Week 16: Future Developments in the Cloud Flashcards
(17 cards)
What are the core benefits of using Terraform for Infrastructure as Code (IaC), and how does its declarative HCL model simplify provisioning?
Predictable, repeatable deployments: declarative HCL describes the desired end‑state, not the procedural steps.
Multi‑cloud/ hybrid support: unified workflow via providers abstracts complex APIs across AWS, Azure, GCP, on‑prem, SaaS, etc.
“Plan and apply” cycle: visualizes changes before execution to minimize surprises in production.
Modularity & reuse: HCL’s block syntax, interpolation, and functions enable clean resource definitions and shared patterns.
What is the Terraform workflow, and how does it ensure a controlled deployment lifecycle?
terraform init – initializes the working directory, downloads provider plugins, validates modules.
terraform plan – generates an execution plan showing adds (+), changes (~), and deletes (–) without touching resources.
terraform apply – executes the approved plan to create, update, or destroy real infrastructure.
terraform destroy – tears down all managed resources for cleanup or ephemeral environments.
This sequenced workflow enforces review, preview, and cleanup at each stage.
How are Terraform modules, variables, and outputs structured, and how do they promote reusable and maintainable infrastructure code?
Modules: folders (e.g., main.tf, variables.tf, outputs.tf) grouping related resources into reusable units; versioned and shared via registries.
Variables: declared in variables.tf with types, defaults, and sensitivity; allow parameterization of modules and environments.
Outputs: defined in outputs.tf to expose key attributes (IDs, endpoints) back to parent configurations or consumers.
This structure enforces clear interfaces, reduces duplication, and standardizes patterns across teams.
What is the importance of Terraform state management, and how do remote backends and locking support team collaboration?
State file: records resource IDs, attributes, and dependencies; essential for drift detection and accurate diffs.
Remote backends: S3, GCS, Azure Blob, Terraform Cloud centralize state, prevent local divergence, and enable shared workflows.
Locking: mechanisms (e.g., DynamoDB for S3) prevent concurrent apply operations, avoiding state corruption.
Encryption & versioning: secure sensitive data and allow rollbacks if mistakes occur.
What tools and best practices support Terraform testing, validation, and compliance?
terraform validate: checks syntax and configuration structure.
TFLint: lints for style, naming, deprecations, and potential errors.
Policy as Code: Sentinel (Terraform Enterprise) or OPA enforce organizational policies.
Integration testing: Kitchen‑Terraform spins up ephemeral environments to verify real‑world behavior.
Security/compliance scanning: Checkov detects misconfigurations like open ports or weak IAM rules.
What are the six pillars of the AWS Well-Architected Framework, and how do they guide trade-offs across performance, security, cost, and sustainability?
Six pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, Sustainability
Trade‑off guidance:
Sacrificing cost for performance can lead to overspending
Under‑provisioning resources lowers reliability
Enhancing security may impact usability
Balancing capacity vs. environmental impact
How does the framework promote operational excellence and reliability through automation, monitoring, fault tolerance, and chaos engineering?
Operational Excellence:
Automates infrastructure changes via IaC (e.g., CloudFormation/Terraform)
Embeds actionable metrics in monitoring dashboards
Maintains versioned environments and clear runbooks; mirrors staging to production
Conducts frequent chaos engineering exercises to validate incident response
Reliability:
Implements self‑healing and automated recovery across AZs/regions
Uses health checks and DNS‑based failover (Route53)
Applies auto‑scaling policies and redundancy for demand surges
Regularly tests disaster recovery plans to ensure robust failover
What tools support continuous improvement using the Well-Architected Framework, such as the AWS Well-Architected Tool and AWS Trusted Advisor?
AWS Well‑Architected Tool: interactive service with pillar‑aligned questionnaires; generates improvement plans, tracks risk areas, and compares results over multiple review cycles
AWS Trusted Advisor: integrates with the Well‑Architected Tool to deliver deeper cost and operational insights, alerting on optimization and best‑practice opportunities
What is AWS CloudFormation’s stack-based model?
A stack is a logical unit that groups multiple AWS resources (EC2, S3, RDS, Lambda, networking, security) and manages them as a single entity
Stacks record resource status internally—no external state file is needed
Enables consistent provisioning, tracking, updates, and rollbacks for all resources in that stack
How does it use JSON/YAML templates and parameters?
Templates (in JSON or YAML) serve as blueprints, defining all resources, their properties, mappings, and outputs
Parameters allow you to customize deployments (e.g., region, instance size, environment name) without editing the template itself
Supports intrinsic functions (e.g., Ref, Fn::GetAtt) to retrieve and reference resource attributes dynamically
How do features like Change Sets, stack policies, and rollback mechanisms help manage updates and prevent unintended modifications?
Change Sets preview proposed additions, replacements, and deletions before applying changes to a running stack
Stack policies restrict which resources can be modified or replaced during updates, safeguarding critical infrastructure
Automatic rollback reverts the stack to its previous stable state if creation or update fails, avoiding partial or broken deployments
What are the best practices for using CloudFormation?
Store templates in version control for auditability and rollback
Use parameters instead of hard‑coding environment‑specific values
Restrict direct console changes; enforce CloudFormation‑only modifications to prevent drift
Validate templates with tools like cfn‑lint and test them in a sandbox before production
Leverage advanced features—Change Sets, stack policies, macros—for controlled, repeatable evolutions
What trends are driving the rapid growth of the cloud market?
Generative AI surge: expected to add $200–$300 billion by 2030
Edge computing adoption: low‑latency, real‑time analytics pushing compute outward
Sovereign cloud initiatives: 40+ nations enforcing data‑residency regulations
FinOps practices: discipline and tooling for effective cost management
Platform engineering: streamlined, self‑service pipelines for developer productivity
How is AI influencing the future of cloud infrastructure and services?
Explosive AI‑cloud spending: AI/ML services projected to hit $589 billion by 2032
Managed AI platforms: SageMaker, Azure ML, Vertex AI, plus generative‑AI APIs (Bedrock, ChatGPT)
Specialized hardware: distributed GPU/TPU clusters and AI accelerators (H100, MI300, Gaudi2) with high‑throughput, low‑latency storage
AIOps & automation: ML‑driven monitoring, anomaly detection, and storage lifecycle optimization
What is the impact of serverless and edge computing on application design?
Serverless (FaaS): abstracts infra for event‑driven microservices, rapid scaling, tight messaging integration; trade‑offs include cold starts and vendor lock‑in
Edge computing: pushes processing to the network edge for sub‑millisecond response (IoT, AR/VR, connected vehicles), driving edge‑cloud orchestration (KubeEdge, Azure IoT Edge)
How are organizations managing costs, governance, and cloud complexity?
FinOps disciplines & tools: Cloudability, Apptio, AWS Cost Explorer for budgeting and forecasting
Policy & governance: automated compliance (zero‑trust, ESG reporting, data-lineage), policy-as-code
Multi‑cloud orchestration: platform engineering, service meshes (Istio), and cross‑cloud tools (Terraform, Crossplane, Spot.io) to tame complexity
What skills and cultural shifts are shaping the future of the cloud workforce?
In‑demand roles: platform engineers, cloud security specialists, LLMOps practitioners
Core skills: Kubernetes, Terraform, GitOps, FinOps, DevSecOps, plus top certifications (AWS Solutions Architect, GCP Cloud Architect, Azure Security Engineer)
Cultural shifts: low‑code/no‑code democratization, AI copilots in development, cross‑functional upskilling programs, and a shared responsibility mindset
