CloudFormation template fundamentals

Automating Deployments on AWS

Dunieski Otano

Amazon Web Services Solutions Architect

Why infrastructure as code

drift

  • Manual console clicks drift over time
  • IaC declares the desired state in a file
  • Repeatable, reviewable, versioned
  • CloudFormation, SAM, and CDK are the AWS toolkits
Automating Deployments on AWS

CloudFormation template anatomy

param

  • Resources (required): the infra you want to provision
  • Parameters: inputs you pass at deploy time
  • Outputs: values exported by the stack
  • Mappings, Conditions, Transform: helpers (Transform enables SAM)
Automating Deployments on AWS

Intrinsic functions

intrinsic

  • Ref: refer to a parameter or another resource
  • Fn::GetAtt: read an attribute of a resource
  • Fn::Sub: substitute variables into a string
  • Short-form: Ref, !GetAtt, !Sub
Automating Deployments on AWS

Change sets preview updates

  • A change set previews what an update will do
  • Lists every Add, Modify, Remove action
  • Flags resources that will be replaced
  • Execute or discard, no surprise updates

changeset

Automating Deployments on AWS

Drift detection

  • Drift: a resource changed outside CloudFormation
  • Per-resource status: IN_SYNC, MODIFIED, DELETED, NOT_CHECKED
  • Per-resource report shows what differs
  • Re-deploy the template to reconcile

detection

Automating Deployments on AWS

Deploying and updating stacks

  • Create stack: the first deploy
  • Update stack: change resources in place
  • Stack events* show every step
  • Failed updates roll back to the prior state

update

Automating Deployments on AWS

Let's practice!

Automating Deployments on AWS

Preparing Video For Download...