Consider a CI/CD pipeline that runs Terraform to manage infrastructure. Why is it important to separate the plan and apply stages into different pipeline steps?
Think about safety and control when changing infrastructure.
Separating plan and apply allows teams to review the proposed changes before they are made, reducing the risk of unintended modifications.
In a pipeline, you want to generate a plan file that can be applied later. Which Terraform command correctly creates this plan file?
Look for the command that generates a plan file without applying.
The terraform plan -out=filename command saves the plan to a file for later use with terraform apply.
In a pipeline where plan and apply are separated, what is the behavior if the apply stage runs terraform apply without specifying a saved plan file?
Consider what happens when no plan file is given.
Without a saved plan file, terraform apply creates a new plan and applies it immediately, bypassing any prior review.
You want to share the Terraform plan file generated in the plan stage with the apply stage in a CI/CD pipeline. What is the best practice to securely handle this file?
Think about secure file transfer and access control in pipelines.
Storing the plan file as a pipeline artifact with restricted access and encryption ensures it is securely shared only between pipeline stages.
In a pipeline with separated plan and apply stages, how should Terraform state be managed to ensure consistency and avoid conflicts?
Think about shared access and locking for state files.
Using a remote backend ensures both plan and apply stages access the same state, preventing conflicts and enabling locking.