HashiCorp Certified: Terraform Associate (003) (HCTA0-003)
Last Update Oct 6, 2025
Total Questions : 248
We are offering FREE Terraform-Associate-003 HashiCorp exam questions. All you do is to just go and sign up. Give your details, prepare Terraform-Associate-003 free exam questions and then go for complete pool of HashiCorp Certified: Terraform Associate (003) (HCTA0-003) test questions that will help you more.
Which of the following can you do with terraform plan? (Pick 2 correct responses)
Which of these are benefits of using Sentinel with HCP Terraform/Terraform Cloud? (Pick the 3 correct responses)
Your risk management organization requires that new AWS S3 buckets must be private and encrypted at rest. How can Terraform Cloud automatically and proactively enforce this security control?
Which of the following should you add in the required_providers block to define a provider version constraint?
You have a Terraform configuration that defines a single virtual machine with no references to it, You have run terraform apply to create the resource, and then removed the resource definition from your Terraform configuration file.
What will happen you run terraform apply in the working directory again?
How would you reference the volume IDs associated with the ebs_block_device blocks in this configuration?
How would you output returned values from a child module in the Terraform CLI output?
You use a cloud provider account that is shared with other team members. You previously used Terraform to create a load balancer that listens on port 80. After application changes, you updated the Terraform code to change the port to 443.
You run terraform plan and see that the execution plan shows the port changing from 80 to 443 like you intended and step away to grab some coffee.
In the meantime, another team member manually changes the load balancer port to 443 through the cloud provider console before you get back to your desk.
What will happen when you run terraform apply upon returning to your desk?
What is the provider for the resource shown in the Exhibit?
resource "aws_vpc" "main" {
name = "test"
}
Terraform configuration (including any module references) can contain only one Terraform provider type.
Which provider authentication method prevents credentials from being stored in the state file?
You want to define a single input variable to capture configuration values for a server. The values must represent memory as a number, and the server name as a string.
Which variable type could you use for this input?
A senior admin accidentally deleted some of your cloud instances. What will Terraform do when you run terraform apply?
Before you can use a new backend or HCP Terraform/Terraform Cloud integration, you must first execute terraform init.
Before you can use a remote backend, you must first execute terra-form init.
What is the Terraform style convention for indenting a nesting level compared to the one above it?
Which of the following command would be use to access all of the attributes and details of a resource managed by Terraform?
What kind of configuration block will create an infrastructure object with settings specified within the block?
A developer accidentally launched a VM (virtual machine) outside of the Terraform workflow and ended up with two servers with the same name. They don't know which VM Terraform manages but do have a list of all active VM IDs.
Which of the following methods could you use to discover which instance Terraform manages?
Module version is required to reference a module on the Terraform Module Registry.
You are working on some new application features and you want to spin up a copy of your production deployment to perform some quick tests. In order to avoid having to configure a new state backend, what open source Terraform feature would allow you create multiple states but still be associated with your current code?
You modified your Terraform configuration to fix a typo in the resource ID by renaming it from photoes to photos. What configuration will you add to update the resource ID in state without destroying the existing resource?
Original configuration:
resource "aws_s3_bucket" "photoes" {
bucket_prefix = "images"
}
Updated configuration:
resource "aws_s3_bucket" "photos" {
bucket_prefix = "images"
}
You're building a CI/CD (continuous integration/continuous delivery) pipeline and need to inject sensitive variables into your Terraform run. How can you do this safely?
You've used Terraform to deploy a virtual machine and a database. You want to replace this virtual machine instance with an identical one without affecting the database. What is the best way to achieve this using Terraform?
Setting the TF_LOG environment variable to DEBUG causes debug messages to be logged into stdout.
When using Terraform to deploy resources into Azure, which scenarios are true regarding state files? (Choose two.)
A resource block is shown in the Exhibit space of this page. What is the Terraform resource name of the resource block?
Multiple team members are collaborating on infrastructure using Terraform and want to format the* Terraform code following standard Terraform-style convention.
How should they ensure the code satisfies conventions?
Which of the following is not a valid source path for specifying a module?
Outside of the required_providers block, Terraform configurations always refer to providers by their local names.
Your root module contains a variable namednum_servers. Which is the correct way to pass its value to a child module with an input namedservers?
Terraform can only manage resource dependencies if you set them explicitly with the depends_on argument.
Which of these are features of HCP Terraform/Terraform Cloud? Pick the 2 correct responses below.
Which option cannot be used to keep secrets out of Terraform configuration files?
If a DevOps team adopts AWS CloudFormation as their standardized method for provisioning public cloud resoruces, which of the following scenarios poses a challenge for this team?
When you include a module block in your configuration that references a module from the Terraform Registry, the "version" attribute is required.
You want to use API tokens and other secrets within your team's Terraform workspaces. Where does HashiCorp recommend you store these sensitive values? (Pick the 3 correct responses)
It is best practice to store secret data in the same version control repository as your Terraform configuration.
All standard backend types support state locking, and remote operations like plan, apply, and destroy.
terraform apply is failing with the following error. What next step should you take to determine the root cause of the problem?
Error:
yaml
CopyEdit
Error loading state: AccessDenied: Access Denied
status code: 403, request id: 288766CE5CCA24A0, host id: web.example.com
What does Terraform not reference when running a terraform apply -refresh-only ?
You have provisioned some virtual machines (VMs) on Google Cloud Platform (GCP) using the gcloud command line tool. However, you are standardizing with Terraform and want to manage these VMs using Terraform instead. What are the two things you must do to achieve this? Choose two correct answers.
You are writing a child Terraform module that provisions an AWS instance. You want to reference the IP address returned by the child module in the root configuration. You name the instance resource "main'.
Which of these is the correct way to define the output value?
You much initialize your working directory before running terraform validate.
Which of the following module source paths does not specify a remote module?
TESTED 06 Oct 2025
