InterviewStack.io LogoInterviewStack.io

Infrastructure as Code Tool Proficiency (Terraform/CloudFormation/Ansible) Questions

Deep proficiency in at least one IaC tool. For Terraform: understand resources, data sources, variables, outputs, local values, modules, state management, state locking, backend configuration (S3, Terraform Cloud), and best practices (remote state, sensitive variables, module organization). For CloudFormation: understand templates (YAML/JSON), stacks, parameters, conditions, mappings, resources, outputs, and intrinsic functions. For Ansible: understand playbooks, roles, inventory, variables, handlers, and idempotency. Write reusable, maintainable code: modules for Terraform, roles for Ansible. Understand code organization, naming conventions, and team collaboration practices.

EasyTechnical
25 practiced
Describe how to declare and use variables in Terraform (variable blocks, tfvars, environment variables). How do you mark variables as sensitive, and what are the consequences for plan output, logging, and state files? Compare storing secrets in Terraform variables vs using external secret stores like Vault or AWS SSM Parameter Store.
MediumSystem Design
31 practiced
Design a Terraform strategy to manage infrastructure across an AWS Organization of ~50 accounts: include recommended module boundaries (shared VPCs, IAM, platform services), how to structure remote state for each account, cross-account role assumption for automation, and CI/CD considerations (bootstrapping accounts, permissions, and promotion paths).
EasyTechnical
32 practiced
Write an Ansible playbook (YAML) that targets hosts in the 'web' inventory group, installs nginx on Ubuntu, deploys a template file to /etc/nginx/nginx.conf, ensures nginx is enabled and running, and restarts nginx only if the configuration template changed. Keep tasks idempotent and include the handler(s).
MediumTechnical
42 practiced
Design a secure pattern for handling secrets used by Terraform and Ansible in AWS deployments. Cover secret retrieval (such as AWS SSM Parameter Store, Secrets Manager, or HashiCorp Vault), avoiding secret leakage in state or CI logs, and how to integrate short-lived credentials and rotation into CI/CD workflows.
MediumSystem Design
45 practiced
Design a CI/CD pipeline for Terraform deployments (choose a runner like GitHub Actions, GitLab CI, or Jenkins) that enforces: terraform fmt, linting (tflint), a terraform plan on PRs with plan output posted to the PR, policy-as-code checks (OPA or Checkov), and manual approval gates for production applies. Explain credentials handling and separation between plan and apply stages.

Unlock Full Question Bank

Get access to hundreds of Infrastructure as Code Tool Proficiency (Terraform/CloudFormation/Ansible) interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.