Previewing CloudFormation Stack Changes

Correct Answer - D.

This case asks for a way to preview the change for the CloudFormation stack.

The Change set is a good choice.

Also, refer to.

https://docs.aws.amazon.com/lambda/latest/dg/build-pipeline.html

for how to use CloudFormation to deploy a Lambda function in CodePipeline.

Option A is incorrect: Because it still does not resolve the CloudFormation stack update issue.

The code review process cannot guarantee that the CloudFormation is always updated as expected.

Option B is incorrect: Because CodeDeploy is unnecessary and does not fix the issue either.

Option C is incorrect: Because it is unsuitable to delete the stack every time.

Besides, if the stack has included many resources, there will be a long downtime.

Option D is CORRECT: Because by using a “Create or replace a change set” action mode, a change set is created for review.

Then the change set is executed if it looks proper.

Check the below snapshot for the supported Action Mode of CloudFormation:

The best approach for this scenario is option D, which involves modifying the AWS CodePipeline to use the "Create or replace a change set" action mode for CloudFormation deployment. This allows for a preview of the changes before the deployment is completed. Additionally, a new deployment stage can be added to execute the change set if it is approved.

Using the "Create or replace a change set" action mode provides a safer way to deploy updates to the CloudFormation stack. When this mode is used, AWS CloudFormation generates a change set that describes the updates that will be made to the stack. The change set can be reviewed and approved or rejected before any changes are actually made to the stack.

To implement this approach, the following steps can be taken:

1. Modify the AWS CodePipeline stage that deploys the CloudFormation stack to use the "Create or replace a change set" action mode.

2. Add a new stage to the pipeline to allow for the review of the change set. This stage can include manual approval, which requires a team member to review the changes and approve or reject the deployment.

3. If the change set is approved, add another stage to the pipeline to execute the change set.

Using this approach allows for a more controlled deployment process that reduces the risk of mistakes in the CloudFormation template. It also allows for the review of changes before they are deployed, which can help catch potential issues early on in the process.

Option A, changing the code review process to avoid issues with CloudFormation stacks, is not a direct solution to the problem of inappropriate updates to the stack. It is still possible for mistakes to be made in the template, even with a thorough code review process.

Option B, modifying the deployment provider to CodeDeploy, does not address the problem of inappropriate updates to the CloudFormation stack. CodeDeploy is a different deployment tool that is not specific to CloudFormation.

Option C, changing the action mode to "Delete a stack" and then redeploying the stack with a new template, is a possible solution, but it is not as efficient as using the "Create or replace a change set" action mode. Deleting the stack and then redeploying it can be time-consuming and may lead to downtime for the application. Additionally, there is a risk of data loss when the stack is deleted, which can be avoided with the use of change sets.