
[Sep-2021] Verified HashiCorp Exam Dumps with TA-002-P Exam Study Guide
Best Quality HashiCorp TA-002-P Exam Questions BraindumpQuiz Realistic Practice Exams [2021]
NEW QUESTION 15
Matt wants to import a manually created EC2 instance into terraform so that he can manage the EC2 instance through terraform going forward. He has written the configuration file of the EC2 instance before importing it to Terraform. Following is the code:
resource "aws_instance" "matt_ec2" { ami = "ami-bg2640de" instance_type = "t2.micro" vpc_security_group_ids = ["sg-6ae7d613", "sg-53370035"] key_name = "mysecret" subnet_id =
"subnet-9e3cfbc5" }
The instance id of that EC2 instance is i-0260835eb7e9bd40 How he can import data of EC2 to state file?
- A. terraform import aws_instance.i-0260835eb7e9bd40
- B. terraform import i-0260835eb7e9bd40
- C. terraform import aws_instance.id = i-0260835eb7e9bd40
- D. terraform import aws_instance.matt_ec2 i-0260835eb7e9bd40
Answer: D
Explanation:
Explanation
https://www.terraform.io/docs/import/usage.html
NEW QUESTION 16
Anyone can publish and share modules on the Terraform Public Module Registry, and meeting the requirements for publishing a module is extremely easy. Select from the following list all valid requirements.
(select three)
- A. The module must be PCI/HIPPA compliant.
- B. The module must be on GitHub and must be a public repo.
- C. The registry uses tags to identify module versions.
- D. Module repositories must use this three-part name format, terraform-- .
- E. Release tag names must be for the format x.y.z, and can optionally be prefixed with a v .
Answer: B,C,E
Explanation:
Explanation
https://www.terraform.io/docs/registry/modules/publish.html#requirements
NEW QUESTION 17
In the example below, the depends_on argument creates what type of dependency?
- A. internal dependency
- B. explicit dependency
- C. implicit dependency
- D. non-dependency resource
Answer: D
NEW QUESTION 18
Which one of the following will run echo 0 and echo 1 on a newly created host?
- A. provisioner "remote-exec" {
command = "${echo 0}"
command = "${echo 1}"
} - B. provisioner "remote-exec" {
inline = [
echo 0,
echo 1
]
} - C. provisioner "remote-exec" {
inline = [
"echo 0",
"echo 1"
]
} - D. provisioner "local-exec" { command = "echo 0"
command = "echo 1"
}
Answer: C
Explanation:
remote-exec Provisioner
Example usage
resource "aws_instance" "web" {
# ...
provisioner "remote-exec" {
inline = [
"puppet apply",
"consul join ${aws_instance.web.private_ip}",
]
}
}
NEW QUESTION 19
Named workspaces are not a suitable isolation mechanism for strong separation between staging and production?
- A. True
- B. False
Answer: A
Explanation:
Organizations commonly want to create a strong separation between multiple deployments of the same infrastructure serving different development stages (e.g. staging vs. production) or different internal teams. In this case, the backend used for each deployment often belongs to that deployment, with different credentials and access controls. Named workspaces are not a suitable isolation mechanism for this scenario.
https://www.terraform.io/docs/state/workspaces.html#when-to-use-multiple-workspaces
NEW QUESTION 20
Your organization has moved to AWS and has manually deployed infrastructure using the console. Recently, a decision has been made to standardize on Terraform for all deployments moving forward.
What can you do to ensure that all existing is managed by Terraform moving forward without interruption to existing services?
- A. Delete the existing resources and recreate them using new a Terraform configuration so Terraform can manage them moving forward.
- B. Submit a ticket to AWS and ask them to export the state of all existing resources and use terraform import to import them into the state file.
- C. Resources that are manually deployed in the AWS console cannot be imported by Terraform.
- D. Using terraform import, import the existing infrastructure into your Terraform state.
Answer: D
Explanation:
Explanation
Terraform is able to import existing infrastructure. This allows us take resources we've created by some other means (i.e. via console) and bring it under Terraform management.
This is a great way to slowly transition infrastructure to Terraform.
The terraform import command is used to import existing infrastructure.
To import a resource, first write a resource block for it in our configuration, establishing the name by which it will be known to Terraform.
Example:
resource "aws_instance" "import_example" {
# ...instance configuration...
}
Now terraform import can be run to attach an existing instance to this resource configuration.
$ terraform import aws_instance.import_example i-03efafa258104165f
aws_instance.import_example: Importing from ID "i-03efafa258104165f"...
aws_instance.import_example: Import complete!
Imported aws_instance (ID: i-03efafa258104165f)
aws_instance.import_example: Refreshing state... (ID: i-03efafa258104165f) Import successful!
The resources that were imported are shown above. These resources are now in your Terraform state and will henceforth be managed by Terraform.
This command locates the AWS instance with ID i-03efafa258104165f (which has been created outside Terraform) and attaches its existing settings, as described by the EC2 API, to the name aws_instance.import_example in the Terraform state.
NEW QUESTION 21
Which of the following is the right substitute for static values that can make Terraform configuration file more dynamic and reusable?
- A. Input parameters
- B. Output value
- C. Functions
- D. Modules
Answer: A
Explanation:
Input variables serve as parameters for a Terraform module, allowing aspects of the module to be customized without altering the module's own source code, and allowing modules to be shared between different configurations.
NEW QUESTION 22
Select the most accurate statement to describe the Terraform language from the following list.
- A. Terraform is a mutable, declarative, Infrastructure as Code configuration management language based on Hashicorp Configuration Language, or optionally JSON.
- B. Terraform is a mutable, procedural, Infrastructure as Code provisioning language based on Hashicorp Configuration Language, or optionally YAML.
- C. Terraform is an immutable, declarative, Infrastructure as Code provisioning language based on Hashicorp Configuration Language, or optionally JSON.
- D. Terraform is an immutable, procedural, Infrastructure as Code configuration management language based on Hashicorp Configuration Language, or optionally JSON.
Answer: C
Explanation:
Terraform is not a configuration management tool - https://www.terraform.io/intro/vs/chefpuppet.html Terraform is a declarative language - https://www.terraform.io/docs/configuration/index.html Terraform supports a syntax that is JSON compatible - https://www.terraform.io/docs/configuration/syntax-json.html Terraform is primarily designed on immutable infrastructure principles - https://www.hashicorp.com/resources/what-is-mutable-vs-immutable-infrastructure
NEW QUESTION 23
Terraform validate reports syntax check errors from which of the following scenarios?
- A. There is missing value for a variable
- B. The state files does not match the current infrastructure
- C. Code contains tabs indentation instead of spaces
- D. None of the above
Answer: A
NEW QUESTION 24
After executing a terraform apply, you notice that a resource has a tilde (~) next to it. What does this infer?
- A. The resource will be created.
- B. Terraform can't determine how to proceed due to a problem with the state file.
- C. The resource will be updated in place.
- D. The resource will be destroyed and recreated.
Answer: C
Explanation:
The prefix -/+ means that Terraform will destroy and recreate the resource, rather than updating it in-place.
The prefix ~ means that some attributes and resources can be updated in-place.
$ terraform apply
aws_instance.example: Refreshing state... [id=i-0bbf06244e44211d1]
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement
Terraform will perform the following actions:
# aws_instance.example must be replaced
-/+ resource "aws_instance" "example" {
~ ami = "ami-2757f631" -> "ami-b374d5a5" # forces replacement
~ arn = "arn:aws:ec2:us-east-1:130490850807:instance/i-0bbf06244e44211d1" -> (known after apply)
~ associate_public_ip_address = true -> (known after apply)
~ availability_zone = "us-east-1c" -> (known after apply)
~ cpu_core_count = 1 -> (known after apply)
~ cpu_threads_per_core = 1 -> (known after apply)
- disable_api_termination = false -> null
- ebs_optimized = false -> null
get_password_data = false
+ host_id = (known after apply)
~ id = "i-0bbf06244e44211d1" -> (known after apply)
~ instance_state = "running" -> (known after apply)
instance_type = "t2.micro"
~ ipv6_address_count = 0 -> (known after apply)
~ ipv6_addresses = [] -> (known after apply)
+ key_name = (known after apply)
- monitoring = false -> null
+ network_interface_id = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
~ primary_network_interface_id = "eni-0f1ce5bdae258b015" -> (known after apply)
~ private_dns = "ip-172-31-61-141.ec2.internal" -> (known after apply)
~ private_ip = "172.31.61.141" -> (known after apply)
~ public_dns = "ec2-54-166-19-244.compute-1.amazonaws.com" -> (known after apply)
~ public_ip = "54.166.19.244" -> (known after apply)
~ security_groups = [
- "default",
] -> (known after apply)
source_dest_check = true
~ subnet_id = "subnet-1facdf35" -> (known after apply)
~ tenancy = "default" -> (known after apply)
~ volume_tags = {} -> (known after apply)
~ vpc_security_group_ids = [
- "sg-5255f429",
] -> (known after apply)
- credit_specification {
- cpu_credits = "standard" -> null
}
+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ snapshot_id = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}
+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_interface_id = (known after apply)
}
~ root_block_device {
~ delete_on_termination = true -> (known after apply)
~ iops = 100 -> (known after apply)
~ volume_id = "vol-0079e485d9e28a8e5" -> (known after apply)
~ volume_size = 8 -> (known after apply)
~ volume_type = "gp2" -> (known after apply)
}
}
Plan: 1 to add, 0 to change, 1 to destroy.
NEW QUESTION 25
Which of the following clouds does not have a provider maintained HashiCorp?
- A. DigitalOcean
- B. OpenStack
- C. AWS
- D. IBM Cloud
Answer: D
Explanation:
IBM Cloud does not have a provider maintained by HashiCorp, although IBM Cloud does maintain their own Terraform provider.
https://www.terraform.io/docs/providers/index.html
NEW QUESTION 26
In Terraform Enterprise, a workspace can be mapped to how many VCS repos?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: C
Explanation:
A workspace can only be configured to a single VCS repo, however, multiple workspaces can use the same repo.
https://www.terraform.io/docs/cloud/workspaces/vcs.html
NEW QUESTION 27
How is the Terraform remote backend different than other state backends such as S3, Consul, etc.?
- A. It is only available to paying customers
- B. All of the above
- C. It can execute Terraform runs on dedicated infrastructure on premises or in Terraform Cloud
- D. It doesn't show the output of a terraform apply locally
Answer: C
Explanation:
If you and your team are using Terraform to manage meaningful infrastructure, we recommend using the remote backend with Terraform Cloud or Terraform Enterprise.
Reference: https://www.terraform.io/docs/language/settings/backends/index.html
NEW QUESTION 28
Refer to the below code where developer is outputting the value of the database password but has used sensitive parameter to hide the output value in the CLI.
output "db_password" { value = aws_db_instance.db.password description = "The password for logging in to the database." sensitive = true} Since sensitive is set to true, the value associated with db password will not be present in state file as plain-text?
- A. False
- B. True
Answer: A
Explanation:
Explanation
Sensitive output values are still recorded in the state, and so will be visible to anyone who is able to access the state data.
NEW QUESTION 29
Given the below resource configuration -
resource "aws_instance" "web" { # ... count = 4 }
What does the terraform resource address aws_instance.web refer to?
- A. It refers to all 4 web instances , together , for further individual segregation , indexing is required , with a 0 based index.
- B. It refers to the last web EC2 instance , as by default , if no index is provided , the last / N-1 index is used.
- C. It refers to the first web EC2 instance out of the 4 ,as by default , if no index is provided , the first / 0th index is used.
- D. The above will result in a syntax error , as it is not syntactically correct . Resources defined using count , can only be referenced using indexes.
Answer: A
Explanation:
Explanation
A Resource Address is a string that references a specific resource in a larger infrastructure. An address is made up of two parts:
[module path][resource spec]
Module path:
A module path addresses a module within the tree of modules. It takes the form:
module.A.module.B.module.C...
Multiple modules in a path indicate nesting. If a module path is specified without a resource spec, the address applies to every resource within the module. If the module path is omitted, this addresses the root module.
Given a Terraform config that includes:
resource "aws_instance" "web" {
# ...
count = 4
}
An address like this:
aws_instance.web[3]
Refers to only the last instance in the config, and an address like this:
aws_instance.web
Refers to all four "web" instances.
https://www.terraform.io/docs/internals/resource-addressing.html
NEW QUESTION 30
Which of the following challenges would Terraform be a candidate for solving? (Select THREE)
- A. Enable self-service infrastructure to allocate resources on your proprietary private cloud.
- B. Reduce the number of workflows needed for managing infrastructure across each of the companies public and private clouds.
- C. Utilize a single tool for all of the infrastructure and configuration management needs.
- D. Have a single interoperable tool to manage the variety of services including GitHub repositories, MySQL database, and Kubernetes clusters.
Answer: A,B,D
NEW QUESTION 31
When running the command terraform taint against a managed resource you want to force recreation upon, Terraform will immediately destroy and recreate the resource.
- A. False
- B. True
Answer: A
NEW QUESTION 32
Environment variables can be used to set variables. The environment variables must be in the format "____"_<variablename>. Select the correct prefix string from the following list.
- A. TF_CLI_ARGS
- B. TF_VAR
- C. TF_VAR_
- D. TF_VAR_ENV
Answer: C
Explanation:
Environment variables can be used to set variables. The environment variables must be in the format TF_VAR_name and this will be checked last for a value. For example:
export TF_VAR_region=us-west-1
export TF_VAR_ami=ami-049d8641
export TF_VAR_alist='[1,2,3]'
export TF_VAR_amap='{ foo = "bar", baz = "qux" }'
https://www.terraform.io/docs/commands/environment-variables.html
NEW QUESTION 33
During a terraform plan, a resource is successfully created but eventually fails during provisioning. What happens to the resource?
- A. it is automatically deleted
- B. Terraform attempts to provision the resource up to three times before exiting with an error
- C. the terraform plan is rolled back and all provisioned resources are removed
- D. the resource is marked as tainted
Answer: D
Explanation:
Explanation
If a resource successfully creates but fails during provisioning, Terraform will error and mark the resource as "tainted". A resource that is tainted has been physically created, but can't be considered safe to use since provisioning failed. Terraform also does not automatically roll back and destroy the resource during the apply when the failure happens, because that would go against the execution plan: the execution plan would've said a resource will be created, but does not say it will ever be deleted.
NEW QUESTION 34
You wanted to destroy some of the dependent resources from real infrastructure. You choose to delete those resources from your configuration file and run terraform plan and then apply. Which of the following way your resources would be destroyed?
- A. Those would be destroyed in the order in which they were written in the configuration file previously before you have deleted them from configuration file.
- B. You can not destroy resources by deleting them from configuration file and running plan and apply.
- C. The resource will be destructed in random order as you have already deleted them from configuration.
- D. Terraform can still determine the correct order for destruction from the state even when you delete one or more items from the configuration.
Answer: D
Explanation:
Explanation
Terraform typically uses the configuration to determine dependency order. However, when you delete a resource from a Terraform configuration, Terraform must know how to delete that resource. Terraform can see that a mapping exists for a resource not in your configuration and plan to destroy. However, since the configuration no longer exists, the order cannot be determined from the configuration alone.
To ensure correct operation, Terraform retains a copy of the most recent set of dependencies within the state.
Now Terraform can still determine the correct order for destruction from the state when you delete one or more items from the configuration.
NEW QUESTION 35
What value does the Terraform Cloud/Terraform Enterprise private module registry provide over the public Terraform Module Registry?
- A. The ability to restrict modules to members of Terraform Cloud or Enterprise organizations
- B. The ability to share modules with public Terraform users and members of Terraform Enterprise Organizations
- C. The ability to tag modules by version or release
- D. The ability to share modules publicly with any user of Terraform
Answer: D
Explanation:
Explanation
Terraform Registry is an index of modules shared publicly using this protocol. This public registry is the easiest way to get started with Terraform and find modules created by others in the community.
Reference: https://www.terraform.io/docs/language/modules/sources.html
NEW QUESTION 36
What are some of the problems of how infrastructure was traditionally managed before Infrastructure as Code?
(select three)
- A. Requests for infrastructure or hardware required a ticket, increasing the time required to deploy applications
- B. Traditionally managed infrastructure can't keep up with cyclic or elastic applications
- C. Traditional deployment methods are not able to meet the demands of the modern business where resources tend to live days to weeks, rather than months to years
- D. Pointing and clicking in a management console is a scalable approach and reduces human error as businesses are moving to a multi-cloud deployment model
Answer: A,B,C
Explanation:
Explanation
Businesses are making a transition where traditionally-managed infrastructure can no longer meet the demands of today's businesses. IT organizations are quickly adopting the public cloud, which is predominantly API-driven. To meet customer demands and save costs, application teams are architecting their applications to support a much higher level of elasticity, supporting technology like containers and public cloud resources.
These resources may only live for a matter of hours; therefore the traditional method of raising a ticket to request resources is no longer a viable option Pointing and clicking in a management console is NOT scale and increases the change of human error.
NEW QUESTION 37
A user has created a module called "my_test_module" and committed it to GitHub. Over time, several commits have been made with updates to the module, each tagged in GitHub with an incremental version number. Which of the following lines would be required in a module configuration block in terraform to select tagged version v1.0.4?
- A. source = "git::https://example.com/my_test_module.git#tag=v1.0.4"
- B. source = "git::https://example.com/my_test_module.git?ref=v1.0.4"
Explanation
https://www.terraform.io/docs/modules/sources.html#selecting-a-revision - C. source = "git::https://example.com/my_test_module.git@tag=v1.0.4"
- D. source = "git::https://example.com/my_test_module.git&ref=v1.0.4"
Answer: B
NEW QUESTION 38
......
Authentic Best resources for TA-002-P: https://www.braindumpquiz.com/TA-002-P-exam-material.html
TA-002-P Test Engine Practice Exam: https://drive.google.com/open?id=1gSbhL3bYvk_UpnY0NgUx28Sk-A3fQrrD