[Mar-2024] Check your preparation for HashiCorp Terraform-Associate-003 On-Demand Exam [Q15-Q40]

Share

[Mar-2024] Check your preparation for HashiCorp Terraform-Associate-003 On-Demand Exam

Practice Exam Terraform-Associate-003 Realistic Dumps Verified Questions

NEW QUESTION # 15
What value does the Terraform Cloud private registry provide over the public Terraform Module Registry?

  • A. The ability to share modules with public Terraform users and members of Terraform Cloud Organizations
  • B. The ability to tag modules by version or release
  • C. The ability to share modules publicly with any user of Terraform
  • D. The ability to restrict modules to members of Terraform Cloud or Enterprise organizations

Answer: D

Explanation:
Explanation
The Terraform Cloud private registry provides the ability to restrict modules to members of Terraform Cloud or Enterprise organizations. This allows you to share modules within your organization without exposing them to the public. The private registry also supports importing modules from your private VCS repositories. The public Terraform Module Registry, on the other hand, publishes modules from public Git repositories and makes them available to any user of Terraform. References = : Private Registry - Terraform Cloud : Terraform Registry - Provider Documentation


NEW QUESTION # 16
You have created a main.tf Terraform configuration consisting of an application server, a database and a load balanced. You ran terraform apply and Terraform created all of the resources successfully.
Now you realize that you do not actually need the load balancer, so you run terraform destroy without any flags. What will happen?

  • A. Terraform will prompt you to confirm that you want to destroy all the infrastructure
  • B. Terraform will destroy the application server because it is listed first in the code
  • C. Terraform will immediately destroy all the infrastructure
  • D. Terraform will destroy the main, tf file
  • E. Terraform will prompt you to pick which resource you want to destroy

Answer: A

Explanation:
Explanation
This is what will happen if you run terraform destroy without any flags, as it will attempt to delete all the resources that are associated with your current working directory or workspace. You can use the -target flag to specify a particular resource that you want to destroy.


NEW QUESTION # 17
You've used Terraform to deploy a virtual machine and a database. You want to replace this virtual machine instance with an identical one without affecting the database. What is the best way to achieve this using Terraform?

  • A. Use the terraform taint command targeting the VMs then run terraform plan and terraform apply
  • B. Delete the Terraform VM resources from your Terraform code then run terraform plan and terraform apply
  • C. Use the terraform apply command targeting the VM resources only
  • D. Use the terraform state rm command to remove the VM from state file

Answer: A

Explanation:
Explanation
The terraform taint command marks a resource as tainted, which means it will be destroyed and recreated on the next apply. This way, you can replace the VM instance without affecting the database or other resources. References = [Terraform Taint]


NEW QUESTION # 18
Which backend does the Terraform CU use by default?

  • A. Local
  • B. HTTP
  • C. Remote
  • D. Depends on the cloud provider configured
  • E. Terraform Cloud

Answer: A

Explanation:
Explanation
This is the backend that the Terraform CLI uses by default, unless you specify a different backend in your configuration. The local backend stores the state file in a local file named terraform.tfstate, which can be used to track and manage the state of your infrastructure.


NEW QUESTION # 19
Outside of the required_providers block, Terraform configurations always refer to providers by their local names.

  • A. True
  • B. False

Answer: B

Explanation:
Explanation
Outside of the required_providers block, Terraform configurations can refer to providers by either their local names or their source addresses. The local name is a short name that can be used throughout the configuration, while the source address is a global identifier for the provider in the format registry.terraform.io/namespace/type. For example, you can use either aws or registry.terraform.io/hashicorp/aws to refer to the AWS provider.


NEW QUESTION # 20
Terraform providers are always installed from the Internet.

  • A. True
  • B. False

Answer: B

Explanation:
Explanation
Terraform providers are not always installed from the Internet. There are other ways to install provider plugins, such as from a local mirror or cache, from a local filesystem directory, or from a network filesystem.
These methods can be useful for offline or air-gapped environments, or for customizing the installation process. You can configure the provider installation methods using the provider_installation block in the CLI configuration file.


NEW QUESTION # 21
Which of the following statements about Terraform modules is not true?

  • A. Modules can call other modules
  • B. You can call the same module multiple times
  • C. Modules must be publicly accessible
  • D. A module is a container for one or more resources

Answer: C

Explanation:
Explanation
This is not true, as modules can be either public or private, depending on your needs and preferences. You can use the Terraform Registry to publish and consume public modules, or use Terraform Cloud or Terraform Enterprise to host and manage private modules.


NEW QUESTION # 22
A module can always refer to all variables declared in its parent module.

  • A. True
  • B. False

Answer: B

Explanation:
Explanation
A module cannot always refer to all variables declared in its parent module, as it needs to explicitly declare input variables and assign values to them from the parent module's arguments. A module cannot access the parent module's variables directly, unless they are passed as input arguments.


NEW QUESTION # 23
Which of the following is not a valid siring function in Terraform?

  • A. join
  • B. Split
  • C. choaf
  • D. slice

Answer: C

Explanation:
Explanation
This is not a valid string function in Terraform. The other options are valid string functions that can manipulate strings in various ways2.


NEW QUESTION # 24
What does state looking accomplish?

  • A. Blocks Terraform commands from modifying, the state file
  • B. Encrypts any credentials stored within the state file
  • C. Copies the state file from memory to disk
  • D. Prevent accidental Prevent accident deletion of the state file

Answer: A

Explanation:
Explanation
This is what state locking accomplishes, by preventing other users from modifying the state file while a Terraform operation is in progress. This prevents conflicts and data loss.


NEW QUESTION # 25
You are writing a child Terraform module that provisions an AWS instance. You want to reference the IP address returned by the child module in the root configuration. You name the instance resource "main'.
Which of these is the correct way to define the output value?

  • A.
  • B.
  • C.
  • D.

Answer: D


NEW QUESTION # 26
Which of the following should you put into the required_providers block?

  • A. version ~> 3.1
  • B. version = ">= 3.1"
  • C. version >= 3.1

Answer: B

Explanation:
Explanation
The required_providers block is used to specify the provider versions that the configuration can work with.
The version argument accepts a version constraint string, which must be enclosed in double quotes. The version constraint string can use operators such as >=, ~>, =, etc. to specify the minimum, maximum, or exact version of the provider. For example, version = ">= 3.1" means that the configuration can work with any provider version that is 3.1 or higher. References = [Provider Requirements] and [Version Constraints]


NEW QUESTION # 27
You can configure Terraform to log to a file using the TF_LOG environment variable.

  • A. True
  • B. False

Answer: A

Explanation:
Explanation
You can configure Terraform to log to a file using the TF_LOG environment variable. This variable can be set to one of the log levels: TRACE, DEBUG, INFO, WARN or ERROR. You can also use the TF_LOG_PATH environment variable to specify a custom log file location. References = : Debugging Terraform


NEW QUESTION # 28
You much initialize your working directory before running terraform validate.

  • A. True
  • B. False

Answer: A

Explanation:
Explanation
You must initialize your working directory before running terraform validate, as it will ensure that all the required plugins and modules are installed and configured properly. If you skip this step, you may encounter errors or inconsistencies when validating your configuration files.


NEW QUESTION # 29
You have deployed a new webapp with a public IP address on a cloud provider. However, you did not create any outputs for your code. What is the best method to quickly find the IP address of the resource you deployed?

  • A. Run terraform state list to find the name of the resource, then terraform state show to find the attributes including public IP address
  • B. Run terraform destroy then terraform apply and look for the IP address in stdout
  • C. Run terraform output ip_address to view the result
  • D. In a new folder, use the terraform_remote_state data source to load in the state file, then write an output for each resource that you find the state file

Answer: A

Explanation:
Explanation
This is a quick way to inspect the state file and find the information you need without modifying anything5.
The other options are either incorrect or inefficient.


NEW QUESTION # 30
You must use different Terraform commands depending on the cloud provider you use.

  • A. True
  • B. False

Answer: B

Explanation:
Explanation
You do not need to use different Terraform commands depending on the cloud provider you use. Terraform commands are consistent across different providers, as they operate on the Terraform configuration files and state files, not on the provider APIs directly.


NEW QUESTION # 31
_______backends support state locking.

  • A. Only local
  • B. No
  • C. Some
  • D. All

Answer: C

Explanation:
Explanation
Some backends support state locking, which prevents other users from modifying the state file while a Terraform operation is in progress. This prevents conflicts and data loss. Not all backends support this feature, and you can check the documentation for each backend type to see if it does.


NEW QUESTION # 32
You modified your Terraform configuration and run Terraform plan to review the changes. Simultaneously, your teammate manually modified the infrastructure component you are working on. Since you already ran terraform plan locally, the execution plan for terraform apply will be the same.

  • A. True
  • B. False

Answer: B

Explanation:
Explanation
The execution plan for terraform apply will not be the same as the one you ran locally with terraform plan, if your teammate manually modified the infrastructure component you are working on. This is because Terraform will refresh the state file before applying any changes, and will detect any differences between the state and the real resources.


NEW QUESTION # 33
Which parameters does terraform import require? Choose two correct answers.

  • A. Provider
  • B. Resource ID
  • C. Resource address
  • D. Path

Answer: B,C

Explanation:
Explanation
These are the parameters that terraform import requires, as they allow Terraform to identify the existing resource that you want to import into your state file, and match it with the corresponding configuration block in your files.


NEW QUESTION # 34
You decide to move a Terraform state file to Amazon S3 from another location. You write the code below into a file called backend.tf.

Which command will migrate your current state file to the new S3 remote backend?

  • A. terraform push
  • B. terraform refresh
  • C. terraform init
  • D. terraform state

Answer: C

Explanation:
Explanation
This command will initialize the new backend and prompt you to migrate the existing state file to the new location3. The other commands are not relevant for this task.


NEW QUESTION # 35
Which of these ate secure options for storing secrets for connecting to a Terraform remote backend? Choose two correct answers.

  • A. A variable file
  • B. Defined in a connection configuration outside of Terraform
  • C. Defined in Environment variables
  • D. Inside the backend block within the Terraform configuration

Answer: B,C

Explanation:
Explanation
Environment variables and connection configurations outside of Terraform are secure options for storing secrets for connecting to a Terraform remote backend. Environment variables can be used to set values for input variables that contain secrets, such as backend access keys or tokens. Terraform will read environment variables that start with TF_VAR_ and match the name of an input variable. For example, if you have an input variable called backend_token, you can set its value with the environment variable TF_VAR_backend_token1.
Connection configurations outside of Terraform are files or scripts that provide credentials or other information for Terraform to connect to a remote backend. For example, you can use a credentials file for the S3 backend2, or a shell script for the HTTP backend3. These files or scripts are not part of the Terraform configuration and can be stored securely in a separate location. The other options are not secure for storing secrets. A variable file is a file that contains values for input variables. Variable files are usually stored in the same directory as the Terraform configuration or in a version control system. This exposes the secrets to anyone who can access the files or the repository. You should not store secrets in variable files1. Inside the backend block within the Terraform configuration is where you specify the type and settings of the remote backend. The backend block is part of the Terraform configuration and is usually stored in a version control system. This exposes the secrets to anyone who can access the configuration or the repository. You should not store secrets in the backend block4. References = [Terraform Input Variables]1, [Backend Type: s3]2,
[Backend Type: http]3, [Backend Configuration]4


NEW QUESTION # 36
Running terraform fmt without any flags in a directory with Terraform configuration files check the formatting of those files without changing their contents.

  • A. True
  • B. False

Answer: B

Explanation:
Explanation
Running terraform fmt without any flags in a directory with Terraform configuration files will not check the formatting of those files without changing their contents, but will actually rewrite them to a canonical format and style. If you want to check the formatting without making changes, you need to use the -check flag.


NEW QUESTION # 37
How can you trigger a run in a Terraform Cloud workspace that is connected to a Version Control System (VCS) repository?

  • A. Commit a change to the VCS working directory and branch that the Terraform Cloud workspace is connected to
  • B. Only Terraform Cloud organization owners can approve plans in VCS connected workspaces
  • C. Only Terraform Cloud organization owners can set workspace variables on VCS connected workspaces
  • D. Only members of a VCS organization can open a pull request against repositories that are connected to Terraform Cloud workspaces

Answer: A

Explanation:
Explanation
This will trigger a run in the Terraform Cloud workspace, which will perform a plan and apply operation on the infrastructure defined by the Terraform configuration files in the VCS repository.


NEW QUESTION # 38
What does the default "local" Terraform backend store?

  • A. Provider plugins
  • B. State file
  • C. tfplan files
  • D. Terraform binary

Answer: B

Explanation:
Explanation
The default "local" Terraform backend stores the state file in a local file named terraform.tfstate, which can be used to track and manage the state of your infrastructure3.


NEW QUESTION # 39
What does this code do?

  • A. Requires any version of the AWS provider > = 3.0 and <4.0
  • B. Requires any version of the AWS provider >= 3.0
  • C. Requires any version of the AWS provider > 3.0
  • D. Requires any version of the AWS provider > = 3.0 major release. like 4.1

Answer: A

Explanation:
Explanation
This is what this code does, by using the pessimistic constraint operator (~>), which specifies an acceptable range of versions for a provider or module.


NEW QUESTION # 40
......

Valid Terraform-Associate-003 Dumps for Helping Passing HashiCorp Exam: https://lead2pass.real4prep.com/Terraform-Associate-003-exam.html