Study HashiCorp Terraform 004 Resources and Data Sources: key concepts, common traps, and exam decision cues.
This is one of the most common Terraform Associate trap areas. The exam wants you to keep a clear line between what Terraform manages and what Terraform only reads.
| Block type | Main job |
|---|---|
resource |
declare an object Terraform should manage |
data |
read information about something that already exists |
| reference | connect one part of configuration to another value |
| Reference use | What it gives Terraform |
|---|---|
| one resource reads another resource’s attribute | value flow and often inferred dependency |
| output exposes a resource attribute | reusable exported value |
| data source reads an existing object | read-only information for configuration logic |
| Trap | Better rule |
|---|---|
| using a data source when Terraform should create or manage the object | data sources read; they do not own |
| using a resource when the object already exists only for lookup | not every object in a config should be created there |
| treating references like comments | references often influence Terraform’s graph and value flow |
Configuration questions usually test whether Terraform should create something or just read it. Use resource blocks for managed objects. Use data blocks for lookups of existing objects. Then use references to connect values cleanly so Terraform can also infer dependencies. The exam often hides the answer in that manage-versus-read distinction.