10 CloudFormation Template Interview Questions and Answers
Prepare for your AWS interview with our guide on CloudFormation Templates. Enhance your skills and boost your confidence with expert insights.
CloudFormation Templates are a key component of AWS infrastructure management, enabling users to define and provision resources in a systematic and repeatable manner. By using JSON or YAML scripts, CloudFormation allows for the automation of resource deployment, reducing the potential for human error and ensuring consistency across environments. This makes it an essential tool for anyone working with AWS services, from developers to system administrators.
This article offers a curated selection of interview questions designed to test your understanding and proficiency with CloudFormation Templates. Reviewing these questions will help you solidify your knowledge, identify areas for improvement, and ultimately boost your confidence for any upcoming technical interviews.
CloudFormation Template Interview Questions and Answers
1. Describe the structure of a CloudFormation template.
A CloudFormation template is a JSON or YAML formatted text file that outlines the infrastructure and resources for your application. Its structure includes several sections:
- AWSTemplateFormatVersion: Specifies the template format version (optional).
- Description: Describes the template (optional).
- Metadata: Provides additional template information (optional).
- Parameters: Defines input values for the template (optional).
- Mappings: Creates simple “lookup tables” for use in the template (optional).
- Conditions: Controls resource creation or property assignment (optional).
- Resources: Specifies stack resources and properties. This is the only required section.
- Outputs: Describes values returned when viewing stack properties (optional).
2. Write a simple CloudFormation template to create an S3 bucket.
A simple CloudFormation template to create an S3 bucket in YAML:
AWSTemplateFormatVersion: '2010-09-09'
Resources:
MyS3Bucket:
Type: 'AWS::S3::Bucket'
Properties:
BucketName: 'my-unique-bucket-name'
3. Write a CloudFormation template snippet to create an EC2 instance with a specific AMI ID passed as a parameter.
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
AmiId:
Description: AMI ID for the EC2 instance
Type: String
Resources:
MyEC2Instance:
Type: 'AWS::EC2::Instance'
Properties:
ImageId: !Ref AmiId
InstanceType: t2.micro
KeyName: my-key-pair
4. What are mappings in CloudFormation, and how would you use them? Provide an example.
Mappings in CloudFormation are key-value pairs used to specify conditional values. They are defined in the “Mappings” section and referenced using the Fn::FindInMap function.
Example:
AWSTemplateFormatVersion: '2010-09-09'
Description: Example of Mappings in CloudFormation
Mappings:
RegionMap:
us-east-1:
AMI: ami-0ff8a91507f77f867
InstanceType: t2.micro
us-west-1:
AMI: ami-0bdb828fd58c52235
InstanceType: t2.small
Resources:
MyEC2Instance:
Type: 'AWS::EC2::Instance'
Properties:
ImageId: !FindInMap [RegionMap, !Ref 'AWS::Region', AMI]
InstanceType: !FindInMap [RegionMap, !Ref 'AWS::Region', InstanceType]
In this example, the RegionMap mapping defines AMI IDs and instance types for different regions. The !FindInMap function retrieves values based on the deployment region.
5. Write a CloudFormation template to create an RDS instance with multi-AZ deployment.
AWSTemplateFormatVersion: '2010-09-09'
Resources:
MyDBInstance:
Type: 'AWS::RDS::DBInstance'
Properties:
DBInstanceClass: db.t2.micro
AllocatedStorage: '20'
DBName: MyDatabase
Engine: MySQL
MasterUsername: admin
MasterUserPassword: password
MultiAZ: true
BackupRetentionPeriod: 7
StorageType: gp2
VPCSecurityGroups:
<ul>
<li>sg-12345678</li>
</ul>
DBSubnetGroupName: my-db-subnet-group
6. How do you use conditions in a CloudFormation template? Provide an example.
Conditions in a CloudFormation template control resource creation based on specific criteria. They are defined in the “Conditions” section and referenced in “Resources” and “Outputs.”
Example:
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
EnvironmentType:
Description: Type of environment
Type: String
Default: dev
AllowedValues:
- dev
- prod
Conditions:
IsProduction: !Equals [ !Ref EnvironmentType, prod ]
Resources:
MyBucket:
Type: 'AWS::S3::Bucket'
Condition: IsProduction
Properties:
BucketName: my-production-bucket
Outputs:
BucketName:
Condition: IsProduction
Value: !Ref MyBucket
Description: The name of the S3 bucket if in production
In this example, the condition “IsProduction” checks if the “EnvironmentType” parameter is set to “prod”. The S3 bucket and output are created only if the condition is true.
7. Write a CloudFormation template snippet to create an Auto Scaling group with a launch configuration.
Resources:
MyLaunchConfiguration:
Type: AWS::AutoScaling::LaunchConfiguration
Properties:
ImageId: ami-0abcdef1234567890
InstanceType: t2.micro
SecurityGroups:
<ul>
<li>sg-0123456789abcdef0</li>
</ul>
KeyName: my-key-pair
MyAutoScalingGroup:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
LaunchConfigurationName: !Ref MyLaunchConfiguration
MinSize: 1
MaxSize: 3
DesiredCapacity: 2
VPCZoneIdentifier:
<ul>
<li>subnet-0123456789abcdef0</li>
<li>subnet-abcdef0123456789</li>
</ul>
Tags:
<ul>
<li>Key: Name</li>
<li>Value: MyAutoScalingInstance</li>
<li>PropagateAtLaunch: true</li>
</ul>
8. Write a CloudFormation template to create a VPC with public and private subnets, including route tables and internet gateway.
AWSTemplateFormatVersion: '2010-09-09'
Resources:
VPC:
Type: 'AWS::EC2::VPC'
Properties:
CidrBlock: '10.0.0.0/16'
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
<ul>
<li>Key: Name</li>
<li>Value: MyVPC</li>
</ul>
InternetGateway:
Type: 'AWS::EC2::InternetGateway'
Properties:
Tags:
<ul>
<li>Key: Name</li>
<li>Value: MyInternetGateway</li>
</ul>
AttachGateway:
Type: 'AWS::EC2::VPCGatewayAttachment'
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
PublicSubnet:
Type: 'AWS::EC2::Subnet'
Properties:
VpcId: !Ref VPC
CidrBlock: '10.0.1.0/24'
MapPublicIpOnLaunch: true
Tags:
<ul>
<li>Key: Name</li>
<li>Value: PublicSubnet</li>
</ul>
PrivateSubnet:
Type: 'AWS::EC2::Subnet'
Properties:
VpcId: !Ref VPC
CidrBlock: '10.0.2.0/24'
Tags:
<ul>
<li>Key: Name</li>
<li>Value: PrivateSubnet</li>
</ul>
PublicRouteTable:
Type: 'AWS::EC2::RouteTable'
Properties:
VpcId: !Ref VPC
Tags:
<ul>
<li>Key: Name</li>
<li>Value: PublicRouteTable</li>
</ul>
PrivateRouteTable:
Type: 'AWS::EC2::RouteTable'
Properties:
VpcId: !Ref VPC
Tags:
<ul>
<li>Key: Name</li>
<li>Value: PrivateRouteTable</li>
</ul>
PublicRoute:
Type: 'AWS::EC2::Route'
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: '0.0.0.0/0'
GatewayId: !Ref InternetGateway
PublicSubnetRouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PublicSubnet
RouteTableId: !Ref PublicRouteTable
PrivateSubnetRouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PrivateSubnet
RouteTableId: !Ref PrivateRouteTable
9. How do you define and use outputs in a CloudFormation template? Provide an example.
In CloudFormation, outputs declare values accessible from outside the stack, such as resource IDs or URLs. Outputs can be exported for cross-stack references.
Example:
Resources:
MyBucket:
Type: "AWS::S3::Bucket"
Properties:
BucketName: "my-sample-bucket"
Outputs:
BucketName:
Description: "The name of the S3 bucket"
Value: !Ref MyBucket
Export:
Name: "MyBucketName"
In this example, an S3 bucket is created, and its name is outputted. The Export field allows this output to be referenced in other stacks.
To use this output in another stack, import it using Fn::ImportValue:
Resources:
AnotherBucket:
Type: "AWS::S3::Bucket"
Properties:
BucketName: !ImportValue MyBucketName
10. What is a resource deletion policy in CloudFormation, and how do you implement it? Provide an example.
A resource deletion policy in CloudFormation defines what happens to a resource when its stack is deleted. Options include:
- Delete: The resource is deleted.
- Retain: The resource is kept.
- Snapshot: A snapshot is created before deletion.
To implement a deletion policy, specify the DeletionPolicy attribute in the resource definition.
Example:
Resources:
MyS3Bucket:
Type: "AWS::S3::Bucket"
DeletionPolicy: Retain
In this example, the S3 bucket is retained when the stack is deleted.
