CloudFormation vs Ansible / Terraform

• CloudFormation being AWS native will always containt the latest features and options for AWS services

• CloudFormation is state based, AWS figures out how best to reach that state

• Ansible and Terraform are instrution based, so it can be difficult to fully orchestrate stacks

• Ansible and Terraform have to be updated each a new service or API is released, which can take a long time

YAML

• Key - Value pairs

• Nested objects (tab)

• Supports arrays (-)

• Multi line strings (|)

• Coments (#)

Updates

• Update with no interruption

• Replacement updates

Template Options

• Tags (up to 50)

• Permissions (IAM role that creates the CloudFormation resources)

• Notification Options (SNS Topic)

• Timeouts (in minutes)

• Rollback configuration (Specify alarms for CloudFormation to monitor when creating and updating the stack.)

• Rollback on Failure (Yes/No)

• Stack Policy (Defines the resources that you want to protect from unintentional updates during a stack update.)

CloudFormation Designer

Building Blocks

Components

1. Resources: your AWS resources declared in the template

2. Parameters: the dynamic inputs for your template

3. Mappings: the static variables for your template

4. Outputs: References to what has been created

5. Conditionals: List of conditions to perform resource creation

6. Metadata

Template Helpers

1. References

2. Functions

Parameters

• Type

  • String

  • Number

  • CommaDelimitedList

  • List

  • AWS Parameter (to catch invalid values, match against exiting AWS account values)

• Description

• Constraints

• Constraint Description (String)

• Min/MaxLength

• Min/MaxValue

• Defaults

• AllowedValues (array)

• AllowPattern (regexp)

• NoEcho (Boolean)

0-parameters-hands-on.yaml

• Fn:Ref == ! Ref, function reference parameters or other elements in the template

Resources

• AWS::aws-product-name::data-type-name