Terraform Associate Exam Cram - Part 1

This is the Part 1 of the Terraform Associate 004 Exam Cram. It covers the following Terraform Associate Certification exam objectives:

< Prev: Introduction
Next >: Objective 2 - Terraform fundamentals

Infrastructure as Code

• Definition:
  • Infrastructure as Code (IaC) allows to manage and provision infrastructure (networks, servers, databases, etc.) through human-readable configuration files rather than manual processes (UI or CLI) and treats infrastructure like application code: versioned, tested, repeatable, and automatable.
• Approaches:
  • Declarative (what you want) → You define what the infrastructure should look like. IaC tools, like Terraform, figure out how build it.
  • Imperative (how to do it) → You manually specify how to build infra step by step using scripts or CLI.
• Core principle: Desired state is defined in code → IaC tools reconcile real infrastructure with this desired state.
  • Desired state → what you define in code.
  • Current state → what exists in the environment.

What is Terraform?

HashiCorp Terraform is an infrastructure as code tool that lets you define both cloud and on-prem resources in human-readable configuration files that you can version, reuse, and share.

Terraform creates and manages resources through plug-ins, called providers. Providers enable Terraform to work with virtually any platform or service manageable though API. HashiCorp and the Terraform community have already written thousands of providers to manage many different types of resources and services. You can find all publicly available providers on the Terraform Registry, including Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Kubernetes, Helm, GitHub, Splunk, DataDog, and many more.

Terraform configuration files are declarative, meaning that they describe the end state of your infrastructure. Terraform handles all interactions and underlying logic necessary to create the resources. It builds a resource graph to determine resource dependencies and creates or modifies non-dependent resources in parallel.

Terraform supports reusable configuration components called modules that define configurable collections of infrastructure. You can use publicly available modules from the Terraform Registry, or write your own.

Since your configuration is written in a file, you can commit it to a Version Control System (VCS) and use HCP Terraform to efficiently manage Terraform workflows across teams. HCP Terraform runs Terraform in a consistent, reliable environment and provides secure access to shared state and secret data, role-based access controls, a private registry for sharing both modules and providers, and more.

Back to Top

Benefits of IaC:

• Consistency & Repeatability & Idempotence: Same configuration produces identical infrastructure across environments; ensures reproducibility.
• Drift Detection: Identify and prevent infrastructure changes made outside of configuration code.
• Version Control & Auditability: Store configs in Git or other VCS; track history, enable rollback, and support peer review.
• Automation & Scalability: Deploy infrastructure faster, at scale; reduce manual steps and human error; enable CI/CD integration.
• Self-describing infrastructure: The code itself provides comprehensive information about the infrastructure’s current state, enhancing maintainability and understanding.
• Collaboration: Shared codebase supports teamwork across development and operations.
• Scalability & Reusability: Modular configs can be reused across projects and environments.
• Testability & Validation: Validate infrastructure configs like application code before deployment.
• Governance & Compliance: Enforce policies and standards programmatically.
• Cost Control: Create and destroy infrastructure on demand for optimized resource usage.

Back to Top

Terraform is an infrastructure as code (IaC) tool that lets you define and manage infrastructure resources through declarative, human-readable configuration files. You can manage infrastructure that spans multiple clouds, on-prem, and SaaS - all from unified configurations.

• Provider-agnostic:
  • Plugin-Based Architecture works with many platform and infrastructure providers.
  • Utilizes same configuration language and unified workflow for management of different infra resources and cloud platforms.
• Multi-cloud:
  • Allows to manage different clouds in one config without cloud vendor lock-in.
  • Consolidates management and orchestration for large-scale, multi-cloud infrastructures.
  • Supports hybrid infra (cloud + on-prem + SaaS).

Comparing Terraform to Other IaC Tools

• Terraform vs Cloud-native Tools (e.g., AWS CloudFormation, Azure ARM, GCP Deployment Manager):
  • Cloud-native tools → vendor-specific & single-cloud only.
  • Terraform → Multi-cloud and provider-agnostic.
  • Terraform supports composable modules and standard syntax across clouds.
• Terraform vs Configuration Management Tools (Ansible, Chef, Puppet, Salt):
  • Terraform → Focuses on infra provisioning (VMs, networks, load balancers, storage, SaaS).
  • Config management → Focuses on OS/software configuration inside servers.
  • They can complement each other: Terraform builds infra, config management tool configures it.

Advantages of Terraform

• Multi-cloud support with a single workflow.
• Standardized language → human-readable and consistent.
• Infrastructure version control with version control systems (VCS).
• Reusability via modules.
• Extensibility with custom providers.
• Idempotency - same config applied multiple times leads to same result.

Back to Top

Back to Top

< Prev: Introduction
Next >: Objective 2 - Terraform fundamentals