AWS CloudFormation

Question 1

I have a cloud formation templates with both RDS and S3, I want to delete the template but have the data in booth S3 and RDS retained, what options do I have?

Answer 1

Set the deletion policy to retain for S3 and set the deletion policy to snapshot for RDS.

Question 2

What is a cloud formation stack?

Answer 2

It is an entity that is used to create one or more resources inside AWS.

Question 3

What are cloud formation events?

Answer 3

They are part of a stack and are the different events that happen during stack creation.

Question 4

I wnat to receive notifications for a stack, how can I architect this?

Answer 4

You can configure a stack to send a notification to SNS.

Question 5

What does a stack consist of?

Answer 5

• Stack events
• Resources
• Outputs
• Parameters
• Templates

Question 6

What is a logical ID?

Answer 6

This is the id given by the template to the resource, AWS will create a physical resource OD when creating a resource.

Question 7

When you update a resource, either by parameter or template configuration, what are the three update actions that can happen to a resource?

Answer 7

• Update with no interruption
• Update with some interruption
• Replacement

Question 8

What is the changeset?

Answer 8

A changeset is used when updating n a stack, it enables you to see that is been changed form the old stack resource to the new, it also shows you how each resource is been changed.

Question 9

When I am creating a stack, what permissions are used?

Answer 9

The stack will use the permissions of the users creating the stack. But you can create an AWS IAM service role

Question 10

I need to be able to allow a junior to perform stack updates, I do not what to give the junior admin permissions, how can I achieve this?

Answer 10

You can use a stack role to give the stack admin, the admin service rile will be used by the stack to create updated resources, while allowing a junior just enough permissions to access the stack to kick off the update.

Question 11

What is Stackset?

Answer 11

A Stackset enables you to create stacks in the multipal region in multiple accounts.

Question 12

I wnat to use an automated method to enable CloudTrailor AWSConfig in multiple accounts in my organization?

Answer 12

You can create a Stackset and use it to create a stack in a separate account and region.

Question 13

What are a Stackset admin and target account?

Answer 13

The admin account is the account where you are admin the Stackset and the target account is where th estate will be created.

Question 14

If I have a large RTO and I wnat to implement a DR where my infrastructure is recreated in a new region, what are my options?

Answer 14

You could use cloud formation to restore in case of disaster. This could take the form of, a backup and restore, pilot light or warm standby.

Question 15

What is a custom resource?

Answer 15

It is a block in a stack template that reaches out to an external resource (Lambda, SNS) to have something done, after which the external resource calls back.

Question 16

What are the times when a custom resource will execute external resource?

Answer 16

• Created
• Updated
• Deleted

Question 17

When using a custom resource where will you get the response URL?

Answer 17

You get it in the request JSON payload.

Question 18

What is a CustomResource

Answer 18

A CustomResource is a resource in the cloud formation that enables you to call out to an external entity to have some function performed. You can have SNS or Lambda.

Question 19

I have an RDS database and S3 a bucket created with cloud formation, I am deleting the cloud formation, what do I need to set in the CF to ensure RDS DB and S3 bucket is retained?

Answer 19

• Set the DeletePolicy to snapshot the RDS.

- Set the DeletePolicy to retain the S3 bucket.

Question 20

What is a CF UpdatePolicy?

Answer 20

Update policy is a CF attribute for Autoscaling, Lambda: Alais that defines how an Autoscaling group should update,

Question 21

If I am using AutoScalingReplacingUpdate, what will happen?

Answer 21

Autoscaling will create a new group and if all goes good will delete the old one, if not it will roll back and use the existing one. You can decide when the max number of the instance are reached before failover happens.

Question 22

If ai am using AutoScalingRollingUpdate, explain what happens?

Answer 22

Update are preformed in the autoscaling group and updates instances that are in an Auto Scaling group in batches or all at once

Question 23

What are the update policies?

Answer 23

• AutoScalingReplacingUpdate: This will replace the Autoscaling group, but only after it creates the new autoscaling group and verifies good instances.
• AutoScalingRollingUpdate : Will replace the instances one by one in the existing autoscaling group.

Question 24

What is a creation policy?

Answer 24

You associate the policy with a resource to ensure it with on getting a signal cfn_signal before proceeding.

Question 25

What is a deletion policy?

Answer 25

It ensures resources are backed up before deleting, you have the following options,

S3 = retain.

Snapshot for these,

AWS::EC2::Volume

AWS::ElastiCache::CacheCluster

AWS::ElastiCache::ReplicationGroup

AWS::Neptune::DBCluster

AWS::RDS::DBCluster

AWS::RDS::DBInstance

AWS::Redshift::Cluster