A new development team is building up a web application to provide discount coupons to customer.
They wrote a CloudFormation template to build up the infrastructure, 5 large Amazon linux EC2 instances, RDS, etc.
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - B.
About the AWS CloudFormation best practices, please refer to https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#code.
on the details.
For this case, the main problem is that there is no revision control as the developer just edits the template on his own and uploads directly.
One best practice of CloudFormation template is to Use Code Reviews and Revision Controls to Manage Your Templates.
The stack templates describe the configuration of your AWS resources, such as their property values.
To review changes and to keep an accurate history of your resources, use code reviews and revision controls.
These methods can help you track changes between different versions of your templates, which can help you track changes to your stack resources.
Also, by maintaining a history, you can always revert your stack to a certain version of your template.
Other options are partial correct to some extent however they are not first priority.
Option A is incorrect: It indeed helps when the template is edited in the console as some editor features can be used, however it is not necessary and not first priority for this case.
Option C is incorrect: because the case does not mention how the instances are updated and it is not a first priority either.
Option D is incorrect: Using intrinsic functions can help on the template however again they are not necessary and the case does not mention whether or not intrinsic functions are lacking.
Option A: The developer should edit the template in the CloudFormation console directly rather than his PC as the console has provided various features to help on the edit.
This option is not recommended as editing the CloudFormation template directly in the console may lead to errors or inconsistencies, and it becomes hard to manage versions and collaborate with other team members. It is always better to use a proper code editor with proper version control mechanisms to manage and maintain the CloudFormation templates.
Option B: The team should use revision control to manage the CloudFormation template, for example, using GitHub, otherwise, it is hard to track who and how the changes are made. The changes need code reviews as well to ensure the quality.
This option is the recommended best practice as it helps in managing the code base, tracking the changes made to the templates, and also in collaborating with other team members. By using version control like Git, it is easy to track the changes made, roll back to earlier versions, and even merge different changes made by different team members. The code reviews also help in ensuring that the changes made to the template are of good quality and are aligned with the project requirements.
Option C: The developer should update the instance regularly. On all the Amazon EC2 Linux instances and Amazon EC2 Linux instances created with AWS CloudFormation, regularly run the yum update command to update the RPM package. This ensures that you get the latest fixes and security updates.
This option is also recommended as it helps in keeping the EC2 instances up to date with the latest security patches and bug fixes. It is important to keep the instances updated to ensure that they are secure and stable.
Option D: In the template, use more intrinsic functions such as FN::BASE64, FN::Join, etc. These functions are able to help build up a clean and efficient template.
This option is also recommended as it helps in building a clean and efficient CloudFormation template. By using intrinsic functions, it is possible to simplify the template and avoid unnecessary repetitions. These functions also make it easier to read and understand the template, making it more manageable and maintainable in the long run.
In summary, the best practice for managing CloudFormation templates is to use a version control system like Git, conduct code reviews, use intrinsic functions to simplify the templates, and keep the instances updated with the latest security patches and bug fixes.