AWS CloudFormation

Question 1

What is AWS CloudFormation?

Answer 1

A service that allows you to model, provision, and manage AWS resources using templates as code (JSON/YAML).

Question 2

What is a CloudFormation template?

Answer 2

A JSON or YAML file that defines AWS resources and their configurations.

Question 3

What are the main sections of a CloudFormation template?

Answer 3

AWSTemplateFormatVersion, Description, Parameters, Mappings, Conditions, Resources, Outputs.

Question 4

What is an AWS CloudFormation stack?

Answer 4

A collection of AWS resources created and managed as a single unit from a template.

Question 5

What is a change set in CloudFormation?

Answer 5

A summary of proposed changes to a stack before applying them, allowing preview before execution.

Question 6

What are Parameters used for in a template?

Answer 6

To pass input values to a template, allowing dynamic configuration at stack creation or update.

Question 7

What are Mappings in CloudFormation?

Answer 7

Fixed key-value pairs (like region-specific AMI IDs) used for lookups in templates.

Question 8

What are Conditions in CloudFormation?

Answer 8

Logical statements that control resource creation or configuration based on parameter values.

Question 9

What are Outputs in CloudFormation?

Answer 9

Values that you can export from one stack to reference in another stack or for end-user information.

Question 10

What is the DependsOn attribute used for?

Answer 10

To specify resource creation order when dependencies exist between resources.

Question 11

How do you manage resources across multiple stacks?

Answer 11

Using nested stacks, which allow one stack to reference another stack as a resource.

Question 12

What is the difference between UpdatePolicy and DeletionPolicy?

Answer 12

UpdatePolicy manages how a resource updates (e.g., rolling updates for Auto Scaling), while DeletionPolicy controls resource deletion behavior (retain, delete, snapshot).

Question 13

Name some common resource types in CloudFormation.

Answer 13

AWS::EC2::Instance, AWS::S3::Bucket, AWS::IAM::Role, AWS::RDS::DBInstance, AWS::Lambda::Function.

Question 14

What are the main CloudFormation stack operations?

Answer 14

Create, Update, Delete, and Rollback.

Question 15

What is a stack drift?

Answer 15

When actual resources differ from the template definition. Detected via stack drift detection.

Question 16

How can you import existing resources into CloudFormation?

Answer 16

Using resource import, which allows adding existing AWS resources to a stack without replacement.

Question 17

What is the difference between ROLLBACK and UPDATE_ROLLBACK?

Answer 17

ROLLBACK occurs after a failed stack creation, while UPDATE_ROLLBACK occurs after a failed stack update.

Question 18

What is CloudFormation StackSets?

Answer 18

A way to deploy stacks across multiple AWS accounts and regions from a single template.

Question 19

What is intrinsic function !Ref?

Answer 19

Returns the value of a parameter or the physical ID of a resource.

Question 20

What is intrinsic function !GetAtt?

Answer 20

Retrieves an attribute value (like DNSName) of a resource.

Question 21

Name some other common intrinsic functions.

Answer 21

!Join, !Sub, !ImportValue, !FindInMap, !Select.

Question 22

How do you handle secrets in CloudFormation?

Answer 22

Use AWS Secrets Manager or SSM Parameter Store references ({{resolve:secretsmanager:secret-id}}) instead of hardcoding values.

Question 23

Name key CloudFormation best practices.

Answer 23

1. Modularize templates with nested stacks.
2. Use parameters, mappings, and conditions for flexibility.
3. Avoid hardcoding sensitive values; use Secrets Manager or SSM.
4. Use ChangeSets to preview updates.
5. Monitor stack events for debugging failures.
6. Version control templates in Git.

Question 24

How should you organize large templates?

Answer 24

Break them into nested stacks or macro templates to improve readability and reusability.