AWS CloudFormation (Amazon Web Services CloudFormation)

What is AWS CloudFormation (Amazon Web Services CloudFormation)?

AWS CloudFormation is a free service that provides Amazon Web Services customers with the tools they need to create and manage the infrastructure a particular software application requires to run on AWS. However, customers must pay for the AWS resources created through CloudFormation templates.

What is AWS CloudFormation used for?

AWS CloudFormation helps developers create and manage a collection of related AWS resources. This approach enables development teams to provision resources and manage them methodically and predictably.

CloudFormation has two parts:

1. Stacks.
2. Templates.

What is an AWS CloudFormation template?

A template is a JavaScript Object Notation (JSON) or YAML Ain't Markup Language (YAML) text file. The file, which is declarative and not scripted, defines what AWS resources or non-AWS resources are required to run the application. For example, the template may declare that the application requires an Amazon Elastic Compute Cloud instance (EC2 instance) and an Identity and Access Management (IAM) policy.

When users submit the template to the service, CloudFormation creates the necessary resources in the customer's account and builds a running instance of the template, automatically putting dependencies and data flows in the correct order. The running instance is called a stack.

What is an AWS CloudFormation stack?

A stack in AWS CloudFormation is a collection of related AWS resources that users can manage as a single unit. It's essentially a blueprint of a cloud infrastructure. Cloud customers can make changes to the stack after deploying it by using CloudFormation tools and an editing process that is similar to version control. By creating, updating or deleting a stack, all the resources it holds are affected in a predictable and automated way. For example, when users delete a stack, all related resources are automatically deleted.

What are common use cases for AWS CloudFormation?

AWS CloudFormation is a powerful tool often used to enable seamless provisioning, managing and automating of AWS infrastructure.

There are four leading AWS CloudFormation use cases:

1. Creating and managing stacks. CloudFormation stacks group related AWS resources together, enabling seamless management of application or environment resources as a single unit. Users can quickly create, update or delete stacks while CloudFormation handles all underlying resources.
2. Using templates. CloudFormation templates help define how users create and configure resources. This approach helps simplify the creation and management of stacks and helps to ensure the consistent deployment of cloud infrastructure across different environments.
3. Provisioning and managing infrastructure. Users can provision and manage a variety of AWS resources with CloudFormation. For example, this can be EC2 instances, Simple Storage Service buckets (S3 buckets), IAM roles and more. This method makes it easier to manage the infrastructure for an existing application or to set up the infrastructure for a new application or website.
4. Automating infrastructure changes. To save time and effort, CloudFormation users can quickly automate infrastructure changes, like scaling an application up or down or deploying a new version of an application. This approach helps negate human error and ensures that changes are made consistently and reliably.

What is the purpose of AWS CloudFormation?

AWS CloudFormation simplifies AWS cloud infrastructure management. CloudFormation users are empowered to concentrate on the development of their applications without focusing on infrastructure maintenance, maintaining consistency and reliability, automating repetitive tasks and controlling costs.

AWS CloudFormation enables the following:

• Infrastructure as code (IaC).
• Declarative programming.
• Automation of resource management.
• Reusability and reproducibility.
• Simplified updates and rollbacks.
• Seamless integration with AWS resources.
• Improved cost management.

What is a circular dependency in AWS CloudFormation?

In AWS CloudFormation, a circular dependency occurs when two resources are stacked and configured to depend on each other, creating something like a loop that may have a negative impact on the creation, update or deletion process. Whenever this happens, CloudFormation can't determine the correct creation order.

For example, suppose Resource A demands Resource B to exist before its creation or operation, while Resource B requires Resource A to exist first. In that case, this interdependency hinders CloudFormation's ability to determine the logical order for resource creation or deletion, leading to an error. To resolve the issue, AWS users must redesign the CloudFormation template to eliminate the interdependent configuration. They also need to use additional features, like AWS Lambda-backed custom resources.

What is a change set in AWS CloudFormation?

Change set is a powerful feature that helps users preview and confirm changes before modifying an existing cloud infrastructure. The process is a safety net for CloudFormation deployments, providing an opportunity to carefully plan, preview and approve changes before they impact live infrastructure.

Key benefits of change set include the following:

• Rollback capability and version control.
• Reduced risk.
• Safe deployments.
• Management of multiple changes.
• Improved collaboration.

What is sub in AWS CloudFormation?

In AWS CloudFormation, sub, or Fn::Sub, is an intrinsic function that enables users to substitute variables with specific values within templates. This function is useful when users who need to dynamically compose strings by combining fixed text with variable elements, such as template parameters, account ID, region or outputs from other resources.

Furthermore, when writing templates in YAML, CloudFormation users can also use YAML's literal block scalar feature (introduced with |) to improve the readability of multiline strings. However, this is often used in conjunction with !Sub but is a distinct feature of YAML, not Fn::Sub itself. Users who understand Fn::Sub and YAML formatting options can create more flexible and dynamic CloudFormation templates.

What is metadata in AWS CloudFormation?

In AWS CloudFormation, metadata provides additional information that can be attached to various templates and stacks. It's essentially a set of tags or annotations that offer additional details about the infrastructure. Metadata can help users efficiently organize, document and manage CloudFormation infrastructure.

There are two main ways to use metadata in CloudFormation:

1. Template metadata is used in a dedicated section within templates to specify key-value pairs of arbitrary data. For example, template metadata helps store information such as descriptive labels, version numbers or contact information. This data helps the template owners and isn't used by AWS CloudFormation. However, the information is available and accessible to external scripts and tools to provide additional context about a specific infrastructure.
2. Resource metadata is directly attached to individual resources within a template. Written in either JSON or YAML, resource metadata can store any relevant information specific to that resource. Resource metadata is popular among users who want to define configuration settings for tools like AWS CloudFormation Init to accelerate the automation of software installation and configuration on EC2 instances.

As metadata is never encrypted or secured by CloudFormation, users must avoid storing sensitive information like passwords or secrets. Resource metadata in CloudFormation is accessible by using the AWS CloudFormation describe-stack-resource command or the DescribeStackResource operation in the CloudFormation API.

How to create an AWS CloudFormation template

To create an AWS CloudFormation template, users must first define the AWS infrastructure and resources they plan to provision and manage as code.

The following is a step-by-step guide to creating a basic AWS CloudFormation template:

1. Choose a format. Decide whether to use JSON or YAML. YAML is often a favored format because of its readability and support for comments.
2. Define the template format version. Start the template by specifying the CloudFormation template format version, which defines the template's capabilities.
3. Add metadata (optional). Users can add metadata to include arbitrary JSON or YAML objects that provide details about the template.
4. Declare parameters (optional). Users have the option of declaring parameters. Parameters enable users to input custom values when creating or updating a stack.
5. Include mappings (optional). Mappings are fixed key-value pairs often used to specify conditional parameter values. For example, this can be similar to region-specific Amazon Machine Images.
6. Define resources (mandatory). In this step, users define the AWS resources they create and configure within CloudFormation.
7. Specify outputs (optional). The outputs section declares output values users can view in the AWS console or import into other stacks.
8. Add resources, functions and conditions. This step enables the inclusion of additional resources using intrinsic functions for dynamic values and defining conditions to enable conditional resource creation.
9. Validate the template. Before deploying the template, it should be validated and checked for potential syntax errors. To do this, AWS Management Console or AWS Command Line Interface (CLI) can be used for validation.
10. Deploy the stack. Once the template has been validated, AWS Management Console, CLI or software development kits can be used to create and deploy a stack based on the template.

What is AWS CLI in CloudFormation?

AWS CLI in CloudFormation enables users to interact and manage stacks and resources within AWS CloudFormation directly from the command line or in scripts. It's part of the larger AWS CLI, which provides commands for a broad set of AWS services, including CloudFormation.

Key features and uses include the following:

• Stack management.
• Change set operations.
• Template validation.
• Resource management.
• Integration with automation and continuous integration/continuous delivery pipelines.
• Querying stack information.

AWS CLI in CloudFormation is popular among system administrators and developers who are comfortable with CLIs and scripting. Compared to AWS Management Console, AWS CLI provides a more direct and scriptable interface, enabling more efficient and automated management of cloud resources.

Learn the differences between AWS CloudFormation vs. Terraform and how to choose between them. Explore steps to launch an EC2 instance using AWS CloudFormation.