Skip to main content

DOP-C02 CloudFormation

Infrastructure as Code

  • Same concept as K8S
  • Each resources is tagged, so can be easily tracked in cost management
  • Saving strategy: automatically delete the DEV env at 5pm and recreate at 8am
  • Automated generate of infrastructure diagram
  • Separation of concerns
    • VPC stack
    • Network stack
    • App stack
  • Leverage existing templates on the web
  • Templates must be uploaded to S3 as CloudFormation only reads from S3
  • Delete the stack will delete everything created by that stack
  • we can manually upload the new template, or use AWS CLI or CD tool to upload the template file

CloudFormation Components

  • AWSTemplateFormatVersion
    • identifies the capabilities of the template “2010-09-09”
  • Description
    • comments about the template
  • Resources (MANDATORY)
    • your AWS resources declared in the template
    • Documentations: https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-template-resource-type-ref.html
    • form: service-provider::service-name::data-type-name
  • Parameters
    • the dynamic inputs for your template
    • Parameters:
  SecurityGroupDescription:
    Description: Security Group Description
    Type: String
  • Mappings
    • the static variables for your template
  • Outputs
    • references to what has been created
  • Conditionals
    • list of conditions to perform resource creation

CloudFormation Helpers

  • References
  • Functions

CloudFormation Resources

Back to top