Free Terraform Associate Exam Braindumps (page: 49)

Page 49 of 113

The Security Operations team of ABC Enterprise wants to mandate that all the Terraform configuration that creates an S3 bucket must have encryption feature enabled. What is the best way to achieve it?

  1. Use Sentinel Policies.
  2. Use S3 bucket policy.
  3. Create a script that checks the encryption parameter is enabled on every git commit.
  4. Shared a SOP to engineers to mandate encryption feature on S3.

Answer(s): A

Explanation:

Sentinel is an embedded policy-as-code framework integrated with the HashiCorp Enterprise products. It enables fine-grained, logic-based policy decisions, and can be extended to use information from external sources.
Using Sentinel with Terraform Cloud involves:
* Defining the policies - Policies are defined using the policy language with imports for parsing the Terraform plan, state and configuration.
* Managing policies for organizations - Users with permission to manage policies can add policies to their organization by configuring VCS integration or uploading policy sets through the API. They also define which workspaces the policy sets are checked against during runs. (More about permissions.)

* Enforcing policy checks on runs - Policies are checked when a run is performed, after the terraform plan but before it can be confirmed or the terraform apply is executed.
* Mocking Sentinel Terraform data - Terraform Cloud provides the ability to generate mock data for any run within a workspace. This data can be used with the Sentinel CLI to test policies before deployment.


Reference:

https://www.terraform.io/docs/cloud/sentinel/index.html



A colleague has informed you that a new version of a Terraform module that your team hosts on an Amazon S3 bucket is broken. The Amazon S3 bucket has versioning enabled. Your colleague tells you to make sure you are not using the latest version in your configuration. You have the following configuration block in your code that refers to the module:
module "infranet" { source = "s3::https://s3-us-west- 2.amazonaws.com/infrabucket/infra_module.zip"}
What is the best way to ensure that you are not using the latest version of the module?

  1. Add a module version constraint in your configuration's backend block and specify a previous version.
  2. Add a version key to the module configuration and specify a previous version.
  3. Delete the latest version of the module in S3 to rollback to the previous version.
  4. Add a version property to the module in Terraform's state file and specify a previous version.

Answer(s): C

Explanation:

Version constraints are supported only for modules installed from a module registry, such as the Terraform Registry or Terraform Cloud's private module registry. Other module sources can provide their own versioning mechanisms within the source string itself, or might not support versions at all. In particular, modules sourced from local file paths do not support version; since they're loaded from the same source repository.
Only Terraform Registries support module versioning by using the version key, one cannot configure a previous version of the module in the configuration. Deleting the latest version of the module in S3 is the only option of the available options that ensures you won't use the latest version. You could also modify the source URL to specify a versionId URL parameter for a previous version. https://www.terraform.io/docs/configuration/modules.html#source



Which of the following are string functions? Select three

  1. tostring
  2. tonumber
  3. Chomp
  4. format
  5. join

Answer(s): C,D,E

Explanation:

tonumber and tostring are Type Conversion function


Reference:

https://www.terraform.io/docs/configuration/functions.html



What kind of resource dependency is stored in terraform.tfstate file?

  1. Both implicit and explicit dependencies are stored in state file.
  2. Only explicit dependencies are stored in state file.
  3. Only implicit dependencies are stored in state file.
  4. No dependency information is stored in state file.

Answer(s): A

Explanation:

Terraform state captures all dependency information, both implicit and explicit. One purpose for state is to determine the proper order to destroy resources. When resources are created all of their dependency information is stored in the state. If you destroy a resource with dependencies, Terraform can still determine the correct destroy order for all other resources because the dependencies are stored in the state. https://www.terraform.io/docs/state/purpose.html#metadata



Page 49 of 113



Post your Comments and Discuss HashiCorp Terraform Associate exam with other Community members:

Bin Mahamood commented on November 03, 2024
terraform { required_providers { aws = { version = ">= 2.7.0" source = "hashicorp/aws" } } }
Anonymous
upvote

Nayaran commented on October 21, 2024
First and for most... this exam is extremely hard. Second this exam dump contains majority of the questions. I passed the certification exam.
UNITED STATES
upvote

Marc commented on October 21, 2024
hello would need help
UNITED STATES
upvote

Marcellus Werifah commented on October 20, 2024
Verified answers
UNITED STATES
upvote

Nathan commented on October 20, 2024
Using dumps are my last resort. And that is what I ended up using with this exam to pass. The exam is extremely difficult.
France
upvote

Marcellus Werifah commented on October 20, 2024
Who decides what is the correct in case of conflicts
UNITED STATES
upvote

Marcellus Werifah commented on October 20, 2024
Novice. Would need detailed explanation of any questions
UNITED STATES
upvote

Siva commented on June 17, 2024
It's a good platform to start preparing for the HCTA 003 exam
Anonymous
upvote

Dhiraj Bhattad commented on June 14, 2024
It's a good platform to start preparing for the HCTA 003 exam.
Anonymous
upvote

Amizhchandra commented on May 12, 2024
Good material
CHINA
upvote

Direen commented on February 16, 2024
This was a easy passsss! Scored 95%. Unbelievable! I was hesitant at first but then I saw the pass guarantee policy so I said what the hell. If I fa I will get my money back. I am glad I bought it. Saved me so much time.
United States
upvote

Satya commented on February 09, 2024
Q83:--Terraform can only manage resource dependencies if you set them explicitly with the depends_on argument. Answer is "False"
UNITED STATES
upvote

Satya commented on February 09, 2024
Q76:---Which of these options is the most secure place to store secrets foe connecting to a Terraform remote backend? Shouldn't the answer be "Defined in a connection configuration outside of Terraform"
UNITED STATES
upvote

Satya commented on February 09, 2024
Q39:---Which argument(s) is (are) required when declaring a Terraform variable? Answer should be "None of the above" as Nothing is required while declaring variable
UNITED STATES
upvote

DN commented on September 04, 2023
question 14 - run terraform import: this is the recommended best practice for bringing manually created or destroyed resources under terraform management. you use terraform import to associate an existing resource with a terraform resource configuration. this ensures that terraform is aware of the resource, and you can subsequently manage it with terraform.
Anonymous
upvote

YK commented on December 11, 2023
good one nice
JAPAN
upvote

Mn8300 commented on November 09, 2023
nice questions
Anonymous
upvote

Naka commented on January 19, 2024
Very good, many questions same as the real exam
BRAZIL
upvote

vasu commented on December 22, 2023
good for practice
INDIA
upvote

MDN commented on December 11, 2023
Good sample questions
UNITED STATES
upvote

YK commented on December 11, 2023
Good one nice
JAPAN
upvote

YK 11 commented on December 09, 2023
Good one nice
JAPAN
upvote

Mn8300 commented on November 13, 2023
Very useful
Anonymous
upvote

Mn8300 commented on November 09, 2023
Nice questions
Anonymous
upvote

mpakal commented on October 19, 2023
Good and realistic questions.
UNITED STATES
upvote

pakalamb1995@gmail.com commented on October 19, 2023
so far nice
UNITED STATES
upvote

CP commented on October 09, 2023
Let Hope for the Best
EUROPEAN UNION
upvote

DN commented on September 04, 2023
Question 14 - Run terraform import: This is the recommended best practice for bringing manually created or destroyed resources under Terraform management. You use terraform import to associate an existing resource with a Terraform resource configuration. This ensures that Terraform is aware of the resource, and you can subsequently manage it with Terraform.
Anonymous
upvote

sipho commented on August 30, 2023
i will study ans see how it goes
Anonymous
upvote

Jersey boy commented on June 25, 2023
I just paid and download my files. I will report in a week after writing my exam to see how this goes.
UNITED STATES
upvote

Yung K. commented on October 11, 2021
Thank you for this exams dumps package. From the 2 exams I purchased as part of the 50% sale I alredy passed first exam.
TAIWAN
upvote