AWS Cloud Formation.

Raj NandgaonkarRaj Nandgaonkar
5 min read

๐€๐ฆ๐š๐ณ๐จ๐ง ๐‚๐ฅ๐จ๐ฎ๐ ๐…๐จ๐ซ๐ฆ๐š๐ญ๐ข๐จ๐ง (๐‚๐…๐“) is a powerful service offered by Amazon Web Services (AWS) for infrastructure as code (IAC) management. It allows you to define and provision AWS infrastructure resources using templates. Hereโ€™s a deep dive into AWS CloudFormation and how to write CFTs, along with features like Drift Detection:

๐Ÿ. ๐–๐ก๐š๐ญ ๐ข๐ฌ ๐€๐–๐’ ๐‚๐ฅ๐จ๐ฎ๐๐…๐จ๐ซ๐ฆ๐š๐ญ๐ข๐จ๐ง (๐‚๐…๐“)?

- AWS CloudFormation is a service that helps you model and provision AWS infrastructure resources in a safe and predictable manner.
โ€” It enables you to define your infrastructure in code using JSON or YAML templates.

๐Ÿ. ๐–๐ซ๐ข๐ญ๐ข๐ง๐  ๐‚๐ฅ๐จ๐ฎ๐๐…๐จ๐ซ๐ฆ๐š๐ญ๐ข๐จ๐ง ๐“๐ž๐ฆ๐ฉ๐ฅ๐š๐ญ๐ž๐ฌ:

- CFT templates are text files written in JSON or YAML.
โ€” Templates define the AWS resources, their properties, dependencies, and other configuration details.

๐Ÿ‘. ๐Š๐ž๐ฒ ๐‚๐จ๐ฆ๐ฉ๐จ๐ง๐ž๐ง๐ญ๐ฌ ๐จ๐Ÿ ๐‚๐…๐“:

- Resources: These are the AWS resources you want to provision, such as EC2 instances, S3 buckets, RDS databases, etc.
โ€” Parameters: These are input values that can be customized when creating a stack.
โ€” Mappings: Define a mapping between input values and corresponding resource properties.
โ€” Conditions: Specify when resources should be created or when they should be skipped.
โ€” Outputs: Declare the values you want to retrieve once the stack is created.

๐Ÿ’. ๐๐ž๐ง๐ž๐Ÿ๐ข๐ญ๐ฌ ๐จ๐Ÿ ๐€๐–๐’ ๐‚๐ฅ๐จ๐ฎ๐๐…๐จ๐ซ๐ฆ๐š๐ญ๐ข๐จ๐ง:

- Infrastructure as Code (IaC): CFT allows you to define and manage your infrastructure as code, making it versionable, repeatable, and easier to manage.
โ€” Resource Management: CFT handles resource creation, updates, and deletion, ensuring resource consistency.
โ€” Automation: You can automate the provisioning and management of your infrastructure with CFT.
โ€” Change Sets: Before executing changes, you can review them using change sets to avoid unintended modifications.
โ€” Rollback: If a stack update fails, CFT can automatically roll back to the previous state to maintain stability.
โ€” Cost Estimation:You can estimate the cost of a CFT stack before creating or updating it.
โ€” Integration: CloudFormation is integrated with AWS Identity and Access Management (IAM) for security and control.
โ€” Drift Detection: Continuously monitor and detect differences between the desired stack configuration and the actual stack resources.

๐Ÿ“. ๐ƒ๐ซ๐ข๐Ÿ๐ญ ๐ƒ๐ž๐ญ๐ž๐œ๐ญ๐ข๐จ๐ง:

- Drift detection in CFT allows you to identify differences between the desired stack configuration defined in your template and the current stack resources.
โ€” It helps you track changes and understand if the stack has drifted from its expected state.
โ€” Drift detection is useful for ensuring that your infrastructure stays compliant with your defined configurations.

๐Ÿ”. ๐‡๐จ๐ฐ ๐ญ๐จ ๐–๐ซ๐ข๐ญ๐ž ๐‚๐…๐“๐ฌ:

- Use the JSON or YAML template format to define your AWS resources, parameters, and other template components.
โ€” Define the resource properties, dependencies, and other settings for each resource.
โ€” Use CloudFormation intrinsic functions like Fn::Ref, Fn::GetAtt, and Fn::Sub for dynamic configurations.
โ€” Use AWS-specific extensions like !Sub and !ImportValue for parameterization and cross-stack referencing.
โ€” Use conditions to control resource creation and to make your templates more flexible.

๐Ÿ•. ๐„๐ฑ๐š๐ฆ๐ฉ๐ฅ๐ž๐ฌ ๐จ๐Ÿ ๐‚๐ฅ๐จ๐ฎ๐๐…๐จ๐ซ๐ฆ๐š๐ญ๐ข๐จ๐ง ๐”๐ฌ๐ž ๐‚๐š๐ฌ๐ž๐ฌ:

- Creating a VPC and related resources: Define a VPC, subnets, security groups, and routing tables.
โ€” Deploying an application stack: Define EC2 instances, load balancers, databases, and other application components.
โ€” Setting up monitoring and alarms:*Define CloudWatch alarms, SNS topics, and metric filters.
โ€” Provisioning storage resources: Define S3 buckets, EBS volumes, and RDS databases.
โ€” Managing security and compliance: Define IAM roles, policies, and security group rules.

In summary, AWS Cloud Formation is a fundamental tool for managing and provisioning AWS infrastructure as code. By writing templates, you can automate the deployment and management of resources, improve consistency, and leverage features like drift detection to maintain a reliable and compliant infrastructure. Itโ€™s an essential component of infrastructure as code and DevOps practices in AWS.

๐‡๐จ๐ฐ ๐ญ๐จ ๐œ๐ซ๐ž๐š๐ญ๐ž ๐„๐‚๐Ÿ ๐ข๐ง๐ฌ๐ญ๐š๐ง๐œ๐ž ๐›๐ฒ ๐ฎ๐ฌ๐ข๐ง๐  ๐‚๐…๐“

To create an Amazon EC2 instance using AWS Cloud Formation (CFT), you need to define the EC2 resource within your CloudFormation template and then create a CloudFormation stack. Hereโ€™s a step-by-step guide on how to do it:

๐’๐ญ๐ž๐ฉ ๐Ÿ: ๐‚๐ซ๐ž๐š๐ญ๐ž ๐š ๐‚๐ฅ๐จ๐ฎ๐๐…๐จ๐ซ๐ฆ๐š๐ญ๐ข๐จ๐ง ๐“๐ž๐ฆ๐ฉ๐ฅ๐š๐ญ๐ž

1. Open your favorite text editor and create a CloudFormation template in either JSON or YAML format.

2. Define the structure of your CloudFormation template, which includes specifying the resources you want to create. For an EC2 instance, you should use the AWS::EC2::Instance resource type.

3. Define the properties for the EC2 instance, such as the instance type, key pair, security groups, and any other configuration details.

Hereโ€™s a simplified YAML example of how to define an EC2 instance in your template:

In this example, weโ€™re creating an EC2 instance with a t2.micro instance type, associating it with the my-key-pair key pair, and attaching it to a security group identified by sg-12345678. The ImageId property specifies the Amazon Machine Image (AMI) to use.

๐’๐ญ๐ž๐ฉ ๐Ÿ: ๐‚๐ซ๐ž๐š๐ญ๐ž ๐š ๐‚๐ฅ๐จ๐ฎ๐๐…๐จ๐ซ๐ฆ๐š๐ญ๐ข๐จ๐ง ๐’๐ญ๐š๐œ๐ค

1. Log in to the AWS Management Console.

2. Navigate to the AWS CloudFormation service.

3. Click on โ€œCreate stackโ€ to start the stack creation process.

4. Choose the CloudFormation template that youโ€™ve created in Step 1, either by uploading it or specifying the Amazon S3 URL.

5. Click โ€œNextโ€ and provide a stack name, set any optional parameters, and configure any advanced options as needed.

6. Review the details, acknowledge the creation of IAM resources, and click โ€œCreate stackโ€ to initiate the stack creation.

๐’๐ญ๐ž๐ฉ ๐Ÿ‘: ๐Œ๐จ๐ง๐ข๐ญ๐จ๐ซ ๐’๐ญ๐š๐œ๐ค ๐‚๐ซ๐ž๐š๐ญ๐ข๐จ๐ง

1. Once youโ€™ve initiated the stack creation, CloudFormation will orchestrate the provisioning of the EC2 instance and other associated resources based on your template.

2. You can monitor the stackโ€™s status in the AWS CloudFormation console.

๐’๐ญ๐ž๐ฉ ๐Ÿ’: ๐€๐œ๐œ๐ž๐ฌ๐ฌ ๐˜๐จ๐ฎ๐ซ ๐„๐‚๐Ÿ ๐ˆ๐ง๐ฌ๐ญ๐š๐ง๐œ๐ž

1. After the stack creation is complete, you can access your EC2 instance via SSH or any other method youโ€™ve configured in your template.

2. If you need to retrieve the public DNS or IP address of your instance, you can use the AWS Management Console, AWS CLI, or SDKs to query the information.

This is a basic example of how to create an EC2 instance using AWS CloudFormation. In practice, you can create more complex templates that include additional resources, specify dependencies, and apply conditions, enabling you to define and provision your entire infrastructure as code.

Ready to harness the power of Infrastructure as Code (IAC) with AWS CloudFormation? Letโ€™s connect to explore advanced Cloud Formation techniques, discuss best practices, and uncover the secrets of drift detection. Together, weโ€™ll optimize your infrastructure management.

Connect me here
linkedin.com/in/raj-nandgaonkar-555848157

Thankyou.

0
Subscribe to my newsletter

Read articles from Raj Nandgaonkar directly inside your inbox. Subscribe to the newsletter, and don't miss out.

cloudformationservicesec2Amazon Web ServicesAWS

Written by

Raj Nandgaonkar
Raj Nandgaonkar

AWS Engineer | Cloud Solutions Architect | DevOps Enthusiast Hi there! Iโ€™m Raj Nandgaonkar, an AWS Engineer with a passion for building scalable, efficient, and cost-effective cloud solutions. With experience in cloud architecture, infrastructure automation, and DevOps practices, I specialize in leveraging Amazon Web Services (AWS) to deliver high-performance applications and systems. Iโ€™ve had the privilege of working on a variety of projects, from designing serverless architectures to implementing secure cloud-native applications. My expertise includes EC2, Lambda, S3, CloudFormation, and many other AWS services. Iโ€™m also a strong advocate for infrastructure-as-code and love using tools like Terraform and AWS CloudFormation to streamline the deployment process. Through this blog, I aim to share insights, tutorials, and best practices to help you navigate the AWS ecosystem and make the most of its powerful services. Whether you're a beginner looking to get started or an experienced developer seeking advanced cloud strategies, there's something here for you. Letโ€™s connect and learn together as we explore the ever-evolving world of AWS! connect me on https://www.linkedin.com/in/raj-nandgaonkar-555848157/