InterviewStack.io LogoInterviewStack.io

Infrastructure as Code Tool Proficiency (Terraform/CloudFormation/Ansible) Questions

Deep proficiency in at least one IaC tool. For Terraform: understand resources, data sources, variables, outputs, local values, modules, state management, state locking, backend configuration (S3, Terraform Cloud), and best practices (remote state, sensitive variables, module organization). For CloudFormation: understand templates (YAML/JSON), stacks, parameters, conditions, mappings, resources, outputs, and intrinsic functions. For Ansible: understand playbooks, roles, inventory, variables, handlers, and idempotency. Write reusable, maintainable code: modules for Terraform, roles for Ansible. Understand code organization, naming conventions, and team collaboration practices.

MediumTechnical
29 practiced
Design a CloudFormation layout that uses nested stacks for VPC, networking, and application layers. Provide an example resource snippet showing how to reference an output from a nested VPC stack (e.g., SubnetIds) in the parent or child stack.
MediumTechnical
25 practiced
Compare the pros and cons of plaintext variables, environment variables, HashiCorp Vault, AWS Secrets Manager, and SSM Parameter Store when used with IaC workflows. For an SRE team, recommend an approach for centrally managing short-lived credentials and secret rotation.
HardTechnical
30 practiced
Design a secure cross-account access model that allows CI/CD runners in a central AWS account to run Terraform to manage resources in multiple target accounts. Cover IAM roles, assume-role patterns, STS usage, remote backend placement per account, credential scoping, and auditability.
HardTechnical
28 practiced
Design a Terraform pattern (conceptual plus HCL snippets) to provision ephemeral preview environments per pull request: create an isolated VPC, deploy app services, expose a temporary URL, and automatically destroy the environment after merge. Describe module interface, state isolation strategy, cost controls (quotas/TTL), and garbage collection approach.
MediumTechnical
41 practiced
Design a dynamic Ansible inventory plugin that pulls hosts from an internal service-discovery API. Describe authentication, caching (TTL), failure modes, and scaling considerations when the discovery API returns thousands of hosts.

Unlock Full Question Bank

Get access to hundreds of Infrastructure as Code Tool Proficiency (Terraform/CloudFormation/Ansible) interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.