Eduarn – Online & Offline Training with Free LMS for Python, AI, Cloud & More

Saturday, April 4, 2026

001 - AWS IAM practice set with 50+ questions, tailored for AWS Certified Solutions Architect – Associate

 

001 - AWS IAM practice set with 50+ questions, tailored for AWS Certified Solutions Architect – Associate



AWS IAM Practice Questions – 50+

AWS IAM Sample Questions for SAA-C02

Question 1 – IAM Users & Policies

Q: You have a new developer who needs read-only access to all S3 buckets in your AWS account. Which IAM policy should you attach?
A) AmazonS3FullAccess
B) AmazonS3ReadOnlyAccess
C) AdministratorAccess
D) Create a policy granting only s3:ListBucket

Answer: B) AmazonS3ReadOnlyAccess
Explanation: AmazonS3ReadOnlyAccess provides full read-only access (list and get) to all S3 buckets. AmazonS3FullAccess gives write privileges, which is not needed here.

Question 2 – IAM Roles

Q: You want an EC2 instance to access objects in S3 securely without embedding credentials. What should you use?
A) IAM User with Access Keys
B) IAM Role attached to the EC2 instance
C) Store keys in EC2 environment variables
D) Hardcode credentials in application

Answer: B) IAM Role attached to the EC2 instance
Explanation: IAM Roles allow EC2 instances to assume permissions dynamically, avoiding hard-coded credentials, which is best practice.

Question 3 – IAM Best Practices

Q: Which of the following is a best practice for IAM?
A) Share your root account credentials
B) Use IAM users with MFA enabled
C) Use the same IAM credentials across multiple accounts
D) Create long-term access keys for all users

Answer: B) Use IAM users with MFA enabled
Explanation: Enabling MFA for IAM users enhances account security. Never share root credentials or reuse keys across accounts.

Question 4 – IAM Policies

Q: You want to grant temporary access to an S3 bucket for a third-party vendor for 1 hour. Which service should you use?
A) IAM Users
B) IAM Groups
C) IAM Roles with STS (Security Token Service)
D) Policy attached to Root User

Answer: C) IAM Roles with STS
Explanation: Temporary security credentials via IAM Roles + STS allow secure short-term access without creating permanent IAM users.

Question 5 – IAM Groups

Q: You have 10 developers, and you want them to have the same permissions. Which is the easiest way?
A) Attach individual policies to each user
B) Use an IAM Group with policies attached
C) Share a single IAM User
D) Use root credentials

Answer: B) Use an IAM Group with policies attached
Explanation: IAM Groups simplify permission management for multiple users. Policies attached to a group are automatically applied to all members.

Tips for IAM Section in Exam

  1. Remember the hierarchy: Root account > IAM Users > IAM Groups > IAM Policies > IAM Roles.
  2. Always use roles for AWS services (EC2, Lambda, etc.) instead of embedding credentials.
  3. Temporary credentials (STS) are used for cross-account or third-party access.
  4. MFA + least privilege principle are always best practices.
  5. Know inline vs managed policies and when to use each.

  

Section 1: IAM Basics (1–10)

  1. What is the default permission for a new IAM user?
    • A) Full access
    • B) Read-only
    • C) No access
    • D) Administrator
      Answer: C
  2. True or False: IAM Groups can contain other groups.
    Answer: False
  3. Which is a best practice for using AWS accounts?
    • A) Share root credentials
    • B) Enable MFA for root and users
    • C) Use long-lived access keys
    • D) Avoid IAM roles
      Answer: B
  4. How can an EC2 instance securely access S3?
    • A) Hard-coded keys
    • B) IAM Role attached to EC2
    • C) Root credentials
    • D) Environment variable keys
      Answer: B
  5. True or False: Root account should be used for daily operations.
    Answer: False
  6. What is the primary purpose of IAM?
    • A) Create EC2 instances
    • B) Manage user access & permissions
    • C) Store database credentials
    • D) Monitor CloudWatch logs
      Answer: B
  7. What AWS service provides temporary security credentials?
    • A) CloudTrail
    • B) STS
    • C) CloudWatch
    • D) Config
      Answer: B
  8. You want to allow multiple developers the same permissions. What should you do?
    • A) Assign policies individually
    • B) Use IAM Group
    • C) Share a single IAM user
    • D) Give root access
      Answer: B
  9. True or False: An IAM role can be assumed by a service, a user, or an external account.
    Answer: True
  10. Which is not recommended in IAM best practices?
    • A) Enable MFA
    • B) Use least privilege principle
    • C) Share root credentials
    • D) Rotate access keys
      Answer: C

Section 2: IAM Policies (11–20)

  1. Which policy type can be reused across multiple users?
    • A) Inline
    • B) Managed
    • C) Root policy
    • D) Temporary policy
      Answer: B
  2. True or False: Inline policies are always preferred over managed policies.
    Answer: False
  3. What is the “Effect: Deny” in an IAM policy?
    • A) Grants access
    • B) Explicitly denies access
    • C) Overrides default permissions
    • D) Both B and C
      Answer: D
  4. You want a user to only list S3 buckets. Which action is needed?
    • Answer: s3:ListBucket
  5. You want to restrict access to a specific folder in S3. Which IAM feature helps?
    • Answer: Policy with resource path condition
  6. True or False: Policies attached to IAM groups are automatically applied to users.
    Answer: True
  7. Which AWS feature monitors IAM activity for auditing?
    • Answer: CloudTrail
  8. What is the maximum number of managed policies per IAM user?
    • Answer: 10
  9. Scenario: User has two conflicting policies, one allows s3:DeleteObject and another denies it. What happens?
    • Answer: Deny overrides allow
  10. True or False: You can attach multiple policies to the same IAM role.
    Answer: True

Section 3: IAM Roles & STS (21–30)

  1. How can a third-party vendor get temporary S3 access?
    • Answer: IAM Role + STS
  2. Which is best practice for cross-account Lambda deployment?
    • Answer: IAM Role with STS
  3. What is the default duration of STS temporary credentials?
    • A) 1 hour
    • B) 12 hours
    • C) 36 hours
    • D) 1 hour to 12 hours (varies by role/session)
      Answer: D
  4. True or False: IAM roles are not tied to a specific user.
    Answer: True
  5. You want an EC2 instance to access RDS without hardcoding credentials. How?
    • Answer: Attach an IAM Role to EC2 with necessary permissions
  6. Which service provides temporary credentials for AWS CLI?
    • Answer: STS AssumeRole
  7. True or False: Roles can have trust relationships specifying which entities can assume them.
    Answer: True
  8. Scenario: A role has a trust policy allowing a service to assume it. What else is needed for access?
    • Answer: Permission policy attached to the role
  9. What is the difference between roles and users?
    • Answer: Users have long-term credentials; roles have temporary credentials
  10. How can you audit which role a user assumed?
    • Answer: CloudTrail logs

Section 4: Scenario-Based & Best Practices (31–40)

  1. A user cannot access S3 despite policy. What could be wrong?
    • Answer: Bucket policy denying access
  2. True or False: Always use least privilege principle.
    Answer: True
  3. You need to prevent deletion of all S3 objects. Which IAM policy is needed?
    • Answer: Deny s3:DeleteObject
  4. You want fine-grained access for billing. What IAM policy type is recommended?
    • Answer: AWS-managed Billing policies
  5. How often should IAM access keys be rotated?
    • Answer: Every 90 days
  6. True or False: MFA should be enabled for all privileged IAM users.
    Answer: True
  7. What is a best practice for temporary credentials in CI/CD?
    • Answer: Use IAM Role assumed by pipeline
  8. Scenario: You want a user to access only certain EC2 instances. How?
    • Answer: Policy with Resource ARNs
  9. True or False: Using root account for API calls is recommended.
    Answer: False
  10. You want auditing of all IAM changes. Which services help?
    • Answer: CloudTrail + AWS Config

Section 5: Advanced Scenario Questions (41–50+)

  1. A federated user needs AWS access. Which service is used?
    • Answer: IAM Role with SAML / OIDC
  2. Which IAM feature allows attribute-based access?
    • Answer: IAM Policy Conditions
  3. True or False: Policies with Deny always override Allow.
    Answer: True
  4. How can you allow cross-account S3 access without creating new users?
    • Answer: IAM Role with trust policy
  5. Scenario: An application needs S3 + DynamoDB access. Best approach?
    • Answer: IAM Role with attached policies, assumed by application
  6. You want time-limited access for a contractor. Which approach?
    • Answer: STS temporary credentials
  7. True or False: Managed policies are reusable across multiple accounts via AWS Organizations.
    Answer: True
  8. Which IAM concept allows scalable permission management for multiple users?
    • Answer: IAM Groups
  9. You want to restrict console access for a user but allow API access. How?
    • Answer: Deny aws-portal:* for console access
  10. Scenario: Implement a DevOps pipeline with least privilege. What’s the recommended approach?
    • Answer: Use service roles + temporary credentials, attach only necessary permissions
  11. You want an EC2 instance to write logs to CloudWatch securely. How?
    • Answer: Attach IAM Role with logs:PutLogEvents permission
at 1 comment:
Labels:

Friday, April 3, 2026

Oracle Layoffs 2026: Turn Job Loss into Career Growth with AI, Cloud & DevOps Skills

The recent layoffs at Oracle on March 31, 2026 have impacted many professionals across the globe. While moments like these can feel uncertain, they also present an opportunity to reset, rethink, and rebuild stronger. In today’s fast-changing job market, one thing is clear—job security is no longer tied to a company, but to your skills. Over the past few years, even large organizations have undergone multiple restructuring cycles. This shift highlights an important reality: relying solely on a single job without continuous upskilling can be risky. However, there is a strong positive side. Professionals who actively transition into high-demand domains such as: Artificial Intelligence (AI) Cloud Computing DevOps are seeing 30–50% salary growth and better career opportunities. 💡 Why Upskilling Matters Now ✔️ Demand for AI, Cloud, and DevOps professionals is growing ✔️ Companies are prioritizing skilled talent over tenure ✔️ Faster hiring cycles for job-ready candidates The key is to act quickly and strategically. 🚀 How eduarn.com Supports You At eduarn.com, we focus on helping professionals bounce back stronger through: Hands-on cloud labs and real-world projects Expert-led training in AI, DevOps, and Cloud Corporate and retail training programs Career guidance and community support Our goal is simple: 👉 Help you become job-ready and confident in the shortest time possible ⚠️ A Practical Reminder In today’s private sector: Avoid depending on a single income source Plan financial decisions carefully Always build a backup through skills and continuous learning đŸŽ¯ Final Thought This is not the end of your journey—it’s a new beginning. With the right skills and mindset, you can come back stronger, better, and more valuable in the job market. 👉 Explore training programs: If you need support, guidance, or direction—feel free to reach out. We’re here to help.

 

The recent layoffs at Oracle on March 31, 2026 have impacted many professionals across the globe. While moments like these can feel uncertain, they also present an opportunity to reset, rethink, and rebuild stronger.

In today’s fast-changing job market, one thing is clear—job security is no longer tied to a company, but to your skills.

Over the past few years, even large organizations have undergone multiple restructuring cycles. This shift highlights an important reality: relying solely on a single job without continuous upskilling can be risky.

However, there is a strong positive side.

Professionals who actively transition into high-demand domains such as:

  • Artificial Intelligence (AI)
  • Cloud Computing
  • DevOps

are seeing 30–50% salary growth and better career opportunities.

💡 Why Upskilling Matters Now

✔️ Demand for AI, Cloud, and DevOps professionals is growing
✔️ Companies are prioritizing skilled talent over tenure
✔️ Faster hiring cycles for job-ready candidates

The key is to act quickly and strategically.

🚀 How eduarn.com Supports You

At eduarn.com, we focus on helping professionals bounce back stronger through:

  • Hands-on cloud labs and real-world projects
  • Expert-led training in AI, DevOps, and Cloud
  • Corporate and retail training programs
  • Career guidance and community support

Our goal is simple:
👉 Help you become job-ready and confident in the shortest time possible

⚠️ A Practical Reminder

In today’s private sector:

  • Avoid depending on a single income source
  • Plan financial decisions carefully
  • Always build a backup through skills and continuous learning

đŸŽ¯ Final Thought

This is not the end of your journey—it’s a new beginning.

With the right skills and mindset, you can come back stronger, better, and more valuable in the job market.

👉 Explore training programs:

If you need support, guidance, or direction—feel free to reach out. We’re here to help.

at 1 comment:
Labels: , , , , , , , , , ,

Career Pivot 2028: From DevOps to Agentic AI Systems Engineering

 

DevOps → Agentic AI Systems 2028

Career Pivot 2028: From DevOps to Agentic AI Systems Engineering

The next frontier of engineering isn’t just automation—it’s autonomous intelligence. For DevOps professionals, this means transforming your Kubernetes and CI/CD expertise into agentic orchestration.

At eduarn.com, we help professionals:
✔️ Future-proof their technical authority by bridging DevOps with AI architecture
✔️ Translate legacy infrastructure skills into self-healing, agent-driven ecosystems
✔️ Scale LLM integration and vector databases for high-value AI engineering roles

💡 Why this matters:
1️⃣ Elevate your career with the skills driving 2028’s AI-first infrastructure
2️⃣ Apply proven DevOps fundamentals to agentic orchestration workflows
3️⃣ Expand your professional toolkit with hands-on labs in AI, DevOps, and cloud automation

👉 Explore our multi-cloud labs and corporate training programs: https://www.eduarn.com/multi-cloud-training-lab

Prepare for the high-stakes future of AI systems engineering—before the market does.

#CareerPivot #DevOps #AIEngineering #Kubernetes #LLMIntegration #VectorDB #CloudLabs #Eduarn #CorporateTraining #MultiCloud #FutureSkills #AgenticAI

at No comments:
Labels: , , , , , , , , , , , , ,

Top Terraform + GCP Interview Questions (With Detailed Answers, Code & Use Cases) By EduArn

 

Mastering Terraform on Google Cloud Platform is not just about theory—it’s about real implementation.

At eduarn.com, we train learners using hands-on cloud labs + real enterprise scenarios across DevOps, AI, and Cloud.

Top Terraform + GCP Interview Questions (With Detailed Answers, Code & Use Cases) By EduArn

🔹 1. What is Terraform? (Deep Answer + Use Case)

Terraform is a declarative Infrastructure as Code (IaC) tool. You define what infrastructure you want, and Terraform figures out how to create it.

✅ Use Case:

Provision a VM for a training lab automatically for 50 students.

resource "google_compute_instance" "vm" {
  name         = "training-vm"
  machine_type = "e2-medium"
  zone         = "us-central1-a"

  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-11"
    }
  }

  network_interface {
    network = "default"
    access_config {}
  }
}

🔹 2. What is Terraform State? Why is it Critical?

Terraform state (terraform.tfstate) tracks:

  • What resources exist
  • Their configuration
  • Their current status

⚠️ Problem Without State:

Terraform may recreate resources → data loss risk

✅ Best Practice (Remote State in GCP):

terraform {
  backend "gcs" {
    bucket  = "my-terraform-state-bucket"
    prefix  = "training/env"
  }
}

👉 Used in teams to avoid conflicts + enable locking

🔹 3. count vs for_each (With Real Scenario)

❌ count (index-based)

resource "google_storage_bucket" "buckets" {
  count = 3
  name  = "bucket-${count.index}"
}

✅ for_each (preferred)

variable "users" {
  default = ["user1", "user2"]
}

resource "google_storage_bucket" "buckets" {
  for_each = toset(var.users)
  name     = "bucket-${each.key}"
}

👉 Use Case:
Creating lab resources per student with unique names.

🔹 4. What are Modules? (Enterprise Use)

Modules = reusable Terraform code blocks.

✅ Example:

module "vm" {
  source = "./modules/vm"
  name   = "trainer-vm"
}

👉 Use Case at eduarn.com:

  • Reusable modules for:
    • VM labs
    • IAM setup
    • Networking

👉 Reduces duplication across corporate batches

🔹 5. IAM Role Assignment (Real Scenario)

đŸŽ¯ Requirement:

Assign “viewer” role to all students in a batch.

resource "google_project_iam_binding" "students" {
  project = "my-project"
  role    = "roles/viewer"

  members = [
    "user:user1@gmail.com",
    "user:user2@gmail.com"
  ]
}

👉 Use Case:

  • Controlled access to labs
  • Avoid giving admin permissions

🔹 6. Service Accounts (Important in DevOps)

Service accounts are used by applications—not humans.

resource "google_service_account" "app" {
  account_id   = "app-sa"
  display_name = "App Service Account"
}

👉 Use Case:

  • CI/CD pipelines
  • Automation scripts

🔹 7. Variables & Dynamic Config

variable "machine_type" {
  default = "e2-medium"
}
machine_type = var.machine_type

👉 Use Case:

  • Same code for dev, test, prod
  • Change config without rewriting code

🔹 8. Outputs (Important in Automation)

output "vm_ip" {
  value = google_compute_instance.vm.network_interface[0].access_config[0].nat_ip
}

👉 Use Case:

  • Share VM IP with learners
  • Integrate with LMS

🔹 9. Dependency Handling

resource "google_compute_instance" "vm" {
  depends_on = [google_service_account.app]
}

👉 Ensures:

  • Service account created before VM

🔹 10. Workspaces (Multi Environment)

terraform workspace new dev
terraform workspace new prod

👉 Use Case:

  • Separate environments for:
    • Training
    • Demo
    • Production

🔹 11. Secret Management (Critical)

❌ Avoid:

password = "123456"

✅ Use:

  • Environment variables
  • Secret Manager

👉 Prevents security risks

🔹 12. Real Training Use Case (End-to-End)

At eduarn.com, we use Terraform to:

✔️ Create 50+ users
✔️ Assign IAM roles
✔️ Provision lab VMs
✔️ Share access instantly

👉 Result:

  • Lab ready in < 1 hour
  • Zero manual effort
  • Consistent environment

🌐 Explore Our Cloud Labs

👉 https://www.eduarn.com/multi-cloud-training-lab

  • Multi-cloud environments
  • DevOps + AI labs
  • Corporate-ready infrastructure 


 

đŸŽ¯ Final Thought

In interviews, don’t just answer:
👉 “What is Terraform?”

Instead explain:
✔️ How you used it
✔️ What problem it solved
✔️ What impact it created

That’s what makes you stand out.

đŸ’Ŧ If you want real-time lab practice + interview prep, feel free to connect.

#Terraform #GCP #DevOps #Cloud #InterviewPrep #InfrastructureAsCode #Eduarn #CloudLabs

at No comments:
Labels: , , , , , , , , , , ,
Location: Hyderabad, Telangana, India

Thursday, April 2, 2026

Automating GCP User Creation with Terraform for Training Labs (Step-by-Step Guide) By EduArn

 

Automating GCP User Creation with Terraform for Training Labs (Step-by-Step Guide) By EduArn

Automating GCP User Creation with Terraform (For Training & Lab Environments)

Managing users manually in Google Cloud for training programs doesn’t scale—especially when you’re handling 10, 50, or 100+ learners.

At eduarn.com, we faced the same challenge while delivering retail and corporate training with hands-on labs. The solution?

👉 Infrastructure as Code using Terraform

This post walks you through a practical, working approach to:

  • Create multiple users (1 → N)
  • Assign IAM roles (Coordinator / Trainer access)
  • Attach users to groups
  • Enable seamless lab access

🧠 Why This Matters for Training Companies

When running cloud labs:

  • Every learner needs controlled access
  • Permissions must be secure and temporary
  • Manual setup = errors + delays

Using Terraform with Google Cloud Platform:
✔️ Automates onboarding
✔️ Ensures consistency
✔️ Reduces operational effort by 80%

⚙️ Architecture Overview

We follow this structure:

  • Users (Google Workspace / Cloud Identity)
  • Groups (e.g., training-batch@domain.com)
  • IAM Roles (Viewer / Editor / Custom Coordinator Role)
  • Terraform for automation

🛠️ Step 1: Prerequisites

  1. GCP Project created
  2. Billing enabled
  3. Cloud Identity / Workspace configured
  4. Install Terraform
  5. Enable APIs:
    • Cloud Identity API
    • IAM API

📁 Step 2: Terraform Provider Setup

provider "google" {
  project = "your-project-id"
  region  = "us-central1"
}

provider "googleworkspace" {
  customer_id = "your-customer-id"
}

đŸ‘Ĩ Step 3: Create Users (1 → N)

Define users dynamically:

variable "users" {
  type = list(object({
    first_name = string
    last_name  = string
    email      = string
    password   = string
  }))
}

Example input:

users = [
  {
    first_name = "John"
    last_name  = "Doe"
    email      = "john@yourdomain.com"
    password   = "TempPass123!"
  },
  {
    first_name = "Jane"
    last_name  = "Smith"
    email      = "jane@yourdomain.com"
    password   = "TempPass123!"
  }
]

Create users:

resource "googleworkspace_user" "users" {
  for_each = { for user in var.users : user.email => user }

  primary_email = each.value.email
  password      = each.value.password

  name {
    given_name  = each.value.first_name
    family_name = each.value.last_name
  }
}

👨‍👩‍👧 Step 4: Create Group (Batch ā¤†ā¤§ाā¤°िā¤¤)

resource "googleworkspace_group" "training_group" {
  email       = "batch1@yourdomain.com"
  name        = "Training Batch 1"
  description = "Group for training participants"
}

➕ Step 5: Add Users to Group

resource "googleworkspace_group_member" "members" {
  for_each = googleworkspace_user.users

  group_id = googleworkspace_group.training_group.id
  email    = each.value.primary_email
  role     = "MEMBER"
}

🔐 Step 6: Assign IAM Role (Coordinator Access)

Example: Assign Viewer or Custom Role

resource "google_project_iam_binding" "binding" {
  project = "your-project-id"
  role    = "roles/viewer"

  members = [
    for user in googleworkspace_user.users :
    "user:${user.primary_email}"
  ]
}

👉 You can replace with:

  • roles/editor
  • roles/owner
  • Custom Coordinator Role

▶️ Step 7: Run Terraform

terraform init
terraform plan
terraform apply

✅ Users created
✅ Group assigned
✅ IAM roles attached

đŸ§Ē Real Use Case: Training & Lab Providers

At eduarn.com, we use this model to:

✔️ Create users for each training batch
✔️ Assign controlled lab access
✔️ Integrate with LMS + cloud labs
✔️ Auto-expire or revoke access post training

đŸĸ Vendor & Corporate Training Model

For enterprise clients:

  • Separate project per batch/client
  • Group-based access control
  • Temporary credentials
  • Audit + tracking enabled

👉 Vendors get:

  • Pre-configured environments
  • No manual setup
  • Instant lab readiness

đŸŽ¯ Best Practices

✔️ Use groups instead of individual IAM assignments
✔️ Implement least privilege access
✔️ Rotate or expire credentials
✔️ Use separate projects for isolation
✔️ Automate cleanup after training

💡 Final Thought

The future of training is not just content—it’s experience + infrastructure.

If you can:

  • Deliver training
  • Provide hands-on labs
  • Automate onboarding

👉 You create a premium learning ecosystem

That’s exactly what we’re building at eduarn.com—bridging learning + real-world practice at scale.

If you want a ready-to-use Terraform repo or lab architecture for your training company, feel free to connect.

#Terraform #GCP #CloudTraining #DevOps #InfrastructureAsCode #EdTech #CorporateTraining #Eduarn

at 6 comments:
Labels: , , , , , , , , ,
Location: Hyderabad, Telangana, India

Terraform Modules in Azure: Step-by-Step Guide with Count, for_each & YAML Examples

 

Terraform Modules in Azure: Step-by-Step Guide with Count, for_each & YAML Examples By EduArn.com

Introduction

In modern cloud environments, writing reusable and scalable infrastructure is critical. Using Terraform with Microsoft Azure, you can achieve this efficiently through Terraform modules.

This blog provides:
✅ Simple module example
count implementation
for_each implementation
✅ YAML-based configuration
✅ Fully working step-by-step code

đŸ“Ļ Step 1: Simple Terraform Module (Basic Example)

📁 Folder Structure

project/
├── main.tf
├── provider.tf
└── modules/
    └── rg/
        ├── main.tf
        ├── variables.tf
        └── outputs.tf

🔹 Module Code

modules/rg/main.tf

resource "azurerm_resource_group" "rg" {
  name     = var.rg_name
  location = var.rg_location
}

modules/rg/variables.tf

variable "rg_name" {
  type = string
}

variable "rg_location" {
  type = string
}

modules/rg/outputs.tf

output "rg_name" {
  value = azurerm_resource_group.rg.name
}

🔹 Root Module

provider.tf

provider "azurerm" {
  features {}
}

main.tf

module "rg" {
  source = "./modules/rg"

  rg_name     = "demo-rg"
  rg_location = "eastus"
}

▶️ Run

terraform init
terraform plan
terraform apply

🔁 Step 2: Using count in Module (Multiple Resources)

variable "rg_names" {
  default = ["rg-dev", "rg-test", "rg-prod"]
}

module "rg" {
  source = "./modules/rg"

  count       = length(var.rg_names)
  rg_name     = var.rg_names[count.index]
  rg_location = "eastus"
}

👉 Creates:

  • rg-dev
  • rg-test
  • rg-prod

🔄 Step 3: Using for_each (Recommended)

variable "rgs" {
  default = {
    dev  = "rg-dev"
    test = "rg-test"
    prod = "rg-prod"
  }
}

module "rg" {
  source = "./modules/rg"

  for_each = var.rgs

  rg_name     = each.value
  rg_location = "eastus"
}

📤 Output

output "rg_names" {
  value = {
    for key, mod in module.rg :
    key => mod.rg_name
  }
}

🧾 Step 4: Using YAML Configuration (Advanced)

📁 config.yaml

resource_groups:
  dev: rg-dev
  test: rg-test
  prod: rg-prod

🔹 Terraform Code

locals {
  config = yamldecode(file("${path.module}/config.yaml"))
}

module "rg" {
  source = "./modules/rg"

  for_each = local.config.resource_groups

  rg_name     = each.value
  rg_location = "eastus"
}

🧠 Key Concepts

FeatureUse
Module        Reusable code
count        Simple iteration
for_each        Map-based iteration
YAML        External config

⚖️ Count vs for_each

Feature    count            for_each
Input    List            Map
Stability   ❌ Index-based            ✅ Key-based
Recommended  ⚠️ Limited            ✅ Yes

đŸŽ¯ Best Practices

  • Use modules for reusable design
  • Prefer for_each over count
  • Use YAML for external configuration
  • Keep modules small and focused
  • Avoid hardcoding values

🎓 Learn with Eduarn

At Eduarn, we provide hands-on training on:

  • Terraform
  • Microsoft Azure

✔ Real-time projects
✔ Corporate training
✔ Job-oriented learning

👉 Visit: https://eduarn.com

🚀 Conclusion

Terraform modules are essential for building scalable, reusable, and production-ready infrastructure.

By mastering:

  • Basic modules
  • count
  • for_each
  • YAML configs

👉 You become a real-world DevOps engineer

đŸ”Ĩ Hashtags

#Terraform #Azure #DevOps #InfrastructureAsCode #CloudAutomation #TerraformModules #EduArn

at No comments:
Labels: , , , , , ,
Location: Hyderabad, Telangana, India
Subscribe to: Comments (Atom)

001 - AWS IAM practice set with 50+ questions, tailored for AWS Certified Solutions Architect – Associate

  AWS IAM Practice Questions – 50+ AWS IAM Sample Questions for SAA-C02 Question 1 – IAM Users & Policies Q: You have a new develop...