Free Practice Questions for HashiCorp Terraform Authoring and Operations Professional Certification

    🔄 Last checked for updates April 5th, 2026

    Study with 324 exam-style practice questions designed to help you prepare for the HashiCorp Terraform Authoring and Operations Professional.

    Start Practicing

    Random Questions

    Practice with randomly mixed questions from all topics

    Question MixAll Topics
    FormatRandom Order

    Domain Mode

    Practice questions from a specific topic area

    Quiz History

    Exam Details

    Key information about HashiCorp Terraform Authoring and Operations Professional

    Official study guide

    View

    Question formats CertSafari offers
    • Multiple choice
    prerequisites:

    Professional experience using Terraform with the AWS provider is required.

    Exam Topics & Skills Assessed

    Skills measured (from the official study guide)

    Domain 1: Manage resource lifecycle

    Subdomain 1.1: Initialize a configuration using terraform init and its options

    This subdomain covers the process of preparing a working directory for other Terraform commands.

    - Initialization overview - init CLI command

    Subdomain 1.2: Generate an execution plan using terraform plan and its options

    This subdomain covers creating an execution plan, which lets you preview the changes that Terraform plans to make to your infrastructure.

    - plan CLI command

    Subdomain 1.3: Apply configuration changes using terraform apply and its options

    This subdomain covers executing the actions proposed in a Terraform plan to create, update, or destroy infrastructure.

    - apply CLI command

    Subdomain 1.4: Destroy resources using terraform destroy and its options

    This subdomain covers the command used to destroy all of the remote objects managed by a particular Terraform configuration.

    - destroy CLI command

    Subdomain 1.5: Manage resource state, including importing resources and reconciling resource drift

    This subdomain covers the management of Terraform's state file, which is used to map real-world resources to your configuration, keep track of metadata, and improve performance for large infrastructures.

    - State overview - import blocks - moved blocks - CLI documentation

    Domain 2: Develop & troubleshoot dynamic configuration

    Subdomain 2.1: Use language features to validate configuration

    This subdomain covers using Terraform's built-in features to ensure that configurations are syntactically valid and conform to specified constraints and conditions.

    - Tests - Checks - Input variables - Type constraints - Custom conditions

    Subdomain 2.2: Query providers using data sources

    This subdomain covers the use of data sources to fetch information from an API or another Terraform configuration, making it available for use elsewhere in your configuration.

    - Data sources

    Subdomain 2.3: Compute and interpolate data using HCL functions

    This subdomain covers the use of built-in functions in the HashiCorp Configuration Language (HCL) to transform and combine values within a configuration.

    - Functions

    Subdomain 2.4: Use meta-arguments in configuration

    This subdomain covers meta-arguments, which are special arguments that can be used with any resource to change its behavior, such as `count`, `for_each`, `provider`, `depends_on`, and `lifecycle`.

    - Resources

    Subdomain 2.5: Configure input variables and outputs, including complex types

    This subdomain covers defining input variables to parameterize configurations and using output values to expose information about the managed infrastructure, including the use of complex data types like lists, maps, and objects.

    - Variables and outputs - Types and values - Expressions

    Subdomain 2.6: Analyze best practices for managing sensitive data, such as using Vault for secrets management.

    This subdomain covers strategies for handling sensitive information like passwords, API keys, and certificates within Terraform configurations, including integration with external secret management tools.

    - Sensitive data in state

    Domain 3: Develop collaborative Terraform workflows

    Subdomain 3.1: Manage the Terraform binary, providers, and modules using version constraints

    This subdomain covers best practices for ensuring consistent and predictable behavior across different environments and team members by explicitly defining versions for Terraform, providers, and modules.

    - terraform blocks - Version constraints - Dependency lock file

    Subdomain 3.2: Configure remote state

    This subdomain covers storing the Terraform state file in a remote, shared location, which is essential for collaboration and for running Terraform in automated environments.

    - Remote state

    Subdomain 3.3: Use the Terraform workflow in automation

    This subdomain covers integrating Terraform into CI/CD pipelines, including the use of state locking to prevent concurrent modifications to the same state file.

    - Configuring state locking

    Subdomain 3.4: Share data across configurations and workspaces

    This subdomain covers methods for sharing information between different Terraform configurations or workspaces, allowing for the creation of modular and loosely coupled infrastructure components.

    - The terraform_remote_state data source - tfe_outputs data source

    Domain 4: Create, maintain, and use Terraform modules

    Subdomain 4.1: Create a module

    This subdomain covers the fundamentals of creating reusable Terraform modules to encapsulate and abstract infrastructure components, following recommended design patterns for clarity and maintainability.

    - Modules documentation - Creating a module - Module design recommended patterns

    Subdomain 4.2: Use a module in configuration

    This subdomain covers how to call a module from a parent configuration, including sourcing modules from various locations like the Terraform Registry, Git repositories, or local paths.

    - Sourcing a module - Declaring a module

    Subdomain 4.3: Refactor a module and use module versioning

    This subdomain covers the process of modifying and improving existing modules while managing changes through versioning to ensure that downstream configurations are not broken unexpectedly.

    - Refactoring modules - Version constraints

    Subdomain 4.4: Refactor an existing configuration into modules

    This subdomain covers the process of breaking down a monolithic Terraform configuration into smaller, reusable modules to improve organization, reusability, and maintainability.

    - moved blocks

    Domain 5: Configure and use Terraform providers

    Subdomain 5.1: Understand Terraform's plugin-based architecture

    This subdomain covers the core concept of how Terraform uses providers as plugins to interact with the APIs of various cloud platforms, SaaS providers, and other services.

    - Providers

    Subdomain 5.2: Configure providers, including aliasing, versioning, sourcing, and managing upgrades

    This subdomain covers the detailed configuration of providers within a Terraform block, including using aliases for multiple provider configurations, pinning versions for stability, and managing the provider upgrade process.

    - Provider requirements - Provider configuration - Dependency lock file - Configuring providers in modules

    Subdomain 5.3: Manage provider authentication

    This subdomain covers the various methods for authenticating Terraform providers with their target APIs, such as static credentials, environment variables, or temporary credentials from identity providers.

    - Provider configuration

    Subdomain 5.4: Troubleshoot provider errors

    This subdomain covers techniques for diagnosing and resolving issues related to Terraform providers, including debugging Terraform's execution and managing dependency conflicts using the lock file.

    - Dependency lock file - Debugging Terraform

    Domain 6: Collaborate on infrastructure as code using HCP Terraform ( multiple-choice only )

    Subdomain 6.1: Analyze the HCP Terraform run workflow

    This subdomain covers the workflow for executing Terraform runs within HCP Terraform, including remote operations, different run modes, and the process of migrating existing configurations to HCP Terraform.

    - Remote operations - Viewing and managing runs - Run modes and options - Migrating to HCP Terraform

    Subdomain 6.2: Understand HCP Terraform workspaces and their configuration options, including access management

    This subdomain covers the concept of workspaces in HCP Terraform as a way to manage separate instances of a configuration, including their settings and access control.

    - Workspaces documentation

    Subdomain 6.3: Manage provider credentials in HCP Terraform

    This subdomain covers the secure management of provider credentials within HCP Terraform, using features like workspace variables and dynamic provider credentials to avoid hardcoding secrets.

    - Workspace variables - Dynamic provider credentials

    Subdomain 6.4: Analyze policy as code and governance features

    This subdomain covers the use of Sentinel or Open Policy Agent (OPA) within HCP Terraform to enforce policies and governance rules on infrastructure changes before they are applied.

    - Policy enforcement

    Techniques & products

    terraform init
    terraform plan
    terraform apply
    terraform destroy
    resource state management
    import blocks
    moved blocks
    HCL
    Tests
    Checks
    Input variables
    Type constraints
    Custom conditions
    Data sources
    HCL functions
    Meta-arguments
    Outputs
    Complex types
    Types and values
    Expressions
    Sensitive data management
    Vault
    Terraform binary
    Providers
    Modules
    Version constraints
    Dependency lock file
    Remote state
    State locking
    terraform_remote_state data source
    tfe_outputs data source
    Module design patterns
    Module versioning
    Plugin-based architecture
    Provider aliasing
    Provider sourcing
    Provider upgrades
    Provider authentication
    Debugging Terraform
    HCP Terraform
    HCP Terraform run workflow
    HCP Terraform workspaces
    Access management
    Workspace variables
    Dynamic provider credentials
    Policy as code
    Governance features
    Policy enforcement
    AWS
    aws_instance
    aws_ami data source
    aws_launch_template
    aws_autoscaling_group
    aws_security_group
    aws_security_group_rule
    aws_s3_object
    random_integer
    aws_s3_bucket
    aws_caller_identity data source
    aws_iam_session_context data source
    aws_iam_policy_document data source
    aws_iam_role
    aws_subnet data source
    aws_vpc_security_group_ingress_rule
    aws_iam_instance_profile
    aws_iam_policy
    aws_iam_role_policy_attachment
    terraform s3 backend

    CertSafari is not affiliated with, endorsed by, or officially connected to HashiCorp, Inc.. Full disclaimer