Cloud Formation

 CloudFormation allows you to model your infrastructure in a text file. You can
use JSON or YAML to describe what AWS resources you want to create and
configure.
 CloudFormation automates the provisioning and updating of your
infrastructure in a safe and controlled manner. There are no manual steps or
controls that can lead to errors.
 CloudFormation is available at no additional charge. You pay only for the AWS
resources needed to run your applications.

An AWS CloudFormation template is a declaration of the AWS resources that

make up a stack(a collection of AWS Resources like IAM, S3, RDS, EC2,
etc. ). The template is stored as a text file in either JSON or YAML format. Because
they are just text files, you can create and edit them in any text editor and manage
them in your source control system with the rest of your source code.
Example:
The following example shows a YAML-formatted template fragment.
---
AWSTemplateFormatVersion: "version date"

Description:
String

Metadata:
template metadata

Parameters:
set of parameters

Rules:
set of rules

Mappings:
set of mappings

Conditions:
set of conditions

Transform:
set of transforms

Resources:
set of resources

Outputs:
 set of outputs

Templates include several major sections. The Resources section is the only required
section. Some sections in a template can be in any order. However, as you build
your template, it can be helpful to use the logical order shown in the following list
because values in one section might refer to values from a previous section.
AWSTemplateFormatVersion: 'version date' (optional) # version of the
CloudFormation template. Only accepted value is '2010-09-09'

Description: 'String' (optional) # a text description of the Cloudformation

template

Metadata: 'template metadata' (optional) # objects that provide additional

information about the template

Parameters: 'set of parameters' (optional) # a set of inputs used to customize

the template

Rules: 'set of rules' (optional) # a set of rules to validate the parameters

provided at deployment/update

Mappings: 'set of mappings' (optional) # a mapping of keys and associated

values

Conditions: 'set of conditions' (optional) # conditions that control whether

certain resources are created

Transform: 'set of transforms' (optional) # for serverless applications

Resources: 'set of resources' (required) # a components of your infrastructure

Hooks: 'set of hooks' (optional) # Used for ECS Blue/Green Deployments

Outputs: 'set of outputs' (optional) # values that are returned whenever you
view your stack's properties

The only required top-level object is the Resources object, which must declare at
least one resource. The definition of each of these objects can be found in the
online Template Anatomy documentation.
Stack:
A stack is a deployment of a CloudFormation template. You can create multiple
stacks from a single CloudFormation template. A stack contains a collection of AWS
resources that you can manage as a single unit. All the resources in a stack are
defined by the stack's AWS CloudFormation template.
AWS CloudFormation will create, update or delete a stack in its entirety:
 If a stack cannot be created or updated in its entirety, AWS CloudFormation
will roll it back, and automatically delete any resources that were created.
 If a resource cannot be deleted, any remaining resources are retained until
the stack can be successfully deleted.

A Basic Template Lab:

 Write a simple CloudFormation template that describes an S3 bucket.
 Deploy the template and create a CloudFormation stack.
a sample CloudFormation template that defines an S3 Bucket. It has a single
resource that contains the S3 bucket.
Resources:
S3Bucket:
Type: AWS::S3::Bucket
Properties:
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
Now you'll enable versioning on the S3 bucket to prevent objects from being deleted
or overwritten by mistake or to archive objects so that you can retrieve previous
versions of them.
1. Create a VersioningConfiguration property in the Properties section of the S3
resource.
2. Set the Status to Enabled.
3. Update the stack to reflect the changes made in the template.

Resources:
S3Bucket:
Type: AWS::S3::Bucket
Properties:
VersioningConfiguration:
Status: Enabled
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256

The AWSTemplateFormatVersion section identifies the capabilities of the template.

The latest template format version is 2010-09-09 and is currently the only valid
value.
AWSTemplateFormatVersion: "2010-09-09"

The Description section enables you to include comments about your template.
Description: AWS CloudFormation workshop - Resources (uksb-1q9p31idr)
(tag:resources).

You can use the Metadata section to include arbitrary JSON or YAML objects. This
section is useful for providing information to other tools that interact with your
CloudFormation template. For example, when deploying CloudFormation templates
via the AWS console, you can improve the experience of users deploying your
templates by specify how to order, label and group parameters. This can be done
with the AWS::CloudFormation::Interface key.
# Add Metadata section here.
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: 'Amazon EC2 Configuration'
Parameters:
 - InstanceType
ParameterLabels:
InstanceType:
default: 'Type of EC2 Instance'

Parameters enable you to input custom values to your template each time you
create or update a stack.
AWS CloudFormation supports the following parameter types: String, Number, List,
CommaDelimitedList, AWS-Specific Parameter Types( AWS::EC2::VPC::Id) , SSM
Parameter Types( SSM parameter types correspond to existing parameters in
Systems Manager Parameter Store.)

The required Resources section declares the AWS resources that you want to include
in the stack. Let's add the EC2 resource to your stack. The only required property of
the EC2 resource type is ImageId.
Resources:
WebServerInstance:
Type: 'AWS::EC2::Instance'
Properties:
InstanceType: !Ref InstanceType
ImageId: <replace with AMI ID ami-xxxxx>
Deploying an EC2 Instance using CloudFormation:
# Add Format Version section here.
AWSTemplateFormatVersion: "2010-09-09"

# Add Description section here.

Description: AWS CloudFormation workshop - Resources (uksb-1q9p31idr) (tag:resources).

# Add Metadata section here.

Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: 'Amazon EC2 Configuration'
Parameters:
- InstanceType
ParameterLabels:
InstanceType:
default: 'Type of EC2 Instance'

# Add Parameters section here.

Parameters:
InstanceType:
Type: String
Default: t2.micro
AllowedValues:
- t2.micro
- t2.small
Description: 'Enter t2.micro or t2.small. Default is t2.micro.'

# Add Resources section here.

Resources:
WebServerInstance:
Type: 'AWS::EC2::Instance'
Properties:
InstanceType: !Ref InstanceType
ImageId: ami-0cf10cdf9fcd62d37

Intrinsic Functions:
Intrinsic functions are built-in functions that help you manage your stacks. Without
them, you will be limited to very basic templates
  Use the Ref function to dynamically assign parameter values to a resource
property.
 Tag an instance with Fn::Join function.
 Add a tag to the instance using Fn::Sub function.

In the last lab you have "hard coded" an AMI ID directly into the EC2 Resource
property. You will now amend this to make your template more flexible. Let's
convert AmiID to variable and pass it to resource property at the runtime.

First, create a new parameter called AmiID and put it in the Parameters section of
your template.
AmiID:
Type: AWS::EC2::Image::Id
Description: 'The ID of the AMI.'

Use the intrinsic function Ref to pass the AmiID parameter input to the EC2 resource
property.
Resources:
WebServerInstance:
Type: AWS::EC2::Instance
Properties:
# Use !Ref function in ImageId property
ImageId: !Ref AmiID
InstanceType: !Ref InstanceType

To help you manage your AWS resources, you can optionally assign your own
metadata to each resource in the form of tags. Each tag is a simple label consisting
of a customer-defined key, and an optional value that can help you to categorize
resources by purpose, owner, environment, or other criteria. Let's use the intrinsic
function Fn::Join to name your instance.
Resources:
WebServerInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: !Ref AmiID
InstanceType: !Ref InstanceType
Tags:
- Key: Name
Value: !Join [ '-', [ !Ref InstanceType, webserver ] ]

Lab for Intrinsic Functions:

AWSTemplateFormatVersion: "2010-09-09"

Description: AWS CloudFormation workshop - Intrinsic functions (uksb-1q9p31idr)

(tag:intrinsic-functions).

Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: Amazon EC2 Configuration
Parameters:
- InstanceType
- AmiID
ParameterLabels:
InstanceType:
default: Type of EC2 Instance
AmiID:
default: Amazon Machine Image ID

Parameters:
InstanceType:
Description: Enter t2.micro or t2.small. Default is t2.micro.
Type: String
AllowedValues:
- t2.micro
- t2.small
Default: t2.micro

AmiID:
Description: The ID of the AMI.
Type: AWS::EC2::Image::Id

Resources:
WebServerInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: !Ref AmiID
InstanceType: !Ref InstanceType
Tags:
- Key: Name
Value: !Join ['-', [!Ref InstanceType, webserver]]
- Key: InstanceType
Value: !Sub ${InstanceType}