Skip to main content
HashnodeJack (Jarkynbyek) Japar's blogJack (Jarkynbyek) Japar's blog

Command Palette

Search for a command to run...

Terraform Associate (004) – Exam Cheat Sheet

Updated
4 min read
Terraform Associate (004) – Exam Cheat Sheet
J
Jarkynbyek (Jack) Japar

This cheat sheet is based on my notes from online courses, Hashicorp documentation, and missing & updated concepts for the Terraform Associate 004 exam after completing the exam. It is optimized for quick revision before the exam.

1. Terraform Core Workflow

Core Commands

terraform init       # Initialize providers & backend
terraform plan       # Preview execution plan
terraform apply      # Apply changes
terraform destroy    # Destroy resources

Typical Workflow

  1. Write .tf files

  2. terraform init

  3. terraform plan

  4. terraform apply

2. Terraform Configuration Basics

Blocks

resource "aws_instance" "example" {}
BlockPurpose
providerDefine cloud provider
resourceInfrastructure object
variableInput variable
outputExport values
dataRead external data
moduleReusable configuration
terraformBackend & version config
actionInvoke provider-defined action
checkValidate your infrastructure
ephermaldefine temporary resources
importimport existing infrastructure
localsdefine values and reuse
movedchange the address of a resource
removedremove from state without changing infra

3. Providers

Provider Types

  • Official

  • Partner

  • Community

Provider Configuration

provider "aws" {
  region = "us-east-1"
}

Version Constraints

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
}

Version rules:

  • >= 1.2.0

  • <= 2.0.0

  • ~> 1.2 → >=1.2,<2.0

  • != 1.4.0

4. Variables

Declare Variables

variable "filename" {
  type        = string
  description = "File name"
  default     = "/tmp/file.txt"
}

Types

  • string

  • number

  • bool

  • list(type)

  • map(type)

  • object({})

  • tuple([])

Variable Precedence (High → Low)

  1. CLI var

  2. .tfvars or var-file

  3. Environment (TF_VAR_name)

  4. Default

5. Resource Attributes & References

${resource_type.resource_name.attribute}

Example:

aws_instance.web.public_ip

6. Dependencies

Implicit

instance_id = aws_instance.web.id

Explicit

depends_on = [aws_instance.web]

7. Output Values

output "public_ip" {
  value = aws_instance.web.public_ip
}

Commands:

terraform output
terraform output public_ip

8. Terraform State

Purpose

  • Maps config → real infrastructure

  • Tracks metadata & dependencies

State Storage

  • Local (default)

  • Remote (recommended):

    • S3

    • Terraform Cloud

    • GCS

    • Consul

Remote state locking is available, depending on whether the backend supports

Remote Backend (S3 Example)

terraform {
  backend "s3" {
    bucket         = "tf-state-bucket"
    key            = "prod/terraform.tfstate"
    region         = "us-east-1"
    dynamodb_table = "terraform-locks"
  }
}

9. Terraform State Commands

terraform state list
terraform state show <resource>
terraform state mv
terraform state rm
terraform state pull

10. Lifecycle Rules

lifecycle {
  create_before_destroy = true
  prevent_destroy       = true
  ignore_changes        = [tags]
}

11. Meta-Arguments

https://developer.hashicorp.com/terraform/language/meta-arguments

ArgumentDescription
depends_onExplicit dependency
countCreate multiple resources
for_eachIterate over map/set
lifecycleControl resource behavior
providerspecifies which provider to use
providersspecify an alternate provider specification

count vs for_each

  • count → indexed list

  • for_each → map or set

12. Data Sources

Used to read existing resources:

data "aws_ami" "amazon_linux" {
  most_recent = true
}

13. Provisioners (Use Sparingly)

Local Exec

provisioner "local-exec" {
  command = "echo Hello"
}

Remote Exec

Requires SSH access.

⚠️ Not recommended for production

14. Terraform Import

terraform import aws_instance.web i-123456

⚠️ Does NOT generate .tf code. Only updates the state file.

15. Terraform Workspaces

terraform workspace new dev
terraform workspace list
terraform workspace select dev

Each workspace has separate state.

16. Terraform Functions (Important)

https://developer.hashicorp.com/terraform/language/functions

Numeric

  • max()

  • min()

  • ceil()

  • floor()

String

  • lower()

  • upper()

  • split()

  • join()

  • substr()

Collection

  • length()

  • contains()

  • element()

  • lookup()

17. Terraform Console

terraform console

Used for testing expressions.

18. Debugging

export TF_LOG=TRACE
export TF_LOG_PATH=/tmp/terraform.log

Levels:

  • TRACE

  • DEBUG

  • INFO

  • WARN

  • ERROR

19. Terraform Modules

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "5.0.0"
}

Commands:

terraform get

20. Security Best Practices

  • Never commit terraform.tfstate

  • Use .gitignore

  • Encrypt remote state

  • Use least privilege

21. Quick Commands Summary

terraform init
terraform plan
terraform apply
terraform destroy
terraform fmt
terraform validate
terraform providers
terraform output
terraform graph
terraform workspace list

22. HCP Terraform

The HashiCorp Cloud Platform — https://developer.hashicorp.com/terraform/cloud-docs

In my experience in this exam, you have to know what they are; there is no need to dig deep, so briefly review these topics, and let me know your experience:

  • Users

  • Teams

  • Organizations

  • Permissions

  • Stacks & Workspaces

  • Integration with VCS (Version Control Systems)

  • Private registry

  • Automatic health checks

  • Run triggers

#terraform#terraform-cloud#terraform-associate#iac
273 views

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

J

Jack (Jarkynbyek) Japar's blog

12 posts

Cloud / DevOps Engineer focusing on AWS, Kubernetes, and GitHub Actions