or commands on resources after they
are created. They can be used for configuration tasks like installing software or performing custom
setup.

resource "aws_instance" "my_instance" {

 provisioner "local-exec" {

command = "echo 'Instance created!'"

32. How do you use Terraform to manage resources across multiple cloud providers?

Answer: Terraform supports multiple cloud providers by defining separate provider blocks for each
provider in the configuration. Resources from different providers can be managed in a single
configuration file.

provider "aws" {

region = "us-east-1"

provider "azurerm" {

features {}

33. What is a Terraform backend?

Answer: A Terraform backend defines where the state file is stored and how it is accessed. Common
backends include local files, remote storage solutions (e.g., AWS S3, Azure Blob Storage), and
Terraform Cloud.

34. What are the key principles of Infrastructure as Code (IaC)?

Answer: Key principles of IaC include:

• Declarative Configuration: Define the desired state of infrastructure.

• Version Control: Manage infrastructure changes with version control systems.

• Automation: Automate provisioning and management tasks.

• Idempotency: Ensure that applying the same configuration multiple times results in the same
state.

35. What is the terraform validate command?

Answer: The terraform validate command checks the syntax and validity of Terraform configuration
files. It ensures that the configurations are syntactically correct and can be used by Terraform.
36. How do you use Terraform for resource scaling?

Answer: Resource scaling in Terraform can be managed using the count parameter for creating
multiple instances or using dynamic blocks and input variables to adjust resource properties based
on conditions.

resource "aws_autoscaling_group" "web" {

desired_capacity = var.desired_capacity

min_size = var.min_size

max_size = var.max_size

37. What is a Terraform module output?

Answer: A module output is a value that a Terraform module exposes for use by other configurations
or modules. It allows the module to share information such as resource attributes with other parts of
the configuration.

output "instance_id" {

value = aws_instance.my_instance.id

38. How do you handle errors during Terraform provisioning?

Answer: Errors during Terraform provisioning can be handled by reviewing error messages, checking
resource dependencies, and validating configurations. Using terraform plan to preview changes and
terraform apply to apply them can help identify and resolve issues.

39. What is the terraform graph command used for?

Answer: The terraform graph command generates a visual representation of the dependency graph
of resources in a Terraform configuration. It helps to understand the relationships and dependencies
between resources.

40. How do you ensure Terraform configurations are compliant with organizational standards?

Answer: Ensure compliance by:

• Using a consistent coding style with terraform fmt.

• Implementing policies with tools like Terraform Sentinel or OPA.

• Conducting code reviews and adhering to best practices.

• Using modules and version control for standardized configurations.

41. What is Terraform Sentinel?

Answer: Terraform Sentinel is a policy as code framework that integrates with Terraform Enterprise
and Terraform Cloud. It allows users to define policies to enforce governance and compliance rules
for infrastructure provisioning.

42. How do you use Terraform with CI/CD pipelines?

Answer: Terraform can be integrated into CI/CD pipelines by adding steps to initialize, plan, apply,
and validate configurations. Automation tools like Jenkins, GitLab CI, or GitHub Actions can manage
Terraform deployments as part of the pipeline.

43. What are terraform workspaces and how are they different from environments?

Answer: Terraform workspaces allow managing multiple state files within a single configuration
directory. They are useful for managing different environments (e.g., development, staging,
production) without needing separate configuration directories.

44. What is a terraform lock file?

Answer: A terraform.lock.hcl file is used to lock provider versions to ensure consistent deployments.
It records the versions of provider plugins used during initialization and prevents unintentional
updates.

45. How do you use Terraform to manage network configurations?

Answer: Terraform manages network configurations by defining resources such as VPCs, subnets, and
security groups in configuration files. Providers offer modules and resources for creating and
managing network components.

resource "aws_vpc" "main" {

cidr_block = "10.0.0.0/16"

46. How do you handle configuration drift with Terraform?

Answer: Configuration drift can be managed by regularly running terraform plan to detect
discrepancies between the desired state and the actual state. Drift should be addressed by updating
the configuration and applying the necessary changes.
47. What are Terraform workspaces used for?

Answer: Terraform workspaces are used to create and manage multiple instances of the same
configuration, each with its own state file. They are helpful for managing different environments or
stages within the same configuration.

48. What is a terraform output block?

Answer: A terraform output block defines the values that Terraform should display after applying a
configuration. Outputs are useful for retrieving information about resources and passing data
between modules.

output "bucket_name" {

value = aws_s3_bucket.my_bucket.bucket

49. What is the role of the terraform validate command?

Answer: The terraform validate command checks whether the configuration files are valid and can be
processed by Terraform. It ensures that the configuration files are syntactically correct and do not
contain errors.

50. How do you use Terraform to manage cloud security groups?

Answer: Terraform manages cloud security groups by defining resources that describe security rules
and group settings. For example, the aws_security_group resource allows configuring inbound and
outbound rules for AWS security groups.

resource "aws_security_group" "sg" {

name = "my_security_group"

ingress {

from_port = 80

to_port = 80

protocol = "tcp"

cidr_blocks = ["0.0.0.0/0"]

51. What is a terraform plan file?

Answer: A terraform plan file is an artifact created by the terraform plan command that contains the
proposed changes to the infrastructure. It shows what actions Terraform will take to achieve the
desired state and allows users to review changes before applying them.

52. What are the benefits of using Terraform modules?

Answer: Benefits of using Terraform modules include:

• Reusability: Modules can be reused across different configurations.

• Organization: Modules help organize and structure Terraform code.

• Encapsulation: Modules encapsulate resource definitions and logic.

• Maintainability: Changes to modules are isolated and easier to manage.

53. How do you handle secrets in Terraform configurations?

Answer: Secrets should be managed securely using environment variables, secret management tools
like HashiCorp Vault, or encrypted remote backends. Avoid hardcoding secrets directly in Terraform
configuration files.

54. What is a Terraform state lock?

Answer: A Terraform state lock prevents concurrent operations on the same state file. State locking is
crucial for preventing conflicts and ensuring that only one process modifies the state file at a time. It
is commonly used with remote backends that support locking.

55. What is a Terraform resource block?

Answer: A Terraform resource block defines a single piece of infrastructure to be managed. It

specifies the resource type, name, and configuration details.

resource "aws_instance" "web" {

ami = "ami-123456"

instance_type = "t2.micro"

56. How do you use Terraform with Kubernetes?

Answer: Terraform manages Kubernetes resources using the Kubernetes provider. You can define
Kubernetes resources such as deployments, services, and namespaces in Terraform configuration
files.

provider "kubernetes" {
 config_path = "~/.kube/config"

resource "kubernetes_deployment" "nginx" {

metadata {

name = "nginx-deployment"

spec {

replicas = 2

selector {

match_labels {

app = "nginx"

template {

metadata {

labels {

app = "nginx"

spec {

container {

name = "nginx"

image = "nginx:1.14.2"

57. How do you handle resource dependencies in Terraform?

Answer: Terraform manages resource dependencies automatically based on the references between
resources. Explicit dependencies can be defined using the depends_on argument to enforce a
specific order of resource creation or updates.

resource "aws_instance" "web" {

# Configuration

resource "aws_security_group_rule" "allow_http" {

depends_on = [aws_instance.web]

# Configuration

58. What is Terraform Cloud?

Answer: Terraform Cloud is a managed service by HashiCorp that provides a centralized platform for
Terraform operations. It includes features such as remote state management, collaboration,
governance, and integration with CI/CD pipelines.

59. How do you use Terraform for multi-cloud deployments?

Answer: Terraform supports multi-cloud deployments by defining multiple provider blocks in the
configuration. Each provider block can configure different cloud services, enabling the management
of resources across various cloud platforms.

provider "aws" {

region = "us-east-1"

provider "google" {

project = "my-project"

region = "us-central1"

60. What are terraform plan output files?

Answer: terraform plan output files are generated files that store the proposed changes to the
infrastructure. They provide a detailed preview of what will be created, updated, or destroyed, and
are used to review and confirm changes before applying them.
61. How do you create and manage Terraform modules?

Answer: Create and manage Terraform modules by organizing configuration files into directories,
defining resources, variables, and outputs within the module, and using the module in other
configurations. Modules can be versioned and shared through the Terraform Registry or private
repositories.

62. How do you handle Terraform state file changes?

Answer: Handle Terraform state file changes by using commands like terraform plan to preview
changes, terraform apply to apply them, and terraform state commands to manipulate the state file
directly if needed. Ensure state file consistency and accuracy.

63. What is the purpose of the terraform console command?

Answer: The terraform console command opens an interactive console for evaluating Terraform
expressions and inspecting the state. It allows users to query resource attributes and evaluate
expressions within the Terraform context.

64. How do you use Terraform with AWS Lambda?

Answer: Terraform manages AWS Lambda functions by defining aws_lambda_function resources in

configuration files. It allows users to create, update, and manage Lambda functions and associated
resources such as triggers and IAM roles.

resource "aws_lambda_function" "my_lambda" {

filename = "lambda_function_payload.zip"

function_name = "my_lambda_function"

role = aws_iam_role.lambda_exec.arn

handler = "index.handler"

source_code_hash = filebase64sha256("lambda_function_payload.zip")

runtime = "python3.8"

65. What are terraform providers and how are they used?

Answer: Terraform providers are plugins that enable Terraform to interact with various services and
platforms. Providers define the resources and data sources available for use in Terraform
configurations. They are specified in the configuration using provider blocks.

provider "aws" {
 region = "us-east-1"

66. How do you perform resource updates with Terraform?

Answer: Perform resource updates with Terraform by modifying the configuration files and running
terraform plan to review changes. Apply the updates using terraform apply, which updates the
resources to match the desired state.

67. What are Terraform dynamic blocks?

Answer: Dynamic blocks in Terraform allow for the generation of multiple nested blocks based on a
set of values. They are useful for creating configurations that need to iterate over lists or maps.

resource "aws_security_group" "sg" {

dynamic "ingress" {

for_each = var.allowed_ips

content {

from_port = 80

to_port = 80

protocol = "tcp"

cidr_blocks = [ingress.value]

68. What is Terraform’s terraform fmt command used for?

Answer: The terraform fmt command formats Terraform configuration files to ensure consistent style
and readability. It automatically adjusts the layout of configuration files according to Terraform's style
guidelines.

69. What is a Terraform resource block?

Answer: A Terraform resource block defines a single piece of infrastructure to be managed. It

specifies the resource type, name, and configuration details necessary to create and manage the
resource.

resource "aws_instance" "web" {

 ami = "ami-123456"

instance_type = "t2.micro"

70. How do you use terraform apply with a specific plan file?

Answer: Use terraform apply with a specific plan file by providing the plan file path as an argument.
This allows you to apply the changes described in the plan file.

>> terraform apply planfile

71. What is the purpose of terraform import?

Answer: terraform import allows you to import existing resources into Terraform management. It
creates a state file entry for a resource that was created outside of Terraform and enables Terraform
to manage it going forward.

>> terraform import aws_instance.my_instance i-12345678

72. What is a Terraform count parameter?

Answer: The count parameter allows for the creation of multiple instances of a resource based on a
specified number. It helps in scaling resources dynamically.

resource "aws_instance" "web" {

count = 3

ami = "ami-123456"

73. How do you handle sensitive data in Terraform configurations?

Answer: Sensitive data should be managed securely using environment variables, secret
management tools, or encrypted storage solutions. Mark sensitive variables in Terraform with the
sensitive attribute to avoid exposing them in logs or outputs.

variable "db_password" {

type = string

sensitive = true

74. What is the terraform refresh command used for?

Answer: The terraform refresh command updates the state file with the latest information from the
infrastructure. It ensures that the state file reflects the current state of the resources.

75. What is the purpose of the terraform validate command?

Answer: The terraform validate command checks the syntax and validity of Terraform configuration
files. It verifies that the configuration is well-formed and adheres to the required schema.

76. What is a Terraform backend?

Answer: A Terraform backend defines how Terraform stores and manages the state file. It can be local
or remote, with remote options including cloud storage solutions like AWS S3, Azure Blob Storage, or
Terraform Cloud.

77. How do you manage Terraform modules?

Answer: Manage Terraform modules by defining them in separate directories with their own main.tf,
variables.tf, and outputs.tf files. Use modules in configurations by referencing them with source and
passing variables as needed.

78. What is a Terraform provider block?

Answer: A Terraform provider block specifies the provider being used and its configuration settings,
such as credentials and regions. It allows Terraform to interact with the service or platform specified
by the provider.

provider "aws" {

region = "us-east-1"

79. How do you use Terraform with Docker?

Answer: Terraform manages Docker resources using the Docker provider. You can define Docker
containers, images, networks, and volumes in Terraform configuration files.

provider "docker" {}

resource "docker_container" "nginx" {

image = "nginx:latest"

name = "my_nginx"

ports {
 internal = 80

external = 8080

80. How do you perform a rolling update with Terraform?

Answer: Perform rolling updates by managing resources with configurations that support updating in
a controlled manner. For example, use count and lifecycle settings to ensure a minimum number of
instances are always available during updates.

81. What is Terraform Sentinel?

Answer: Terraform Sentinel is a policy as code framework integrated with Terraform Enterprise and
Terraform Cloud. It allows defining and enforcing policies to ensure compliance and governance for
infrastructure provisioning.

82. How do you use Terraform with AWS ECS?

Answer: Terraform manages AWS ECS resources by defining services, task definitions, and clusters in
configuration files. It allows users to provision and configure ECS resources for containerized
applications.

resource "aws_ecs_cluster" "cluster" {

name = "my-cluster"

resource "aws_ecs_task_definition" "task" {

family = "my-task"

container_definitions = jsonencode([{

name = "my-container"

image = "nginx:latest"

cpu = 256

memory = 512

essential = true

}])

}
83. What is a Terraform data source?

Answer: A Terraform data source allows querying and retrieving information from external sources
that are not managed by Terraform. It provides access to data that can be used in resource
configurations.

data "aws_ami" "latest" {

owners = ["amazon"]

most_recent = true

84. How do you use Terraform with Azure?

Answer: Terraform manages Azure resources using the Azure provider. Define Azure resources like
virtual machines, storage accounts, and networks in Terraform configuration files.

provider "azurerm" {

features {}

resource "azurerm_resource_group" "example" {

name = "example-resources"

location = "West Europe"

85. What are Terraform resource attributes?

Answer: Resource attributes define specific properties or settings of a resource. They are used to
configure and manage the behavior of the resource within the Terraform configuration.

resource "aws_instance" "web" {

ami = "ami-123456"

instance_type = "t2.micro"

86. How do you manage Terraform state files securely?

Answer: Manage Terraform state files securely by using remote backends with encryption, access
controls, and versioning. Ensure that sensitive information is not exposed and restrict access to the
state file.

87. What is Terraform’s plan file?

Answer: A terraform plan file is an artifact generated by the terraform plan command that describes
the actions Terraform will take to achieve the desired state. It serves as a preview of changes before
applying them.

88. How do you use Terraform with AWS S3?

Answer: Terraform manages AWS S3 resources by defining aws_s3_bucket and related resources in
configuration files. It allows users to create and configure S3 buckets and manage their settings.

resource "aws_s3_bucket" "bucket" {

bucket = "my-bucket"

89. How do you handle Terraform configuration changes?

Answer: Handle Terraform configuration changes by updating the configuration files, running
terraform plan to preview changes, and using terraform apply to implement the changes. Review and
validate modifications before applying.

90. What is a Terraform lifecycle block?

Answer: A lifecycle block in Terraform specifies how resource management operations should be
handled, such as creating, updating, or deleting resources. It includes options like
create_before_destroy and prevent_destroy.

resource "aws_instance" "web" {

lifecycle {

prevent_destroy = true

91. How do you use Terraform with AWS RDS?

Answer: Terraform manages AWS RDS instances by defining aws_db_instance resources in

configuration files. It allows users to provision and configure RDS databases and related settings.
resource "aws_db_instance" "example" {

identifier = "my-db-instance"

engine = "mysql"

instance_class = "db.t2.micro"

allocated_storage = 20

92. How do you use Terraform with Google Cloud?

Answer: Terraform manages Google Cloud resources using the Google Cloud provider. Define
resources like virtual machines, storage, and networking components in configuration files.

provider "google" {

project = "my-project"

region = "us-central1"

resource "google_compute_instance" "vm_instance" {

name = "my-instance"

machine_type = "n1-standard-1"

zone = "us-central1-a"

boot_disk {

initialize_params {

image = "debian-cloud/debian-9"

93. What are Terraform variables used for?

Answer: Terraform variables are used to parameterize configurations and provide values dynamically.
They allow users to define and customize input parameters for resources and modules.

variable "region" {

description = "The region to deploy resources"

type = string
}

94. How do you manage Terraform provider versions?

Answer: Manage Terraform provider versions by specifying the version constraints in the provider
block. Use the version attribute to control which provider versions are used.

provider "aws" {

version = "~> 2.0"

95. What is a Terraform resource type?

Answer: A Terraform resource type represents a specific kind of infrastructure object, such as an EC2
instance or an S3 bucket. Each resource type is associated with a provider and has attributes and
configuration options.

resource "aws_instance" "example" {

ami = "ami-123456"

instance_type = "t2.micro"

96. How do you use Terraform with AWS CloudFormation?

Answer: Terraform and AWS CloudFormation can be used together by managing CloudFormation
stacks using the aws_cloudformation_stack resource. This allows Terraform to provision and manage
resources defined in CloudFormation templates.

resource "aws_cloudformation_stack" "example" {

name = "my-stack"

template_body = file("template.yaml")

97. How do you use Terraform to manage IAM roles?

Answer: Terraform manages IAM roles using the aws_iam_role resource. You can define role policies,
attach policies, and configure IAM roles for various AWS services.

resource "aws_iam_role" "example" {

name = "my-role"

assume_role_policy = jsonencode({
 Version = "2012-10-17"

Statement = [

Action = "sts:AssumeRole"

Effect = "Allow"

Principal = {

Service = "ec2.amazonaws.com"

},

})

98. How do you use Terraform with Ansible?

Answer: Terraform and Ansible can be used together by managing infrastructure with Terraform and
configuring it with Ansible. Terraform provisions the infrastructure, and Ansible performs post-
provisioning configuration tasks.

resource "aws_instance" "example" {

# Terraform configuration

Ansible playbook:

yaml

Copy code

- name: Configure instance

hosts: all

tasks:

- name: Install nginx

apt:

name: nginx

state: present

99. What is a Terraform module?

Answer: A Terraform module is a container for multiple resources that are used together. Modules
allow for reusability and organization of code, encapsulating configuration into reusable components.

module "vpc" {

source = "./modules/vpc"

cidr_block = "10.0.0.0/16"

100. How do you manage Terraform state files with multiple users?

Answer: Manage Terraform state files with multiple users by using remote backends that support
locking and versioning, such as AWS S3 with DynamoDB for state locking. This ensures state
consistency and prevents concurrent modifications.