HashiCorp · Terraform-Associate
Validates knowledge of infrastructure as code concepts and the ability to use HashiCorp Terraform in production, covering resource lifecycle management, HCL configuration, providers and modules, state management, and collaborative workflows with HCP Terraform.
Questions
628
Duration
60 minutes
Passing Score
70%
Difficulty
AssociateLast Updated
Feb 2026
Use this Terraform-Associate practice exam to prepare for HashiCorp Certified: Terraform Associate with realistic questions, detailed explanations, and focused study modes. The practice bank includes 628 questions for HashiCorp Terraform-Associate, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to patterns in your missed answers. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
The HashiCorp Certified: Terraform Associate (004) validates foundational knowledge of infrastructure as code (IaC) using HashiCorp Terraform Community Edition and HCP Terraform. The certification demonstrates that a candidate understands core Terraform concepts including the resource lifecycle, HCL configuration syntax, provider and module usage, state management, and collaborative workflows. Version 004 of the exam covers Terraform 1.12 and introduces updated objectives around lifecycle rules such as `depends_on` and `create_before_destroy`, custom configuration validation conditions, ephemeral values and write-only arguments for sensitive data handling, and HCP Terraform workspace and project organization.
This certification is widely recognized across the cloud and DevOps industry as a benchmark for Terraform proficiency. It is delivered online via Certiverse, proctored remotely, and is valid for two years from the date of passing. Recertification is available by passing the same exam or a higher-level Terraform exam within six months of expiration. The credential includes a digital badge issued through Credly, suitable for sharing on LinkedIn, resumes, and professional profiles.
The Terraform Associate is designed for cloud engineers, DevOps engineers, and infrastructure practitioners who work with or are transitioning into infrastructure automation roles. Candidates are expected to have foundational Terraform skills—either through professional production experience or hands-on work in a personal or demo environment. The exam is appropriate for those in roles such as Cloud Infrastructure Engineer, DevOps Engineer, Site Reliability Engineer, or Platform Engineer who use Terraform to provision and manage cloud or on-premises resources.
Candidates should have basic terminal proficiency and a working understanding of on-premises and cloud architecture. The exam is not intended for complete beginners to cloud infrastructure but is well-suited for those who have completed introductory Terraform tutorials and want to formalize their knowledge with a vendor-recognized credential.
HashiCorp does not mandate formal prerequisites for the Terraform Associate exam, but recommends that candidates possess basic terminal skills and a general understanding of on-premises and cloud architecture prior to sitting the exam. Familiarity with at least one major cloud provider (AWS, Azure, or GCP) and its core services is beneficial, though provider-specific knowledge is explicitly not tested on the exam itself.
Professional experience using Terraform in production is recommended but not required—HashiCorp acknowledges that performing the exam objectives in a personal or demo environment may be sufficient preparation. Candidates should be comfortable reading and writing HCL configuration files, running Terraform CLI commands, and understanding concepts such as state, providers, modules, and the plan/apply workflow before attempting the exam.
The Terraform Associate (004) is a 60-minute, online-proctored exam delivered through the Certiverse platform. The exam consists of approximately 57–60 questions in multiple-choice format, including true/false, single-select, and multi-select question types. The exam is available only in English. The registration fee is $70.50 USD plus applicable taxes and fees.
HashiCorp uses a scaled scoring model and does not publicly disclose the exact number of scored versus unscored items. The passing score is broadly understood to require approximately 70% mastery across all domains. Candidates receive a pass/fail result immediately upon completion, with detailed objective-level performance feedback delivered within approximately 48 hours. The resulting credential is valid for two years.
Earning the Terraform Associate credential positions engineers competitively for roles that require infrastructure automation expertise, including Cloud Infrastructure Engineer, DevOps Engineer, Platform Engineer, and Site Reliability Engineer. According to HashiCorp, 88% of exam takers agree that passing a HashiCorp Associate-level exam makes job candidates more desirable to employers. Terraform's dominant position in the IaC market — used by organizations across every major industry vertical — means the certification is recognized by a broad range of employers and is frequently listed as a preferred or required qualification in infrastructure-related job postings.
The Terraform Associate complements cloud provider certifications (AWS, Azure, GCP) by validating multi-cloud, provider-agnostic infrastructure skills that those vendor-specific certs do not cover. It is commonly pursued alongside or after an associate-level cloud certification to build a well-rounded infrastructure credential profile. For engineers looking to advance further, HashiCorp offers the Terraform Authoring and Operations Professional certification as a logical next step, validating advanced production-level Terraform expertise.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 628 questions.
Preview — answers shown1. An operations engineer needs to retrieve and display output values from a Terraform root module without running a full plan or apply. The outputs are already defined in the configuration and the infrastructure is deployed. Which command should they use? (Select one!)
Explanation
The terraform output command displays output values from the root module based on the current state file. It can display all outputs or a specific output by name without running plan or apply operations. The terraform show command displays the entire state file or saved plan in human-readable format, not specifically formatted outputs. The terraform state show command displays details of a specific resource instance from state, not root module outputs. The terraform get command downloads and updates modules and has no relation to displaying outputs.
2. A development team uses terraform apply to deploy infrastructure changes. The team lead wants to understand the default behavior when running terraform apply without any additional flags or saved plan file. Which two statements accurately describe this default behavior? (Select two!)
Multiple correct answersExplanation
When running terraform apply without arguments, Terraform generates a new execution plan, refreshes state from actual infrastructure, and prompts the user for approval before applying changes, providing an opportunity to review the plan. Terraform also defaults to a parallelism limit of 10 concurrent resource operations unless overridden with the -parallelism flag. Terraform does not automatically apply without confirmation unless the -auto-approve flag is specified. Terraform does not skip the planning phase, as the plan is essential for determining what changes are needed. The refresh behavior is enabled by default but can be disabled with -refresh equals false.
3. A configuration retrieves sensitive credentials from an external data source during terraform apply. The team wants to verify that the retrieved credentials are never displayed in terraform plan or terraform apply output. Which variable or output argument should they use? (Select one!)
Explanation
The sensitive = true argument on variables and outputs prevents values from being displayed in CLI output during plan and apply operations. Terraform masks sensitive values with (sensitive value) placeholders in the console. However, sensitive values are still stored in state files in plaintext. The ephemeral = true argument prevents values from being stored in state but does not specifically control CLI output visibility. There is no write_only argument for variables or outputs; write-only arguments exist only on specific resource arguments. There is no hidden argument in Terraform variable or output configuration.
4. An enterprise uses terraform init with partial backend configuration to avoid storing credentials in version control. Which three methods can provide backend configuration values at initialization time? (Select three!)
Multiple correct answersExplanation
Terraform supports three methods for partial backend configuration: command-line key-value pairs using -backend-config="key=value", external configuration files using -backend-config=path/to/file, and interactive prompts when Terraform detects missing required values. These methods enable teams to keep sensitive backend credentials out of version-controlled configuration files. TF_BACKEND environment variables do not exist for backend configuration. The terraform.tfvars file provides input variable values, not backend configuration. Hardcoding values in the backend block defeats the purpose of partial configuration.
5. A developer writes a Terraform test file to validate that an S3 bucket is created with versioning enabled and the correct bucket name. The test should run an actual apply operation, not just a plan. Which test file configuration accomplishes this requirement? (Select one!)
Explanation
Terraform test files use run blocks with command = apply to execute actual infrastructure changes during tests. The assert blocks validate conditions after the operation completes. This is the correct syntax for testing actual resource creation. The test block is not valid syntax in Terraform test files; the correct block type is run. Using command = plan only validates the plan without creating actual infrastructure, which does not fully test the requirement. Check blocks are used in regular Terraform configurations for runtime validation, not in test files.
$17.99
One-time access to this exam