You have created two AWS CloudFormation stacks in the AWS region us-east-1
Stack A has exported the resource output for a security group.
Stack B uses the Fn::ImportValue intrinsic function to import the exported value in its template.
Both stacks are in the CREATE_COMPLETE status.
Now you would need to perform some actions on these stacks.
Which of the following actions can you perform successfully?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: D.
Option A is incorrect because there are some limitations if there is a cross-stack reference between two CloudFormation stacks.
Stack A cannot be deleted as it has a resource output that is referenced by stack.
B.Option B is incorrect because you cannot modify the output value that is referenced by another stack.
This operation will fail.
Option C is incorrect because this is similar as Option.
B.
You cannot remove the output value that is referenced by another stack.
Option D is CORRECT because you can update stack B to remove the cross-stack reference.
This operation is allowed.
Reference:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/walkthrough-crossstackref.htmlThe given scenario involves two AWS CloudFormation stacks in the us-east-1 region. Stack A exports a resource output for a security group, and Stack B imports this exported value using the Fn::ImportValue intrinsic function in its template.
Now, let's examine each of the four actions that are mentioned in the question:
A. Delete stack A using AWS console as the created resources in stack A are no longer needed in the region.
This action can be performed successfully because Stack B has already imported the exported value from Stack A. So, deleting Stack A will not impact Stack B as it has already retrieved the necessary information during its creation. However, it's worth noting that if Stack A was deleted before Stack B was created, the latter would fail to create because the required value would not be available.
B. In stack A, update the resource output value as the security group needs to change its name.
This action is not possible because once a stack is created, the resource output values cannot be modified. To update the security group name, you would need to delete and recreate Stack A with the updated resource output value.
C. Update stack A to remove the resource output that is referenced by stack B.
This action is not possible because Stack B is dependent on the exported value from Stack A. Removing the resource output would break Stack B's ability to retrieve the required value, causing it to fail.
D. Update stack B to remove the cross-stack reference so that stack B does not import the resource output from stack A.
This action is possible as Stack B can function independently of Stack A if it no longer relies on the exported value from Stack A. However, it's important to note that this action would only make sense if the imported value is no longer required by Stack B.
In summary, the only action that can be performed successfully is deleting Stack A as it does not impact Stack B. Updating the resource output value in Stack A or removing the resource output would not be possible. Removing the cross-stack reference in Stack B is possible but would only make sense if the imported value is no longer required.