CloudFormation CheatSheet

  • When being asked to automate the provisioning of resources think CloudFormation

  • When Infrastructure as Code (lac) is mentioned think CloudFormation

  • CloudFormation can be written in either JSON or YAML

  • When CloudFormation encounters an error it will rollback with ROLLBACK_IN_PROGRESS

  • CloudFormation templates larger than 51,200 bytes (0.05 MB) are too large to upload directly, and must be imported into

  • CloudFormation via an $3 bucket.

  • NestedStacks helps you break up your CloudFormation template into smaller reusable templates that can be composed into

  • larger templates

  • At least one resource under resources: must be defined for a CloudFormation template to be valid

  • CloudFormation Template Sections

  • MetaData extra information about your template

  • Description a description of what the template is suppose to do

  • Parameters is how you get user inputs into templates

  • Transforms Applies macros (like applying a mod which change the anatomy to be custom)

  • Outputs are values you can use to import into other stacks

  • Mappings maps keys to values, just like a lookup table

  • Resources defines the resources you want to provision, at least one resource is required

  • Conditions are whether resources are created or properties are assigned

  • Rollbacks occur when a CloudFormation encounters an error when you create, update or destroy a stack

  • Stack Updates can be preformed two different ways:

    • Direct updates

      • You directly update the stack
      • You submit changes and AWS CloudFormation immediately deploys them

    • Executing Change Sets

      • You can preview the changes to CloudFormation will make to your stack (Change Set)
      • Then decide whether you want to apply those changes

    • Stack Updates will change state of your resources based on circumstances:

      • Update with No Interruption Updates the resource without disrupting operation and without changing the resource’s physical ID
      • Updates with Some Interruptions Updates the resource with some interruption and retains the physical ID.
      • Replacement recreates the resource during an update, also generates new physical ID.
      • You can use a StackPolicy to prevent stack updates on resources to prevent data loss or interruption to services

    • Drift Detection feature lets CloudFormation tell you when your expected configuration has changed to due manual overrides. eg. A CFN creates an SG but a Developer deletes it.

    • When a rollback is in progress you’ll see ROLLBACK_IN_PROGRESS

    • When a rollback succeeds you’ll see UPDATE_ROLLBACK_COMPLETE

    • When a rollback fails you’ll see UPDATE_ROLLBACK_FAILED

  • Pseudo Parameters are predefined parameters eg. !Ref AWS:Region return us-east-1

  • Resource Attributes

  • CreationPolicy prevent its status from reaching create complete until AwS CloudFormation receives a specified number of success signals or the timeout period is exceeded.

  • DeletionPolicy reserve or (in some cases) backup a resource when its stack is deleted Delete, Retain or Snapshot

  • UpdatePolicy How to handle an update for ASG, ElastiCache, Domain or Lambda Alias

  • UpdateReplacePolicy- To retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. Delete, Retain or Snapshot

  • DependsOn That resource is created only after the creation of the resource specified in the DependsOn attribute

  • Intrinsic Functions allow you to assign properties that are not available during runtime most important two to know:

  • Fn:GetAttr returns the value of an attribute from a resource in the template

  • Ref returns the value of the specified parameter or resource

  • aws cloudformation create-stack - CLI command to create a stack

  • aws cloudformation update-stack- CLI command to update a stack

  • Serverless Application Model (SAM) is an extension of CloudFormation that lets you define serverless applications