Maintaining Data Integrity during AWS CloudFormation Resource Replacement
Question
You have deployed a set of web servers in VPC along with an Amazon S3 bucket using AWS CloudFormation.
Critical Project documents are uploaded in the S3 bucket.
A new version for a web application is released & this needs to apply to this Stack using the AWS CloudFormation template.
You need to ensure all critical Documents in the existing S3 bucket are intact while AWS CloudFormation creates a replacement resource & delete old resources.
Which of the following can be used to meet this requirement?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: D.
AWS CloudFormation template attributes can be used to retain or backup resources before deletion of stack.
UpdateReplacePolicy Attribute is used to retain / backup resources during the stack update process.
DeletionPolicy attribute is used to retain /backup of resource before stack is deleted.
Stack is being updated in the above case,so to retain the old resource, the UpdateReplacePolicy attribute needs to be specified.
Option A is incorrect as the Amazon S3 bucket does not support snapshot & you need to use UpdateReplacePolicy with retain.
Option B & C is incorrect as DeletionPolicy Resource Attribute is used when a resource is being deleted & not when a Resource is updated.
For more information on using Resource Attributes for AWS CloudFormation, refer to the following URL-
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.htmlThe correct answer is option C: Use DeletionPolicy as Retain with Resource Attribute in AWS CloudFormation.
Explanation: AWS CloudFormation is an AWS service that helps you model and set up your AWS resources. In this scenario, the goal is to update the web application without losing the critical project documents in the S3 bucket.
DeletionPolicy attribute is used to retain or delete a resource when its stack is deleted. In this scenario, we need to retain the S3 bucket containing the critical project documents while the CloudFormation stack is being updated.
UpdateReplacePolicy attribute controls what happens to the resource being updated when an update occurs. It can be set to Snapshot, which creates a snapshot of the resource before it's updated, or Retain, which retains the original resource during an update.
Option A: Use UpdateReplacePolicy as Snapshot with Resource Attribute in AWS CloudFormation is incorrect because it creates a snapshot of the S3 bucket before updating it, which means that the critical project documents will not be available during the update process.
Option B: Use DeletionPolicy as Snapshot with Resource Attribute in AWS CloudFormation is incorrect because it creates a snapshot of the S3 bucket before it's deleted, which is not the desired outcome in this scenario.
Option D: Use UpdateReplacePolicy as Retain with Resource Attribute in AWS CloudFormation is incorrect because it retains the original resource during an update, but it doesn't retain the resource after the stack is deleted.
Option C: Use DeletionPolicy as Retain with Resource Attribute in AWS CloudFormation is the correct answer because it retains the S3 bucket containing the critical project documents even after the stack is deleted. This ensures that the critical project documents are safe during the update process and after the stack is deleted.
In conclusion, when updating a CloudFormation stack with a new version of a web application and retaining an S3 bucket containing critical project documents, you should use DeletionPolicy as Retain with Resource Attribute in AWS CloudFormation.
