In AWS CloudFormation, a newly created stack allows updates to all stack resources by default. A stack update can be carried out by anyone with stack update permissions, and certain updates may result in a complete replacement of a resource. When using AWS CloudFormation to manage cloud infrastructure, it's essential to employ the correct safeguards to avoid unintentional updates to business-critical services.
Defining a stack policy along with your CloudFormation stack can prevent resources from being unintentionally updated or deleted during a stack update.
In this lab, you will learn how to apply and override a stack policy that is associated with an AWS CloudFormation stack.
Upon completion of this intermediate-level lab, you will be able to:
Familiarity with the following will be beneficial but is not required:
The following content can be used to fulfill the prerequisite:
Jun is a Cloud Labs Developer with previous experience as a Software Engineer and Cloud Developer. He holds the AWS Certified Solutions Architect and DevOps Engineer Professional certifications. He also holds the AWS Certified Solutions Architect, Developer, and SysOps Administrator Associate certifications.
Jun is focused on giving back to the growing cloud community by sharing his knowledge and experience with students and creating engaging content.