1.

Terraform Basics:

What is Infrastructure as Code (IaC)?

A: IAC is the method to complete the computing infrastructure through code.

What is Terraform, and how does it differ from other IaC tools like? CloudFormation or Ansible?

A: Terraform is not platform specific allows users to provision computing in different cloud platforms

What is a Terraform provider? How does the AWS provider work?

A: Provider enables terraform to interact with external resources which includes different cloud
providers.

What is the purpose of a main.tf file?

A: Main.tf contains resource blocks that needs to be created on cloud platform.

What are the different Terraform commands? (e.g., terraform init , terraform

plan , terraform apply , terraform destroy )

A: ., terraform init—It initates the working directory containing terraform configuration files.

Terraform apply: It creates the resources based on the configuration files.

Terraform destroy: destroys the resources created by terraform files.

What is the difference between terraform apply and terraform plan ?

A: Terraform plan gives the preview of the changes(creation/deletion) to be made

Terraform Apply makes the configuration changes as per terraform configuration files.

What is a Terraform state file? Why is it important?

A: Terraform state file is the reference file for terraform which contains the information of
infrastructure and configuration-Terraform state file helps in maintaining the deployments stable and
reliable.
How can you store Terraform state remotely, and why is it useful?

A: Terraform state file can be remotely stored using remote storage sources of different cloud
platforms like AWS S3, Azure cloud storage.

Remote state file can be used to share it among different users and can be common source for
updates and changes in the configuration.

2. Terraform Configuration & Syntax:

What is a Terraform resource? Provide examples.

A: Terraform resources helps in defining Infrastructure or services that needs to be managed Ex:
Servers, database, Storage and network configurations

How do you define variables in Terraform? What are input variables and output

variables?

A: Variable is the place holder for values : Variable can be defined using variable block and variable
name—with in the block attributes and values can be defined.

Input variables acts as parameters for terraform modules

Output variables are like return values which stores the output of the files.

What are data sources in Terraform, and how are they used?

A: Data source helps in sourcing the information from external sources and use it in terraform
configuration, Data source used using the data keyword configuration.

What are providers in Terraform? How do you configure the AWS provider?

A: Provider enables terraform to interact with external resources which includes different cloud
providers.

Terraform provider can be configured using provider blocks in the main module of a Terraform
configuration:

How do you use locals and outputs in a Terraform configuration?

A: locals helps in naming the expression or values and helps in reducing the code duplication

How do you organize multiple resources and modules in Terraform?

A: Using different set of files for different resources and using different workspaces for different
modules in terraform.

3. Task 1 - Setting up AWS Resources:

Create a simple S3 bucket in AWS using Terraform.

A: resource "aws_s3_bucket" "bucket" {

bucket = "my-unique-bucket-name"

tags = {

Name = "MyS3Bucket"

Define a basic configuration that creates an S3 bucket with versioning

enabled.

resource "aws_s3_bucket" "bucket" {

bucket = "my-unique-bucket-name"

tags = {

Name = "MyS3Bucket"

resource "aws_s3_bucket_versioning" "versioning {

bucket = aws_s3_bucket.bucket.id

versioning_configuration {

status = "Enabled"

What does the configuration look like? Explain each part.

How do you verify the S3 bucket is created?

A: U can verify from the AWS management console.

Bonus: Enable server-side encryption for the S3 bucket.

resource "aws_s3_bucket_server_side_encryption_configuration" "example" {

bucket = aws_s3_bucket.bucket.id

4. Task 2 - Deploying EC2 Instance:

Create an EC2 instance using Terraform.

Define a basic configuration for deploying an EC2 instance.

Resource “aws_instace” “name”{

Ami=amiid

Instance_type= instance type name

What are the key attributes needed for the EC2 instance (e.g., AMI ID,

instance type, security groups)?

How do you assign a key pair for SSH access?

A: SSH Key-gen command is used to generate keys bother private and public keys

How do you verify the instance is running?

A: Ping command should return successful status

Bonus: Associate an Elastic IP to the EC2 instance.

Using resource "aws_eip_association" -elastic IP can be associated.

5. Task 3 - Using Variables:

Modify your EC2 instance configuration to use variables for AMI ID and instance

type.

A: ami =var.amiid

Type=var.type
How do you define variables in Terraform?

A:Variables can be defined using variable block:

Variable variablename{ values }

What are variable files, and how do you reference them?

A: Variable files are tf variable files and tfvar files:

tf variable file refers the declaration of variables, name, type, description, default values .

Tfvar file is for giving the actual variable values which are used during execution

What is the purpose of a terraform.tfvars file?

A: .tfvar file allow you to store the default values of the variables mentioned in variable.tf file and
user can override the values mentioned in tfvar file.

6. Task 4 - VPC Creation:

Create a VPC with a public subnet, Internet Gateway, and route table using

Terraform.

What is a VPC, and how do you define it in Terraform?

A: Virtual Private Cloud is defined by

resource "aws_vpc" "voc_ name"{

How do you create a public subnet and an Internet Gateway?

A: resource "aws_internet_gateway" "gateway_name"{}

resource "aws_internet_gateway" "gw"{

How do you associate a route table to your subnet?

A:
resource "aws_route_table_association" "name" {

}
7. Task 5 - Auto-scaling and Load Balancing:

Deploy an Auto Scaling group with a Load Balancer in AWS.

How do you create an Auto Scaling group in Terraform?

A:
resource "aws_autoscaling_group" "groupname" {

How do you define a Load Balancer (ELB/ALB) in Terraform?

A: resource "aws_elb" "loadbalancername" {

How can you attach the Load Balancer to your Auto Scaling group?

A: Using “ aws_autoscaling_attachment” resource name

Bonus: Implement health checks for the Load Balancer.

Script1:

8. Task 6 - Using Terraform Modules:

Use a Terraform module to deploy reusable resources.

What are Terraform modules?

A: Modules in terraform are set of code which can be reused.

How can you create a module for deploying an EC2 instance and reuse it?

A:Provider “aws”{

Region=default region
}

Module ec2_instance{

Source= source path

}
How do you source modules from the Terraform Registry?

A: Modules on the public Terraform Registry can be referenced using a registry source address of
the form <NAMESPACE>/<NAME>/<PROVIDER>.

9. Task 7 - IAM Roles and Policies:

Create an IAM role and attach a policy using Terraform.

How do you create an IAM role in Terraform?

A:By Using aws_iam_role block

resource "aws_iam_role" role name " {

How do you attach a managed policy to an IAM role?

data "aws_iam_policy" "Policyname" {

arn = "arn:aws:iam::aws:policy /Policyname "

resource "aws_iam_role_policy_attachment" "rolename" {

role = "${aws_iam_role.sto-test-role.name}"

policy_arn = "${data.aws_iam_policy.rolename.arn}"

How do you create a custom IAM policy and attach it to a role?

10. Task 8 - Managing State:

Store your Terraform state in an S3 bucket with DynamoDB for locking.

A: By using backen.tf with

bucket = "rstatebuck1"

key = "rlock1"
 region = "us-east-1"

dynamodb_table = "lockfile1"

Why is state management important in Terraform?

A: State management helps in securing the state file from unauthorised deletion or changes and also
helps in sharing the file with other team members with ease.

How do you configure S3 backend for storing Terraform state?

A: Creating a bucket

Locking the bucket using dynamo table with key phrase.

How do you use DynamoDB for state locking?

A: Dynamo DB helps in preventing two simultaneous changing of the state file.

Table is created in Dyanamo DB and keyed upon using LockID and it is set
upon to bucket name.

11. Task 9 - Remote Backend:

Configure Terraform to use a remote backend with AWS.

What is the purpose of a backend in Terraform?

How do you configure a backend with an S3 bucket and DynamoDB table for

state management?

12. Task 10 - Creating a Multi-environment Setup:

Set up a Terraform workspace to manage different environments (e.g., dev,

staging, prod).

What are Terraform workspaces?

A: Workspace allows you to manage multiple environments for infrastructure resources using single
configuration—I logically divides the configuration based on environments like dev.prod.deploy
How do you create different environments using workspaces?

A: Terraform workspace new “workspace_name”

How do you switch between environments in Terraform?

A: Terraform workspace select “workspace_name”

13. Task 11 - Using Data Sources:

Use a Terraform data source to reference an existing AWS resource.

How do data sources work in Terraform?

A: Data sources the data using API or from Terraform backends

How can you use a data source to reference an existing VPC or AMI in

AWS?

A: data "aws_instance" "instancename" {

data "aws_vpc" "selected" {

14. Task 12 - Provisioning with Cloud-Init:

Use Terraform to provision an EC2 instance with Cloud-Init.

What is Cloud-Init, and how does it work with EC2?

cloud-init allows you to pass a shell script to your instance that installs or configures the
machine to your specifications.

How do you use the user_data argument in Terraform to pass a Cloud-Init

script?

15. Task 13 - Handling Sensitive Data:

Use AWS Secrets Manager with Terraform to securely store sensitive information.
How do you create secrets in AWS Secrets Manager using Terraform?

A: resource "aws_secretsmanager_secret" "name" {

How do you reference those secrets in your Terraform configurations?

A:

16. Task 14 - Security Groups and Network ACLs:

Create Security Groups and Network ACLs using Terraform.

What are Security Groups, and how do you create them in Terraform?

How do you create Network ACLs (NACLs) for controlling traffic at the

subnet level?

Bonus: Configure rules for inbound and outbound traffic in both.

17. Task 15 - S3 Lifecycle Policy:

Add a lifecycle policy to an S3 bucket to transition objects to Glacier after

30 days.

What are lifecycle policies in AWS S3?

How do you implement a lifecycle policy using Terraform?