TerrafromForAzureSQL- Interview Questions

 

1. What is Terraform and why is it used in Azure?

Answer:
 Terraform, developed by HashiCorp, is an open-source Infrastructure as Code (IaC) tool that allows you to define and manage cloud resources using code instead of manual configuration. When used with Microsoft Azure, Terraform enables automated provisioning of infrastructure such as virtual machines, networks, and storage, making deployments faster and more efficient. 

Its key advantages include automation (reducing manual effort and errors), consistency (ensuring identical environments across development, testing, and production), version control (tracking infrastructure changes through code repositories), and scalability (easily managing large and complex setups). 

Additionally, Terraform supports multi-cloud environments, allowing organizations to work across different cloud providers while maintaining a unified approach to infrastructure management.

2. What is Infrastructure as Code (IaC)?

Answer:
 IaC means managing infrastructure using code instead of manual processes.

👉 Benefits:

  • Version control

  • Repeatability

  • Automation (important for DB environments)

3. What is a Terraform Provider?

Answer:
 A provider is a plugin that allows Terraform to interact with APIs. Providers are a logical abstraction of an upstream API. They are responsible for understanding API interactions and exposing resources.

Get all Providers list from : https://registry.terraform.io/browse/providers

👉 Example:

  • Microsoft Azure provider (azurerm) is used for Azure resources.

  • Amazon AWS provider (aws) is used for AWS resources.

  • Google Cloud provider (google) is used for GCP.

4. What is a Terraform Resource?

Answer:
 A resource represents a component of infrastructure.

👉 Example (Azure SQL Server):

  • Azurerm_mssql_server: Used to create a DB Server in Azure 

  • Azurerm_mssql_database: USed to create a Database in Azure.

5. What is Terraform State?

Answer:
 Terraform state is a file (terraform.tfstate) that tracks:

  • What resources exist

  • Their configurations

  • Their current state

👉 Important for DBAs:

  • Prevents duplicate SQL servers

  • Tracks database provisioning

Very Important Question: Explain Terraform Execution Workflow

Typical Terraform workflow:

  1. terraform init → Initialize project

  2. terraform plan → Preview changes

  3. terraform apply → Create/update resources

  4. terraform destroy → Remove infrastructure

6. What is terraform init?

Answer:
 Initializes a Terraform project: The terraform init command is the first step in working with Terraform, developed by HashiCorp, and is used to initialize a working directory containing Terraform configuration files. 

When you run this command, Terraform prepares the environment by downloading the required provider plugins (such as the one for Microsoft Azure), setting up the backend for storing the state file (locally or remotely), and initializing any referenced modules. 

It essentially ensures that all dependencies and configurations needed to manage infrastructure are in place before any execution begins. This step is important because it guarantees consistency and compatibility by locking provider versions and preparing the workspace, allowing subsequent commands like terraform plan and terraform apply to run smoothly without errors.

  • Downloads providers

  • Prepares backend

7. What is terraform plan?

Answer:
 Shows what Terraform will do before execution. The terraform plan command is used to preview the changes that will be made to your infrastructure before actually applying them. It compares your current configuration files with the existing infrastructure (tracked in the state file) and generates an execution plan showing what actions Terraform will take—such as creating, updating, or deleting resources in platforms like Microsoft Azure. 

This step is crucial for avoiding unexpected changes, as it allows you to review and verify everything beforehand, ensuring accuracy and reducing risk. In simple terms, terraform plan acts as a safety checkpoint, giving you a clear, detailed summary of intended modifications so you can confidently proceed with terraform apply.

Example:

  • Create SQL DB

  • Modify firewall rules

8. What is terraform apply?

Answer:
 Executes the changes and provisions infrastructure. The terraform apply command in Terraform, is used to execute the changes defined in your configuration files and confirmed during the planning phase. It takes the execution plan generated earlier and provisions, updates, or modifies infrastructure resources accordingly in platforms like Microsoft Azure. 

During this process, Terraform interacts with the provider APIs to create or adjust resources such as virtual machines, networks, or storage accounts, and then updates the state file to reflect the current infrastructure. This command is essential for turning your infrastructure code into actual deployed resources in a controlled and automated way.

9. What is terraform destroy?

Answer:
 Deletes all managed infrastructure. The terraform destroy command is used to safely remove all the infrastructure resources that Terraform has created and is managing. It reads the state file to identify those resources and then deletes them in the correct order to avoid dependency issues. 

This is especially useful in scenarios like cleaning up test environments, reducing costs, or resetting infrastructure. Similar to terraform plan, Terraform shows a preview of what will be destroyed before execution, giving you a chance to confirm the action and prevent accidental deletion of critical resources.

⚠️ Important for DBAs:

  • Can delete production databases → use carefully

10. What is HCL (HashiCorp Configuration Language)?

Answer:
 Terraform uses HCL, a declarative language written in GO language. 

👉 Example:

resource "azurerm_mssql_database" "db" {

 name = "mydb"

}

11. How do you deploy Azure SQL Server using Terraform?

Answer:
 You define:

  • Resource Group

  • SQL Server

  • SQL Database

👉 Key resources:

  • azurerm_resource_group

  • azurerm_mssql_server

  • azurerm_mssql_database

12. How do you handle sensitive data (passwords)?

Answer:
 Use:

  • Variables with sensitive = true

  • Azure Key Vault

👉 Example:

  • Store SQL admin password securely

13. What is Terraform Backend?

Answer:
 Backend stores state remotely. A Terraform Backend is a configuration that defines where and how Terraform stores its state file, which keeps track of all the infrastructure managed by Terraform. In Terraform, the state file is critical because it maps your configuration to real-world resources.

 By default, Terraform uses a local backend, storing the state file on your machine, but in real-world scenarios—especially when working with cloud platforms like Microsoft Azure—a remote backend is preferred for better collaboration and security. 

Remote backends (such as Azure Storage, AWS S3, or Terraform Cloud) allow teams to share a centralized state file, enable state locking to prevent concurrent changes, and provide enhanced security and backup options. Using a backend ensures that your infrastructure state is consistent, accessible, and protected, which is essential for reliable and scalable infrastructure management.

👉 Azure example:

  • Azure Storage Account

Benefits:

  • Team collaboration

  • State locking

14. What is State Locking?

Answer:
 Prevents multiple users from modifying infrastructure simultaneously. State Locking in Terraform, is a mechanism that prevents multiple users or processes from modifying the same Terraform state file at the same time. 

Since the state file represents the current infrastructure, concurrent updates could lead to conflicts, corruption, or unintended changes. State locking ensures that when one user runs commands like terraform apply or terraform destroy, the state file is “locked,” blocking others from making changes until the operation is complete. 

This is especially important when using remote backends with platforms like Microsoft Azure, where teams collaborate on shared infrastructure. Backends such as Azure Storage automatically support state locking, ensuring safe, consistent, and conflict-free infrastructure updates.

👉 Important for DBAs managing shared environments.

15. What are Terraform Variables?

Answer:
 Used to parameterize configurations. Terraform Variables in Terraform, are used to make configurations flexible, reusable, and environment-independent. Instead of hardcoding values (like resource names, locations, or credentials), variables allow you to pass inputs dynamically at runtime or through separate files. 

This is especially useful when deploying resources in Microsoft Azure, where the same infrastructure (e.g., a SQL Managed Instance) may differ slightly across development, testing, and production environments.

👉 Example:

Best Practice for Production environment:

1. Never Hardcode Secrets

  • Avoid putting passwords in .tfvars files

  • Use:

    • Azure Key Vault

    • Environment variables (TF_VAR_admin_password)

2. Use Separate Variable Files per Environment

  • dev.tfvars

  • qa.tfvars

  • prod.tfvars

Run like:

terraform apply -var-file="prod.tfvars"

3. Use Default Values Carefully

  • Provide defaults only for non-sensitive, common values

  • Avoid defaults for:

    • Passwords

    • IDs

    • Critical configs

4. Mark Sensitive Variables

sensitive = true

  • Prevents exposure in logs and CLI output

5. Follow Naming Conventions

  • Use clear, consistent naming:

    • env, region, app_name

  • Helps in large-scale infrastructure

6. Validate Inputs

Use validation rules:

variable "location" {

 type = string

 validation {

   condition     = contains(["East US", "West Europe"], var.location)

   error_message = "Invalid Azure region"

 }

}

 7. Use Variable Groups or Modules

  • Group related variables logically

  • Pass variables into reusable modules

8. Combine with Remote Backend

  • Store state securely (e.g., Azure Storage)

  • Enable team collaboration and state locking



16. What are Outputs?

Answer:
 Return values after deployment. Terraform Outputs in Terraform are used to display or expose important values after infrastructure is created or updated. These values can include resource IDs, IP addresses, connection strings, or any attribute of resources deployed in platforms like Microsoft Azure. 

Outputs make it easier to retrieve key information without manually searching in the cloud portal and are also useful for passing data between modules or integrating with other tools.

👉 Example:

  • SQL Server FQDN

  • Connection string

17. What are Modules?

Answer:
Reusable Terraform code blocks. Terraform Modules in Terraform, developed by HashiCorp, are reusable containers of configuration that allow you to organize and standardize infrastructure code. 

A module can include resources, variables, and outputs, and is used to avoid duplication by defining infrastructure once and reusing it across multiple environments or projects. When working with platforms like Microsoft Azure, modules are especially valuable for creating consistent deployments of common components such as virtual networks, virtual machines, or SQL Managed Instances.

👉 Example:

  • Module for SQL Server setup

  • Module for database + firewall rules

Calling a module example:

18. How do you manage multiple environments (Dev/Test/Prod)?

Answer:
 Use:

  • Workspaces

  • Separate state files

  • Variable files (.tfvars)

19. How do you implement high availability for Azure SQL using Terraform?

Answer:
 Use:

  • Geo-replication

  • Failover groups (azurerm_mssql_failover_group)

👉 DBA relevance:

  • Disaster recovery automation

20. How do you automate backups in Azure SQL with Terraform?

Answer:
 Azure SQL handles backups automatically, but Terraform can configure:

  • Retention policies

  • Long-term backup retention (LTR)

21. How do you manage firewall rules for SQL Server?

Answer:
 Use:

azurerm_mssql_firewall_rule

👉 Important:

  • Allow specific IPs

  • Secure DB access

22. How do you handle schema or data changes in Terraform?

Answer:
 Terraform is NOT for:

  • Schema changes

  • Data manipulation

👉 Use:

  • SQL scripts

  • CI/CD pipelines

23. What is depends_on in Terraform?

Answer:
 Explicit dependency definition.

👉 Example:

  • DB depends on SQL Server

24. What is drift in Terraform?

Answer:
 When actual infrastructure differs from Terraform state.

👉 Example:

  • Someone deletes DB manually in Azure Portal

Solution:

  • Run terraform plan to detect drift

25. How do you integrate Terraform with CI/CD for DB deployments?

Answer:
 Use:

  • Azure DevOps / GitHub Actions

Pipeline steps:

  1. terraform init

  2. terraform plan

  3. Approval

  4. terraform apply

👉 DBA advantage:

  • Automated DB provisioning

  • Controlled releases

Most Common tricky question:

👉 “Can Terraform manage SQL schema?”
 ✔️ Correct answer: No, it manages infrastructure, not data/schema

Comments

Post a Comment

Popular posts from this blog

SQL Server Installation Best Practices: Before and After Setup Checklist

Today, I’m sharing a comprehensive checklist of SQL Server installation best practices that can be followed during a new deployment. Although this guide does not cover every possible configuration, following these steps will help ensure a secure, high-performing, and production-ready SQL Server environment. This checklist will be updated regularly as best practices evolve. 1.       First, verify that provided Host environment matches with the request sheet provided to Infra Team such as 1.1.   Host Operating system version 1.2.   Number and size of Disk Drives. 1.3.   RAM. 1.4.   Firewall settings, etc 2.       Patch the host server system OS to latest stable available patch to have best performance and security in place. 3.       Patch the SQL Server OS with latest stable CU and GDR . Use below link to check the latest SQL server patches. In general, industry wide (N-1) is used i...
Read more

How to Download and Install SQL Server 2025 (Step-by-Step Guide)

Image
 Hi All, Microsoft has finally released SQL Server 2025 for general availability which they call as "AI-ready Enterprise Database" is fully loaded with AI capabilities and cloud integration for seamless availability. Today let's learn how we can download and install it for completely free and do some hands on. SQL Server 2025 General Availability Screen SQL Server 2025 system requirements :  Before we start and  download the setup , we must have a look at the Prerequisites or the minimum requirement for installation, which as below.  Hardware Requirements:  The hardware needs vary significantly between the lightweight Express edition and the more robust Standard/Enterprise editions. Component Minimum Requirement Recommended Specification Processor x64 Processor, 1.4 GHz 2.0 GHz or faster (Multi-core) Memory (Express) 512 MB 1 GB or more Memory (Other) 1 GB 4 GB to 16 GB+ (scales with data) Hard Disk Space 6 GB available space 20 GB+ (SSD recommended) Display S...
Read more

SQL Server Performance Optimization Who Is Responsible — DBA, Database Designer, or Developer

SQL Server performance optimization is one of the most debated topics in database management. When performance issues arise, the first question teams ask is: Who is responsible for SQL Server performance — the DBA, the database designer, or the developer? and the general obvious answer is a DBA . But a little reverse engineering will make it clear that a poor DB design and a poorly written code will never make a Database efficient even if a DBA gives it best. Hence the short answer is, everyone shares responsibility, but at different stages and in different ways. Why SQL Server Performance Optimization Is a Shared Responsibility? SQL Server performance is not a single task handled by one role. It is the outcome of design decisions, coding practices, configuration choices, and ongoing maintenance. Poor performance rarely comes from one mistake — it’s usually the result of gaps across multiple roles. Let’s break it down clearly. Role of the Database Designer ...
Read more