You use a Terraform file provisioner to copy a file to a remote VM. What will happen if the destination path points to a directory that does not exist on the remote machine?
provisioner "file" { source = "app.conf" destination = "/etc/myapp/config/" }
Think about how file copying works on remote systems when the target folder is missing.
The file provisioner requires the destination directory to exist. It does not create directories automatically. If the directory is missing, Terraform returns an error.
When does the Terraform file provisioner run during the resource lifecycle?
Consider the order of provisioners in Terraform.
The file provisioner runs immediately after the resource is created, before any remote-exec provisioners run. This allows files to be copied before commands execute remotely.
You need to copy a sensitive configuration file containing secrets to a remote server using the Terraform file provisioner. Which approach best protects the sensitive data during provisioning?
Think about Terraform's sensitive variable feature and how it prevents data exposure.
Marking the file content as a sensitive variable and using the content attribute avoids storing the file on disk and reduces exposure in logs. SSH encrypts data in transit but does not prevent local exposure.
In an immutable infrastructure approach, which statement about using the Terraform file provisioner is correct?
Recall what immutable infrastructure means for resource changes.
Immutable infrastructure means resources are replaced rather than modified. Using file provisioners modifies resources after creation, which breaks immutability principles.
If you update the source file used in a Terraform file provisioner and run terraform apply without changing the resource configuration, what happens?
Think about how Terraform tracks changes and what triggers provisioners.
Terraform does not track changes in local files used by the file provisioner. Without resource configuration changes, it does not re-run provisioners or update remote files.