Infrastructure as Code

Question 1

Q: What is Infrastructure as Code (IaC)?

Answer 1

A: IaC is the practice of managing and provisioning infrastructure using code instead of manual processes.

Question 2

Q: What are the benefits of IaC?

Answer 2

A: Consistency, repeatability, scalability, faster provisioning, version control, and easier collaboration.

Question 3

Q: What is the difference between declarative and imperative IaC?

Answer 3

A: Declarative defines what the infrastructure should look like (e.g., AWS CloudFormation), while imperative specifies how to build it step by step.

Question 4

Q: What is AWS CloudFormation?

Answer 4

A: A service that allows you to define AWS resources and infrastructure as code using templates.

Question 5

Q: What is a CloudFormation template?

Answer 5

A: A JSON or YAML file that defines resources, configurations, and dependencies for provisioning AWS infrastructure.

Question 6

Q: What is the AWS Cloud Development Kit (CDK)?

Answer 6

A: A framework that allows you to define AWS infrastructure using programming languages like Python, TypeScript, Java, and C#.

Question 7

Q: What are constructs in AWS CDK?

Answer 7

A: High-level components that represent AWS resources and their configurations, simplifying infrastructure code.

Question 8

Q: What is Terraform?

Answer 8

A: An open-source IaC tool that provisions and manages infrastructure across multiple cloud providers using declarative configuration files.

Question 9

Q: What is the role of state in Terraform?

Answer 9

A: Terraform uses a state file to track the current infrastructure and plan changes, ensuring consistency between configurations and deployed resources.

Question 10

Q: What is Ansible, and how does it relate to IaC?

Answer 10

A: Ansible is an open-source tool for configuration management and orchestration, often used alongside IaC tools like Terraform or CloudFormation.

Question 11

Q: What is a CloudFormation stack?

Answer 11

A: A collection of AWS resources managed as a single unit, created and updated using a CloudFormation template.

Question 12

Q: What are StackSets in CloudFormation?

Answer 12

A: A feature that allows you to deploy CloudFormation stacks across multiple AWS accounts and regions.

Question 13

Q: What are parameters in CloudFormation templates?

Answer 13

A: User-defined inputs that customize stack behavior during creation or updates.

Question 14

Q: What are outputs in CloudFormation templates?

Answer 14

A: Values returned after a stack is created, such as resource IDs or endpoints, for use in other stacks or scripts.

Question 15

Q: What is a Change Set in CloudFormation?

Answer 15

A: A preview of changes that will be made to a stack before updating or deleting it.

Question 16

Q: What is drift detection in CloudFormation?

Answer 16

A: A feature that identifies differences between the actual resource configurations and the configuration defined in the template.

Question 17

Q: What is AWS OpsWorks?

Answer 17

A: A configuration management service that uses Chef and Puppet to automate server configuration, deployment, and management.

Question 18

Q: What are cross-stack references in CloudFormation?

Answer 18

A: A way to share resources between CloudFormation stacks using exported output values.

Question 19

Q: What is AWS Service Catalog?

Answer 19

A: A service that enables the creation, management, and governance of pre-approved IaC templates for use across an organization.

Question 20

Q: What are AWS-native tools for IaC?

Answer 20

A: AWS CloudFormation, AWS CDK, and AWS OpsWorks.

Question 21

Q: What are intrinsic functions in CloudFormation?

Answer 21

A: Built-in functions like Fn::GetAtt, Ref, and Fn::Sub used to reference resource attributes, parameters, or strings in templates.

Question 22

Q: What is the difference between Terraform and CloudFormation?

Answer 22

A: Terraform is multi-cloud and open-source, while CloudFormation is AWS-specific and tightly integrated with AWS services.

Question 23

Q: What tools are used to test IaC?

Answer 23

A: Tools like Terratest, AWS CloudFormation Guard, and Checkov are used for validating and testing IaC templates.

Question 24

Q: Why is version control important for IaC?

Answer 24

A: It tracks changes to infrastructure configurations, enables collaboration, and supports rollback in case of issues.

Question 25

Q: Which formats are supported for CloudFormation templates?

Answer 25

A: JSON and YAML.

Question 26

Q: What are the lifecycle stages managed by IaC?

Answer 26

A: Provisioning, configuration, scaling, updates, and decommissioning.

Question 27

Q: Why are IAM roles important for IaC?

Answer 27

A: IAM roles provide secure, fine-grained permissions for provisioning and managing resources programmatically.

Question 28

Q: What are nested stacks in CloudFormation?

Answer 28

A: Stacks created as part of another stack to organize and manage resources hierarchically.

Question 29

Q: What is the CloudFormation Registry?

Answer 29

A: A repository of AWS and third-party resource types available for use in CloudFormation templates.

Question 30

Q: What are best practices for managing state in IaC?

Answer 30

A: Use remote state storage (e.g., S3 for Terraform), enable state locking, and back up state files regularly.

Question 31

Q: How can drift in IaC be prevented?

Answer 31

A: Regularly run drift detection, avoid manual changes, and enforce automated deployments via pipelines.

Question 32

Q: How does IaC integrate with CI/CD pipelines?

Answer 32

A: By automating deployment and updates of infrastructure alongside application code using tools like CodePipeline or Jenkins.

Question 33

Q: What is immutable infrastructure in IaC?

Answer 33

A: An approach where infrastructure changes are made by replacing resources rather than updating them in place.

Question 34

Q: How does IaC enable self-healing infrastructure?

Answer 34

A: By defining health checks, auto-scaling, and automated recovery mechanisms in templates.

Question 35

Q: What are best practices for securing IaC?

Answer 35

A: Use IAM roles, encrypt sensitive data, validate templates, and scan for misconfigurations with tools like Checkov.

Question 36

Q: How can IaC help with cost management?

Answer 36

A: By automating resource provisioning and decommissioning, tagging resources, and enforcing cost optimization policies.

Question 37

Q: What is infrastructure drift?

Answer 37

A: A condition where the actual infrastructure differs from the IaC definition due to manual changes.

Question 38

Q: What are best practices for declarative IaC?

Answer 38

A: Keep templates modular, use parameters, avoid hardcoding values, and version-control everything.

Question 39

Q: Why is documentation important for IaC?

Answer 39

A: It ensures understanding, maintainability, and proper usage of IaC templates across teams.

Question 40

Q: What are stack policies in CloudFormation?

Answer 40

A: Policies that restrict updates to stack resources to protect critical resources from accidental changes.