How should Terraform state be managed in teams?
Reported in SumUp European engineering loops. Infrastructure as code question around remote state and safety.
Interview scenario
Often asked in SumUp loops at European offices (London, Berlin, Amsterdam, Paris, Stockholm, Dublin, and remote EU). Prepare a clear spoken answer plus key trade-offs.
Model answer
Try answering aloud first
Cover trade-offs, structure, and a concrete example before revealing the baseline response.
How to frame this at SumUp: Connect your answer to measurable impact, clarity of thought, and trade-offs the team cares about. Below is a strong baseline response you can adapt with your own project examples.
Store Terraform state remotely, typically in S3 or similar backend, with locking via DynamoDB or backend-native lock mechanism. This prevents concurrent applies from corrupting state.
Protect state files because they may contain sensitive outputs. Enforce plan-review workflows in CI and separate workspaces or backends for environments to reduce accidental cross-environment changes.
Mention drift detection and periodic terraform plan checks to catch manual infrastructure edits.
Discussion
Comments (0)
Share how this question came up in your loop, or add tips for others preparing.
Log in to comment on this question.