Chapter 1
CreateStackis invoked; CloudFormation then calls service APIs to create stack resources.- A CloudFormation service role is an IAM role that is assumed by CloudFormation before stack operations are performed. The policies attached to that role will then be used to perform stack operations.
- The API credentials that are attached to the IAM entity (user or role), when we run the CloudFormation stack operations.
- This information (physical resource ID and its metadata) is stored in CloudFormation’s state.
- If we try to create the same stack (that is, invoke the CreateStack API call), the call will fail with a
400AlreadyExistserror. - If we run a stack update without any changes in a template or parameters, nothing will happen, as there are no changes. CloudFormation will not notice if the resource has been deleted manually. However, if we update the deleted resource, the operation will fail because the CloudFormation resource still exists in the state...
