Interview Infrastructure as Code (Terraform, Ansible)

What are Ansible modules, and why prefer them over shell commands?

Infrastructure as Code (Terraform, Ansible) · Intermediate level

Answer

Ansible modules are reusable units that implement desired-state logic for a target system. I prefer modules over shell because modules understand idempotency, check mode, return values, errors, and platform differences better than hand-written commands.

Technical explanation

Modules return structured JSON results that can be registered and tested.

Modules support check mode and diff mode more reliably than shell.

Purpose-built modules reduce quoting, parsing, and platform portability problems.

Prefer idempotent modules over shell so repeated runs are safe and change reporting is meaningful.

Separate reusable role logic from inventory-specific variables so the same automation works across environments.

Run lint, syntax checks, check mode where useful, and staged rollouts before production-wide changes.

Hands-on example

1. Make a task idempotent for: What are Ansible modules, and why prefer them over shell commands?

2. Replace an unsafe command with a module where possible:

- name: Install nginx idempotently

ansible.builtin.package:

name: nginx

state: present

3. If command is unavoidable, add guards:

- name: Initialize application database once

ansible.builtin.command: /opt/app/bin/init-db

args:

creates: /var/lib/app/.db_initialized

register: init_result

changed_when: init_result.rc == 0

4. Run the playbook twice; the second run should report ok rather than changed for already-converged tasks.

Preparing for an interview?

Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.

More Infrastructure as Code (Terraform, Ansible) interview questions

← All Infrastructure as Code (Terraform, Ansible) questions