Free Practice Questions for HashiCorp Terraform Authoring and Operations Professional Certification

🔄 Last checked for updates April 19th, 2026

Study with 324 exam-style practice questions designed to help you prepare for the HashiCorp Terraform Authoring and Operations Professional.

Random Questions

Practice with randomly mixed questions from all topics

Question MixAll Topics

FormatRandom Order

Domain Mode

Practice questions from a specific topic area

Select Domain

Quiz History

Exam Details

Key information about HashiCorp Terraform Authoring and Operations Professional

Official study guide

View

Question formats CertSafari offers

Multiple choice

prerequisites:

Professional experience using Terraform with the AWS provider is required.

Exam Topics & Skills Assessed

Skills measured (from the official study guide)

Domain 1: Manage resource lifecycle

Subdomain 1.a: Initialize a configuration using terraform init and its options

This objective covers initializing a Terraform configuration, which involves downloading necessary providers and modules.

- Initialization overview - init CLI command

Subdomain 1.b: Generate an execution plan using terraform plan and its options

This objective covers creating an execution plan to preview the changes Terraform will make to the infrastructure without actually applying them.

- plan CLI command

Subdomain 1.c: Apply configuration changes using terraform apply and its options

This objective covers applying the changes defined in the Terraform configuration to create, update, or delete infrastructure resources.

- apply CLI command

Subdomain 1.d: Destroy resources using terraform destroy and its options

This objective covers destroying the infrastructure managed by a Terraform configuration, which removes all the resources defined in it.

- destroy CLI command

Subdomain 1.e: Manage resource state, including importing resources and reconciling resource drift

This objective covers managing the Terraform state file, which keeps track of the managed infrastructure. This includes importing existing resources into Terraform management and addressing discrepancies between the state file and the actual infrastructure (drift).

- State overview - import blocks - moved blocks - CLI documentation

Domain 2: Develop & troubleshoot dynamic configuration

Subdomain 2.a: Use language features to validate configuration

This objective covers using built-in HCL features to ensure the configuration is valid and adheres to specific rules before applying it.

- Tests - Checks - Input variables - Type constraints - Custom conditions

Subdomain 2.b: Query providers using data sources

This objective covers using data sources to fetch information from external sources, like a cloud provider, to use within the Terraform configuration.

- Data sources

Subdomain 2.c: Compute and interpolate data using HCL functions

This objective covers using HCL's built-in functions to transform and combine data, allowing for more dynamic and flexible configurations.

- Functions

Subdomain 2.d: Use meta-arguments in configuration

This objective covers using meta-arguments like `count`, `for_each`, `depends_on`, and `lifecycle` to control the behavior of resources and modules.

- Resources

Subdomain 2.e: Configure input variables and outputs, including complex types

This objective covers defining input variables to parameterize configurations and outputs to expose information about the managed infrastructure. This includes working with complex data types like lists, maps, and objects.

- Variables and outputs - Types and values - Expressions

Subdomain 2.f: Analyze best practices for managing sensitive data, such as using Vault for secrets management.

This objective covers strategies for handling sensitive information like passwords and API keys within Terraform configurations, including integrating with external secret management tools like HashiCorp Vault.

- Sensitive data in state

Domain 3: Develop collaborative Terraform workflows

Subdomain 3.a: Manage the Terraform binary, providers, and modules using version constraints

This objective covers specifying versions for Terraform, providers, and modules to ensure consistent and predictable behavior across different environments and team members.

- terraform blocks - Version constraints - Dependency lock file

Subdomain 3.b: Configure remote state

This objective covers storing the Terraform state file in a remote, shared location, which is essential for team collaboration and preventing state file conflicts.

- Remote state

Subdomain 3.c: Use the Terraform workflow in automation

This objective covers integrating the standard Terraform workflow (init, plan, apply) into automated CI/CD pipelines, including managing state locking to prevent concurrent modifications.

- Configuring state locking

Subdomain 3.d: Share data across configurations and workspaces

This objective covers methods for sharing information between different Terraform configurations or workspaces, such as using remote state data sources.

- The terraform_remote_state data source - tfe_outputs data source

Domain 4: Create, maintain, and use Terraform modules

Subdomain 4.a: Create a module

This objective covers the fundamentals of creating reusable Terraform modules to encapsulate and organize infrastructure components, following recommended design patterns.

- Modules documentation - Creating a module - Module design recommended patterns

Subdomain 4.b: Use a module in configuration

This objective covers how to call and use a module within a root Terraform configuration, including sourcing it from various locations like the Terraform Registry or a Git repository.

- Sourcing a module - Declaring a module

Subdomain 4.c: Refactor a module and use module versioning

This objective covers modifying and improving existing modules while managing different versions to ensure backward compatibility and controlled updates.

- Refactoring modules - Version constraints

Subdomain 4.d: Refactor an existing configuration into modules

This objective covers the process of breaking down a monolithic Terraform configuration into smaller, reusable modules to improve maintainability and scalability.

- moved blocks

Domain 5: Configure and use Terraform providers

Subdomain 5.a: Understand Terraform's plugin-based architecture

This objective covers the core concept of Terraform providers as plugins that interface with specific APIs (e.g., AWS, Azure, GCP) to manage resources.

- Providers

Subdomain 5.b: Configure providers, including aliasing, versioning, sourcing, and managing upgrades

This objective covers the detailed configuration of providers within a Terraform block, including setting versions, using aliases for multiple provider configurations, and managing provider upgrades.

- Provider requirements - Provider configuration - Dependency lock file - Configuring providers in modules

Subdomain 5.c: Manage provider authentication

This objective covers the various methods for authenticating Terraform with cloud providers and other services, such as using environment variables, configuration files, or identity and access management roles.

- Provider configuration

Subdomain 5.d: Troubleshoot provider errors

This objective covers techniques for diagnosing and resolving issues related to Terraform providers, such as API errors, authentication problems, or dependency conflicts.

- Dependency lock file - Debugging Terraform

Domain 6: Collaborate on infrastructure as code using HCP Terraform ( multiple-choice only )

Subdomain 6.a: Analyze the HCP Terraform run workflow

This objective covers understanding the remote execution workflow in HCP Terraform, including how runs are triggered, viewed, and managed, and the different run modes available.

- Remote operations - Viewing and managing runs - Run modes and options - Migrating to HCP Terraform

Subdomain 6.b: Understand HCP Terraform workspaces and their configuration options, including access management

This objective covers the concept of workspaces in HCP Terraform as a way to manage separate environments or components, including their configuration and access control settings.

- Workspaces documentation

Subdomain 6.c: Manage provider credentials in HCP Terraform

This objective covers securely managing and providing cloud provider credentials to HCP Terraform workspaces, using methods like workspace variables or dynamic provider credentials.

- Workspace variables - Dynamic provider credentials

Subdomain 6.d: Analyze policy as code and governance features

This objective covers using HCP Terraform's governance features, such as Sentinel or OPA policies, to enforce rules and best practices on infrastructure changes.

- Policy enforcement

Techniques & products

terraform init

terraform plan

terraform apply

terraform destroy

resource state management

import blocks

moved blocks

HCL

Tests

Checks

Input variables

Type constraints

Custom conditions

Data sources

HCL functions

Meta-arguments

Outputs

Complex types

Types and values

Expressions

Sensitive data management

Vault

Terraform binary

Providers

Modules

Version constraints

Dependency lock file

Remote state

State locking

terraform_remote_state data source

tfe_outputs data source

Module design patterns

Module versioning

Plugin-based architecture

Provider aliasing

Provider sourcing

Provider upgrades

Provider authentication

Debugging Terraform

HCP Terraform

HCP Terraform run workflow

HCP Terraform workspaces

Access management

Workspace variables

Dynamic provider credentials

Policy as code

Governance features

Policy enforcement

AWS

aws_instance

aws_ami data source

aws_launch_template

aws_autoscaling_group

aws_security_group

aws_security_group_rule

aws_s3_object

random_integer

aws_s3_bucket

aws_caller_identity data source

aws_iam_session_context data source

aws_iam_policy_document data source

aws_iam_role

aws_subnet data source

aws_vpc_security_group_ingress_rule

aws_iam_instance_profile

aws_iam_policy

aws_iam_role_policy_attachment

terraform s3 backend

Start Practicing