Create, manage, and troubleshoot AWS CloudFormation.

AWS CloudFormation is a robust, fully-managed service that lets you model, characterize, and provision all your AWS resources instantly and swiftly. It automates and simplifies the process of managing resources, reducing the time and effort you spend on routine tasks. This article will help you grasp a better understanding of how to create, manage, and troubleshoot AWS CloudFormation which is a crucial topic for the AWS Certified SysOps Administrator – Associate (SOA-C02) exam.

Creating AWS CloudFormation Stack

In the AWS Management Console, navigate to the CloudFormation console. Click on Create Stack > With new resources (standard). You’d need to specify a template, which is a JSON or YAML-formatted text file. The template outlines all the AWS resources which need to be created and configured.

Below is a simple AWS CloudFormation YAML format template that deploys an Amazon S3 bucket:

YAML
Resources:
MyBucket:
Type: ‘AWS::S3::Bucket’
Properties:
VersioningConfiguration:
Status: “Enabled”

The code snippet above creates an Amazon S3 bucket with versioning enabled. Click Next, provide Stack name, and click Next until you reach the Review page and then finally click Create Stack. Your AWS CloudFormation stack should now be deploying.

Managing AWS CloudFormation Stack

You can manage your CloudFormation stacks by updating or deleting them. Updating a stack allows you to modify the settings of your resources. To update a stack:

• On the AWS CloudFormation console, select the stack that you want to update.
• Click Update.
• Choose Replace current template, specify the updated template, and then click Next.
• Modify the stack parameters, if necessary. Stack parameters are values that you can pass to your template at runtime. Click Next.
• On the Review page, review your changes and then click Update Stack.

To delete a stack:

• On the AWS CloudFormation console, select the stack that you want to delete.
• Click Delete.
• In the confirmation dialog box, click Delete Stack.

Troubleshooting AWS CloudFormation Stack

If there is an error during the creation or update of a stack, AWS CloudFormation provides detailed information regarding the error in the Events tab. The information includes when the event occurred, the logical ID of the related resource, the resource type, the status of the event (such as CREATE_IN_PROGRESS, CREATE_COMPLETE, or CREATE_FAILED), and any error messages associated with the event.

A common error is CREATE_FAILED, which usually indicates that AWS CloudFormation couldn’t create the specified resource. Check the error message for additional information, fix any issues, and then update the stack with the corrected template.

In conclusion, AWS CloudFormation is an indispensable service for anyone appearing for the AWS Certified SysOps Administrator – Associate (SOA-C02) exam, or anyone looking to automate their AWS resource management tasks. Understanding how to create, manage, and troubleshoot AWS CloudFormation stacks can help ensure that your cloud applications run smoothly and reliably.

Practice Test

True or False: AWS CloudFormation allows you to deploy AWS resources across multiple regions and accounts.

• True
• False

Answer: True

Explanation: AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment across regions and accounts.

In AWS CloudFormation, what does a stack represent?

• A. A collection of AWS resources
• B. A single AWS service
• C. A regional specification
• D. A deployment mechanism

Answer: A. A collection of AWS resources

Explanation: In AWS CloudFormation, a stack is a collection of related AWS resources that you can manage as a single unit.

Which AWS CloudFormation feature can help in managing updates to your existing stacks while extensively testing and controlling them?

• A. Change Sets
• B. StackSets
• C. Update Stack
• D. Template Designer

Answer: A. Change Sets

Explanation: AWS CloudFormation Change Sets allow you to preview and manage updates to your existing stacks extensively, seeing how changes might impact your resources before implementation.

What command would you use to delete a stack in AWS CloudFormation?

• A. Delete Stack
• B. Remove Stack
• C. Erase Stack
• D. Terminate Stack

Answer: A. Delete Stack

Explanation: The Delete Stack command is used in AWS CloudFormation to remove a stack and all associated resources.

True or False: AWS CloudFormation automatically detects whether a resource’s physical instance has been manually deleted and reacts accordingly.

• True
• False

Answer: False

Explanation: If a resource’s physical instance has been manually deleted, AWS CloudFormation does not automatically detect this. Instead, it continues to view the resource as if it still existed.

AWS CloudFormation Drift Detection service can be used to identify what?

• A. Resources that have gone into an error state
• B. Changes made outside of CloudFormation to resources managed by CloudFormation
• C. The geographical spread of resources being managed
• D. The number of resources in a stack

Answer: B. Changes made outside of CloudFormation to resources managed by CloudFormation

Explanation: AWS CloudFormation Drift Detection service is used to identify discrepancies between stack template’s actual configuration and expected configuration.

True or False: AWS CloudFormation does not support YAML as a template language.

• True
• False

Answer: False

Explanation: AWS CloudFormation supports both JSON and YAML as template languages.

True or False: Stack failures cannot be debugged using AWS CloudFormation events.

• True
• False

Answer: False

Explanation: If a resource action fails while AWS CloudFormation is creating or updating a stack, you can view the AWS CloudFormation events to troubleshoot.

In AWS CloudFormation, which of the following statuses indicates that a stack was manually deleted?

• A. DELETE_IN_PROGRESS
• B. DELETE_COMPLETE
• C. DELETE_FAILURE
• D. DELETE_SKIPPED

Answer: B. DELETE_COMPLETE

Explanation: The DELETE_COMPLETE status in AWS CloudFormation indicates that all stack resources have been deleted and the stack has been removed.

True or False: You can use AWS CloudFormation StackSets to create, update, or delete stacks across multiple accounts.

• True
• False

Answer: True

Explanation: AWS CloudFormation StackSets extends the functionality of stacks by enabling you to create, update, or delete stacks across multiple accounts and regions with a single operation.

What cannot be done using AWS Management Console?

• A. Modifying Stack Set
• B. Deleting a CloudFormation Template
• C. Creating Change Set
• D. Updating Stack

Answer: B. Deleting a CloudFormation Template

Explanation: You cannot delete an uploaded AWS CloudFormation template file using AWS Management Console.

What feature of AWS CloudFormation can be used to understand how changes to the stack might impact resources?

• A. StackSets
• B. Template Designer
• C. Change sets
• D. Drift Detection

Answer: C. Change sets

Explanation: The Change sets feature of AWS CloudFormation lets you see what impact making changes to your environment will have on your resources.

True or False: You can retrieve previous versions of a stack using AWS CloudFormation.

• True
• False

Answer: False

Explanation: AWS CloudFormation does not natively support rollback or retrieval of previous versions of a stack.

True or False: AWS Cloudformation supports declaring resources by their CloudFormation type name.

• True
• False

Answer: True

Explanation: AWS CloudFormation does support declaring resources by their CloudFormation type name, such as AWS::S3::Bucket for an S3 bucket.

What AWS service can be used to centralize operational data and automate tasks across AWS services?

• A. AWS CloudWatch
• B. AWS Lambda
• C. AWS Operations Conductor
• D. AWS Management Console

Answer: A. AWS CloudWatch

Explanation: AWS CloudWatch is a monitoring service for AWS cloud resources and the applications that you run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, and set alarms.

Interview Questions

What is AWS CloudFormation?

AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. It allows you to use infrastructure as code and develop and deploy applications quickly.

What two main components make up AWS CloudFormation?

The two main components are Templates and Stacks. Templates describe your desired resources and any associated dependencies or run-time parameters required to run your applications. Stacks are a collection of AWS resources that you can manage as a single unit.

How can CloudFormation templates be formatted?

CloudFormation templates can be written in either JSON or YAML format.

Can you update an existing AWS CloudFormation stack?

Yes, you can update an existing CloudFormation stack by modifying its template or parameters and applying the changes.

How does CloudFormation handle stack updates?

CloudFormation uses a concept called stack updates, where instead of removing the existing stack and creating a new one, it applies changes to the existing stack to reach the updated state.

Explain what AWS CloudFormation Change Sets are?

A change set in AWS CloudFormation is a summary of proposed changes that AWS CloudFormation will make to a stack. It helps users to preview the changes and potential impact before updating a stack.

What happens when a stack deployment fails in AWS CloudFormation?

If a stack deployment fails, AWS CloudFormation supports rollback of the failed stack to its previous state. This ensures your infrastructure remains in a consistent and known state even in failure scenarios.

Can you delete a stack while retaining some specific resources in AWS CloudFormation?

Yes, by setting a deletion policy on specific resources, you can prevent them from being deleted when their associated stack is deleted.

What is stack drift detection in AWS CloudFormation?

Stack drift detection is a feature where AWS CloudFormation can check the current stack configuration and compare it to the known expected configuration. If there is any difference, CloudFormation reports it as a drift.

What are StackSets in AWS CloudFormation?

StackSets are a feature in AWS CloudFormation that extends the functionality of stacks by enabling you to create, update, or delete stacks across multiple accounts and regions with a single operation.

Can individual resources be managed within a stack in AWS CloudFormation?

No. Within a stack, AWS CloudFormation does not support managing individual resources. If changes are needed, the entire stack needs to be updated or recreated.

What is the significance of IAM roles in AWS CloudFormation?

An AWS Identity and Access Management (IAM) role can be associated with a CloudFormation stack so that AWS CloudFormation can make calls to resources in a stack on your behalf.

Can you use AWS CloudFormation to manage resources out of AWS?

No. AWS CloudFormation is designed to provision and manage resources specifically within Amazon Web Services.

How can AWS CloudFormation handle dependencies between resources?

CloudFormation automatically handles dependencies between resources during stack creation and deletion. You can explicitly declare dependencies using the “DependsOn” attribute in a CloudFormation template.

What is DeletionPolicy attribute in AWS CloudFormation?

The DeletionPolicy attribute in AWS CloudFormation protects specified resources from being accidentally deleted during stack operations. You can specify ‘Retain’, ‘Snapshot’ or ‘Delete’ as a policy.