How would you use AWS CloudFormation to provide agile n…

You have a complex system that involves networking, IAM policies, and multiple, three-tier applications. You are still
receiving requirements for the new system, so you don’t yet know how many AWS components will be present in the final
design. You want to start using AWS CloudFormation to define these AWS resources so that you can automate and
version-control your infrastructure. How would you use AWS CloudFormation to provide agile new environments for your
customers in a cost-effective, reliable manner?

You have a complex system that involves networking, IAM policies, and multiple, three-tier applications. You are still
receiving requirements for the new system, so you don’t yet know how many AWS components will be present in the final
design. You want to start using AWS CloudFormation to define these AWS resources so that you can automate and
version-control your infrastructure. How would you use AWS CloudFormation to provide agile new environments for your
customers in a cost-effective, reliable manner?

A.
Manually create one template to encompass all the resources that you need for the system, so you only have a single template to
version-control.

B.
Create multiple separate templates for each logical part of the system, create nested stacks in AWS CloudFormation, and maintain
several templates to version-control.

C.
Create multiple separate templates for each logical part of the system, and provide the outputs from one to the next using an Amazon
Elastic Compute Cloud (EC2) instance running the SDK for finer granularity of control.

D.
Manually construct the networking layer using Amazon Virtual Private Cloud (VPC) because this does not change often, and then use
AWS CloudFormation to define all other ephemeral resources.



Leave a Reply 3

Your email address will not be published. Required fields are marked *


raysmithvic1978

raysmithvic1978

B

JoeS

JoeS

B makes most sense.. C doesnt.

Abdennour

Abdennour

In the first template , you will define firewall (for example )

“`yml

Resources:
WebSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow web users to access
SecurityGroupIngress:
– CidrIp: 0.0.0.0/0
Description: Allow HTTP access
FromPort: 80
IpProtocol: tcp
ToPort: 80

Outputs:
WebAccessFirewall:
Value: !Ref WebSecurityGroup
Export:
Name: WebAccess

“`

In the other stacks , you will reuse the exported value (WebAccess).

Then the answer is multiple stacks. Also Cloudformation is enough , no need SDK ..
==> answer B