4.1. Cloud Resource Provisioning
š” First Principle: What happens when your only engineer with console access leaves and no one documented what they built?
Every piece of infrastructure that exists only in a console click becomes infrastructure that can't be reviewed, version-controlled, reproduced, or audited. Provisioning as code transforms infrastructure from fragile snowflakes ā servers configured uniquely by hand ā into cattle: identical, replaceable, and defined by source-controlled templates.
The exam covers provisioning at multiple layers: the base images your instances launch from (AMIs, container images), the templates that define your entire stack (CloudFormation, CDK), the tools that might exist outside AWS (Terraform, Git), and the cross-account mechanisms that let you provision consistently at organizational scale (RAM, StackSets).
Understanding when and why you'd reach for each tool is the exam skill. CloudFormation and CDK are AWS-native and deep. Terraform is vendor-neutral and broad. CDK generates CloudFormation ā it's not a replacement but an abstraction layer. These distinctions matter for scenario questions.
