When using a remote backend or terraform Cloud integration, where does Terraform save resource sate?
You can configure multiple cloud blocks in your Terraform configuration to connect your workspace to both HCP Terraform and your Terraform Enterprise instance.
How would you reference the volume IDs associated with the ebs_block_device blocks in this configuration?

Multiple team members are collaborating on infrastructure using Terraform and want to format the* Terraform code following standard Terraform-style convention.
How should they ensure the code satisfies conventions?
You want to use API tokens and other secrets within your team ' s Terraform workspaces. Where does HashiCorp recommend you store these sensitive values? (Pick the 3 correct responses)
Which option cannot be used to keep secrets out of Terraform configuration files?
You ' re writing a Terraform configuration that needs to read input from a local file called id_rsa.pub. Which built-in Terraform function can you use to import the file ' s contents as a string?
Which is a benefit of using infrastructure as code (IaC) tools compared to native platform APIs?
You have a Terraform configuration that defines a single virtual machine with no references to it, You have run terraform apply to create the resource, and then removed the resource definition from your Terraform configuration file.
What will happen you run terraform apply in the working directory again?
When using multiple configuration of the same Terraform provider, what meta-argument must you include in any non-default provider configurations?
Which of the following does HCP Terraform perform during a health assessment for a workspace?
You can define multiple backend blocks in your Terraform configuration to store your state in multiple locations.
You’ve updated your Terraform configuration, and you need to preview the proposed changes to your infrastructure. Which command should you run?
You want to use API tokens and other secrets within your team ' s Terraform workspaces. Where does HashiCorp recommend you store these sensitive values? (Pick 3)
When should you write Terraform configuration files for existing infrastructure that you want to start managing with Terraform?
You are creating a reusable Terraform configuration and want to include an optional billing_dept tag so your Finance team can track team-specific spending on resources. Which of the following billing_dept variable declarations will achieve this?
How does the Terraform cloud integration differ from other state backends such as S3, Consul,etc?
terraform init retrieves and caches the configuration for all remote modules.
Exhibit:
Root module configuration:
output " vnet_id " {
value = module.my_network.vnet_id
}
Error:
Error: Reference to undeclared output value
on main.tf line 12, in output " vnet_id " :
12: value = module.my_network.vnet_id
You are using a networking module in your Terraform configuration with the name my_network. Your root module includes the configuration shown. When you run terraform validate, you get the error shown. Which option would successfully retrieve this value from your networking module?
Setting the TF_LOG environment variable to DEBUG causes debug messages to be logged into stdout.
Which are benefits of migrating from a local state backend to a remote backend? (Pick the 2 correct responses below.)
You add a new resource to an existing Terraform configuration, but do not update the version constraint in the configuration. The existing and new resources use the same provider. The working contains a .terraform.lock, hc1 file.
How will Terraform choose which version of the provider to use?
You much initialize your working directory before running terraform validate.
What kind of configuration block will create an infrastructure object with settings specified within the block?
Why is it considered important to treat your Terraform state file as sensitive?
You just scaled your VM infrastructure and realize you set the count variable to the wrong value. You correct the value and save your change. What must you do next to make your infrastructure match your configuration?
Which of these are features of HCP Terraform/Terraform Cloud? (Pick the 2 correct responses)
terraform destroy is the only way to remove infrastructure with Terraform.
You can develop a custom provider to manage its resources using Terraform.
Which parameters does the import block require? (Pick the 2 correct responses below.)
You ' ve used Terraform to deploy a virtual machine and a database. You want to replace this virtual machine instance with an identical one without affecting the database. What is the best way to achieve this using Terraform?
You want to bring an existing database under Terraform management. What information is required to create a new import block for the database?
Pick the two correct responses below.
A resource block is shown in the Exhibit space of this page. What is the Terraform resource name of that resource block?
You created infrastructure outside the Terraform workflow that you now want to manage using Terraform. Which command brings the infrastructure into Terraform state?
Your Terraform configuration manages a resource that requires maximum uptime. You need to update the resource, and when you run terraform plan, Terraform indicates that the update requires the resource to be destroyed and recreated.
Which lifecycle rule can you add to the resource to reduce downtime while still applying the update?
The exhibit below shows part of a Terraform configuration you have been asked to update. The name of the Azure Virtual Network should be set to the name of the resource group followed by a dash and the word vnet.
Exhibit:
data " azurerm_resource_group " " example " {
name = var.resource_group_name
}
resource " azurerm_virtual_network " " example " {
name = ______________________
}
Which expression fulfills this requirement?
Infrastructure as Code (laC) can be stored in a version control system along with application code.
Which statements are true about terraform apply? (Choose TWO correct answers)
You modified your Terraform configuration to fix a typo in the resource ID by renaming it from photoes to photos. What configuration will you add to update the resource ID in state without destroying the existing resource?
Original configuration:
resource " aws_s3_bucket " " photoes " {
bucket_prefix = " images "
}
Updated configuration:
resource " aws_s3_bucket " " photos " {
bucket_prefix = " images "
}
Which of these actions will prevent two Terraform runs from changing the same state file at the same time?
In Terraform HCL, an object type of object({name=string, age-number}) would match this value.

Which of the following arguments are required when declaring a Terraform output?
If one of your modules uses a local value, you can expose that value to callers of the module by defining a Terraform output in the module’s configuration.
Which two steps are required to provision new infrastructure in the Terraform workflow? Choose two correct answers.
Changing the Terraform backend from the default " local " backend to a different one after performing your first terrafom apply is:
You want to define a single input variable to capture configuration values for a server. The values must represent memory as a number, and the server name as a string.
Which variable type could you use for this input?
Your team often uses API calls to create and manage cloud infrastructure. In what ways does Terraform differ from conventional infrastructure management approaches?
Which of the following can you do with terraform plan?
Pick the two correct responses below.
When you initialize Terraform, where does it cache modules from the public Terraform Registry?
All modules published on the official Terraform Module Registry have been verified by HasihCorp.
You have never used Terraform before and would like to test it out using a shared team account for a cloud provider. The shared team account already contains 15 virtual machines (VM). You develop a Terraform configuration containing one VM. perform terraform apply, and see that your VM was created successfully. What should you do to delete the newly-created VM with Terraform?
What is the Terraform style convention for indenting a nesting level compared to the one above it?
When a check block’s assertion fails, Terraform blocks the current operation from executing.
Exhibit:
resource " kubernetes_namespace " " example " {
name = " test "
}
A resource block is shown in the exhibit. How would you reference the name attribute of this resource in HCL?
Where does HashiCorp recommend you store API tokens and other secrets within your team’s Terraform workspaces?
Pick the three correct responses below.
By default, if you do not define a backend for your configuration, where does Terraform store information about the resources that it manages?
Which of the following does terraform apply change after you approve the execution plan? (Choose two.)
You want to know from which paths Terraform is loading providers referenced in your Terraform configuration (* files). You need to enable additional logging messages to find this out. Which of the following would achieve this?
You have a simple Terraform configuration containing one virtual machine (VM) in a cloud provider. You run terraform apply and the VM is created successfully. What will happen if you terraform apply again immediately afterward without changing any Terraform code?
What type of block is used to construct a collection of nested configuration blocks?
What is the Terraform style convention for indenting a nesting level compared to the one above it?

The Terraform configuration shown in the Exhibit space on this page v/ill create a new AWS instance.
You have developed a new cloud-based service that uses proprietary APIs and want to use Terraform to create, manage, and delete users from the service. How can Terraform interact with the service?
Which of these workflows is only enabled by the use of Infrastructure as Code?
A resource block is shown in the Exhibit section of this page. How would you reference the attribute name of this resource in HCL?
If a DevOps team adopts AWS CloudFormation as their standardized method for provisioning public cloud resoruces, which of the following scenarios poses a challenge for this team?
Which of the following isnotan advantage of using Infrastructure as Code (IaC) operations?
You want to create a string that is a combination of a generated random_id and a variable, and reuse that string several times in your configuration.
What is the simplest correct way to implement this without repeating the random_id and variable?
Part of a configuration is shown in the exhibit below.
You want to pass the id of the vsphere_datacenter data source to the datacenter_id argument of the vsphere_folder resource.
Which reference would you use?
A module block used in your configuration is shown in the exhibit. You have been asked to update the version of this module from 4.2.1 to 5.0.0.
Exhibit:
module " compute " {
source = " Azure/compute/azurerm "
version = " 4.2.1 "
}
Which two steps must you take to accomplish this?
What information does the public Terraform Module Registry automatically expose about published modules?
You modified your Terraform configuration and run Terraform plan to review the changes. Simultaneously, your teammate manually modified the infrastructure component you are working on. Since you already ran terraform plan locally, the execution plan for terraform apply will be the same.
Where in your Terraform configuration do you specify remote state storage settings?
You need to destroy all of the resources in your Terraform workspace, except for aws_instance.ubuntu[1], which you want to keep. How can you tell Terraform to stop managing that specific resource without destroying it?
You can execute terraform fmt to standardize all Terraform configurations within the current working directory to Terraform’s canonical format and style.
You have provisioned some virtual machines (VMs) on Google Cloud Platform (GCP) using the gcloud command line tool. However, you are standardizing with Terraform and want to manage these VMs using Terraform instead. What are the two things you must do to achieve this? Choose two correct answers.
You are responsible for a set of infrastructure that is managed by two workspaces: example-network and example-compute. The example-compute workspace uses data from output values configured in the example-network workspace and must be deployed afterward. Currently, this is a manual process:
An operator deploys changes to the example-network workspace.
They manually copy the output values from the example-network workspace to input variables configured for the example-compute workspace.
They deploy the example-compute workspace.
Which HCP Terraform features can you use to automate this process?
Pick the two correct responses below.
What kind of configuration block will manage an infrastructure object with settings specified within the block?
You want to bring an existing database under Terraform management. What information is required to create a new import block for the database?
Pick the 2 correct responses below:
You have deployed a new webapp with a public IP address on a cloud provider. However, you did not create any outputs for your code. What is the best method to quickly find the IP address of the resource you deployed?
terraform validate confirms that your infrastructure matches the Terraform state file.