A pharma company is using VPC to deploy all its application & database servers.
All this server infrastructure in VPC is deployed using AWS CloudFormation Templates.
Based upon user requirements, a large number of servers are deployed on EC2 instances within each VPC.
Last week there was a major outage due to the addition and removal of a CIDR range through CloudFormation template in one VPC with critical Database servers.
All connectivity from application servers to database servers was hampered due to this modification.
Top management needs to have a proactive measure to be set up so that all such outages can be avoided in the future.
Which of the following steps can be taken to meet this requirement?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - D.
A Stack Policy can be used to prevent users from updating, replacing or deleting a stack resource within a Stack ( in this case, it is the addition and removal of a CIDR range ).
Option A is incorrect as this will prevent accidental deletion of the stack & not prevent individual Stack resources with a stack being updated.
Option B is incorrect as this will incur additional admin work for setting many VPC.Option C is incorrect as IAM rules will grant restrictive permission to users.
But this will not prevent updating stack resources from a user having permission.
For more information on the creation of Stack Policy, refer to the following URL.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.htmlThe scenario presented in the question is about a pharma company that has deployed all its application and database servers using AWS CloudFormation Templates within a VPC. Due to the addition and removal of a CIDR range through CloudFormation template in one VPC with critical Database servers, there was a major outage that hampered connectivity from application servers to database servers. The top management now wants to take proactive measures to avoid such outages in the future.
Let's look at each of the given options to understand which one is the most suitable in this scenario:
A. Enabled Stack termination protection for each stack: This option does not address the root cause of the outage, which was the modification of the CIDR range in the CloudFormation template. Stack termination protection can prevent accidental deletion of a stack, but it does not prevent the modification of the stack's resources.
B. Manually Hard code CIDR range in each template & deny all users from modifying these CIDR ranges: This option may address the root cause of the outage by hard coding the CIDR range in the CloudFormation template. However, denying all users from modifying the CIDR range may not be a practical solution, as there may be legitimate reasons for modifying the CIDR range.
C. Modify IAM rules so that only restrictive users have permission to update Stack: This option can limit the number of users who have permission to modify the CloudFormation stack. However, it does not address the root cause of the outage, which was the modification of the CIDR range in the CloudFormation template.
D. Create a Stack Policy that will deny users from adding or removing CIDR range(s) within a VPC: This option is the most suitable in this scenario as it addresses the root cause of the outage by creating a Stack Policy that denies users from adding or removing CIDR ranges within a VPC. A Stack Policy is a tool in AWS CloudFormation that enables users to prevent updates to specific resources in a stack. With the help of Stack Policy, the user can deny any modification to the CIDR range in a VPC, thereby preventing any future outage.
Therefore, the correct answer is D. Create a Stack Policy that will deny users from adding or removing CIDR range(s) within a VPC.