91. Building a fault tolerant WordPress site – Lab 5 : Cloud Formation

Question 50:
A company has set up “AWS Organizations” to manage several departments running their own AWS accounts. The departments operate from different countries and are spread across various AWS Regions. The company wants to set up a consistent resource provisioning process across departments so that each resource follows pre-defined configurations such as using a specific type of EC2 instances, specific IAM roles for Lambda functions, etc.
As a solutions architect, which of the following options would you recommend for this use-case?
• Use AWS CloudFormation stacks to deploy the same template across AWS accounts and regions
• Use AWS CloudFormation templates to deploy the same template across AWS accounts and regions
• Use AWS CloudFormation StackSets to deploy the same template across AWS accounts and regions(Correct)
• Use AWS Resource Access Manager (RAM) to deploy the same template across AWS accounts and regions
Explanation
Correct option:
Use AWS CloudFormation StackSets to deploy the same template across AWS accounts and regions
AWS CloudFormation StackSet extends the functionality of stacks by enabling you to create, update, or delete stacks across multiple accounts and regions with a single operation. A stack set lets you create stacks in AWS accounts across regions by using a single AWS CloudFormation template. Using an administrator account of an “AWS Organization”, you define and manage an AWS CloudFormation template, and use the template as the basis for provisioning stacks into selected target accounts of an “AWS Organization” across specified regions.
AWS CloudFormation StackSets: via – https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html
Incorrect options:
Use AWS CloudFormation templates to deploy the same template across AWS accounts and regions – Cloudformation template is a JSON or YAML-format, text-based file that describes all the AWS resources you need to deploy to run your application. A template acts as a blueprint for a stack. CloudFormation templates cannot be used to deploy the same template across AWS accounts and regions.
Use AWS CloudFormation stacks to deploy the same template across AWS accounts and regions – CloudFormation stack is a set of AWS resources that are created and managed as a single unit when AWS CloudFormation instantiates a template. A stack cannot be used to deploy the same template across AWS accounts and regions.
Use AWS Resource Access Manager (RAM) to deploy the same template across AWS accounts and regions – AWS Resource Access Manager (RAM) is a service that enables you to easily and securely share AWS resources with any AWS account or within your AWS Organization. Resource Access Manager cannot be used to deploy the same template across AWS accounts and regions.
References:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-whatis-howdoesitwork.html