This article is in the continuation with the 10th article of the series where we are studying about important pointers for Terraform Associate exam. This is definitely going to help you ace the exam and help you pass with flying colors.

Pointer 18 - Accessing Output Values in Modules

The resources defined in a module are encapsulated, so the calling module cannot access their attributes directly.

However, the child module can declare output values to selectively export certain values to be accessed by the calling module.

A module includes a module block like this is the calling module of the child module.

Pointer 19 -Suppressing Values in CLI Output

An output can be marked as containing sensitive material using the optional sensitive argument:

Setting an output value in the root module as sensitive prevents Terraform from showing its value in the list of outputs at the end of terraform apply

Sensitive output values are still recorded in the state, and so will be visible to anyone who is able to access the state data.

Pointer 20 - Module Versions

It is recommended to explicitly constraining the acceptable version numbers for each external module to avoid unexpected or unwanted changes.

Version constraints are supported only for modules installed from a module registry, such as the Terraform Registry or Terraform Cloud's private module registry.

Pointer 21 - Terraform Registry

The Terraform Registry is integrated directly into Terraform.

The syntax for referencing a registry module is


For example hashicorp/consul/aws

Pointer 22 - Private Registry for Module Sources

You can also use modules from a private registry, like the one provided by Terraform Cloud.

Private registry modules have source strings of the following form:


This is the same format as the public registry, but with an added hostname prefix.

While fetching a module, having a version is required.

Pointer 23 - Terraform Functions

The Terraform language includes a number of built-in functions that you can use to transform and combine values.

> max(5, 12, 9)


The Terraform language does not support user-defined functions, and so only the functions built into the language are available for use

Be aware of basic functions like element, lookup.

Pointer 24 - Count and Count Index

The count parameter on resources can simplify configurations and let you scale resources by simply incrementing a number.

In resource blocks where the count is set, an additional count object (count.index) is available in expressions, so that you can modify the configuration of each instance.

Pointer 25 - Find the Issue Use-Case

You can expect use-case with terraform code, and you have to find what should be removed as part of Terraform best practice.

Pointer 26 - Terraform Lock

If supported by your backend, Terraform will lock your state for all operations that could write state.

Terraform has a force-unlock command to manually unlock the state if unlocking failed.

Pointer 27 - Use-Case - Resources Deleted Out of Terraform

You have created an EC2 instance. Someone has modified the EC2 instance manually. What will happen if you do terraform plan yet again?