Infrastructure as Code Tool Proficiency (Terraform/CloudFormation/Ansible) Questions
Deep proficiency in at least one IaC tool. For Terraform: understand resources, data sources, variables, outputs, local values, modules, state management, state locking, backend configuration (S3, Terraform Cloud), and best practices (remote state, sensitive variables, module organization). For CloudFormation: understand templates (YAML/JSON), stacks, parameters, conditions, mappings, resources, outputs, and intrinsic functions. For Ansible: understand playbooks, roles, inventory, variables, handlers, and idempotency. Write reusable, maintainable code: modules for Terraform, roles for Ansible. Understand code organization, naming conventions, and team collaboration practices.
EasyTechnical
45 practiced
Explain the role and purpose of the Terraform state file in a team environment. Describe what information the state contains (resource IDs, metadata, dependencies), why remote state storage is recommended for collaboration, how state locking prevents race conditions, and enumerate the problems that occur when state is not shared or locked (drift, duplicate resources, merge conflicts).
MediumTechnical
26 practiced
How do you prevent sensitive data such as API keys or database passwords from being leaked into Terraform state or plan output? Discuss using the 'sensitive' attribute on variables/outputs, state encryption at rest, avoiding interpolation of secrets in outputs, and integrating with external secrets managers like HashiCorp Vault or AWS SSM Parameter Store without placing secrets in cleartext in state.
MediumTechnical
26 practiced
Write a reusable Terraform module in HCL that provisions an AWS S3 bucket with optional versioning and server-side encryption, plus a lifecycle rule to remove noncurrent versions after 30 days. The module should accept variables: name_prefix (string), tags (map), enable_versioning (bool). It should output bucket_arn and bucket_id. Provide the core snippets for main.tf, variables.tf, and outputs.tf and explain your design choices for reusability and safety.
EasyTechnical
25 practiced
What are Terraform modules and why should teams use them? Describe a recommended module structure (for example main.tf, variables.tf, outputs.tf, README.md), versioning best practices, publishing to private registries, and general guidelines for input/output design and avoiding hard-coded values to make modules reusable and maintainable.
MediumSystem Design
31 practiced
Design a CI/CD pipeline for managing Terraform changes (you may assume Jenkins or GitHub Actions). The pipeline should run terraform fmt/validate/plan on pull requests, post the plan to the PR, and perform terraform apply only after merge to main with manual approval for production. Include how to manage credentials, prevent concurrent applies, and where to insert policy checks.
Unlock Full Question Bank
Get access to hundreds of Infrastructure as Code Tool Proficiency (Terraform/CloudFormation/Ansible) interview questions and detailed answers.
