All HashiCorp Terraform Associate certification exam dumps, study guide, training courses are Prepared by industry experts. PrepAway's ETE files povide the Terraform Associate HashiCorp Certified: Terraform Associate practice test questions and answers & exam dumps, study guide and training courses help you study and pass hassle-free!

Read, Generate, Modify Configurations

17. Dynamic Blocks

Hey everyone, and welcome back. Now in today's video, we will be discussing the dynamic block in Terraform. Now let's go ahead and understand this with a typical challenge. Now, in many of the use cases that you will encounter while writing the TerraForm configuration file, there are multiple repeatable nested blocks that need to be defined. Now, this can lead to a long code, and it can also be difficult to manage over a longer period of time.

One classic example of this would be the security group. Now, generally, whenever you have a security group, you define multiple English or Egress blocks. So ingress is basically the inbound rule that you define in the security group. So currently, you see that there are two ingress rules that are defined. one for the port of 9200 and the other for the port of 8300. So for a single security group, there are two ingress rules that are defined. Now imagine let's say that there are40 ports that you have to add.

So then you have to essentially create 40-ingress blocks within the security group resource, and that can be a bit of a pain. So with the help of dynamic blocks, what it does is that it allows us to dynamically construct repeatable nested blocks, which are supported inside the resource data provider, as well as a provisional block over here. So what we can do here is, instead of defining multiple ingredient blocks, create one dynamic block. And we also have a variable that basically contains all the ports that need to be defined. And from that variable, we create multiple dynamic blocks over here. So that is the high-level overview. So let's quickly jump into the practical so that this can be better explained.

So for today's video, I have a folder called "asdynamic block," and within this folder I have two files. One is before, and the second is a dynamic block. So currently here in a file called Asbefore TF, where we were discussing how a security group, depending upon the number of ports, will have multiple nested blocks, So you have the first nested block, the second nested block, the third nested block, and so on. So imagine that if you have 40 different English rules over here, then essentially you need to have 40 different ingress blocks that you'll have to define. And the same goes with the Egress block, which is basically the outbound rules. In fact, in the organisation that I was working with, we had big security group rules and the amount of ingress blocks were huge. So this used to be a bit of a pain in the earlier version of Terraform.

So this can be solved with the help of the new dynamic block. Now, before we explore the dynamic block, let's quickly do a Terraform plan. And currently, you see, for our security group, there are multiple rules, like 49500, then secondarily, for the nine, 2008-300-8201, and so on. So, as you are discussing, there is a better way in which all of these can be combined together in a single dynamic block. So currently, this is the dynamic block. Let's quickly remove this comment here.Now, within the dynamic block, the first thing that has been defined here is the variable. The variable is SG underscore port. The type is a list of numbers. And we also have a default value that contains a list of multiple port values over here. So this is something that is easy to understand. Then we have the resource of AWS Security Group. The name is Dynamic SG. And the interesting part here is this dynamic block. Now the label of the dynamic block here is "ingress," which we are making use of for each year.

So what would happen is that for each value that is part of the variable edge underscore port, So, as you see, we have defined what a C port is. So for each value under this specific list, this dynamic block will be created. Now, if you look at this content over here, the content here is equal to the entry value, which is basically the value of the number that is defined over here. So basically, let me quickly show you how this would look like. So you have an ingress block. Then, within the English block, you will have these specific contents. All right, so this is the ingredient block. Now for the first iteration, you have to set this value to 8200.

So this is the 8200 value. So that is the first iteration. Now you will have one more iteration because there are multiple entries within the list. Now for the second iteration, you will have one more block that will be generated for ingress, and the value of that block will be eight to one, and so on. So this is what is referred to as a "dynamic block." So these blocks are generated dynamically depending upon the number of values that are part of the list. So I hope from the high-level overview you understand what "dynamic block" means over here. So let's do one thing: let's quickly do a terraforming plan so that we understand this in more detail. And before we do a TerraForm plan, let me go ahead and comment out the previous PFO here. Now let's clear the screen and do a Terraform plan.

All right, so here you see that it is working as expected. So with a single dynamic block, you see how many other blocks are being created based on the port numbers that have been defined within the given list. So I hope you understand what dynamic blocks are. Now, when you're working with dynamic blocks, you also need to understand the basics of iterators. So the iterator argument, which is the optional argument, sets the name of a temporary variable that represents the current element of a complex value. So if the name of a variable is omitted, it defaults to the label of the dynamic block, which is ingress in this specific example. So let's quickly understand this. So within the dynamic block we have ingress value overhere, which is basically the value associated with the currentelement for each that is happening over here. So what you can instead do is define an iterator, and the name of the iterator here would be port. And instead of the label of the dynamic block, you can change it to the iterator name, which is port value.

So what happens here is that it becomes easier to read. So anyone who is reading your code will see the port value. So from here, you can easily identify the type of value that is expected for this specific key. So this becomes much easier. So that's the benefit of iterators. So let's go ahead and do a TerraForm plan. So to quickly verify, we'll do a TerraForm plan, and to make sure everything is working as expected, we'll also do a TerraForm application. Let's set it to yes. Great. So a security group resource is created, and if you look in the easy console, you have a security group called Dynamic Hypersea, which contains a list of all the ports that are defined. Now, if you look at the resource "AWS security group" from the TerraForm documentation, you will primarily see that there are two types of blocks that can be configured. One is the ingress, and the second is the egress. So ingress basically means inbound rules.

Egress basically means the outbound rules. Now, whenever you're configuring a dynamic block, the name here becomes very important. So let's also try it out for the outbound rules. However, the name this time that we will have to provide is the egress over here and for each would remain the same. Let's go ahead and remove the iterator this time. And in case you remove the iterator, then you'll have to give the label of the dynamic block, which is egress over here. All right, so now let's do a Terraform planet again. So this time, the rules that will be created will basically be the egress rules. So let's go ahead and do a Terraform application to verify. I say yes. Great. So the resource is modified, and from the AWS console, let's quickly refresh the page. Within the outbound rules, you see that there are multiple outbound rules.

18. Tainting Resources

Hey everyone, and welcome back. Now in today's video, we'll be discussing tainting resources in Terraform. So let's quickly understand this with the use case. So let's assume that you have created a new resource via the TerraForm. So this specific new resource is created via Terraform. In today's example, we will consider it easy to instance.

Now let's assume that multiple users who are part of your organization have made a lot of manual changes to this specific resource. So not only have they changed the infrastructure, but they have also locked themselves inside the server, and they have made a lot of changes because those things are not working as expected. And whenever you're doing a TerraForm plan, there are a lot of changes that it is showing.So there are two ways in which you can deal with this. First, you can either import the changes through the TerraForm, so whatever changes that user has made, you can import them into the TerraForm.

Second, you can delete and recreate the resources so that it comes back to the exact configuration that you had defined within your TerraForm file. So in today's video, we'll be discussing the second pointer, which is deleting and recreating a specific resource. So with the help of the Terraform Taint command, we can manually mark a Terraform-managed resource as tainted, forcing it to be destroyed and recreated on the next supply. So what happens is that when you mark this resource as tainted, what will happen is that next time you do a TerraForm plan, TerraForm will show you the plan where the resource will be destroyed and recreated from scratch. So that's what Terraform teaches us. So let's do one; let's quickly jump into the demo so that this can be better understood.

So for today's video, we have a very simple configuration where we have a simple provider block and a simple resource block where we are creating an easy instance. So first step, let's go ahead and create an instance post in which we'll be discussing the taint command. So let's go ahead and do a Terraform application. All right, let's quickly do a jet. Great. So our EC has two instances created. So now, within the EC, you can see that we have one EC-2 instance that is currently in the running state. Now that the EC2 is in the running state, there can be a lot of manual modifications that can happen. So someone might add an IM role, someone might modify the network interface, and so on. Or some user might log into the EC2 instance, and they might do a lot of things that can break your application altogether. So in such cases, if you want to revert this specific EC2 instance to the change that is part of your TerraForm configuration, instead of doing a TerraForm destroy and then doing a TerraForm apply yet again, you can manually mark the specific resources tinted. So let's try it out.

So let's do a Terraform taint, followed by the entire name, which is awsunderstance myec 2. So if you see, we have AWS underscore instance myec 2. So let's press enter. So now it says that the resource instance award for my 82 has been marked as "painted." So now when you do a Terraform plan, as you see here within the plan, it is showing one to destroy and one to add, and the same you'll be able to see over here. So it states that this specific instance is tainted, so it must be replaced. So now, when you look into the TerraForm TFstate file, you will see that the resource that we have over here has a tainted status here is tainted. So whenever you run the Terraform Taint command, remember that the only modification that happens is within the state file, where the specific resource will be marked as tinted. So the resource will not be modified; only the state file will be marked as tainted unless and until you do a Terraform application.

So now let's go ahead and try it out. So I'll do a Terraform application, and we'll do a yes. Great. So now here you see that first it is destroying the resource, and after the destruction has been completed, it is recreating the resource altogether. So the older EC2 instance that we had, if you did a refresh, would be terminated and a new EC2 instance would replace it. and in a similar way. Now if you look into the TerraForm statement, you will see that the tainted-related message is no longer present. Great. So I hope, from a high-level overview, you understand the importance of TerraForm tape. Now one interesting thing, in fact, is that in many organisations, they have this rule that whenever you manually modify your infrastructure, what they have to do is taint it and recreate the infrastructure. So they would not be allowed to do TerraForm input; they would have to do a tint and recreate the infrastructure. So a lot of organisations have this rule, and this is one of the reasons why no one would manually modify the infrastructure within the cloud service provider. So anyways, with this, there are a few important points that we need to remember.

The first is that the Terraform 10 command will not modify the infrastructure, but it will modify the state file in order to mark the resource as tainted. In the second point here, once the resource is marked as tainted, the next plan will show that the resource will be destroyed and recreated, and the next application will implement this specific change. The third very important point here is that you need to keep in mind that tainting a resource for recreation may affect the resources that depend on the newly tainted resource. So let's say that you have an EC2 instance and that you also have a DNS that you have created through TerraForm. Now if the EC2 instance is destroyed and recreated, the chances are that the EC2 instance will have a new IP. So then you will have to, in turn, modify your DNS resource to point to the newer IP. So always look into the dependency before doing a Terraform date.

19. Splat Expressions

Hey everyone, and welcome back. Now in today's video, we'll be discussing the "splat" expression. Now, at a high level overview, splat expression allows us to get a list of all the attributes. Now let's understand with an example where you have a resource of type AWSIM user and you are making use of count of three. So that basically means a total of three Im users will be created. Now within the output ARN, you are specifying the AWSin user LB, followed by this split expression, followed by the attribute of that resource, which is ARN. So what will happen is that even if you create 100 Im users, the AR and attributes associated with this resource will be listed for all 100 users. So let's go ahead and try this out in detail. So currently I am on the documentation page associated with the resource "AWS Im User." And if you look into the attributes, there are three primary attributes. One is the ARN, the second is the name, and the third is the unique ID.

So we'll be using the attribute of ARN for today's demo. Now in this specific demo example, we are making use of the count of three, and you also have a count of index. Now for the index count, we already know that it starts with one. So when you have a count of three, it basically means zero, one, and two. Now, whenever you want to see an attribute in terms of output for a specific IAM user, you can make use of a zero, a one, or a two. So let's see that first post, which we'll be discussing about splitting. So let's put a zero over here and see what happens. Now let's quickly do a TerraForm plan. Great.

So as expected, there will be a total of three Im users that are created. So if you look into the first Im user, it has a count index of zero, the second one has a count index of one, and the third one has a count index of two. So let's go ahead and quickly do a Terraform application. I'll say yes. Great. So within the output, what you see here is the attribute ARN associated with the first user, which is user zero. So this is how you can get a specific attribute associated with multiple users or multiple resources that you create with the count parameter. Now, if you want to see the attributes associated with all the users that are being created instead of manually specifying a zero or a one, you can make use of Splat or something similar to this.So let's go ahead and see what happens now. So I do a Terraform application yet again. Great. So now, within the output, you see that you got the arm associated with all the users that had been created. So that's the very high-level overview of static expression. That's about it for today's video. And I look forward to seeing the next video.

20. Terraform Graph

Hey everyone, and welcome back. Now in today's video, we will be discussing the Terraform graph. So this is one of the cool features that are available in Terraform. So let's go ahead and explore that. So the Terraform Graph command allows us to generate a visual representation of ideas—either a configuration or an execution plan. So the output of a TerraForm Graph is a dot format, which can be easily converted to an image.

So from this diagram itself, you can easily identify what a Terraform graph does. So at the bottom, you have the provider AWS, and all of the resources associated with AWS are dependent on that. And you also have this nice little dependency graph, which allows us to quickly identify the resources and their associated dependencies. So let's do one thing: let's quickly jump into the practical and look into how we can generate these. So for today's video, I have a file called "graph TF." And this file has three resources. The first resource is the EC-2 instance. The second resource is the elastic IP, and the third resource is the security group. So what we have done is create an elastic IP. Here it gets associated with this EC-2 instance. So only after this EC2 instance gets created will this elastic IP be created. And now you also have a security group.

If you see this security group also has the dependency on the elastic IP, So after Elastic IP gets created, will the security group get created? So the first resource that will be created is the instance. Second would be the elastic IP, and third would be the security group. So although we won't be applying these configurations, we'll look into how exactly we can generate the TerraForm Graph out of it. So from the CLI, let's quickly do a TerraFormGraph, and we'll output it to a file. Let's call it a graph dot. Great. Now if you see that there is a file called "grab dot" that is created, and this is more of a text-based file, so you can easily read it with Notepad or other editors. Now, if you want to convert this into a nice little image, something similar to what we are seeing now, you will need an additional tool. So one of the popular tools here is the Graph Whiz. So this allows you to quickly perform the visualisation as well as the conversion-related aspect. So if you see within here, there are multiple executable packages.

One is for Ubuntu. So in case you have a Ubuntu server, you can install this app, get graphics for Federaland, and for Debian, you have this. Now if you go up and down, you also have some packages for Windows, and you also have some packages for Mac. So what I can suggest for test purposes is that you go ahead and quickly install it on a test server and try it out. So what we'll do is install it on a test server that is based on Red Hat Enterprise. So it's basically an Amazon Linux-based instance where we'll be installing this and looking into how we can convert the dot format to an image. So currently, I'm connected to the CRIF. You want to quickly look into what exactly this is. This is basically an Amazon Linux 2 that is available. So you can either create an Amazon Linux Two instance in AWS or maybe a sentence on other platforms. So now let's go ahead and run this command here. I'll do a yes. Great.

So all the associated packages have been downloaded. Now what we'll do is copy this file, and within the Linux instance, let's go ahead and create a file with the same name, which is Graph. And let me paste the contents here, and I'll go ahead and save this. So this is the dot file. So what we have to do is convert this dot file into an image file. So in order to do that, let's quickly do a cat on Graph. So this will basically show you the contents. And now what we do will be piped to this specific dot package. So this is the dot that got downloaded, and we're converting it to a file called Graph SVG. All right, so when you quickly open up the Graph SVG file over here, again, you see that you have text-based contents. So let me quickly copy this up, let's create a new file called "Graph SVG," and I'll paste the contents. Let me go ahead and see this. Now, from the Windows Explorer, you see that we have a Graph SVG that is available. Let's quickly open this up, and we'll open it up with Google Chrome.

And now, immediately, you see that you have a resource dependency graph where you have a provider, AWS, where you have the EC2 instance that gets created. After EC2, you have the Elastic IP, and after that, you have the Security Group. So that's the high-level overview of the Terraform graph. Now, one more important clarification that I wanted to share is that I could have easily downloaded this specific software in my Windows. And instead of doing that conversion from Linux, I could have easily done it in Windows itself. But since it would have been Windows-centric, I wanted to avoid that. And that is the reason why we included a Linux server where we installed this specific package. We converted our file into an image, we downloaded the SVD code to Windows, and we looked at it in a browser-centric view. So in your case, if you want to do it directly on Windows, you can also install it there, or maybe you can also install it on the Mac Warrior. So that's about it for today's video, and I look forward to seeing you in the next video.

21. Saving Terraform Plan to File

Hey everyone, and welcome back. Now in today's video, we will be discussing saving the TerraForm plan to a file. Now the generated TerraForm plan can also be saved to a specific path in a file. Now this plan can be used with TerraForm to be certain that only the changes that were shown while you were running the TerraForm plan will be applied.

So this is the example syntax where you do a Terraform plan followed by the out and you specify the name of the file where things will be stored. So let's do something; let's directly jump into the practical so that we understand more about it. So for today's video, we have a simple provider section and a resource section, which create an instance. And the instance type is T-2 micro. So now let's go ahead and do a Terraform plan over here. Now, as expected, it will go ahead and create one EC-2 instance of type T-2 micro. Now, at a later stage, let's assume that maybe after three or four days you want to run this exact configuration for creating the resources.

However, in a team-based environment, what happens is that a lot of users keep on committing things, due to which the entire resource and maybe its associated configurations might change. So tomorrow, let's say that someone has changed the instancetype from T-2 micro to T-2 large. So after a few days, when you do a TerraForm plan, the plan will be different than what it used to be earlier. So what you can instead do is go ahead and save this specific plan to a file. So let's clear the screen and say that out is equal to demo path. Great.

So now you see a message stating that this plan was saved to the demo path, and it also states that if you want to apply the plan that was stored in this specific file, you can do a Terraform apply. So now what happens is that even though your TerraForm configuration has been changed, the instance type has changed, a lot of new configurations have been added, and so on, it will not matter because you will be running the TerraForm application from the file that has stored your plan. Now, do note that this demo parts file that was created is a binary file. So it is not a simple text file that you can see right away.

Great. So let me also show you the application aspect here. So you do a Terraform apply followed by the name of the file that contains your plan. So when you do this, it will go ahead and automatically create the EC2 instance that was shown in the plan accordingly. Great. So the instance has now been created, and if you look into the TerraForm state file, let's go a bit down here. The instance type is T-2 micro. So any configuration because here within the main pilot is T two large.

But the instance that was created is T2 micro. So, at a high level for you, I hope you understand exactly what this does. So that's about it. Before concluding, let's go ahead and destroy the resources that were created. Let's say yes. Great. So that's the basics of saving a TerraForm plan to a file. Now, in the organisations that I have been working with, I have not seen this extensively used, but it is important for the exams. So we need to know the basics of it.

HashiCorp Terraform Associate practice test questions and answers, training course, study guide are uploaded in ETE Files format by real users. Study and Pass Terraform Associate HashiCorp Certified: Terraform Associate certification exam dumps & practice test questions and answers are to help students.