Interview Infrastructure as Code (Terraform, Ansible)

What is the creates argument on a command task, and how does it add idempotency?

Infrastructure as Code (Terraform, Ansible) · Intermediate level

Answer

creates is an argument for command or shell-style tasks that tells Ansible to skip the command when a specific file already exists. It adds idempotency for one-time commands such as extracting an archive, initializing a database, or generating a marker after a migration.

Technical explanation

creates is checked before the command runs.

It is useful for marker-file workflows, but the marker must represent the real completed state.

For reversible tasks, removes can be the counterpart guard.

Prefer idempotent modules over shell so repeated runs are safe and change reporting is meaningful.

Separate reusable role logic from inventory-specific variables so the same automation works across environments.

Run lint, syntax checks, check mode where useful, and staged rollouts before production-wide changes.

Hands-on example

1. Make a task idempotent for: What is the creates argument on a command task, and how does it add idempotency?

2. Replace an unsafe command with a module where possible:

- name: Install nginx idempotently

ansible.builtin.package:

name: nginx

state: present

3. If command is unavoidable, add guards:

- name: Initialize application database once

ansible.builtin.command: /opt/app/bin/init-db

args:

creates: /var/lib/app/.db_initialized

register: init_result

changed_when: init_result.rc == 0

4. Run the playbook twice; the second run should report ok rather than changed for already-converged tasks.

Preparing for an interview?

Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.

More Infrastructure as Code (Terraform, Ansible) interview questions

← All Infrastructure as Code (Terraform, Ansible) questions