Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.

2.2.1.2. Change Management Processes for IaC Platforms

2.2.1.2. Change Management Processes for IaC Platforms

Loading diagram...

Every IaC change carries risk. CloudFormation change sets let you preview exactly what will be created, modified, or replaced before committing.

Change sets are mandatory for production stacks. They show the action (Add/Modify/Remove), logical resource ID, physical resource ID, and whether the change requires replacement. Always review change sets — a property change that triggers replacement (e.g., changing an RDS Engine) destroys and recreates the resource.

Update behaviors vary per resource property. The CloudFormation documentation marks each property as:

  • No Interruption: In-place update, no downtime
  • Some Interruption: Brief disruption (e.g., EC2 instance restart)
  • Replacement: Resource destroyed and recreated with new physical ID

Stack policies protect resources from accidental updates:

{
  "Statement": [{
    "Effect": "Deny",
    "Action": "Update:Replace",
    "Principal": "*",
    "Resource": "LogicalResourceId/ProductionDatabase"
  }]
}

Drift detection identifies resources modified outside of CloudFormation (manual console changes, CLI commands). Run drift detection periodically and before updates to catch unexpected state.

Exam Trap: CloudFormation rollback on update failure reverts the stack to its previous state — but if a resource was replaced, the original resource is already deleted. DeletionPolicy: Retain prevents this data loss. Always set DeletionPolicy: Snapshot on RDS instances and Retain on S3 buckets in production.

Alvin Varughese
Written byAlvin Varughese•Founder•15 professional certifications