CloudFormation

When you use AWS CloudFormation, you work with templates and stacks. You create templates to describe your collection of AWS resources and their properties. CloudFormation manages those related resources as a single unit called a stack. CloudFormation creates a stack and then provisions the resources that are described in your template. So, CloudFormation creates, updates, and deletes a collection of resources defined in the template by creating, updating, and deleting the stack. If you need to make changes to the running resources in a stack, you update the stack. Before making changes to your resources, you can generate a change set, which is a summary of your proposed changes. Change sets allow you to see how your changes might impact your running resources, especially for critical resources, before implementing them.

Template - YAML

References:

Template Guides - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-guide.html
Template References - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html

Resources: 
  WebServer:
    Type: "AWS::Dummy::DemoOnly"
    Properties: {}
    # reference a parameter
    KeyName: !Ref Param1
    CidrBlock: !Select [0, !Ref Param1]
# Parameters enable: template reuse;
Parameters:
  Param1:
    Description: param1 description
    Type: [String|Number|...]
    AllowedValues:
      - "one"
      - "two"
      [...]
# Mapping
RegionMap:
  us-west-1:
    "32": "ami-6411e20d"
    "64": "ami-7a11e213"
  us-west-2:
    "32": "ami-6612e20d"
    "64": "ami-8b11e213"

Template components:

Resources
Parameters
Mappings
Outputs
Conditionals
Metadata

Template options:

Tags
Permissions
Notification options
Timeouts
Rollback on failure
Stack policy

Parameters

Reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html

Parameters will be displayed on the AWS management console after the template is uploaded. Parameter settings include:

Description
Type:
- String
- Number
- CommaDelimitedList
- List<Type>
- AWS Parameter (guard against invalid values, by matching against existing values in the AWS account)
Costraints
ConstraintDescription (String)
Min/MaxLength
Min/MaxValue
Defaults
AllowedValues (array)
AllowedPattern (regexp)
NoEcho (boolean)

Resources

Reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html

Mapping

Reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html

Define:

Mappings: 
  Mapping01: 
    Key01: 
      Name: Value01
    Key02: 
      Name: Value02

Retrieve:

!FindInMap [MapName, TopLevelKey, SecondLevelKey]

Pseudo parameters

Examples:

AWS::AccountId
AWS::Region
AWS::StackName

Retrieve:

!FindInMap [MapName, !Ref 'AWS::Region', SecondLevelKey]

Outputs

Reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/outputs-section-structure.html

Define:

Outputs:
  LogicalID:
    Description: Information about the value
    Value: <Value to return>
    Export:
      Name: <Name of resource to export>

Retrieve:

[...]
    - !ImportValue LogicalID

Conditions

Reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/conditions-section-structure.html

Define:

Conditions:
  Logical ID:
    [Intrinsic function]

Intrinsic functions are: !And, !Equals, !If, !Not, and !Or

Additional Fn: !GetAtt

Example:

Conditions:
  CreateProdInstance: !Equal [ !Ref EnvType, prod ]

Mountpoint:
[...]
  Condition: CreateProdInstance

Intrinsic Function - Fn::GetAtt

Reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#aws-properties-ec2-instance-return-values

Example:

EC2Instance:
[...]

NewVolume:
  AvaiabilityZone:
    !GetAtt EC2Instance.AvaiabilityZone

Metadata

Reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

The optional Metadata section to include arbitrary JSON or YAML objects that provide details about the template. For example, you can include template implementation details about specific resources, as shown in the following snippet:

Metadata:
  Instances:
    Description: "Information about the instances"
  Databases: 
    Description: "Information about the databases"

Run from AWS CLI

Prerequisite:

Install & setup AWS CLI

$ aws cloudformation create-stack --stack-name ExampleStack \
      --capabilities CAPABILITY_NAMED_IAM \
      --template-body file://~/<projects-folder>/example.yml \
      --parameters file://~/<projects-folder>/parameters.json
      --region us-west-2

$ aws cloudformation describe-stacks --stack-name ExampleStack

$ aws cloudformation describe-stacks --stack-name ExampleStack > \
       ~/<projects-folder>/cloudformation-core-output.json

AWS Samples

Examples

Cloudformation Templates - various EPC & VPC setup

Github: https://github.com/gabepublic/aws-cloudformation-templates

Summary:

EC2:
- EC2 with ingress on port 80
- EC2 with ingress on port 22
- EC2 with ingress on ports 22 & 80
VPC:
- VPC with 4 subnets VPC with 1 public subnet, igw and EC2 + website
- VPC with 2 public subnets, igw, load balancer, and EC2 + website
- VPC 2 public subnets, bastion host, alb, ec2 + website
- VPC with 4 subnets (2 public & 2 private), igw, alb, and EC2 website & APIs