AWS Assignment– 7

Infrastructure as Code (CloudFormation & Terraform)

Basic Questions

  1. Write a CloudFormation YAML template to create a single EC2 instance.
  2. Modify the template to add a Security Group allowing SSH (22).
  3. Add an S3 bucket resource to the CloudFormation template.
  4. Deploy the stack using AWS Console and note outputs.
  5. Deploy the same CloudFormation stack using AWS CLI.
  6. Update the CloudFormation stack to add a second EC2 instance.
  7. Delete the CloudFormation stack and verify cleanup.
  8. Write a Terraform configuration to launch a t2.micro EC2 instance.
  9. Add a Security Group in Terraform allowing HTTP (80).
  10. Use terraform plan and terraform apply to deploy.
  11. Add an output variable in Terraform to print the EC2 public IP.
  12. Define an input variable for instance type in Terraform.
  13. Use terraform fmt to format the configuration.
  14. Import an existing S3 bucket into Terraform state.
  15. Destroy the Terraform-managed resources with terraform destroy.
  16. Write a CloudFormation JSON template to create an IAM user.
  17. Create a Terraform configuration for an S3 bucket with versioning enabled.
  18. Add tags to AWS resources in both CloudFormation and Terraform.
  19. Compare the difference between CloudFormation and Terraform templates.
  20. Document basic IaC workflow for DevOps teams.

Intermediate Questions

  1. Create a CloudFormation template with a VPC, subnet, and Internet Gateway.
  2. Add an EC2 instance into the subnet using the above template.
  3. Configure parameters in CloudFormation for VPC CIDR and instance type.
  4. Use CloudFormation outputs to export values (e.g., Subnet ID).
  5. Deploy a nested CloudFormation stack (VPC + EC2 in separate templates).
  6. Write a Terraform module for creating an EC2 instance.
  7. Use the module to create 2 EC2 instances with different tags.
  8. Configure Terraform remote state backend using S3 and DynamoDB.
  9. Create a Terraform configuration with a VPC, subnet, and Internet Gateway.
  10. Deploy the VPC configuration with Terraform.
  11. Use Terraform variables to manage environment differences (dev, stage, prod).
  12. Write a Terraform locals block for resource naming conventions.
  13. Add a Terraform count argument to deploy multiple subnets dynamically.
  14. Use Terraform for_each to create multiple Security Groups.
  15. Manage IAM roles and policies using Terraform.
  16. Automate stack deployment via Jenkins pipeline using Terraform CLI.
  17. Automate stack deployment via CodePipeline using CloudFormation.
  18. Enable drift detection in CloudFormation and review drift results.
  19. Use Terraform data sources to fetch an existing AMI.
  20. Document best practices for structuring IaC projects in Git repos.

Advanced Questions

  1. Write a CloudFormation template for a 3-tier architecture (VPC, ALB, EC2, RDS).
  2. Deploy the template with parameters for environment (dev, stage, prod).
  3. Write a Terraform configuration to replicate the same 3-tier architecture.
  4. Use Terraform workspaces to manage multiple environments.
  5. Configure CloudFormation stack sets to deploy across multiple AWS accounts.
  6. Use Terraform to provision resources across two AWS regions.
  7. Implement conditional logic in CloudFormation templates (e.g., enable/disable resources).
  8. Write a Terraform script that provisions EC2 + ALB + Auto Scaling Group.
  9. Integrate Terraform with GitHub Actions for automated plan & apply on commits.
  10. Final Hands-on Project:
    • Use CloudFormation to provision networking stack (VPC, subnets, gateways)
    • Use Terraform to provision compute stack (EC2, ASG, ALB)
    • Store Terraform state in S3 with DynamoDB locking
    • Automate deployments with Jenkins/CodePipeline
    • Apply tagging, parameters, outputs, and drift detection
    • Document how DevOps teams can mix CloudFormation + Terraform in large-scale projects