Infrastructure as Code Flashcards

Q: What is CloudFormation drift detection?

A: Compares actual resource configuration against the template. Reports IN_SYNC, MODIFIED, or DELETED status per resource. Not supported for all resource types.

Q: What are CDK construct levels?

A: L1: direct CFN resources (Cfn* classes). L2: curated with sensible defaults and helper methods. L3: patterns composing multiple L2 constructs.

Q: What is a CloudFormation change set?

A: A preview of proposed changes to a stack. Shows which resources will be added, modified, or replaced before execution. Safe way to review updates.

Q: How do stack sets handle failures?

A: Failure tolerance specifies max failures per region before stopping. Max concurrency controls parallel deployments. Can be count or percentage.

Q: What is CloudFormation DeletionPolicy?

A: Controls what happens when a resource is removed: Delete (default), Retain (keep resource), or Snapshot (create snapshot before deleting — RDS, EBS, etc.).

Q: What is CDK Pipelines?

A: A high-level construct for self-mutating CI/CD pipelines. The pipeline updates itself when the CDK app changes, then deploys application stacks.

Q: What is SAM Accelerate?

A: sam sync command that deploys changes quickly without full CloudFormation deployments. Syncs code changes to Lambda/Step Functions in seconds.

Q: What is a CloudFormation custom resource?

A: Lambda-backed resource for operations not natively supported. Receives Create/Update/Delete events and must respond to the pre-signed S3 URL.

Q: How do you reference outputs across stacks?

A: Export the output value in the source stack. Import it in the consuming stack with Fn::ImportValue. Creates a dependency between stacks.

Q: What is CloudFormation resource import?

A: Brings existing resources under CloudFormation management without recreating them. Requires resource identifier and updated template.