prepforcareers.com

Top Terraform Fundamentals, Architecture, and Core Workflow Questions for Interview

Prepare for your Terraform and DevOps interviews with these carefully selectedย Terraform Fundamentals, Architecture, and Core Workflowย MCQs. This set covers core Terraform Fundamentals, Architecture, and Core Workflow. Each question includes clear answers and explanations to help you strengthen your understanding and boost interview confidence.

By the end of this article, youโ€™ll be well-equipped to handle a variety ofย Terraform Fundamentals, Architecture, and Core Workflow interview questions and demonstrate your proficiency in automating IT tasks efficiently and effectively.

1. Which company is the creator and developer of Terraform ?

A) IBM
B) Microsoft
C) HashiCorp
D) Amazon

Correct Answer: C
Explanation: Terraform was created and launched by HashiCorp in 2014. It is an open-source tool written in the Go programming language.

2. What is the primary configuration language used by Terraform ?

A) YAML
B) JSON
C) HCL (HashiCorp Configuration Language)
D) Python

Correct Answer: C
Explanation: Terraform uses HCL to define infrastructure in a human-readable format. While JSON can optionally be used, HCL is the standard for creating and provisioning architecture.

3. In the context of Infrastructure as Code (IaC), what does “Declarative” mean ?

A) You provide step-by-step instructions on how to build a resource
B) You define the desired end-state, and the tool figures out how to reach it
C) You must manually click through a console to confirm changes
D) The code is executed in the exact order it is written

Correct Answer: B
Explanation: Terraform follows a declarative approach where users define “what” the infrastructure should look like. The tool then handles the logic of provisioning and identifying dependencies.

4. Which Terraform command is used to initialize a new or existing working directory ?

A) terraform apply
B) terraform plan
C) terraform init
D) terraform start

Correct Answer: C
Explanation: The init command prepares a directory by downloading necessary provider plugins and initializing the backend. It is the first command that must be run in a new project.

5. What is meant by the term “Cloud Agnostic” in relation to Terraform ?

A) It can manage infrastructure across multiple different cloud providers
B) It is a tool specifically designed for AWS CloudFormation
C) It only works with private cloud environments
D) It does not require an internet connection to function

Correct Answer: A
Explanation: Unlike cloud-specific tools, Terraform works with any provider, such as AWS, Azure, GCP, or even Kubernetes. This allows for a consistent workflow across diverse platforms.

6. Which part of Terraform architecture acts as the “Engine” that reads configurations ?

A) Terraform Plugins
B) Terraform State
C) Terraform Registry
D) Terraform Core

Correct Answer: D
Explanation: Terraform Core is the static binary that reads configuration files and calculates the necessary changes. It takes user configurations and state data as inputs to determine actions.

7. What is a Terraform “Provider” ?

A) A plugin that allows Terraform to communicate with specific platform APIs
B) A type of server used to host the state file
C) The person responsible for writing the HCL code
D) A collection of reusable HCL templates

Correct Answer: A
Explanation: Providers are plugins that translate Terraform code into API calls for specific platforms like AWS or Azure. Without them, Terraform cannot interact with cloud platforms or SaaS services.

8. What does the terraform plan command do ?

A) It executes the changes to the cloud immediately
B) It creates a preview of the actions Terraform will take
C) It deletes all resources defined in the code
D) It formats the code to meet HCL standards

Correct Answer: B
Explanation: The plan command compares the current state to the configuration and shows a preview of what will be created, updated, or destroyed. This acts as a “dry run” to validate changes before they happen.

9. Which command is used to actually provision the resources defined in the configuration ?

A) terraform apply
B) terraform deploy
C) terraform execute
D) terraform init

Correct Answer: A
Explanation: The apply command carries out the actions proposed in the plan to reach the desired state. By default, it will prompt the user for confirmation before making changes.

10. What is the purpose of the terraform.tfstate file ?

A) It stores the user’s login credentials for the cloud
B) It keeps track of the real-world resources managed by Terraform
C) It contains the source code for the infrastructure
D) It acts as a backup for the main.tf file

Correct Answer: B
Explanation: The state file acts as the “source of truth” by mapping your code to real-world resources. It helps Terraform detect drift and determine what changes are needed.

11. What is “Immutable Infrastructure” in the context of Terraform ?

A) Infrastructure that cannot be changed once it is built
B) A security feature that prevents the state file from being edited
C) The practice of replacing resources rather than modifying them in place
D) Infrastructure that is only hosted on-premises

Correct Answer: C
Explanation: Terraform typically replaces servers or resources instead of changing them to avoid “configuration drift”. This ensures that servers remain consistent and predictable over time.

12. Which command would you use to remove all infrastructure managed by a Terraform configuration ?

A) terraform delete
B) terraform remove
C) terraform destroy
D) terraform stop

Correct Answer: C
Explanation: The destroy command is used to tear down all resources tracked in the state file. It is a convenient way to clean up temporary environments.

13. What are “Resources” in HCL ?

A) The physical hardware used by HashiCorp
B) The fundamental building blocks, like virtual machines or databases, defined in code
C) The team members who manage the DevOps pipeline
D) The documentation files for Terraform plugins

Correct Answer: B
Explanation: Resources are the infrastructure objectsโ€”such as VPCs, S3 buckets, or EC2 instancesโ€”that Terraform manages. Each resource block describes the properties of that specific object.

14. How does Terraform handle dependencies between resources ?

A) It uses a resource graph to determine the correct order of operations
B) You must list resources in the exact order they should be created
C) It creates all resources at the same time and ignores errors
D) It requires a manual script to link different resources together

Correct Answer: A
Explanation: Terraform automatically builds a dependency graph to determine which resources must be provisioned first. This ensures that if a VM needs a VPC, the VPC is created first.

15. What is the core workflow of Terraform ?

A) Code, Build, Test
B) Start, Manage, Stop
C) Init, Validate, Deploy
D) Write, Plan, Apply

Correct Answer: D
Explanation: The standard workflow starts with writing HCL files, then planning the execution, and finally applying those changes. This cycle ensures a predictable and safe infrastructure management process.

16. Which of the following is a primary benefit of using IaC ?

A) It increases deployment speed and consistency through automation
B) It requires more manual oversight to prevent errors
C) It prevents the use of version control like Git
D) It makes infrastructure harder to replicate in different regions

Correct Answer: A
Explanation: IaC allows for rapid, repeatable deployments and reduces human error by using code to manage infrastructure. It enables teams to treat infrastructure like software with versioning and testing.

17. Which command is used to ensure your configuration files are syntactically correct ?

A) terraform test
B) terraform check
C) terraform fmt
D) terraform validate

Correct Answer: D
Explanation: The validate command checks for syntax errors, undeclared variables, or invalid arguments without connecting to remote services. It ensures the internal consistency of the configuration.

18. What is a “Data Source” in Terraform ?

A) A database used to store the Terraform state
B) A way to fetch information from existing resources outside of Terraform
C) The location where Terraform modules are stored
D) The API key used to connect to a cloud provider

Correct Answer: B
Explanation: Data sources allow your configuration to query and use data from existing cloud objects that Terraform does not manage. For example, fetching the latest AMI ID from AWS.

19. What happened to the Terraform license in August 2023 ?

A) It was relicensed from MPL 2.0 to the Business Source License (BUSL) 1.1
B) It became completely proprietary and closed-source
C) It was sold to Microsoft for commercial use
D) It became free for all commercial competitors

Correct Answer: A
Explanation: HashiCorp transitioned Terraform to the BUSL, which prohibits commercial use by those offering “competitive services”. This change led to the creation of the OpenTofu fork.

20. Which command is used to format HCL code into a standard, readable style ?

A) terraform clean
B) terraform style
C) terraform fmt
D) terraform beautify

Correct Answer: C
Explanation: The fmt command automatically rewrites configuration files into a canonical format to improve readability and consistency across a team. It is a best practice to run this after editing files.

21. What is “Drift Detection” in Terraform ?

A) Detecting when the Terraform version is out of date
B) Identifying when the real-world infrastructure no longer matches the state file
C) Tracking when a developer changes the HCL code
D) Measuring the latency of the cloud provider’s API

Correct Answer: B
Explanation: Drift occurs when manual changes are made to resources outside of Terraform. Running terraform plan allows Terraform to detect these differences and propose ways to fix them.

22. What is a “Module” in Terraform ?

A) A separate software tool used for monitoring infrastructure
B) The part of the code that handles user authentication
C) A specific type of cloud provider like AWS
D) A container for a set of related resources used together

Correct Answer: D
Explanation: Modules are reusable packages of Terraform code that organize related resources. They help reduce code duplication and enforce standardized patterns across projects.

23. Which file should be kept secure because it might contain sensitive information ?

A) main.tf
B) README.md
C) terraform.tfstate
D) .gitignore

Correct Answer: C
Explanation: The state file tracks resource metadata and may contain sensitive data, such as passwords or API keys, in plaintext. It should be stored in a secure, encrypted remote location.

24. Which command is used to preview the outputs defined in a configuration ?

A) terraform show
B) terraform list
C) terraform output
D) terraform view

Correct Answer: C
Explanation: The output command displays the values of variables that you have specifically marked to be shown after an apply. It is useful for extracting information like IP addresses or database endpoints.

25. Which command allows you to view the current state in a human-readable format ?

A) terraform show
B) terraform read
C) terraform print
D) terraform log

Correct Answer: A
Explanation: terraform show provides a human-readable version of the state file or a plan file. It is helpful for inspecting the exact details of managed resources.

26. What is the “Root Module” in a Terraform project ?

A) The module that contains all child modules
B) The main directory containing the HCL files where commands are run
C) A specialized module for managing Linux root users
D) The first module ever created in the Terraform Registry

Correct Answer: B
Explanation: The root module is the main set of configuration files in your working directory from which you run Terraform commands. It orchestrates the entire deployment.

27. What is “State Locking” used for ?

A) To prevent the state file from being deleted by the cloud provider
B) To encrypt the state file so only administrators can read it
C) To prevent multiple users from running Terraform at the same time on the same state
D) To lock the version of Terraform so it cannot be upgraded

Correct Answer: C
Explanation: State locking prevents concurrent modifications that could lead to state file corruption. If a lock is active, other users must wait until it is released before they can run conflicting commands.

28. In HCL, what keyword is used to define an input parameter ?

A) input
B) parameter
C) variable
D) arg

Correct Answer: C
Explanation: The variable block is used to define input variables that allow values to be passed in from outside the module. They act like function arguments for your infrastructure code.

29. Which tool is a fully open-source fork of Terraform created after the BUSL license change ?

A) Ansible
B) Pulumi
C) CloudFormation
D) OpenTofu

Correct Answer: D
Explanation: OpenTofu was created as a community-driven, open-source fork of Terraform version 1.5.6. It is intended to be a drop-in replacement for Terraform workflows.

30. What is a “Provisioner” in Terraform ?

A) A tool used to pay for cloud subscriptions
B) A feature used to run scripts or commands on a resource after it is created
C) The person who approves the infrastructure changes
D) A plugin that provides the API connection to AWS

Correct Answer: B
Explanation: Provisioners are used to execute scripts locally or remotely to bootstrap a resource or install software. However, they are generally considered a “last resort” compared to other methods.

31. What is the purpose of the terraform init -upgrade command ?

A) To upgrade the Terraform binary to the latest version
B) To migrate the state file to a new cloud account
C) To upgrade the cloud infrastructure to a larger instance size
D) To update the provider and module plugins to the latest allowed versions

Correct Answer: D
Explanation: Using the -upgrade flag with init tells Terraform to re-check the registry for newer acceptable versions of the providers and modules used in the configuration. It helps keep plugins up to date.

32. What does the terraform import command do ?

A) It brings existing infrastructure resources under Terraform management
B) It imports HCL code from a GitHub repository
C) It imports a state file from a local machine to the cloud
D) It converts JSON files into HCL format

Correct Answer: A
Explanation: The import command associates an existing, manually-created resource with a resource block in your HCL code. It populates the state file with the resource’s current attributes.

33. What is a “Backend” in Terraform ?

A) The user interface where you type commands
B) The database that stores the HCL source code
C) The physical server rack located in a data center
D) The storage location and execution environment for the state file

Correct Answer: D
Explanation: A backend determines where Terraform operations are performed and where the state file is stored. Common backends include local disk, Amazon S3, or Terraform Cloud.

34. Which of the following is NOT a primary command in the Terraform workflow ?

A) init
B) plan
C) refresh
D) apply

Correct Answer: C
Explanation: While refresh is a command, the “primary” workflow consists of Write, Plan, and Apply. The refresh command updates the state file but does not change resources.

35. What is the Terraform Registry ?

A) A database of all Terraform users worldwide
B) A list of all companies currently using HashiCorp tools
C) A repository for sharing providers, modules, and policy rules
D) The legal registry where the Terraform trademark is filed

Correct Answer: C
Explanation: The Terraform Registry is a public or private repository where users can find and download pre-built modules and providers. It helps teams reuse verified configurations instead of writing them from scratch.

36. Which command would you use to find the current version of the Terraform binary ?

A) terraform –version
B) terraform status
C) terraform info
D) terraform list

Correct Answer: A
Explanation: The version command (or –version flag) displays the current version of Terraform installed on your machine. It also notifies you if a newer version is available.

37. What is the “Terraform Console” used for ?

A) To access the Linux terminal of a provisioned VM
B) To interactively evaluate and test HCL expressions
C) To chat with other developers on the team
D) To view the live logs of a running application

Correct Answer: B
Explanation: The console command opens an interactive prompt where you can test HCL syntax, math operations, and resource attribute lookups. It is very useful for debugging expressions.

38. Which keyword is used to define an infrastructure object in Terraform ?

A) object
B) provider
C) resource
D) module

Correct Answer: C
Explanation: The resource keyword defines a specific piece of infrastructure, like a server or storage bucket, that Terraform will manage. It includes a type and an internal name for tracking.

39. What does “Tainting” a resource do ?

A) It encrypts the resource for added security
B) It marks a resource for destruction and recreation during the next apply
C) It prevents the resource from being deleted
D) It renames the resource in the cloud console

Correct Answer: B
Explanation: Tainting a resource informs Terraform that the resource is problematic and needs to be completely rebuilt. The resource remains as-is until the next terraform apply is run.

40. How does Terraform manage resources across multiple cloud providers at once ?

A) It requires a separate state file for every provider
B) It uses a single universal API that all clouds follow
C) It can only work with one provider at a time
D) You can define multiple provider blocks in the same configuration

Correct Answer: D
Explanation: Terraform allows you to define and manage resources from different clouds (like AWS and Azure) in a single project by using multiple provider blocks. This is a core part of its multi-cloud capability.

41. What is a “Sentinel” in the context of Terraform ?

A) A policy-as-code framework used for governance and compliance
B) A specialized type of virtual machine for monitoring
C) The default name given to the first resource in a project
D) A tool for automatically creating GitHub documentation

Correct Answer: A
Explanation: Sentinel is a tool used in Terraform Enterprise and Cloud to enforce rules, such as mandatory tagging or restricting specific resource types. It ensures that infrastructure stays within organizational standards.

42. In HCL syntax, which block is used to specify values that a module returns to its caller ?

A) variable
B) input
C) output
D) return

Correct Answer: C
Explanation: The output block exposes specific information from a module, like an IP address, so it can be used by other parts of the infrastructure or displayed to the user.

43. Which command is used to check if the configuration is valid without creating an execution plan ?

A) terraform plan
B) terraform check
C) terraform validate
D) terraform init

Correct Answer: C
Explanation: The validate command focuses solely on syntax and internal consistency, ignoring remote state or provider APIs. It is often used in automated CI/CD pipelines as a basic check.

44. What is the difference between Terraform and Ansible ?

A) Terraform is for managing code; Ansible is for managing hardware
B) Terraform is a provisioning tool; Ansible is primarily a configuration management tool
C) Terraform only works on Linux; Ansible only works on Windows
D) There is no difference; they are the same tool

Correct Answer: B
Explanation: Terraform is best at creating and orchestrating the foundational infrastructure (VMs, networks), while Ansible excels at configuring software and packages on those existing servers. They are often used together in a pipeline.

45. What is the terraform refresh command used for ?

A) To update the HCL code to the latest version of the Terraform language
B) To clear the cache of the Terraform binary
C) To reboot all virtual machines in the cloud environment
D) To update the local state file to match the current state of real-world resources

Correct Answer: D
Explanation: The refresh command updates the state file to reflect what is actually running in the cloud, helping detect drift. However, it does not modify any real-world infrastructure itself.

46. What is a “Child Module” ?

A) A separate module that is called from within the root module
B) A module that is only used for testing purposes
C) The version of a module designed for smaller cloud accounts
D) A module that has no resources defined in it

Correct Answer: A
Explanation: A child module is an external set of configurations that you reference within your main code using a module block. It allows for modular and reusable code structures.

47. Which command displays the tree of providers used in your project ?

A) terraform providers
B) terraform list
C) terraform plugins
D) terraform show

Correct Answer: A
Explanation: The providers command shows a detailed tree of all providers required by your current configuration and modules. It is useful for checking plugin versions and requirements.

48. What is “Workspace Management” in Terraform ?

A) Managing the physical office space for DevOps teams
B) Using separate state files within the same configuration for different environments
C) A feature for organizing files in the Windows file explorer
D) The process of hiring new Terraform developers

Correct Answer: B
Explanation: Workspaces allow you to manage multiple environments (like dev, staging, and prod) using the same code but different state files. They provide basic environment isolation.

49. What does the terraform graph command produce ?

A) A chart showing the cost of your cloud infrastructure
B) A line graph of server CPU usage over time
C) A visual representation of the dependencies between resources
D) A map of all cloud data centers worldwide

Correct Answer: C
Explanation: The graph command generates a DOT-formatted graph showing how resources are linked. This can be rendered as an image to help understand complex architectures.

50. What is the primary benefit of storing Terraform state remotely ?

A) It makes the terraform apply command run much faster
B) It facilitates collaboration and provides features like state locking and encryption
C) It allows the state file to be publicly accessible to anyone
D) It removes the need for writing HCL configuration files

Correct Answer: B
Explanation: Remote state storage (like S3 or Terraform Cloud) allows teams to work together safely by preventing two people from editing the state at once. It also provides better security and version control for state history.

Leave a Reply

Your email address will not be published. Required fields are marked *

prepforcareers.com

Our platform focuses on providing carefully prepared IT interview MCQs with clear answers and easy explanations. Each question is designed to help you strengthen your fundamentals and improve your confidence before facing real interviews.

Recent