SlideShare a Scribd company logo

Cloudformation101

Download as PPTX, PDF
D
Dave Pigliavento

Powerpoint slide deck and all associated examples for the CloudFormation 101 presentation given during the April, 20 2017 Capital-Saratoga Region AWS User Group meet-up @ CommerceHub Example templates located @ https://github.com/dpigliavento/cloudformation

1 of 58
Downloaded 35 times
CloudFormation 101 Dave Pigliavento https://github.com/dpigliavento/cloudformation
What is CloudFormation? CloudFormation is a zero cost AWS service for provisioning resources in a predictable, repeatable and automated way. ** While CloudFormation does not cost anything the resources CloudFormation provisions do https://github.com/dpigliavento/cloudformation
Why Use CloudFormation? • No more clicking • How do you know what changed and when? • Infrastructure as code • version controlled, know exactly what changed and when • Easy to integrate in deployment pipeline • Easy to replication infrastructure • Build a common set of templates used across your organization
Rules of the Road: • Do not start with CloudFormation! • Learn first in the console • Understand available options for a given service before jumping into CloudFormation • Don’t reinvent the wheel • Find a template online to start with • CloudFormation designer is a GUI tool for authoring templates • Do not manually change resources CloudFormation deployed • Future updates could potentially fail as a result
CloudFormation Concepts • Template • AWS infrastructure blueprint • JSON or YAML formatted document • Stack • A collection of resources that are managed as a single unit • Group resources that live the same lifecycle in a single stack • Change Set • dry-run for updating an existing stack • provides the list of actions that will be taken
• Update behavior of stack resources • Updates with no Interruption • Updates with Some Interruption • Replacement • Unintended Resource Deletion • Be careful with certain resources, if a change is not allowed for a given parameter CloudFormation will destroy the existing and create a new resource (.i.e DynamoDB local index)
Cloudformation101
CloudFormation Template Anatomy (YAML)
CloudFormation Template Anatomy Required: No 2010-09-09 is currently the only available options. This setting identifies the capabilities of the template. Play it safe and include this in all your templates. When AWS does decide to add a new version you don’t need to update existing templates.
CloudFormation Template Anatomy Required: Yes • The meat of a CloudFormation template • All the AWS resources and their respective properties
CloudFormation Template Anatomy Required: No • Description of the template and the created stack
CloudFormation Template Anatomy Required: No • Input parameters for customizing deployed resources • Allows you to generalize CloudFormation templates for reuse
CloudFormation Template Anatomy Required: No • Provides a hash map of values that can be referenced within your template • Common use case is regional or environment specific values
CloudFormation Template Anatomy Required: No • Allows you to define conditionals controlling when a resource is created or a property is defined
CloudFormation Template Anatomy Required: No • Values you stack can output for information purposes or to provide cross stack references
S3 Example Template
S3 Example Template
S3 Example - Template
S3 Example - Template
Intrinsic Functions Use intrinsic functions in your templates to assign values to properties that are not available until runtime • Fn::Base64 • Condition Functions • Fn::And • Fn::Equals • Fn::If • Fn::Not • Fn::Or • Fn::FindInMap • Fn::GetAtt • Fn::GetAZs • Fn::ImportValue • Fn::Join • Fn::Select • Fn::Split • Fn::Sub • Ref YAML Syntactic Sugar !ImportValue !Sub !Ref
Pseudo Parameters Predefined parameters available in your CloudFormation templates • AWS::AccountId • AWS::NotificationARNs • AWS::NoValue • AWS::Region • AWS::StackId • AWS::StackName
S3 Example - Template
S3 Example - Template Resource Logical Id should not be changed once created.
S3 Example – Changed Existing Logical ID
• Do not change logical id once created. • Logical Ids are relevant only to the stack they are deployed. You can reference within a single stack but not outside from other stacks. • Logical Ids must be unique within a given stack.
Extend S3 Template Cross-Region Replication
S3 Example - Template Input validation • AllowedValues • AllowdPatterns via regex • MinValue/MaxValue for Integer • MinLength/MaxLength for strings
S3 Example - Template ReplicateBucket is True if RemoteRegion parameter is NOT equal to Disabled
S3 Example - Template CreateRole is True if ReplicationRole parameter is and empty string and the condition ReplicateBucket is True
S3 Example - Template S3 cross-region replication requires that versioning be enabled on the bucket
S3 Example - Template Conditional parameter block, AWS::NoValue will remove the parameter when set.
S3 Example - Template
Dependencies Cloudformation resources have implicit dependences based on the Ref and GetAtt functions but you can explicitly define them as well.
Deploying Stacks Using AWSCLI
Deploying Stack (awscli) - Success $ $ aws cloudformation deploy --stack-name test-stack --template-file stack.yaml –region us-west-2 Waiting for changeset to be created.. Waiting for stack create/update to complete Successfully created/updated stack - test-stack
Deploying Stack (awscli) - Failure $ $ aws cloudformation deploy --stack-name test-stack --template-file stack.yaml Waiting for changeset to be created.. Waiting for stack create/update to complete Failed to create/update the stack. Run the following command to fetch the list of events leading up to the failure aws cloudformation describe-stack-events --stack-name test-stack
Debug Stack (awscli) $ $ aws cloudformation describe-stack-events --stack-name test-stack { "StackEvents": [ { "StackId": "arn:aws:cloudformation:us-east-1:740427342325:stack/test-stack/50d535e0-23c1-11e7-9f58-50faeaee44fd", "EventId": "6a0ad860-23c3-11e7-8311-500c286e44d1", "ResourceStatus": "UPDATE_ROLLBACK_COMPLETE", "ResourceType": "AWS::CloudFormation::Stack", "Timestamp": "2017-04-17T23:13:06.110Z", "StackName": "test-stack", "PhysicalResourceId": "arn:aws:cloudformation:us-east-1:740427342325:stack/test-stack/50d535e0-23c1-11e7-9f58-50faeaee44fd", "LogicalResourceId": "test-stack" }, ...
Debug Stack (awscli) $ $ aws cloudformation describe-stack-events --stack-name test-stack | jq ‘.StackEvents[] | {Timestamp,ResourceStatus,ResourceType,ResourceStatusReason}’ "Timestamp": "2017-04-17T23:12:51.059Z", "ResourceStatus": "CREATE_FAILED", "ResourceType": "AWS::S3::Bucket", "ResourceStatusReason": "capital-saratoga-region-aws-user-group already exists in stack arn:aws:cloudformation:us-east-1:740427342325:stack/test-stack/50d535e0-23c1-11e7-9f58- 50faeaee44fd"
Debug Stack (Console)
EC2 + CloudFormation
EC2 Example Template
EC2 Example Template
EC2 Example Template
EC2 Example Template
EC2 Example Template
Export Example Template
Exports
EC2 Example Template – Userdata Script
How does CloudFormation know when my EC2 instance is ready?
CloudFormation Signaling • Allows for external validation to occur before CloudFormation considers a resource complete • Ensures that your EC2 configuration is complete before CloudFormation continues • Can be a Create and/or Update policy for EC2 and ASG
EC2 Example Template – CreatePolicy
EC2 Example Template – cfn-signal
Cloudformation101
Cloudformation Helper Scripts • A set of tools to assist with the configuration of EC2 that are preinstalled on Amazon provided images • cfn-signal: Notifies CloudFormation of a state change • cfn-init: Uses resource metadata for instance bootstrap • cfn-get-metadata: Get resource metadata • cfn-hub: A daemon to check for updates to metadata and execute custom hooks when changes are detected
cfn-init Helper Script • Tool that completes initial bootstrap based on metadata provided in CloudFormation template • Commands • Files • Users • Groups • Packages • Services • Sources • Preinstalled on Amazon provided images • State based approach to instance configuration • Can be executed multiple times to bring instance to desired state
EC2 Example Template – cfn-init
cfn-init vs userdata • userdata is procedural and will only run once • cfn-init is state based • Can be run multiple times to bring instance to desired state • Validation and logging built in
CloudFormation 101 Dave Pigliavento https://github.com/dpigliavento/cloudformation
Ad

Recommended

Infrastructure as Code in AWS using Cloudformation
Infrastructure as Code in AWS using CloudformationInfrastructure as Code in AWS using Cloudformation
Infrastructure as Code in AWS using Cloudformation
John Reilly Pospos
 
Cloud Formation
Cloud FormationCloud Formation
Cloud Formation
TO THE NEW | Technology
 
Cloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and AlarmsCloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and Alarms
Felipe
 
Introduction to AWS VPC, Guidelines, and Best Practices
Introduction to AWS VPC, Guidelines, and Best PracticesIntroduction to AWS VPC, Guidelines, and Best Practices
Introduction to AWS VPC, Guidelines, and Best Practices
Gary Silverman
 
presentation on Docker
presentation on Dockerpresentation on Docker
presentation on Docker
Virendra Ruhela
 
Angular
AngularAngular
Angular
Mouad EL Fakir
 
AKS
AKSAKS
AKS
girish goudar
 
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015 AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015
Amazon Web Services Korea
 
AWS CloudFormation Session
AWS CloudFormation SessionAWS CloudFormation Session
AWS CloudFormation Session
Kamal Maiti
 
Angular tutorial
Angular tutorialAngular tutorial
Angular tutorial
Rohit Gupta
 
AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저
AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저
AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저
Amazon Web Services Korea
 
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
VMware Tanzu Korea
 
Building Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaBuilding Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache Kafka
Guido Schmutz
 
Angular introduction students
Angular introduction studentsAngular introduction students
Angular introduction students
Christian John Felix
 
판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수
판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수
판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수
Amazon Web Services Korea
 
Why Kubernetes on Azure
Why Kubernetes on AzureWhy Kubernetes on Azure
Why Kubernetes on Azure
Microsoft Tech Community
 
IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021
IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021
IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021
AWSKRUG - AWS한국사용자모임
 
AWS Elastic Load Balancing for AWS Architect & SysOps Certification
AWS Elastic Load Balancing for AWS Architect & SysOps CertificationAWS Elastic Load Balancing for AWS Architect & SysOps Certification
AWS Elastic Load Balancing for AWS Architect & SysOps Certification
Sanjay Sharma
 
Introduction to angular with a simple but complete project
Introduction to angular with a simple but complete projectIntroduction to angular with a simple but complete project
Introduction to angular with a simple but complete project
Jadson Santos
 
Event Driven Systems with Spring Boot, Spring Cloud Streams and Kafka
Event Driven Systems with Spring Boot, Spring Cloud Streams and KafkaEvent Driven Systems with Spring Boot, Spring Cloud Streams and Kafka
Event Driven Systems with Spring Boot, Spring Cloud Streams and Kafka
VMware Tanzu
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Gabriel Carro
 
AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인
AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인
AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인
Amazon Web Services Korea
 
AWS solution Architect Associate study material
AWS solution Architect Associate study materialAWS solution Architect Associate study material
AWS solution Architect Associate study material
Nagesh Ramamoorthy
 
Microservices, DevOps & SRE
Microservices, DevOps & SREMicroservices, DevOps & SRE
Microservices, DevOps & SRE
Araf Karsh Hamid
 
Docker introduction (1)
Docker introduction (1)Docker introduction (1)
Docker introduction (1)
Gourav Varma
 
Amazon services ec2
Amazon services ec2Amazon services ec2
Amazon services ec2
Ismaeel Enjreny
 
Introduction to Amazon Web Services by i2k2 Networks
Introduction to Amazon Web Services by i2k2 NetworksIntroduction to Amazon Web Services by i2k2 Networks
Introduction to Amazon Web Services by i2k2 Networks
i2k2 Networks (P) Ltd.
 
Docker
DockerDocker
Docker
A.K.M. Ahsrafuzzaman
 
Cnam azure ze cloud resource manager
Cnam azure ze cloud resource managerCnam azure ze cloud resource manager
Cnam azure ze cloud resource manager
Aymeric Weinbach
 
AWS Cloud Formation
AWS Cloud Formation AWS Cloud Formation
AWS Cloud Formation
Adam Book
 
Ad

More Related Content

What's hot (20)

AWS CloudFormation Session
AWS CloudFormation SessionAWS CloudFormation Session
AWS CloudFormation Session
Kamal Maiti
 
Angular tutorial
Angular tutorialAngular tutorial
Angular tutorial
Rohit Gupta
 
AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저
AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저
AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저
Amazon Web Services Korea
 
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
VMware Tanzu Korea
 
Building Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaBuilding Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache Kafka
Guido Schmutz
 
Angular introduction students
Angular introduction studentsAngular introduction students
Angular introduction students
Christian John Felix
 
판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수
판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수
판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수
Amazon Web Services Korea
 
Why Kubernetes on Azure
Why Kubernetes on AzureWhy Kubernetes on Azure
Why Kubernetes on Azure
Microsoft Tech Community
 
IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021
IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021
IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021
AWSKRUG - AWS한국사용자모임
 
AWS Elastic Load Balancing for AWS Architect & SysOps Certification
AWS Elastic Load Balancing for AWS Architect & SysOps CertificationAWS Elastic Load Balancing for AWS Architect & SysOps Certification
AWS Elastic Load Balancing for AWS Architect & SysOps Certification
Sanjay Sharma
 
Introduction to angular with a simple but complete project
Introduction to angular with a simple but complete projectIntroduction to angular with a simple but complete project
Introduction to angular with a simple but complete project
Jadson Santos
 
Event Driven Systems with Spring Boot, Spring Cloud Streams and Kafka
Event Driven Systems with Spring Boot, Spring Cloud Streams and KafkaEvent Driven Systems with Spring Boot, Spring Cloud Streams and Kafka
Event Driven Systems with Spring Boot, Spring Cloud Streams and Kafka
VMware Tanzu
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Gabriel Carro
 
AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인
AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인
AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인
Amazon Web Services Korea
 
AWS solution Architect Associate study material
AWS solution Architect Associate study materialAWS solution Architect Associate study material
AWS solution Architect Associate study material
Nagesh Ramamoorthy
 
Microservices, DevOps & SRE
Microservices, DevOps & SREMicroservices, DevOps & SRE
Microservices, DevOps & SRE
Araf Karsh Hamid
 
Docker introduction (1)
Docker introduction (1)Docker introduction (1)
Docker introduction (1)
Gourav Varma
 
Amazon services ec2
Amazon services ec2Amazon services ec2
Amazon services ec2
Ismaeel Enjreny
 
Introduction to Amazon Web Services by i2k2 Networks
Introduction to Amazon Web Services by i2k2 NetworksIntroduction to Amazon Web Services by i2k2 Networks
Introduction to Amazon Web Services by i2k2 Networks
i2k2 Networks (P) Ltd.
 
Docker
DockerDocker
Docker
A.K.M. Ahsrafuzzaman
 
AWS CloudFormation Session
AWS CloudFormation SessionAWS CloudFormation Session
AWS CloudFormation Session
Kamal Maiti
 
Angular tutorial
Angular tutorialAngular tutorial
Angular tutorial
Rohit Gupta
 
AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저
AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저
AWS와 함께 하는 클라우드 컴퓨팅 - 홍민우 AWS 매니저
Amazon Web Services Korea
 
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
VMware Tanzu Korea
 
Building Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaBuilding Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache Kafka
Guido Schmutz
 
Angular introduction students
Angular introduction studentsAngular introduction students
Angular introduction students
Christian John Felix
 
판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수
판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수
판교 개발자 데이 – 쉽고 안전한 Aws IoT 플랫폼 활용하기 – 이창수
Amazon Web Services Korea
 
Why Kubernetes on Azure
Why Kubernetes on AzureWhy Kubernetes on Azure
Why Kubernetes on Azure
Microsoft Tech Community
 
IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021
IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021
IaC로 AWS인프라 관리하기 - 이진성 (AUSG) :: AWS Community Day Online 2021
AWSKRUG - AWS한국사용자모임
 
AWS Elastic Load Balancing for AWS Architect & SysOps Certification
AWS Elastic Load Balancing for AWS Architect & SysOps CertificationAWS Elastic Load Balancing for AWS Architect & SysOps Certification
AWS Elastic Load Balancing for AWS Architect & SysOps Certification
Sanjay Sharma
 
Introduction to angular with a simple but complete project
Introduction to angular with a simple but complete projectIntroduction to angular with a simple but complete project
Introduction to angular with a simple but complete project
Jadson Santos
 
Event Driven Systems with Spring Boot, Spring Cloud Streams and Kafka
Event Driven Systems with Spring Boot, Spring Cloud Streams and KafkaEvent Driven Systems with Spring Boot, Spring Cloud Streams and Kafka
Event Driven Systems with Spring Boot, Spring Cloud Streams and Kafka
VMware Tanzu
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Gabriel Carro
 
AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인
AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인
AWS Control Tower를 통한 클라우드 보안 및 거버넌스 설계 - 김학민 :: AWS 클라우드 마이그레이션 온라인
Amazon Web Services Korea
 
AWS solution Architect Associate study material
AWS solution Architect Associate study materialAWS solution Architect Associate study material
AWS solution Architect Associate study material
Nagesh Ramamoorthy
 
Microservices, DevOps & SRE
Microservices, DevOps & SREMicroservices, DevOps & SRE
Microservices, DevOps & SRE
Araf Karsh Hamid
 
Docker introduction (1)
Docker introduction (1)Docker introduction (1)
Docker introduction (1)
Gourav Varma
 
Amazon services ec2
Amazon services ec2Amazon services ec2
Amazon services ec2
Ismaeel Enjreny
 
Introduction to Amazon Web Services by i2k2 Networks
Introduction to Amazon Web Services by i2k2 NetworksIntroduction to Amazon Web Services by i2k2 Networks
Introduction to Amazon Web Services by i2k2 Networks
i2k2 Networks (P) Ltd.
 
Docker
DockerDocker
Docker
A.K.M. Ahsrafuzzaman
 

Similar to Cloudformation101 (20)

Cnam azure ze cloud resource manager
Cnam azure ze cloud resource managerCnam azure ze cloud resource manager
Cnam azure ze cloud resource manager
Aymeric Weinbach
 
AWS Cloud Formation
AWS Cloud Formation AWS Cloud Formation
AWS Cloud Formation
Adam Book
 
Azure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish KalamatiAzure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish Kalamati
Girish Kalamati
 
오토스케일링 제대로 활용하기 (김일호) - AWS 웨비나 시리즈 2015
오토스케일링 제대로 활용하기 (김일호) - AWS 웨비나 시리즈 2015오토스케일링 제대로 활용하기 (김일호) - AWS 웨비나 시리즈 2015
오토스케일링 제대로 활용하기 (김일호) - AWS 웨비나 시리즈 2015
Amazon Web Services Korea
 
AWS Certified Solutions Architect Professional Course S15-S18
AWS Certified Solutions Architect Professional Course S15-S18AWS Certified Solutions Architect Professional Course S15-S18
AWS Certified Solutions Architect Professional Course S15-S18
Neal Davis
 
Presentation ARM-Terraform DevOps Infrastructure as Code
Presentation ARM-Terraform DevOps Infrastructure as CodePresentation ARM-Terraform DevOps Infrastructure as Code
Presentation ARM-Terraform DevOps Infrastructure as Code
pmukeshpatel31
 
MLflow Model Serving
MLflow Model ServingMLflow Model Serving
MLflow Model Serving
Databricks
 
Dev & Test on AWS - Hebrew Webinar
Dev & Test on AWS - Hebrew WebinarDev & Test on AWS - Hebrew Webinar
Dev & Test on AWS - Hebrew Webinar
Boaz Ziniman
 
Azure for SharePoint Developers - Workshop - Part 3: Web Services
Azure for SharePoint Developers - Workshop - Part 3: Web ServicesAzure for SharePoint Developers - Workshop - Part 3: Web Services
Azure for SharePoint Developers - Workshop - Part 3: Web Services
Bob German
 
AWS glue technical enablement training
AWS glue technical enablement trainingAWS glue technical enablement training
AWS glue technical enablement training
Info Alchemy Corporation
 
Infrastructure as code deployed using Stacker
Infrastructure as code deployed using StackerInfrastructure as code deployed using Stacker
Infrastructure as code deployed using Stacker
MessageMedia
 
Stacktician - CloudStack Collab Conference 2014
Stacktician - CloudStack Collab Conference 2014Stacktician - CloudStack Collab Conference 2014
Stacktician - CloudStack Collab Conference 2014
amoghvk
 
StackMate - CloudFormation for CloudStack
StackMate - CloudFormation for CloudStackStackMate - CloudFormation for CloudStack
StackMate - CloudFormation for CloudStack
Chiradeep Vittal
 
MLflow Model Serving - DAIS 2021
MLflow Model Serving - DAIS 2021MLflow Model Serving - DAIS 2021
MLflow Model Serving - DAIS 2021
amesar0
 
Hands-On AWS: Java SDK + CLI for Cloud Developers
Hands-On AWS: Java SDK + CLI for Cloud DevelopersHands-On AWS: Java SDK + CLI for Cloud Developers
Hands-On AWS: Java SDK + CLI for Cloud Developers
Meetu Maltiar
 
Azure cosmosdb
Azure cosmosdbAzure cosmosdb
Azure cosmosdb
Udaiappa Ramachandran
 
DataTalks.Club - Building Scalable End-to-End Deep Learning Pipelines in the ...
DataTalks.Club - Building Scalable End-to-End Deep Learning Pipelines in the ...DataTalks.Club - Building Scalable End-to-End Deep Learning Pipelines in the ...
DataTalks.Club - Building Scalable End-to-End Deep Learning Pipelines in the ...
Rustem Feyzkhanov
 
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu GantaAzure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Databricks
 
saa3_wk5.pdf
saa3_wk5.pdfsaa3_wk5.pdf
saa3_wk5.pdf
Michgo1
 
Rik Hepworth - ARM Yourself for Effective Azure Provisioning
Rik Hepworth - ARM Yourself for Effective Azure ProvisioningRik Hepworth - ARM Yourself for Effective Azure Provisioning
Rik Hepworth - ARM Yourself for Effective Azure Provisioning
WinOps Conf
 
Cnam azure ze cloud resource manager
Cnam azure ze cloud resource managerCnam azure ze cloud resource manager
Cnam azure ze cloud resource manager
Aymeric Weinbach
 
AWS Cloud Formation
AWS Cloud Formation AWS Cloud Formation
AWS Cloud Formation
Adam Book
 
Azure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish KalamatiAzure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish Kalamati
Girish Kalamati
 
오토스케일링 제대로 활용하기 (김일호) - AWS 웨비나 시리즈 2015
오토스케일링 제대로 활용하기 (김일호) - AWS 웨비나 시리즈 2015오토스케일링 제대로 활용하기 (김일호) - AWS 웨비나 시리즈 2015
오토스케일링 제대로 활용하기 (김일호) - AWS 웨비나 시리즈 2015
Amazon Web Services Korea
 
AWS Certified Solutions Architect Professional Course S15-S18
AWS Certified Solutions Architect Professional Course S15-S18AWS Certified Solutions Architect Professional Course S15-S18
AWS Certified Solutions Architect Professional Course S15-S18
Neal Davis
 
Presentation ARM-Terraform DevOps Infrastructure as Code
Presentation ARM-Terraform DevOps Infrastructure as CodePresentation ARM-Terraform DevOps Infrastructure as Code
Presentation ARM-Terraform DevOps Infrastructure as Code
pmukeshpatel31
 
MLflow Model Serving
MLflow Model ServingMLflow Model Serving
MLflow Model Serving
Databricks
 
Dev & Test on AWS - Hebrew Webinar
Dev & Test on AWS - Hebrew WebinarDev & Test on AWS - Hebrew Webinar
Dev & Test on AWS - Hebrew Webinar
Boaz Ziniman
 
Azure for SharePoint Developers - Workshop - Part 3: Web Services
Azure for SharePoint Developers - Workshop - Part 3: Web ServicesAzure for SharePoint Developers - Workshop - Part 3: Web Services
Azure for SharePoint Developers - Workshop - Part 3: Web Services
Bob German
 
AWS glue technical enablement training
AWS glue technical enablement trainingAWS glue technical enablement training
AWS glue technical enablement training
Info Alchemy Corporation
 
Infrastructure as code deployed using Stacker
Infrastructure as code deployed using StackerInfrastructure as code deployed using Stacker
Infrastructure as code deployed using Stacker
MessageMedia
 
Stacktician - CloudStack Collab Conference 2014
Stacktician - CloudStack Collab Conference 2014Stacktician - CloudStack Collab Conference 2014
Stacktician - CloudStack Collab Conference 2014
amoghvk
 
StackMate - CloudFormation for CloudStack
StackMate - CloudFormation for CloudStackStackMate - CloudFormation for CloudStack
StackMate - CloudFormation for CloudStack
Chiradeep Vittal
 
MLflow Model Serving - DAIS 2021
MLflow Model Serving - DAIS 2021MLflow Model Serving - DAIS 2021
MLflow Model Serving - DAIS 2021
amesar0
 
Hands-On AWS: Java SDK + CLI for Cloud Developers
Hands-On AWS: Java SDK + CLI for Cloud DevelopersHands-On AWS: Java SDK + CLI for Cloud Developers
Hands-On AWS: Java SDK + CLI for Cloud Developers
Meetu Maltiar
 
Azure cosmosdb
Azure cosmosdbAzure cosmosdb
Azure cosmosdb
Udaiappa Ramachandran
 
DataTalks.Club - Building Scalable End-to-End Deep Learning Pipelines in the ...
DataTalks.Club - Building Scalable End-to-End Deep Learning Pipelines in the ...DataTalks.Club - Building Scalable End-to-End Deep Learning Pipelines in the ...
DataTalks.Club - Building Scalable End-to-End Deep Learning Pipelines in the ...
Rustem Feyzkhanov
 
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu GantaAzure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Databricks
 
saa3_wk5.pdf
saa3_wk5.pdfsaa3_wk5.pdf
saa3_wk5.pdf
Michgo1
 
Rik Hepworth - ARM Yourself for Effective Azure Provisioning
Rik Hepworth - ARM Yourself for Effective Azure ProvisioningRik Hepworth - ARM Yourself for Effective Azure Provisioning
Rik Hepworth - ARM Yourself for Effective Azure Provisioning
WinOps Conf
 
Ad

Recently uploaded (20)

Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Linux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdfLinux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdf
RHCSA Guru
 
Role of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered ManufacturingRole of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered Manufacturing
Andrew Leo
 
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven InsightsAndrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell
 
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
SOFTTECHHUB
 
Cyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of securityCyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of security
riccardosl1
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdfComplete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Software Company
 
Technology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data AnalyticsTechnology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data Analytics
InData Labs
 
Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025
Splunk
 
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Impelsys Inc.
 
Drupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy ConsumptionDrupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy Consumption
Exove
 
Procurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptxProcurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptx
Jon Hansen
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdfSAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
Precisely
 
Semantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AISemantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AI
artmondano
 
Quantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur MorganQuantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur Morgan
Arthur Morgan
 
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager APIUiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPathCommunity
 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Linux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdfLinux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdf
RHCSA Guru
 
Role of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered ManufacturingRole of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered Manufacturing
Andrew Leo
 
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven InsightsAndrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell
 
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
SOFTTECHHUB
 
Cyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of securityCyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of security
riccardosl1
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdfComplete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Software Company
 
Technology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data AnalyticsTechnology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data Analytics
InData Labs
 
Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025
Splunk
 
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Impelsys Inc.
 
Drupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy ConsumptionDrupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy Consumption
Exove
 
Procurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptxProcurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptx
Jon Hansen
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdfSAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
Precisely
 
Semantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AISemantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AI
artmondano
 
Quantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur MorganQuantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur Morgan
Arthur Morgan
 
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager APIUiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPathCommunity
 
Ad

Cloudformation101

  • 2. What is CloudFormation? CloudFormation is a zero cost AWS service for provisioning resources in a predictable, repeatable and automated way. ** While CloudFormation does not cost anything the resources CloudFormation provisions do https://github.com/dpigliavento/cloudformation
  • 3. Why Use CloudFormation? • No more clicking • How do you know what changed and when? • Infrastructure as code • version controlled, know exactly what changed and when • Easy to integrate in deployment pipeline • Easy to replication infrastructure • Build a common set of templates used across your organization
  • 4. Rules of the Road: • Do not start with CloudFormation! • Learn first in the console • Understand available options for a given service before jumping into CloudFormation • Don’t reinvent the wheel • Find a template online to start with • CloudFormation designer is a GUI tool for authoring templates • Do not manually change resources CloudFormation deployed • Future updates could potentially fail as a result
  • 5. CloudFormation Concepts • Template • AWS infrastructure blueprint • JSON or YAML formatted document • Stack • A collection of resources that are managed as a single unit • Group resources that live the same lifecycle in a single stack • Change Set • dry-run for updating an existing stack • provides the list of actions that will be taken
  • 6. • Update behavior of stack resources • Updates with no Interruption • Updates with Some Interruption • Replacement • Unintended Resource Deletion • Be careful with certain resources, if a change is not allowed for a given parameter CloudFormation will destroy the existing and create a new resource (.i.e DynamoDB local index)
  • 9. CloudFormation Template Anatomy Required: No 2010-09-09 is currently the only available options. This setting identifies the capabilities of the template. Play it safe and include this in all your templates. When AWS does decide to add a new version you don’t need to update existing templates.
  • 10. CloudFormation Template Anatomy Required: Yes • The meat of a CloudFormation template • All the AWS resources and their respective properties
  • 11. CloudFormation Template Anatomy Required: No • Description of the template and the created stack
  • 12. CloudFormation Template Anatomy Required: No • Input parameters for customizing deployed resources • Allows you to generalize CloudFormation templates for reuse
  • 13. CloudFormation Template Anatomy Required: No • Provides a hash map of values that can be referenced within your template • Common use case is regional or environment specific values
  • 14. CloudFormation Template Anatomy Required: No • Allows you to define conditionals controlling when a resource is created or a property is defined
  • 15. CloudFormation Template Anatomy Required: No • Values you stack can output for information purposes or to provide cross stack references
  • 18. S3 Example - Template
  • 19. S3 Example - Template
  • 20. Intrinsic Functions Use intrinsic functions in your templates to assign values to properties that are not available until runtime • Fn::Base64 • Condition Functions • Fn::And • Fn::Equals • Fn::If • Fn::Not • Fn::Or • Fn::FindInMap • Fn::GetAtt • Fn::GetAZs • Fn::ImportValue • Fn::Join • Fn::Select • Fn::Split • Fn::Sub • Ref YAML Syntactic Sugar !ImportValue !Sub !Ref
  • 21. Pseudo Parameters Predefined parameters available in your CloudFormation templates • AWS::AccountId • AWS::NotificationARNs • AWS::NoValue • AWS::Region • AWS::StackId • AWS::StackName
  • 22. S3 Example - Template
  • 23. S3 Example - Template Resource Logical Id should not be changed once created.
  • 24. S3 Example – Changed Existing Logical ID
  • 25. • Do not change logical id once created. • Logical Ids are relevant only to the stack they are deployed. You can reference within a single stack but not outside from other stacks. • Logical Ids must be unique within a given stack.
  • 27. S3 Example - Template Input validation • AllowedValues • AllowdPatterns via regex • MinValue/MaxValue for Integer • MinLength/MaxLength for strings
  • 28. S3 Example - Template ReplicateBucket is True if RemoteRegion parameter is NOT equal to Disabled
  • 29. S3 Example - Template CreateRole is True if ReplicationRole parameter is and empty string and the condition ReplicateBucket is True
  • 30. S3 Example - Template S3 cross-region replication requires that versioning be enabled on the bucket
  • 31. S3 Example - Template Conditional parameter block, AWS::NoValue will remove the parameter when set.
  • 32. S3 Example - Template
  • 33. Dependencies Cloudformation resources have implicit dependences based on the Ref and GetAtt functions but you can explicitly define them as well.
  • 35. Deploying Stack (awscli) - Success $ $ aws cloudformation deploy --stack-name test-stack --template-file stack.yaml –region us-west-2 Waiting for changeset to be created.. Waiting for stack create/update to complete Successfully created/updated stack - test-stack
  • 36. Deploying Stack (awscli) - Failure $ $ aws cloudformation deploy --stack-name test-stack --template-file stack.yaml Waiting for changeset to be created.. Waiting for stack create/update to complete Failed to create/update the stack. Run the following command to fetch the list of events leading up to the failure aws cloudformation describe-stack-events --stack-name test-stack
  • 37. Debug Stack (awscli) $ $ aws cloudformation describe-stack-events --stack-name test-stack { "StackEvents": [ { "StackId": "arn:aws:cloudformation:us-east-1:740427342325:stack/test-stack/50d535e0-23c1-11e7-9f58-50faeaee44fd", "EventId": "6a0ad860-23c3-11e7-8311-500c286e44d1", "ResourceStatus": "UPDATE_ROLLBACK_COMPLETE", "ResourceType": "AWS::CloudFormation::Stack", "Timestamp": "2017-04-17T23:13:06.110Z", "StackName": "test-stack", "PhysicalResourceId": "arn:aws:cloudformation:us-east-1:740427342325:stack/test-stack/50d535e0-23c1-11e7-9f58-50faeaee44fd", "LogicalResourceId": "test-stack" }, ...
  • 38. Debug Stack (awscli) $ $ aws cloudformation describe-stack-events --stack-name test-stack | jq ‘.StackEvents[] | {Timestamp,ResourceStatus,ResourceType,ResourceStatusReason}’ "Timestamp": "2017-04-17T23:12:51.059Z", "ResourceStatus": "CREATE_FAILED", "ResourceType": "AWS::S3::Bucket", "ResourceStatusReason": "capital-saratoga-region-aws-user-group already exists in stack arn:aws:cloudformation:us-east-1:740427342325:stack/test-stack/50d535e0-23c1-11e7-9f58- 50faeaee44fd"
  • 48. EC2 Example Template – Userdata Script
  • 49. How does CloudFormation know when my EC2 instance is ready?
  • 50. CloudFormation Signaling • Allows for external validation to occur before CloudFormation considers a resource complete • Ensures that your EC2 configuration is complete before CloudFormation continues • Can be a Create and/or Update policy for EC2 and ASG
  • 51. EC2 Example Template – CreatePolicy
  • 52. EC2 Example Template – cfn-signal
  • 54. Cloudformation Helper Scripts • A set of tools to assist with the configuration of EC2 that are preinstalled on Amazon provided images • cfn-signal: Notifies CloudFormation of a state change • cfn-init: Uses resource metadata for instance bootstrap • cfn-get-metadata: Get resource metadata • cfn-hub: A daemon to check for updates to metadata and execute custom hooks when changes are detected
  • 55. cfn-init Helper Script • Tool that completes initial bootstrap based on metadata provided in CloudFormation template • Commands • Files • Users • Groups • Packages • Services • Sources • Preinstalled on Amazon provided images • State based approach to instance configuration • Can be executed multiple times to bring instance to desired state
  • 56. EC2 Example Template – cfn-init
  • 57. cfn-init vs userdata • userdata is procedural and will only run once • cfn-init is state based • Can be run multiple times to bring instance to desired state • Validation and logging built in

Editor's Notes

  • #9: All examples will be shown in yaml
  • #46: Hash map that can provide appropriate AMI Id based on region
  • #49: Userdata script is execute the first time EC2 instances boots and never again