My first CloudFormation

Chris Birchall

CloudFormation

Codify your AWS resources
Make stack creation reproducible
Track and review changes

CloudFormation

Describe your resources declaratively in a YAML template
Support for parameters, rudimentary logic, string manipulation

Template structure

---
AWSTemplateFormatVersion: 2010-09-09
Description: My lovely template

Parameters:
  ... template parameters ...

Resources:
  ... resources ...

Simple example

---
AWSTemplateFormatVersion: 2010-09-09
Description: My lovely template

Parameters:

  EmailAddress:
    Type: String
    Description: Chris email address

Resources:

  MyLovelyTopic:
    Type: "AWS::SNS::Topic"
    Properties:
      TopicName: send-email-to-chris
      Subscription:
        -
          Protocol: email
          Endpoint: !Ref EmailAddress

Proper example

Cloudforming a Beanstalk app

Disclaimer:

I've never used Beanstalk!

my-amazing-app

Dockerized Python app
Beanstalk
- Single environment
- Single t2.nano instance, immutable deployments
- EC2 instance profile
- SSH access only from 10.0.0.0/8
- HTTP access only via load balancer
- No public IP on EC2 instance

Recommendations

Read the docs, they're surprisingly good
- Just google for e.g. "cloudformation ec2 instance"
- AWS::EC2::Instance docs
You can pass secrets as parameters
- But don't go crazy with it
Use logic sparingly
- e.g. using an "IsProd" condition to run fewer instances in pre-prod env to save money

Recommendations (2)

Don't be tempted to use CloudFormer
- Cloudforming from scratch is a good opportunity to gain understanding about your resources
Do everything manually once before writing template
Treat templates as code
- Pull requests, code reviews
Share the love!
- Copying another team's template is a good way to get started

Recommendations (3)

Don't try to make templates too generic
- Separate template file per service is fine
Avoid giving resources custom names
- Restriction of CloudFormation: some types of resource cannot be updated if they have custom name
Run stack updates automatically via CI tool?
- In my team we don't do this

My first CloudFormation

CloudFormation

CloudFormation

Template structure

Simple example

Proper example

Disclaimer:

I've never used Beanstalk!

my-amazing-app

Recommendations

Recommendations (2)

Recommendations (3)

Go forth and cloudform!

Questions?

My first CloudFormation

My first CloudFormation

Chris Birchall

My first CloudFormation

CloudFormation

CloudFormation

Template structure

Simple example

Proper example

Disclaimer:

I've never used Beanstalk!

my-amazing-app

Recommendations

Recommendations (2)

Recommendations (3)

Go forth and cloudform!

Questions?

My first CloudFormation

More from Chris Birchall