更新された2025年03月プレミアムTerraform-Associate-003試験エンジンPDFで今すぐダウンロード!無料更新された195問あります
正真正銘のTerraform-Associate-003問題集には100%合格率練習テスト問題集
HashiCorp Terraform-Associate-003 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
質問 # 83
A terraform apply can not _________ infrastructure.
- A. change
- B. import
- C. provision
- D. destroy
正解:B
解説:
The terraform import command is used to import existing infrastructure into Terraform's state. This allows Terraform to manage and destroy the imported infrastructure as part of the configuration. The terraform import command does not modify the configuration, so the imported resources must be manually added to the configuration after the import. References = [Importing Infrastructure]
質問 # 84
Which is the best way to specify a tag of v1.0.0 when referencing a module stored in Git (for example.
Git::https://example.com/vpc.git)?
- A. Add version = "1.0.0" parameter to module block
- B. Append pref=v1.0.0 argument to the source path
- C. Nothing modules stored on GitHub always default to version 1.0.0
正解:B
解説:
Explanation
The best way to specify a tag of v1.0.0 when referencing a module stored in Git is to append ?ref=v1.0.0 argument to the source path. This tells Terraform to use a specific Git reference, such as a branch, tag, or commit, when fetching the module source code. For example, source =
"git::https://example.com/vpc.git?ref=v1.0.0". This ensures that the module version is consistent and reproducible across different environments. References = [Module Sources], [Module Versions]
質問 # 85
Which of the following statements about Terraform modules is not true?
- A. You can call the same module multiple times
- B. Modules can call other modules
- C. Modules must be publicly accessible
- D. A module is a container for one or more resources
正解:C
解説:
This is not true, as modules can be either public or private, depending on your needs and preferences. You can use the Terraform Registry to publish and consume public modules, or use Terraform Cloud or Terraform Enterprise to host and manage private modules.
質問 # 86
When should you use the force-unlock command?
- A. apply failed due to a state lock
- B. You have a high priority change
- C. Automatic unlocking failed
- D. You see a status message that you cannot acquire the lock
正解:C
解説:
You should use the force-unlock command when automatic unlocking failed. Terraform will lock your state for all operations that could write state, such as plan, apply, or destroy. This prevents others from acquiring the lock and potentially corrupting your state. State locking happens automatically on all operations that could write state and you won't see any message that it is happening. If state locking fails, Terraform will not continue. You can disable state locking for most commands with the -lock flag but it is not recommended. If acquiring the lock is taking longer than expected, Terraform will output a status message. If Terraform doesn't output a message, state locking is still occurring if your backend supports it. Terraform has a force-unlock command to manually unlock the state if unlocking failed. Be very careful with this command. If you unlock the state when someone else is holding the lock it could cause multiple writers. Force unlock should only be used to unlock your own lock in the situation where automatic unlocking failed. To protect you, the force-unlock command requires a unique lock ID. Terraform will output this lock ID if unlocking fails. This lock ID acts as a nonce, ensuring that locks and unlocks target the correct lock. The other situations are not valid reasons to use the force-unlock command. You should not use the force-unlock command if you have a high priority change, if apply failed due to a state lock, or if you see a status message that you cannot acquire the lock. These situations indicate that someone else is holding the lock and you should wait for them to finish their operation or contact them to resolve the issue. Using the force-unlock command in these cases could result in data loss or inconsistency. Reference = [State Locking], [Command: force-unlock]
質問 # 87
A provider configuration block is required in every Terraform configuration.
Example:
- A. False
- B. True
正解:A
解説:
A provider configuration block is not required in every Terraform configuration. A provider configuration block can be omitted if its contents would otherwise be empty. Terraform assumes an empty default configuration for any provider that is not explicitly configured. However, some providers may require some configuration arguments (such as endpoint URLs or cloud regions) before they can be used. A provider's documentation should list which configuration arguments it expects. For providers distributed on the Terraform Registry, versioned documentation is available on each provider's page, via the "Documentation" link in the provider's header1. Reference = [Provider Configuration]1
質問 # 88
What value does the Terraform Cloud private registry provide over the public Terraform Module Registry?
- A. The ability to restrict modules to members of Terraform Cloud or Enterprise organizations
- B. The ability to share modules publicly with any user of Terraform
- C. The ability to tag modules by version or release
- D. The ability to share modules with public Terraform users and members of Terraform Cloud Organizations
正解:A
解説:
The Terraform Cloud private registry provides the ability to restrict modules to members of Terraform Cloud or Enterprise organizations. This allows you to share modules within your organization without exposing them to the public. The private registry also supports importing modules from your private VCS repositories. The public Terraform Module Registry, on the other hand, publishes modules from public Git repositories and makes them available to any user of Terraform. References = : Private Registry - Terraform Cloud : Terraform Registry - Provider Documentation
質問 # 89
How do you specify a module's version when publishing it to the public terraform Module Registry?
- A. Configuration it in the module's Terraform code
- B. Mention it on the module's configuration page on the Terraform Module Registry
- C. The Terraform Module Registry does not support versioning modules
- D. Tag a release in the associated repo
正解:D
解説:
This is how you specify a module's version when publishing it to the public Terraform Module Registry, as it uses the tags from your version control system (such as GitHub or GitLab) to identify module versions. You need to use semantic versioning for your tags, such as v1.0.0.
質問 # 90
Which method for sharing Terraform modules fulfills the following criteria:
Keeps the module configurations confidential within your organization.
Supports Terraform's semantic version constraints.
Provides a browsable directory of your modules.
- A. A Git repository containing your modules.
- B. A subfolder within your workspace.
- C. Public Terraform module registry.
- D. HCP Terraform/Terraform Cloud private registry.
正解:D
解説:
Confidentiality: Using HCP Terraform/Terraform Cloud's private registry keeps the module configurations within your organization, ensuring privacy and access control.
Browsable Directory: The private registry offers a user interface to browse modules, making it easy for users within the organization to locate and manage modules.
This setup aligns with HashiCorp's design for private registry support in Terraform, meeting all listed requirements for secure, version-controlled, and searchable module storage.
質問 # 91
You used Terraform to create an ephemeral development environment in the cloud and are now ready to destroy all the infrastructure described by your Terraform configuration. To be safe, you would like to first see all the infrastructure that Terraform will delete.
Which command should you use to show all the resources that will be deleted? (Pick the 2 correct responses)
- A. Run terraform destroy. This will output all the resources that will be deleted before prompting for approval.
- B. Run terraform show -destroy.
- C. Run terraform state rm *.
正解:A、B
解説:
Running terraform destroy will show all resources that will be deleted before prompting for approval. You can also run terraform plan -destroy to simulate the destruction without actually applying it, which is useful for reviewing the planned changes.
References:
Terraform Destroy
質問 # 92
Terraform variable names are saved in the state file.
- A. False
- B. True
正解:A
解説:
Terraform variable names are not saved in the state file, only their values are. The state file only stores the attributes of the resources and data sources that are managed by Terraform, not the variables that are used to configure them.
質問 # 93
While attempting to deploy resources into your cloud provider using Terraform, you begin to see some odd behavior and experience slow responses. In order to troubleshoot you decide to turn on Terraform debugging. Which environment variables must be configured to make Terraform's logging more verbose?
- A. TF_VAR_log_level
- B. TF_LOG
- C. TF_LOG_PAIH
- D. TF_VAR_log_path
正解:B
解説:
To make Terraform's logging more verbose for troubleshooting purposes, you must configure the TF_LOG environment variable. This variable controls the level of logging and can be set to TRACE, DEBUG, INFO, WARN, or ERROR, with TRACE providing the most verbose output.References = Detailed debugging instructions and the use of environment variables like TF_LOG for increasing verbosity are part of Terraform's standard debugging practices
質問 # 94
Which are forbidden actions when the terraform state file is locked? Choose three correct answers.
- A. Terraform state list
- B. Terraform apply
- C. Terraform validate
- D. Terraform for
- E. Terraform destroy
- F. Terraform validate
正解:B、C、E
解説:
The terraform state file is locked when a Terraform operation that could write state is in progress. This prevents concurrent state operations that could corrupt the state. The forbidden actions when the state file is locked are those that could write state, such as terraform apply, terraform destroy, terraform refresh, terraform taint, terraform untaint, terraform import, and terraform state *. The terraform validate command is also forbidden, because it requires an initialized working directory with the state file. The allowed actions when the state file is locked are those that only read state, such as terraform plan, terraform show, terraform output, and terraform console.
References = [State Locking] and [Command: validate]
質問 # 95
Any user can publish modules to the public Terraform Module Registry.
- A. True
- B. False
正解:A
解説:
The Terraform Registry allows any user to publish and share modules. Published modules support versioning, automatically generate documentation, allow browsing version histories, show examples and READMEs, and more. Public modules are managed via Git and GitHub, and publishing a module takes only a few minutes. Once a module is published, releasing a new version of a module is as simple as pushing a properly formed Git tag1.
References = The information can be verified from the Terraform Registry documentation on Publishing Modules provided by HashiCorp Developer1.
質問 # 96
When should you run terraform init?
- A. Every time you run terraform apply
- B. Before you start coding a new Terraform project
- C. After you start coding a new terraform project and before you run terraform plan for the first time.
- D. After you run terraform plan for the time in a new terraform project and before you run terraform apply
正解:C
解説:
You should run terraform init after you start coding a new Terraform project and before you run terraform plan for the first time. This command will initialize the working directory by downloading the required providers and modules, creating the initial state file, and performing other necessary tasks. Reference = : Initialize a Terraform Project
質問 # 97
Which of the following is not a key principle of infrastructure as code?
- A. Versioned infrastructure
- B. Idempotence
- C. Golden images
- D. Self-describing infrastructure
正解:C
解説:
The key principle of infrastructure as code that is not listed among the options is golden images. Golden images are pre-configured, ready-to-use virtual machine images that contain a specific set of software and configuration. They are often used to create multiple identical instances of the same environment, such as for testing or production. However, golden images are not a principle of infrastructure as code, but rather a technique that can be used with or without infrastructure as code. The other options are all key principles of infrastructure as code, as explained below:
* Self-describing infrastructure: This means that the infrastructure is defined in code that describes its desired state, rather than in scripts that describe the steps to create it. This makes the infrastructure easier to understand, maintain, and reproduce.
* Idempotence: This means that applying the same infrastructure code multiple times will always result in the same state, regardless of the initial state. This makes the infrastructure consistent and predictable, and avoids errors or conflicts caused by repeated actions.
* Versioned infrastructure: This means that the infrastructure code is stored in a version control system, such as Git, that tracks the changes and history of the code. This makes the infrastructure code reusable, auditable, and collaborative, and enables practices such as branching, merging, and rollback. References
= [Introduction to Infrastructure as Code with Terraform], [Infrastructure as Code in a Private or Public Cloud]
質問 # 98
You have used Terraform lo create an ephemeral development environment in the (loud and are now ready to destroy all the Infrastructure described by your Terraform configuration To be safe, you would like to first see all the infrastructure that Terraform will delete.
Which command should you use to show all of the resources that mil be deleted? Choose two correct answers.
- A. Run terraform plan .destory
- B. Run terraform show :destroy
- C. Run terraform destroy and it will first output all the resource that will be deleted before prompting for approval
- D. Run terraform state rm '
正解:A、C
解説:
To see all the resources that Terraform will delete, you can use either of these two commands:
terraform destroy will show the plan of destruction and ask for your confirmation before proceeding. You can cancel the command if you do not want to destroy the resources.
terraform plan -destroy will show the plan of destruction without asking for confirmation. You can use this command to review the changes before running terraform destroy.
References = : Destroy Infrastructure : Plan Command: Options
質問 # 99
What is terraform refresh-only intended to detect?
- A. State file drift
- B. Corrupt state files
- C. Terraform configuration code changes
- D. Empty state files
正解:A
解説:
The terraform refresh-only command is intended to detect state file drift. This command synchronizes the state file with the actual infrastructure, updating the state to reflect any changes that have occurred outside of Terraform.
質問 # 100
Which backend does the Terraform CU use by default?
- A. HTTP
- B. Remote
- C. Local
- D. Terraform Cloud
- E. Depends on the cloud provider configured
正解:C
解説:
This is the backend that the Terraform CLI uses by default, unless you specify a different backend in your configuration. The local backend stores the state file in a local file named terraform.tfstate, which can be used to track and manage the state of your infrastructure.
質問 # 101
How would you reference the "name'' value of the second instance of this resource?
- A. aws_instance-web(1)
- B. element(aws_instance.web, 2)
- C. Aws_instance,web,* , name
- D. aws_instance_web(1),name
- E. aws_instance.web(2),name
正解:D
解説:
In Terraform, when you use the count meta-argument, you can reference individual instances using an index. The indexing starts at 0, so to reference the "name" value of the second instance, you would use aws_instance.web[1].name. This syntax allows you to access the properties of specific instances in a list generated by the count argument.
References:
Terraform documentation on count and accessing resource instances: Terraform Count
質問 # 102
......
検証済み!合格できるTerraform-Associate-003試験一発合格保証付き:https://www.goshiken.com/HashiCorp/Terraform-Associate-003-mondaishu.html
HashiCorp Terraform-Associate-003リアル試験問題保証付き 更新された問題集にはGoShiken:https://drive.google.com/open?id=17jqKvpsm-w1ncKaevnvyXxKWTppERvDc