AWS CloudFormation Interview Questions

Q: What is AWS CloudFormation and what problems does it solve?

View the complete answer on LearnThatStack.

Q: What are the main components of a CloudFormation template?

View the complete answer on LearnThatStack.

Q: What's the difference between YAML and JSON for CloudFormation templates?

View the complete answer on LearnThatStack.

Q: What happens when a CloudFormation stack creation fails?

View the complete answer on LearnThatStack.

Q: What are the different parameter types in CloudFormation?

View the complete answer on LearnThatStack.

Q: Explain the difference between CloudFormation and other IaC tools like Terraform.

View the complete answer on LearnThatStack.

Q: How do you handle sensitive data like passwords in CloudFormation templates?

This answer is available for premium subscribers.

Q: Explain resource dependencies in CloudFormation. How are they handled?

This answer is available for premium subscribers.

Q: How do you update a CloudFormation stack safely?

This answer is available for premium subscribers.

Q: How do you use outputs to share data between stacks?

This answer is available for premium subscribers.

1.

What is AWS CloudFormation and what problems does it solve?

beginner

AWS CloudFormation is a service that helps you model and set up your AWS resources using Infrastructure as Code (IaC). It solves several key problems:

Manual Configuration Errors: Eliminates human error in manual resource provisioning
Environment Consistency: Ensures identical infrastructure across development, testing, and production
Resource Dependencies: Automatically handles the order of resource creation and dependencies
Version Control: Infrastructure changes can be tracked and versioned like application code
Rollback Capabilities: Provides automatic rollback if stack creation/update fails
Cost Management: Easy to tear down entire environments, reducing costs
Documentation: Templates serve as living documentation of your infrastructure

2.

What are the main components of a CloudFormation template?

beginner

The main components are:

AWSTemplateFormatVersion (Optional): Specifies the template format version
Description (Optional): Human-readable description of the template
Parameters (Optional): Input values for the template
Mappings (Optional): Static lookup tables
Conditions (Optional): Controls resource creation based on conditions
Resources (Required): AWS resources to create
Outputs (Optional): Values returned when viewing stack properties

AWSTemplateFormatVersion: '2010-09-09'
Description: 'Simple web server template'
Parameters:
  InstanceType:
    Type: String
    Default: t2.micro
Resources:
  WebServer:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: !Ref InstanceType
      ImageId: ami-0abcdef1234567890
Outputs:
  InstanceId:
    Value: !Ref WebServer

3.

What's the difference between YAML and JSON for CloudFormation templates?

beginner

YAML Advantages:

More human-readable and concise
Supports comments for documentation
Better for complex templates
Less prone to syntax errors (no missing commas/brackets)
JSON Advantages:
Smaller file size
Faster parsing
Better tool support in some IDEs
More familiar to developers
Example comparison:

# YAML
Resources:
  MyBucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: my-example-bucket

{
  "Resources": {
    "MyBucket": {
      "Type": "AWS::S3::Bucket",
      "Properties": {
        "BucketName": "my-example-bucket"
      }
    }
  }
}

Most teams prefer YAML for readability and maintainability.

4.

What happens when a CloudFormation stack creation fails?

beginner

When stack creation fails:

Automatic Rollback: CloudFormation automatically deletes all successfully created resources
Stack State: Stack goes to ROLLBACK_COMPLETE state
Error Information: Detailed error messages available in Events tab
Billing: You're only charged for resources that existed during the failed creation period
Prevention strategies:

Validate templates before deployment
Use --disable-rollback flag only for debugging
Implement proper IAM permissions
Check service limits and quotas
Use change sets for updates
Example debugging:

aws cloudformation describe-stack-events --stack-name my-stack

5.

What are the different parameter types in CloudFormation?

beginner

CloudFormation supports these parameter types:
Basic Types:

String: Text values
Number: Numeric values
CommaDelimitedList: List of values separated by commas
AWS-Specific Types:
AWS::EC2::KeyPair::KeyName: EC2 Key Pair names
AWS::EC2::SecurityGroup::Id: Security Group IDs
AWS::EC2::Subnet::Id: Subnet IDs
AWS::EC2::VPC::Id: VPC IDs
AWS::Route53::HostedZone::Id: Route 53 Hosted Zone IDs
Lists:
List<Number>: List of numbers
List<AWS::EC2::Subnet::Id>: List of subnet IDs
Example:

Parameters:
  Environment:
    Type: String
    AllowedValues: [dev, staging, production]
    Default: dev
  SubnetIds:
    Type: List<AWS::EC2::Subnet::Id>
    Description: Subnets for load balancer
  InstanceCount:
    Type: Number
    MinValue: 1
    MaxValue: 10
    Default: 2

6.

Explain the difference between CloudFormation and other IaC tools like Terraform.

intermediate

CloudFormation:

AWS-native service, deeply integrated with AWS APIs
Uses JSON or YAML templates
State management handled by AWS
No additional cost (only pay for AWS resources created)
Eventually consistent with AWS service updates
Limited to AWS ecosystem
Terraform:
Third-party tool supporting multiple cloud providers
Uses HCL (HashiCorp Configuration Language)
Requires state file management
Licensed software with enterprise features
Often gets new provider features faster
Multi-cloud support
When to choose CloudFormation:
Pure AWS environments
Teams already invested in AWS ecosystem
Want AWS-managed state and lifecycle
Need deep integration with AWS services

7.