AWS CloudFormation

Question 1

CloudFormation

Answer 1

Declarative way of outlining your AWS infrastructure for any resources via template

Question 2

Clouformation resources

Answer 2

Represent the different AWS components that will be created and configured, mandatory in template

Question 3

CloudFormation parameters

Answer 3

Way to provide inputs to your template, if config will change in future you should make it a parameter

Question 4

AllowedValues parameter

Answer 4

eg. use to specify what EC2 instance type is allowed

Question 5

NoEcho parameter

Answer 5

NoEcho: true means the value will not be displayed anywhere eg. in logs

Question 6

Syntax for parameters

Answer 6

Use Fn::Ref or !Ref in YAML to reference parameters

Question 7

Pseudo parameters

Answer 7

set parameters eg. AWS::Region to get the region

Question 8

Mappings

Answer 8

Fixed variables within the template, good for differentiating between different environments, regions ,etc

Question 9

Mappings vs Parameters

Answer 9

Use mappings when you know in advance all the values that can be taken and can be deduced from things like region and AZ, use parameters when the values are user specific

Question 10

Outputs

Answer 10

Declare optional output values that we can import into other stacks, view in AWS console of CLI

Question 11

How to reference output from another stack

Answer 11

Use Fn::ImportValue or !ImportValue

Question 12

True or false? You can delete the underlying stack without deleting the underlying references

Answer 12

False

Question 13

CloudFormation conditions

Answer 13

Common use case us dev / test / prod, use different resources depending on environment

Question 14

Fn::Ref

Answer 14

Can reference parameters or resources, shorthand is !Ref in YAML

Question 15

Fn::GetAtt

Answer 15

Get attributes for your resources eg. AZ, Id, PrivateIp

Question 16

Fn::FindInMap

Answer 16

Return a named value from a specific key

Question 17

Fn::ImportValue

Answer 17

Import values that are exported in other stacks

Question 18

Fn::Base64

Answer 18

Convert string to base64, used to pass encoded data to EC2’s UserData property

Question 19

In the case that stack creation fails …

Answer 19

Default is that everything rolls back (gets deleted), option to disable rollback and troubleshoot what happened

Question 20

Service role

Answer 20

IAM role that allows CloudFormation to create/update/delete stack resources on your behalf

Question 21

CAPABILITY_NAMED_IAM and CAPABILITY_IAM

Answer 21

Need to give to cloudformation when template is going to update IAM resources

Question 22

CAPABILITY_AUTO_EXPAND

Answer 22

Necessary when your CloudFormation template includes Macros of stacks within stacks

Question 23

InsufficientCapabilitiesException

Answer 23

Exception that will be thrown by CloudFormation if capabilities haven’t been acknowledged when deploying a template (security measure)

Question 24

DeletionPolicy

Answer 24

Control what happens when the CloudFormation template is deleted or when a resource is removed from a CloudFormation template

Question 25

Default DeletionPolicy

Answer 25

DeletionPolicy=Delete

Question 26

Will Delete work on S3 bucket that is not empty?

Answer 26

no

Question 27

DeletionPolicy=Retain

Answer 27

Specify on resoures to preserve in case of CloudFormation deletes, works with any resources

Question 28

DeletionPolicy=Snapshot

Answer 28

Create one final snapshot before deleting the resource

Question 29

Stack Policy

Answer 29

JSON document that defines the update actions that are allowed on specific resources during Stack updates, protect resources from unintentional updates

Question 30

Termination Protection

Answer 30

Prevents accidental deletes of CloudFormation Stacks

Question 31

Custom Resources

Answer 31

Used to define resources not yet supported by CloudFormation, custom provisioning logic for resources outside of CloudFormation, custom scripts

Question 32

Custom resource use case

Answer 32

Use custom resource to empty S3 bucket with lambda function so it can be deleted by CloudFormation

Question 33

StackSets

Answer 33

Allow you to create, update or delete stacks across multiple accounts and regions with a single operation/template (only admin account can create)

Question 34

Which section of a CloudFormation template cannot be associated with Condition?

Answer 34

Parameters

Question 35

Exported Output Values in CloudFormation must have unique names within ...

Answer 35

a single Region