Q: 5
A company has an AWS CloudFormation template that includes an AWS::EC2::Instance resource and
a custom resource (Lambda function). The Lambda function fails because it runs before the EC2
instance is launched.
Which solution will resolve this issue?
Options
Discussion
My pick: A, saw a similar question on practice where DependsOn is required to force the right resource order.
B , since if the Lambda fails I’d check the service token first. Option A is tempting but the token setup feels like a common trap here.
Seen this kind of question way too often, AWS makes these templates so picky. It's A this time, use DependsOn to make sure the EC2 launches before Lambda kicks in. Pretty sure that's what they're testing for here.
B or C? I've seen issues before where the Lambda didn't send the cfn-response, so C looks like it could fix a custom resource fail. But also maybe B if the service token is wrong. Not totally sure in this context, open to counterpoints.
A imo, but only because the Lambda is tied to instance launch, not app readiness. If the function needed to wait for something inside EC2 (like an app/service startup), just DependsOn wouldn't cut it. CloudFormation only checks resource status, not what's running inside.
Option D seems possible since you can use Fn::If for some conditional logic in CloudFormation, but I think it's not really meant to control resource creation order. Fn::If mostly changes properties or whether something gets created, not the sequencing. Pretty sure this wouldn't actually fix the Lambda running too soon. If anyone's made this work differently let me know.
My vote is A is right here. The problem is all about the resource order, and DependsOn is how you make sure CloudFormation waits for the EC2 instance before launching the Lambda custom resource. D looks tempting but Fn::If doesn't guarantee resource creation order. Seen this in exam practice a few times, pretty sure it's A.
A tbh
B . If the Lambda function is failing, my first instinct is to check if the service token setup is valid. Misconfigured service token can cause custom resource failures before even worrying about dependencies. Not 100% on this, maybe missing something about sequencing.
A
Be respectful. No spam.
