Frequently asked AWS CloudFormation Interview Questions (2020)
In this post, questions from AWS CloudFormation Interviews will be answered for Experienced and Freshers. We're trying to share our experience and learn how to help you make progress in your career.
Q: What is AWS CloudFormation ?
CloudFormation is all about automating resource provisioning (Infrastructure as Code). So it simplifies the task of repeatedly and predictably creating groups of related resources that power your applications.
AWS CloudFormation offers an convenient way to developers and system administrators to create, manage, provision, and update a collection of related AWS resources in an orderly and predictable way.
- Fully managed service
- Create, update, and delete resources and sets known as stacks
- Infrastructure as Code :
Q: What is Infrastructure as Code and its Benefits?
Infrastructure as code is a technique whereby we create machine-readable files that describe our infrastructure.
Now there are many different technologies to do Infrastructure as code, and AWS CloudFormation is one example. AWS CloudFormation, you can maintain your infrastructure just like application source code.
Infrastructure as Code Benefits :
- By codifying Infrastructure, that is describing it within a file, we have a way of including it within our source control solution. We can check-in the files into GitHub or whatever source control solution we're using. This makes it much easier to maintain the infrastructure, as we have the full power of the source control system to handle modifications to certain files. It makes deployments a lot smoother, too. Since the infrastructure is specified inside a file, it can be securely and continuously deployed over and over again.
- In our build and release pipeline, we can also include it. So, as our application is deployed to the cloud, it is also possible to deploy any changes required to the infrastructure at the same time. It helps avoid what is known as environmental drift from occurring.
- For testers, infrastructure as a code often provides advantages. Test teams have early access to production-like test environments, and an entirely new test environment that is very easily similar to the production environment can be spin up. This may be for load testing or penetration testing . When done, it is possible to break down and discard the environment.
Q: What is AWS CloudFormation Template?
Templates are JSON or YAML formatted text files. AWS CloudFormation uses JSON or YAML format file to describe the collection of AWS resources (known as a stack), their associated dependencies, and any required runtime parameters is called CloudFormation Template
- Text File
- JSON or YAML format
- Self-documenting environment
- Resources to provision
Below is a basic AWS CloudFormation YAML-formatted template fragment. Templates contain parameters, resource declaration, and outputs. Templates can reference the outputs of other templates, which enables modularization.
--- AWSTemplateFormatVersion: "version date" Description: String Parameters: set of parameters Mappings: set of mappings Conditions: set of conditions Transform: set of transforms Resources: set of resources Outputs: set of outputs
Here is an example of an AWS CloudFormation template. The template requests the name of an Amazon Elastic Compute Cloud (EC2) key pair from the user in the parameters section.2 The resources section of the template then creates an EC2 instance using that key pair, with an EC2 security group that enables HTTP (TCP port 80) access.
Parameters: KeyName: Description: The EC2 key pair to allow SSH access to the instance Type: AWS::EC2::KeyPair::KeyName Resources: Ec2Instance: Type: AWS::EC2::Instance Properties: SecurityGroups: !Ref InstanceSecurityGroup KeyName: !Ref KeyName ImageId: ami-70065467 InstanceSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Enable HTTP access via port 80 SecurityGroupIngress: - IpProtocol: tcp FromPort: '80' ToPort: '80' CidrIp: 0.0.0.0/0
Q: What are benefits of AWS CloudFormation ?
- Infrastructure as a code : treat your infrastructure as a simplifying code that facilitates modification and changes.
- Automated provisioning : We don't have to work on resources, we just have to improve his application. CloudFormation takes care of both the provision and control of resources
- Safety controls : The inspections are automated to minimize stress and improve quality and efficiency.
- Extensibility: CloudFormation Stack offers an expandable framework for our own extensions and adding them to the CloudFormation template. For a third party resource, customized extension provisioning can be created.
- Centerlize Control : You can model a whole AWS infrastructure in a text file and construct multiple infrastructures with a single code using that design.
Q: How do you create and delete AWS stacks?
- AWS CloudFormation manages related resources as a single unit called a stack.
- You can build, update , and delete a set of resources by building, modifying, and deleting stacks.
- All resources in the stack are defined by the AWS CloudFormation template of the stack.
Q: what is the difference between AWS CloudFormation vs Elastic Beanstalk?
- Both services are designed to serve each other. Elastic Beanstalk is used to create an environment of any programming platform and easily deploy your applications and run it in the cloud. Developers tools are an add-on in Elastic Beanstalk.
- Now, CloudFormation is a provisioning method that can be used to establish a predictable, recursive order for a wide variety of services. A complete infrastructure can be created using AWS CloudFormation.
- Compared to Elastic Beanstalk and AWS OpsWorks, AWS CloudFormation gives you the most power and versatility when providing services. AWS CloudFormation allows you to manage a wide range of AWS resources.
Q: How does AWS Cloud Pipeline interact with CloudFormation ?
You can use AWS Code Pipeline to run a Cloud Formation template in the deployment phase. The pipeline has following stages:
- Source phase: Get the latest commit.
- Build phase: Build the code into a docker image and push it to ECR.
- Deploy phase: take the latest docker image from ECR, deploy it to ECS.