Question #959
A company uses AWS CloudFormation templates to manage infrastructure for a public-facing application across development, staging, and production environments. To handle increased traffic, a developer needs to upgrade the EC2 instance type to a larger instance in the staging environment.
The developer updates the CloudFormation stack with the new instance type. After the update, the stack enters the UPDATEROLLBACKFAILED state.
What is the most likely cause of this issue?
The new EC2 instance type specified is not available in the current AWS Region
The EC2 instance was manually terminated and re-launched with a different instance type outside of CloudFormation
The CloudFormation template contains an incorrect AMI ID for the new instance type
The developer lacks the necessary IAM permissions to modify the EC2 instance type
Explanation
The correct answer is B. When an EC2 instance is manually terminated and relaunched with a different instance type outside CloudFormation, it creates a resource drift. CloudFormation expects the instance to be managed by the stack and in a specific state. During an update, CloudFormation attempts to modify the instance type but fails because the instance no longer exists or is altered. The subsequent rollback also fails because CloudFormation cannot revert to the original configuration (e.g., the manually terminated instance is missing).
Other options are incorrect because:
- A: Unavailable instance types would cause an immediate update failure, but rollback would succeed if the original instance type is still available.
- C: An incorrect AMI ID would fail the update, but rollback would restore the previous valid AMI.
- D: Insufficient IAM permissions would prevent the update from starting, not cause a rollback failure.
Key Takeaway: Avoid manual changes to CloudFormation-managed resources to prevent drift, which disrupts stack operations.
Answer
The correct answer is: B