Harshit's Blogs
CloudFormation in AWS

CloudFormation in AWS

Harshit Sahu's photo
Harshit Sahu
·

5 min read

Introduction

AWS CloudFormation is a powerful infrastructure-as-code (IaC) service that allows developers and system administrators to model, provision, and manage AWS resources using declarative JSON or YAML templates. This service simplifies resource deployment by automating the setup process, enabling you to focus on building applications rather than managing infrastructure.

In this blog, we will cover CloudFormation basics, its core features, benefits, and advanced concepts, along with practical examples.

What is AWS CloudFormation?

AWS CloudFormation enables you to define your infrastructure as code. By creating a CloudFormation template, you can:

  • Define AWS resources such as EC2 instances, S3 buckets, RDS databases, and more.

  • Automate the provisioning and configuration of these resources.

  • Ensure consistency across environments like development, staging, and production.

Why Use CloudFormation?

  • Automation: Simplifies resource provisioning and updates.

  • Scalability: Easily replicate environments.

  • Consistency: Ensures uniform configurations.

  • Rollback Mechanism: Reverts changes in case of deployment failure.

When will you use CloudFormation and when AWS CLI?

AWS CLI is used when there is a short and quick action are required in AWS resources, like if you want to get list of S3 buckets in quick, CLI is more preferrable because in CFT you have to templated then submit it to stack then it will provision API calls in AWS is quite a long way just for listing. But if we need to provision VPC which requires many elements and can be reusable process also, CFT is more preferred because you can store it templates to reuse, but AWS CLI uses command to provision resources in AWS.

Basic Concepts in CloudFormation

1. CloudFormation Templates

Templates are JSON or YAML files that describe AWS resources and their configurations. A template consists of:

  • Parameters: User-defined values passed during stack creation.

  • Resources: AWS components like EC2, S3, etc.

  • Outputs: Values returned after the stack is created (e.g., resource IDs).

  • Conditions: Conditional resource creation (e.g., create resources only in specific regions).

  • Mappings: Static data for region-specific configurations.

Format in YAML

---
AWSTemplateFormatVersion: version date

Description:
  String

Metadata:
  template metadata

Parameters:
  set of parameters

Rules:
  set of rules

Mappings:
  set of mappings

Conditions:
  set of conditions

Transform:
  set of transforms

Resources:
  set of resources

Outputs:
  set of outputs

2. Stacks

A stack is a collection of AWS resources created and managed together as a single unit. When you deploy a template, it creates a stack.

3. StackSets

StackSets allow you to deploy stacks across multiple AWS accounts and regions.

Getting Started with AWS CloudFormation

Step 1: Writing a Simple Template

Here’s an example of a basic CloudFormation YAML template that creates an S3 bucket:

AWSTemplateFormatVersion: '2010-09-09'
Resources:
  MyS3Bucket:
    Type: "AWS::S3::Bucket"
    Properties:
      BucketName: "harshit-sahu-2311-test" # name should be unique

Step 2: Deploying the Template

  1. Open the AWS Management Console.

  2. Navigate to the CloudFormation service.

  3. Click Create stack > With new resources (standard).

  4. Upload your template file or paste the code directly.

  5. Configure stack settings (e.g., stack name, parameters).

  6. Click Create stack to deploy.

Step 3: Verifying the Deployment

  • Navigate to the S3 console to verify the bucket creation.

  • Check the CloudFormation stack status for any errors.

Intermediate Concepts

1. Parameters and Outputs

Parameters Example:

Parameters:
  BucketName:
    Type: String
    Description: "Name of the S3 bucket"

Resources:
  MyS3Bucket:
    Type: "AWS::S3::Bucket"
    Properties:
      BucketName: !Ref BucketName

Outputs Example:

Outputs:
  BucketArn:
    Value: !GetAtt MyS3Bucket.Arn
    Description: "The ARN of the S3 bucket"

2. Using Mappings

Mappings store static data like region-specific AMIs.

Mappings:
  RegionMap:
    us-east-1:
      AMI: ami-0abcdef1234567890
    us-west-1:
      AMI: ami-0abcdef1234567891

Resources:
  MyEC2Instance:
    Type: "AWS::EC2::Instance"
    Properties:
      ImageId: !FindInMap [RegionMap, !Ref "AWS::Region", AMI]

3. Conditions

Conditions help create resources selectively based on parameters or environments.

Conditions:
  CreateProdResources: !Equals [!Ref Environment, "Production"]

Resources:
  ProdBucket:
    Type: "AWS::S3::Bucket"
    Condition: CreateProdResources

Advanced Concepts

1. Nested Stacks

Nested stacks allow you to break down complex templates into smaller, reusable templates.

Resources:
  NestedStack:
    Type: "AWS::CloudFormation::Stack"
    Properties:
      TemplateURL: "https://mybucket.s3.amazonaws.com/nested-template.yaml"

2. Cross-Stack References

Share outputs from one stack with another using Export and ImportValue.

Stack 1 (Producer):

Outputs:
  VPCId:
    Value: !Ref MyVPC
    Export:
      Name: MyVPCId

Stack 2 (Consumer):

Resources:
  MyInstance:
    Type: "AWS::EC2::Instance"
    Properties:
      VpcId: !ImportValue MyVPCId

3. Change Sets

Change Sets preview the impact of template updates before applying them.

Drift Detection

Drift detection is used to identify discrepancies between the resources defined in a CloudFormation stack and their actual configuration in AWS.

  • How to Detect Drift:

    • Use the AWS Management Console or CLI to run drift detection.

    • The drift status will indicate whether the resource has changed.

aws cloudformation detect-stack-drift --stack-name MyStackName

  • Drift Status:

    • IN_SYNC: No changes detected.

    • DRIFTED: Resource configuration has deviated from the template.

Example Scenario: If someone manually modifies an EC2 instance created by CloudFormation, drift detection will flag this change, allowing you to take corrective action.

Real-World Examples

Example 1: Multi-Tier Web Application

Create a stack with the following:

  • A load balancer in a public subnet.

  • EC2 instances in private subnets.

  • An RDS database instance.

Example 2: Serverless Application

Define resources for:

  • An API Gateway.

  • AWS Lambda functions.

  • DynamoDB tables.

Best Practices for AWS CloudFormation

  1. Modular Templates: Use nested stacks for reusability.

  2. Version Control: Store templates in Git repositories.

  3. Validation: Validate templates using the aws cloudformation validate-template command.

  4. Tagging: Apply tags to organize and track resources.

  5. Monitoring: Use AWS CloudTrail and CloudWatch for stack monitoring.

Conclusion

AWS CloudFormation is a robust tool for managing infrastructure at scale. By mastering its concepts and features, you can streamline resource provisioning, enforce consistency, and automate deployments effectively. Whether you’re a beginner or an advanced user, CloudFormation empowers you to manage your AWS resources with confidence.

Happy building with AWS CloudFormation!

cloudformationAWSdrift