My first CloudFormation

Chris Birchall

CloudFormation

Codify your AWS resources
Make stack creation reproducible
Track and review changes

CloudFormation

Describe your resources declaratively in a YAML template
Support for parameters, rudimentary logic, string manipulation

Template structure

---
AWSTemplateFormatVersion: 2010-09-09
Description: My lovely template

Parameters:
  ... template parameters ...

Resources:
  ... resources ...

Simple example

---
AWSTemplateFormatVersion: 2010-09-09
Description: My lovely template

Parameters:

  EmailAddress:
    Type: String
    Description: Chris email address

Resources:

  MyLovelyTopic:
    Type: "AWS::SNS::Topic"
    Properties:
      TopicName: send-email-to-chris
      Subscription:
        -
          Protocol: email
          Endpoint: !Ref EmailAddress

Proper example

Cloudforming a Beanstalk app

Disclaimer:

I've never used Beanstalk!

my-amazing-app

Dockerized Python app
Beanstalk
- Single environment
- Single t2.nano instance, immutable deployments
- EC2 instance profile
- SSH access only from 10.0.0.0/8
- HTTP access only via load balancer
- No public IP on EC2 instance

Recommendations

Read the docs, they're surprisingly good
- Just google for e.g. "cloudformation ec2 instance"
- AWS::EC2::Instance docs
You can pass secrets as parameters
- But don't go crazy with it
Use logic sparingly
- e.g. using an "IsProd" condition to run fewer instances in pre-prod env to save money

Recommendations (2)

Don't be tempted to use CloudFormer
- Cloudforming from scratch is a good opportunity to gain understanding about your resources
Do everything manually once before writing template
Treat templates as code
- Pull requests, code reviews
Share the love!
- Copying another team's template is a good way to get started

Recommendations (3)

Don't try to make templates too generic
- Separate template file per service is fine
Avoid giving resources custom names
- Restriction of CloudFormation: some types of resource cannot be updated if they have custom name
Run stack updates automatically via CI tool?
- In my team we don't do this

My first CloudFormation

CloudFormation

CloudFormation

Template structure

Simple example

Proper example

Disclaimer:

I've never used Beanstalk!

my-amazing-app

Recommendations

Recommendations (2)

Recommendations (3)

Go forth and cloudform!

Questions?