profile

AWS for the Real World

πŸ—οΈ AWS CloudFormation: Constructing Robust Cloud Environments

Published 6 months agoΒ β€’Β 4 min read

πŸ‘€ This is not properly displayed? Read all of our issues online! πŸ’‘

Hi Reader πŸ‘‹πŸ½

Thank you for staying with us on this hopefully enlightening journey. We hope you’re making great progress in your quest to master the ever-evolving world of the AWS cloud. πŸ’›

In this issue, we will unpack the intricacies of AWS CloudFormation, a service that has revolutionized how we deploy and manage resources in the cloud.

By allowing us to define and provision a collection of related AWS and even third-party resources, CloudFormation enables us to automate and replicate entire environments in a predictable and controlled manner. πŸ—οΈ

Did you know that AWS CloudFormation allows you to manage a stack of up to 500 resources with a single stack? This level of orchestration can significantly streamline your infrastructure management. πŸ’‘

Another guessing question to get you hooked:

How many stacks can you create in a single region?

Stay tuned until the end of this newsletter to find out if your guess is correct!

But now let's finally get started with the content of this issue πŸ“š

​

Introduction

AWS CloudFormation is a service that automates the provisioning of cloud infrastructure. It uses templates, which can be written in JSON or YAML, to describe the desired resources and their configurations. When you provide CloudFormation with these templates, it takes on the responsibility of setting up or modifying your infrastructure according to the specifications you've outlined.

  1. πŸ“ The process is declarative - you specify what your infrastructure should look like, and CloudFormation figures out how to achieve that state. This means you don't have to manually detail the steps to create each resource.
  2. πŸ—οΈ Templates can be submitted to CloudFormation through an S3 bucket, directly uploaded, or even via git - Once submitted, CloudFormation will begin applying the infrastructure.

As with other Infrastructure-as-Code (IaC) tools: CloudFormation simplifies infrastructure management significantly.

For example, consider a web application infrastructure that includes a DynamoDB table, a REST backend utilizing API Gateway and Lambda, and a front-end single-page application hosted in an S3 bucket with a CloudFront distribution.

You can create a CloudFormation template for this setup, launch it, and if necessary, delete all associated services with a πŸ”¨single action within CloudFormation.

This service also makes it easy to duplicate architectures for different purposes, such as setting up separate development, staging environments, or one or multiple redundant regions using the same template.

​

The Concepts

CloudFormation is built around three core ideas:

  • πŸ“ Templates
  • πŸ—οΈ Stacks
  • πŸ”€ Change Sets

Templates

Starting with Templates, they are essentially the blueprint for the CloudFormation application.

A template...

  • ...outlines the resources to be created/managed, like a Lambda function and a DynamoDB table, and
  • ... provides outputs like the function's or table's ARN.

Stacks

Stacks represent the collection of resources that can be managed as a single unit. In the context of our earlier example, the S3 bucket would be a stack.

Once the template is uploaded and named in CloudFormation, the service takes over and sets up the resources.

With Stacks, you can perform a range of tasks, including deleting them or checking for drift, which compares the live infrastructure against the template to identify differences.

Stacks can be created using the AWS CLI with the command aws cloudformation create-stack or through the AWS Management Console by clicking the "Create Stack" button.

Change Sets

Change Sets, however, are all about updating existing infrastructure. They allow you to modify your setup without overhauling everything. For example, you don't have to scrap the entire database if you need to activate backups for an RDS instance.

Instead, you can use a Change Set to apply just that specific change. This ensures that you can enable backups while preserving your data, a capability that is also utilized by more modern frameworks like the CDK or Serverless Framework, which are also powered by CloudFormation. ⚑️

​

Nested Stacks

When developing large-scale applications, you might end up managing hundreds or even thousands of cloud resources. Managing these resources in a single CloudFormation stack can become unwieldy, difficult to manage, and risky, as updates could impact the entire infrastructure.

As the infrastructure expands, it's common to see the same elements used across various templates. To streamline this process and enhance manageability, it's beneficial to isolate these recurring elements into distinct templates. These can then be incorporated as nested stacks in the primary CloudFormation template.

AWS CloudFormation provides the nested stack functionality, enabling the creation of stacks within stacks through the AWS::CloudFormation::Stack resource. This feature simplifies the management of shared configurations.

Consider a scenario where you have a set of configurations that are created across several stacks, such as an Application Load Balancer setup, Security Group rules, Network Access Control lists, Target Group settings, and an Elastic Container Service configuration for running applications on Fargate using Docker images.

Rather than replicating these configurations in every template, you can create a specialized template for this particular infrastructure segment. This specialized template can then be used as a nested stack within your other CloudFormation templates.

Nested stacks can be further organized into a hierarchy, with the possibility of having nested stacks within other nested stacks. At the top of this hierarchy is the root stack, which contains all other nested stacks. Each nested stack is connected to a parent stack, which could be another nested stack or the root stack itself.

​

Conclusion

CloudFormation is an integral part of the AWS ecosystem and you'll easily find yourself within a project that uses CloudFormation as its primary IaC tool.

The declarative approach to infrastructure as code ensures consistency and repeatability in resource provisioning.

While tools like Pulumi, CDK, Serverless Framework, and Terraform bring their strengths, CloudFormation's direct alignment with AWS resources, detailed state management, and drift detection capabilities make it a great choice for many AWS-centric organizations.

It stands as a reliable option for those who prefer a JSON or YAML-based template approach to define their infrastructure.

Nevertheless, before deciding on a tool, it's important to thoroughly try it out to ensure it meets your needs. ✌️

Thank you for reading & see you in the next issue!

Sandro & Tobi πŸ‘‹

​

P.S.: The solution to the introductory question is 2,000 stacks per region! ⚑️ πŸ—οΈ


πŸ’‘ As a subscriber, you can get our e-book with a 15% discount at all times.

Still hungry for AWS content? Have a look at our blog! πŸ“š ↓

AWS for the Real World

by Tobi & Sandro

Join our community of over 8,800 readers delving into AWS. We highlight real-world best practices through easy-to-understand visualizations and one-pagers. Expect a fresh newsletter edition every two weeks.

Read more from AWS for the Real World

βŒ› Reading time: 11.5 minutes πŸŽ“ Main Learning: Host Web Applications on AWS with the CloudFront Hosting Toolkit πŸ‘¨πŸ½πŸ’» GitHub Code πŸ“ Blog Post Hey Reader πŸ‘‹πŸ½ Happy New Week! I (Sandro) will attend the Serverless Days in Milano next week where Jeremy Daley will hold the keynote. I look forward to meeting many of you and the overall AWS community. This week's newsletter is all about hosting your frontend on AWS. AWS launched a new way of deploying your frontend to it: The CloudFront Hosting Toolkit....

10 days agoΒ β€’Β 6 min read

βŒ› Reading time: 7 minutes πŸŽ“ Main Learning: Visual Regression Testing with AWS CloudWatch Synthetics πŸ‘¨πŸ½πŸ’» GitHub Code πŸ“ Blog Post Hey Reader Keeping your website running smoothly is important.It's also important to keep an eye on its visual appearance and that it doesn't change due to an unwanted change. AWS CloudWatch Synthetic Canaries is a tool that helps you check on your websites (and APIs!) to make sure it’s working well and look as expected. In this newsletter, we’re going to show you...

about 1 month agoΒ β€’Β 4 min read

Hi Reader and happy May the 4th ⭐. We want to start the spring by giving you an amazing discount on our book and other resources. For that, we have partnered with four different AWS Creators around the globe. You can use the code AWSFUND30 to get 30% off. The resources are: πŸ“™ AWS Fundamentals - Like this newsletter, it covers the basics of essential AWS Services for real-world applications. πŸ“˜ The DynamoDB Book - Level up your DynamoDB modeling and finally understand Single-Table Design. πŸ—οΈ...

about 2 months agoΒ β€’Β 1 min read
Share this post