Join our community of over 9,300 readers delving into AWS. We highlight real-world best practices through easy-to-understand visualizations and one-pagers. Expect a fresh newsletter edition every two weeks.
ποΈ AWS CloudFormation: Constructing Robust Cloud Environments
π This is not properly displayed? Read all of our issues online! π‘
Hi Reader ππ½
Thank you for staying with us on this hopefully enlightening journey. We hope youβre making great progress in your quest to master the ever-evolving world of the AWS cloud. π
In this issue, we will unpack the intricacies of AWS CloudFormation, a service that has revolutionized how we deploy and manage resources in the cloud.
By allowing us to define and provision a collection of related AWS and even third-party resources, CloudFormation enables us to automate and replicate entire environments in a predictable and controlled manner. ποΈ
Did you know that AWS CloudFormation allows you to manage a stack of up to 500 resources with a single stack? This level of orchestration can significantly streamline your infrastructure management. π‘
Another guessing question to get you hooked:
Stay tuned until the end of this newsletter to find out if your guess is correct!
But now let's finally get started with the content of this issue π
β
Introduction
AWS CloudFormation is a service that automates the provisioning of cloud infrastructure. It uses templates, which can be written in JSON or YAML, to describe the desired resources and their configurations. When you provide CloudFormation with these templates, it takes on the responsibility of setting up or modifying your infrastructure according to the specifications you've outlined.
- π The process is declarative - you specify what your infrastructure should look like, and CloudFormation figures out how to achieve that state. This means you don't have to manually detail the steps to create each resource.
- ποΈ Templates can be submitted to CloudFormation through an S3 bucket, directly uploaded, or even via git - Once submitted, CloudFormation will begin applying the infrastructure.
As with other Infrastructure-as-Code (IaC) tools: CloudFormation simplifies infrastructure management significantly.
For example, consider a web application infrastructure that includes a DynamoDB table, a REST backend utilizing API Gateway and Lambda, and a front-end single-page application hosted in an S3 bucket with a CloudFront distribution.
You can create a CloudFormation template for this setup, launch it, and if necessary, delete all associated services with a π¨single action within CloudFormation.
This service also makes it easy to duplicate architectures for different purposes, such as setting up separate development, staging environments, or one or multiple redundant regions using the same template.
β
The Concepts
CloudFormation is built around three core ideas:
- π Templates
- ποΈ Stacks
- π Change Sets
Templates
Starting with Templates, they are essentially the blueprint for the CloudFormation application.
A template...
- ...outlines the resources to be created/managed, like a Lambda function and a DynamoDB table, and
- ... provides outputs like the function's or table's ARN.
Stacks
Stacks represent the collection of resources that can be managed as a single unit. In the context of our earlier example, the S3 bucket would be a stack.
Once the template is uploaded and named in CloudFormation, the service takes over and sets up the resources.
With Stacks, you can perform a range of tasks, including deleting them or checking for drift, which compares the live infrastructure against the template to identify differences.
Stacks can be created using the AWS CLI with the command aws cloudformation create-stack or through the AWS Management Console by clicking the "Create Stack" button.
Change Sets
Change Sets, however, are all about updating existing infrastructure. They allow you to modify your setup without overhauling everything. For example, you don't have to scrap the entire database if you need to activate backups for an RDS instance.
Instead, you can use a Change Set to apply just that specific change. This ensures that you can enable backups while preserving your data, a capability that is also utilized by more modern frameworks like the CDK or Serverless Framework, which are also powered by CloudFormation. β‘οΈ
β
Nested Stacks
When developing large-scale applications, you might end up managing hundreds or even thousands of cloud resources. Managing these resources in a single CloudFormation stack can become unwieldy, difficult to manage, and risky, as updates could impact the entire infrastructure.
As the infrastructure expands, it's common to see the same elements used across various templates. To streamline this process and enhance manageability, it's beneficial to isolate these recurring elements into distinct templates. These can then be incorporated as nested stacks in the primary CloudFormation template.
AWS CloudFormation provides the nested stack functionality, enabling the creation of stacks within stacks through the AWS::CloudFormation::Stack resource. This feature simplifies the management of shared configurations.
Consider a scenario where you have a set of configurations that are created across several stacks, such as an Application Load Balancer setup, Security Group rules, Network Access Control lists, Target Group settings, and an Elastic Container Service configuration for running applications on Fargate using Docker images.
Rather than replicating these configurations in every template, you can create a specialized template for this particular infrastructure segment. This specialized template can then be used as a nested stack within your other CloudFormation templates.
Nested stacks can be further organized into a hierarchy, with the possibility of having nested stacks within other nested stacks. At the top of this hierarchy is the root stack, which contains all other nested stacks. Each nested stack is connected to a parent stack, which could be another nested stack or the root stack itself.
β
Conclusion
CloudFormation is an integral part of the AWS ecosystem and you'll easily find yourself within a project that uses CloudFormation as its primary IaC tool.
The declarative approach to infrastructure as code ensures consistency and repeatability in resource provisioning.
While tools like Pulumi, CDK, Serverless Framework, and Terraform bring their strengths, CloudFormation's direct alignment with AWS resources, detailed state management, and drift detection capabilities make it a great choice for many AWS-centric organizations.
It stands as a reliable option for those who prefer a JSON or YAML-based template approach to define their infrastructure.
Nevertheless, before deciding on a tool, it's important to thoroughly try it out to ensure it meets your needs. βοΈ
Thank you for reading & see you in the next issue!
Sandro & Tobi π
β
P.S.: The solution to the introductory question is 2,000 stacks per region! β‘οΈ ποΈ
π‘ As a subscriber, you can get our e-book with a 15% discount at all times.
Still hungry for AWS content? Have a look at our blog! π β
AWS for the Real World
Join our community of over 9,300 readers delving into AWS. We highlight real-world best practices through easy-to-understand visualizations and one-pagers. Expect a fresh newsletter edition every two weeks.
Hey Reader ππ½ We've been talking a lot about how great SST's switch to Pulumi was, and many of you have asked us how to use plain Pulumi directly. So today, we're sharing our quick guide to Pulumi - a tool we're really excited about since it lets us build infrastructure with languages we already know and love. No more learning weird syntax - just TypeScript, Python, or whatever we're comfortable with! We spent the last few days playing with it, and here's what we've learned... AWS Community...
Newsletter Header AWS FOR THE REAL WORLD β±οΈ Reading time: 8 minutes π Main Learning: Migrating from Edgio to CloudFront βοΈ Blog Post π» GitHub Repository Hey Reader ππ½ this newsletter is about π₯ AI π€ We haven't talked too much about AI, Bedrock, MCPs, and agents yet - so we want to change that. Please let us know if this it interests you to build AI on AWS, or if you are much more interested on hands-on fundamentals services. Should we focus on AI Services? Yes, I want to learn to build...
Newsletter Header AWS FOR THE REAL WORLD β±οΈ Reading time: 8 minutes π Main Learning: Migrating from Edgio to CloudFront βοΈ Blog Post π» GitHub Repository Hey Reader ππ½ This newsletter edition is all about saving Lambda costs. I (Sandro is writing this one) was recently involved in saving Lambda costs for a client. So, I thought writing down my thought process was a good idea. Have fun with it! If you need help saving AWS costs or improving your infrastructure, just reply to this email! Now...