How do you apply to just a single resource?

tf apply target

How do you destroy without being prompted?

terraform destroy --approval-true flag

When would you use a null resource in terraform?

To call an external script – e.g. to call  a provisioner script

resource "null_resource" "execfile" 
{ provisioner "local-scripts" 
  { command = "${path.module}/hello.sh" interpreter = ["/bin/bash"] 
  } 
}

Custom script from within a terraform module

What is the root module?

When you run Terraform commands directly from such a directory, it is considered the root module.

How do you plan before destroying?

terraform plan -destroy

How do you prevent a resource from being deleted by a subsequent tf script?

For resources that support it, the prevent_destroy attribute is what is needed.

What is Configuration management? How does it differ from provisioning?

Provisioning is Terraform. CM is tools such as Ansible and Jenkins which allow for actual VM configuration.They provide a consistent structure for folders, secrets etc. However, there is an overlap between these two areas. Mostly, you could use terraform (and some python) to do all your configuration management. user_data and Systems Manager in AWS or custom_script in GCP will allow

What is State File Locking?

State file locking is a mechanism in terraform where operation on a specific state file is blocked to avoid conflicts between multiple users performing the same operation.

The simplest workaround is to store the state in a remote bucket (s3 or cloud storage on gcp). See Multi Developer Terraform

How do you pass in a database password to a terraform resource?

TBD

How do you isolate the web tier from the database tier?

Separate Configuration Files and folders, so you can deploy the web tier independently of the db tier.

How do you prevent state file checkins?

In git, ensure you have a .gitignore that contains:

  •    .terraform (folder used as a scratch directory)
  •   .tfstate
  •   .tfstate.backup

How do you add a git repo as an origin for git?

git remote add origin git@github.com:USERNAME/REPONAME.git

What is the difference between git push and git commit?

commit is just to your branch.

git push pushes YOUR branch commits to the origin (so other team mates can access them).

Similarly, git pull pulls all the changes from the origin / master.

Count in Terraform

resource "ec2" instances
{
count = 3
name = ec2.${count.,index}
}

TF Lists and Indexing a List Element

element(LIST, INDEX)

Dynamic Data

Either returned from a data element or from the output of a created resource.

What is the null resource?

How do you ensure that a resource is deleted in TF?

What is a tainted resource in terraform?

When a resource declaration is modified, Terraform usually attempts to update the existing resource in place (although some changes can require destruction and re-creation, usually due to upstream API limitations).

In some cases, you might want a resource to be destroyed and re-created even when Terraform doesn’t think it’s necessary.

for example, a virtual machine that configures itself with cloud-init on startup might no longer meet your needs if the cloud-init configuration changes.

Why would you need to UNTAINT a TAINTED resource?

If Terraform currently considers a particular object as tainted but you’ve determined that it’s actually functioning correctly and need not be replaced, you can use terraform untaint to remove the taint marker from that object.

How do you pass the output of a module to another module?

  1. First, an output variable to be defined in a resource configuration. The scope is local and to the module.
  2. Now, you have to declare the output variable of module_A to be used in other module’s configuration. A brand new and latest key name should be created by you and the value should be kept equivalent to the module_A’s output variable.
  3. Now, for module_B you have to create a file variable.tf. Establish an input variable inside this file having exactly the same name as was in the key defined by you in module_B. In a module, this particular variable enables the resource’s dynamic configuration. For making this variable available to some other module also, replicate the process. This is because the particular variable established here have its scope restricted to module_B.