You have a Jenkins pipeline to update a CloudFormation stack.
The pipeline uses AWS CloudFormation CLI update-stack.
Sometimes when the Jenkins job runs, certain AWS resources are recreated, which is not as expected.
Your manager asks you to add a step in the pipeline to list the changes that will be applied to the stack.
The Jenkins job continues only after the changes are reviewed.
How would you modify the Jenkins pipeline?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - D.
When you need to update a stack, you can use change set to understand how the changes will affect running resources before you implement them.
Refer to https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html for how to update stacks using change sets.
Option A is incorrect: AWS CLI does not have a --dry-run option so this method cannot resolve the issue.
Option B is incorrect: CloudFormation drift enables you to detect whether a stack's actual configuration differs from the template.
It does not help in this scenario.
Option C is incorrect: Because CloudFormation change set can address this concern.
You do not need to change to Terraform.
Option D is CORRECT: CloudFormation change set contains the changes to be applied.
Check the reference in.
https://docs.aws.amazon.com/cli/latest/reference/cloudformation/create-change-set.html.The correct answer to the question is D. In the new step, use CloudFormation CLI create-change-set to generate the list of changes that will be applied in the stack. Review the changes before continuing the Jenkins job.
Explanation: The problem with the current pipeline is that it is recreating certain AWS resources unexpectedly, which can lead to unwanted consequences. Therefore, the manager has asked to add a step to list the changes that will be applied to the stack, and the Jenkins job should only continue after the changes are reviewed.
Option A suggests using the AWS CLI --dry-run option to generate a JSON output of the stack update. While this can be useful for previewing changes, it is not an appropriate solution for this problem because it does not provide a comprehensive list of changes that will be applied to the stack.
Option B suggests using CloudFormation CLI to detect drift by uploading the updated template. While this can be a useful feature of CloudFormation, it is not relevant to the problem described in the question, as drift detection is not related to listing changes that will be applied to a stack.
Option C suggests using Terraform plan to print the changes and Terraform apply to deploy the changes. While Terraform can be a useful tool for managing infrastructure as code, it is not relevant to the current pipeline, which uses CloudFormation to manage AWS resources.
Option D suggests using the CloudFormation CLI create-change-set command to generate a list of changes that will be applied to the stack. This is the most appropriate solution to the problem described in the question, as it allows for a comprehensive list of changes to be reviewed before continuing the Jenkins job. The create-change-set command creates a change set, which is a summary of changes that will be applied to a stack. The change set can then be reviewed to ensure that the expected changes are being made to the stack.
In summary, the best solution for the problem described in the question is to use the CloudFormation CLI create-change-set command to generate a list of changes that will be applied to the stack. This allows for a comprehensive review of the changes before continuing the Jenkins job, ensuring that unexpected resource recreation is avoided.