You have a Jenkins pipeline to update a CloudFormation stack.
The pipeline uses AWS CloudFormation CLI update-stack.
Sometimes when the Jenkins job runs, certain AWS resources are recreated, which is not as expected.
Your manager asks you to add a step in the pipeline to list the changes that will be applied to the stack.
The Jenkins job continues only after the changes are reviewed.
How would you modify the Jenkins pipeline?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - D.
When you need to update a stack, you can use change set to understand how the changes will affect running resources before you implement them.
Refer to https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html for how to update stacks using change sets.
Option A is incorrect: AWS CLI does not have a --dry-run option so this method cannot resolve the issue.
Option B is incorrect: CloudFormation drift enables you to detect whether a stack's actual configuration differs from the template.
It does not help in this scenario.
Option C is incorrect: Because CloudFormation change set can address this concern.
You do not need to change to Terraform.
Option D is CORRECT: CloudFormation change set contains the changes to be applied.
Check the reference in.
https://docs.aws.amazon.com/cli/latest/reference/cloudformation/create-change-set.html.The correct answer is D: In the new step, use CloudFormation CLI create-change-set to generate the list of changes that will be applied in the stack. Review the changes before continuing the Jenkins job.
Explanation: In this scenario, the Jenkins pipeline is being used to update a CloudFormation stack. However, sometimes certain AWS resources are recreated unexpectedly, which can cause problems. The manager has asked to add a step in the pipeline to list the changes that will be applied to the stack. The Jenkins job should only continue after the changes have been reviewed.
To achieve this, we can use CloudFormation CLI create-change-set command. The create-change-set command creates a list of changes that would be applied to a CloudFormation stack without actually applying those changes. This command can be used to preview the changes that would be made to a stack and review them before applying them.
To modify the Jenkins pipeline, we can add a new step that uses the create-change-set command to generate the list of changes that will be applied in the stack. This step will be responsible for creating a change set for the stack and listing the changes that will be made.
Once the changes have been reviewed, the Jenkins job can continue to the next step, which will apply the changes using the CloudFormation CLI update-stack command.
Option A is incorrect because the --dry-run option is not available in CloudFormation CLI. This option is available in the AWS CLI, which is a different tool from CloudFormation CLI.
Option B is incorrect because CloudFormation drift detection is used to detect changes made outside of CloudFormation, and not to preview changes made using CloudFormation CLI.
Option C is incorrect because terraform is a different tool from CloudFormation CLI, and using it to preview changes made using CloudFormation CLI may not be accurate.