AWS Certified Developer – Associate — Question 317

A security review for a software company’s application infrastructure shows that there is no test coverage in any of the company’s deployment pipelines. A developer must fix this issue as soon as possible. The company has been integrating the AWS Cloud Development Kit (AWS CDK) into the deployment process. However, much of the pipeline still uses AWS CloudFormation templates. The developer needs to add test coverage to all the deployment code.

Which solution will meet these requirements with the LEAST amount of configuration?

Answer options

• A. Write unit tests by using the AWS CDK assertions module. Create CloudFormation template instances by using the module's Template class for the existing CloudFormation templates and the module’s Capture class for the CDK stacks.
• B. Write unit tests by using the AWS CDK assertions module. Create CloudFormation template instances by using the module’s Template.fromString() method for the existing CloudFormation templates and the module's Template.fromStack{} method for the CDK stacks.
• C. Convert the CloudFormation templates into CDK stacks by using the AWS CDK CfnInciude construct. Write unit tests against the templates by using CloudFormation rule assertions.
• D. Convert the CDK stacks into CloudFormation templates by using the AWS CDK CfnInclude construct. Write unit tests against the templates by using CloudFormation rule assertions.

Correct answer: B

Explanation

The AWS CDK assertions module provides a unified way to test both CDK-synthesized templates and raw CloudFormation templates with minimal setup. By using Template.fromString(), developers can easily ingest and assert against existing legacy CloudFormation templates, while Template.fromStack() allows testing of CDK stacks directly. This avoids the overhead of converting code formats using constructs like CfnInclude, making it the most efficient solution.