Last week, a developer changed the name of an Amazon PostgreSQL RDS database instance from “employeeDatabase” to “employee_DB” and then updated the CloudFormation stack.
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - D.
Change Sets is typically used to understand if a stack update has been done successfully so that some unexpected consequences can be avoided.
For more information on how to use Change Sets, please refer to the link below:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.htmlOption A is incorrect: It is proper to use Change Sets.
However “Change Sets don't indicate whether AWS CloudFormation will successfully update a stack”.
This is stated in https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html.
Change Sets is NOT able to tell whether the stack update is successful or not.
Option B is incorrect: Although DeletePolicy should be good to use, the keyword for RDS instance should be “Retain” rather than “Keep”.
To prevent deletion or updates to resources in a CloudFormation stack, you can:
Set DeletionPolicy attributes to retain certain resources when the stack is deleted.
Enable Termination Protection to prevent the stack from being deleted.
Use a stack policy to prevent update actions (modify, replace, or delete) to resources in the stack.
Apply IAM policies to allow only certain users to delete or update resources.
Option C is incorrect: Data pipeline is not a good use case for CloudFormation stack to keep resources.
The best answer for the scenario described in the question is A. Use Change Sets to check how your changes might impact your running resources, especially for critical resources such as RDS. Change Sets is also able to tell if the stack update is successful or not so that it can greatly help on the CloudFormation resources management.
When making changes to a CloudFormation stack, it is important to ensure that the changes will not have any negative impact on the resources that are already running. Change Sets is a feature in AWS CloudFormation that allows you to preview changes to your stack before making them. It provides a detailed list of the changes that will be made to your stack, including any resources that will be added, modified, or deleted. This can help you identify any potential issues that might arise from the update.
In this scenario, the developer changed the name of an Amazon PostgreSQL RDS database instance from “employeeDatabase” to “employee_DB” and then updated the CloudFormation stack. While this seems like a simple change, it could potentially have a significant impact on the running resources. For example, if there are any dependencies on the database name in other resources, those resources may fail after the update.
By using Change Sets, the developer can preview the changes and identify any potential issues before making them. If any issues are found, the developer can modify the stack to address them before executing the update. Additionally, Change Sets can tell if the stack update is successful or not so that it can greatly help on the CloudFormation resources management.
Option B suggests protecting the RDS instance from deletion by using the “Keep” keyword and taking a snapshot of the RDS to backup data before updating the stack. This approach is not the best option for this scenario as it does not address the potential impact of the name change on the running resources. Additionally, taking a snapshot of the RDS instance may not be sufficient for backup purposes as it may not include all the data in the instance.
Option C suggests using a data pipeline to copy the data from RDS to S3 for backup before updating the stack. While this approach may be useful for backup purposes, it does not address the potential impact of the name change on the running resources. Additionally, setting up a data pipeline can be time-consuming and may not be necessary for a simple name change.
Option D suggests generating a Change Set to preview the changes and backing up the data before updating the stack. This option is similar to option A but does not mention the importance of monitoring the CloudFormation console during the update. Monitoring the console is important to ensure that the update is successful and to identify any issues that may arise during the update.