What is AWS Cloud Formation

AWS CloudFormation FAQs

Q: What is AWS CloudFormation?

AWS CloudFormation is a service that enables developers and companies to easily create a collection of associated AWS resources and third-party resources, and to provide and manage them in an orderly and transparent manner.

Q: What can developers do with AWS CloudFormation?

Developers can easily provision and update computing and database resources, as well as a variety of other resources, in a simple, self-explanatory manner, abstracting the complexity of specialized resource APIs. AWS CloudFormation is designed to manage resource lifecycles repetitively, predictably, and securely. At the same time, automatic reset, automatic status management and management of resources across accounts and regions are possible. Recent expansions and options open up a number of possibilities for generating resources. This includes using the AWS CDK to write code in higher-level languages, importing existing resources, and detecting configuration fluctuations. There's also a new registry that makes it easier to create custom types that take many other benefits of CloudFormation.

Q: How is CloudFormation different from AWS Elastic Beanstalk?

These services should complement each other. AWS Elastic Beanstalk provides an environment for easily deploying and operating applications in the cloud. This solution is integrated with developer tools and provides a centralized environment for managing the application lifecycle. If your application workloads can be managed as Elastic Beanstalk workloads, creating and updating applications becomes much easier. Elastic Beanstalk uses CloudFormation in the background to create and maintain resources. If your applications require more individual control options, the additional functions of CloudFormation give you more options for controlling your workloads.

AWS CloudFormation is a convenient delivery mechanism for a wide range of AWS and third-party resources. It supports the infrastructure needs of many different types of applications, such as existing enterprise applications, legacy applications, applications built with various AWS resources, and container-based solutions (including those built with AWS Elastic Beanstalk).

AWS CloudFormation supports Elastic Beanstalk application environments as one of the AWS resource types. This enables you, for example, to create and manage an application hosted by AWS Elastic Beanstalk and an RDS database to store the application data. Any other supported AWS resources can also be added to the group.

Q: What new concepts does AWS CloudFormation introduce?

CloudFormation introduces four new concepts: Templates consist of declarative code of type JSON or YAML that describes the intended state of all resources required to deploy the application. A stack implements and manages the set of resources described in the template and enables the status and dependencies of such resources to be managed together. A change set is a preview of the changes that will be made by stack operations to create, update, or delete resources. A stack set is a group of stacks that you manage together and that a group can replicate.

Q: What resources does AWS CloudFormation support?

A complete list of supported AWS resources including their functions can be found on the "Supported AWS Services" page in the version history of the documentation.

The AWS CloudFormation registry and custom resources allow you to manage additional AWS and third-party resources.

Q: Can I manage individual AWS resources that are part of an AWS CloudFormation stack?

Yes, that is possible. CloudFormation doesn't get in your way. You have full control of every element of your infrastructure and you can continue to use all of your existing AWS and third-party tools to manage your AWS resources. However, since CloudFormation allows for additional rules, best practices, and compliance controls, we recommend allowing CloudFormation to manage changes to your resources. This predictable and controlled approach helps manage hundreds or even thousands of resources across your range of applications.

Q: What are the elements of an AWS CloudFormation template?

CloudFormation templates are text files in JSON or YAML format that are made up of five types of elements:

1. An optional list of template parameters (input values ​​that are entered when the stack is created)
2. An optional list of output values ​​(e.g. the full URL of a web application)
3. An optional list of data tables used for looking up static configuration values ​​(e.g. AMI names)
4. A list of AWS resources and their configuration values
5. A template file version number

Once the stack is created, you can use template parameters to customize aspects of your template at runtime. For example, the size of the Amazon RDS database, the types of Amazon EC2 instances, and the port numbers of database and web servers can be passed to AWS CloudFormation when a stack is created. Each parameter can have a default value and description, and can be marked as “NoEcho” to hide the actual value you entered from the screen and from the AWS CloudFormation event logs. When you create an AWS CloudFormation stack, the AWS Management Console automatically creates a pop-up dialog form in which you can edit the parameter values.

Output values ​​are a convenient way to present the most important resources of a stack (such as the address of an Elastic Load Balancer or an Amazon RDS database) to the user through the AWS management console or the command line tools. Using simple functions, you can link strings and values ​​of attributes that are associated with the respective AWS resources. A template can also use registry resource types, your own custom private types, and your own macros, as well as retrieving configuration parameters from the AWS Secrets Manager and AWS System Manager Parameter Store.

Q: How does AWS CloudFormation choose the resource names?

You can assign logical names to AWS resources in a template. When a stack is created, AWS CloudFormation then associates the logical name with the name of the corresponding AWS resource. The resource names are a combination of the stack name and the logical resource name. This means that multiple stacks can be created from one template without the risk of name clashes between the AWS resources.

Q: Why can't I name all of my resources?

AWS CloudFormation allows some resources (such as Amazon S3 buckets) to be named. However, this does not apply to all resources. The naming of resources limits the reusability of templates and leads to naming conflicts when an update causes a resource to be replaced. In order to keep these problems as low as possible, CloudFormation supports the naming of resources depending on the individual case.

Q: At the time of stack creation with AWS CloudFormation, can I install software?

Yes. AWS CloudFormation provides several application bootstrapping scripts that you can use to install packages, files, and services on your EC2 instances by describing them in your CloudFormation template. For more information and instructions, see Bootstrapping Applications Using AWS CloudFormation.

CloudFormation can also be integrated with Systems Manager to operate and maintain software installations with Systems Manager automation documents.

Q: Can I use AWS CloudFormation with Chef?

Yes. With AWS CloudFormation, you can bootstrap both Chef Server and Chef Client software on your EC2 instances. For more information and instructions, see Integrating AWS CloudFormation with Chef.

Q: Can I use AWS CloudFormation with Puppet?

Yes. With AWS CloudFormation, you can bootstrap both puppet master and puppet client software on your EC2 instances. For more information and instructions, see Integrating AWS CloudFormation with Puppet.

Q: Can I use AWS CloudFormation with Terraform?

Yes. With CloudFormation, your Terraform engine can be bootstrapped on your EC2 instances. You can use Terraform Resource Providers to create stacks of resources using stack state management, dependencies, stabilization, and rollback.

Q: Does AWS CloudFormation support Amazon EC2 tagging?

Yes. Amazon EC2 resources that support tagging can also be tagged in an AWS template. The tag values ​​can refer to template parameters, other resource names, resource attribute values ​​(e.g. addresses), or values ​​generated by simple functions (e.g. a linked list of strings). CloudFormation automatically tags Amazon EBS volumes and Amazon EC2 instances with the name of the CloudFormation stack to which they belong.

Q: Do I have access to the EC2 instance or the user data fields of the Auto Scaling launch configuration?

Yes. Using simple functions, you can link strings and values ​​of attributes of the AWS resources and pass them on to user data fields in your template. The sample templates provide more information on these easy-to-use features.

Q: What if one of the resources in the stack cannot be created?

The automatic reset on errors feature is enabled by default. CloudFormation uses it to create or update all of the resources in your stack only if all the individual operations have been carried out successfully. If this is not the case, CloudFormation resets the stack to the last known stable configuration. This is useful, for example, if you accidentally exceed your default Elastic IP address limit or if you don't have access to an EC2 AMI that you want to run. This feature ensures that stacks are either completely created or not created at all, which greatly simplifies system administration and building multi-tier solutions based on CloudFormation.

Q: Can the stack build wait for my application to start?

Yes. As one of the options, CloudFormation provides a resource WaitCondition that acts as a barrier by blocking further resources from being created until a completion signal is received from an external source such as your application or management system. Other options include creating custom logic with AWS Lambda functions.

Q: Can I keep my data if a stack is deleted?

Yes. With CloudFormation you can define the deletion policies for your resources in the template. For example, you can choose to take snapshots of Amazon EBS volumes or Amazon RDS database instances before they are deleted. You can also choose to keep a specific resource and not delete it when the entire stack is deleted. This is useful for preserving Amazon S3 buckets when the stack is deleted.

Q: Can I update my stack after it's created?

Yes. You can use CloudFormation to change and update the resources in existing stacks in a controlled and transparent way. By using templates to manage stack changes, you can apply version control to your AWS infrastructure as well as the software running on it.

Q: Can I create stacks in a Virtual Private Cloud (VPC)?

Yes. CloudFormation supports the creation of VPCs, subnets, gateways, route tables, and network ACLs, as well as resources such as Elastic IP addresses, Amazon EC2 instances, EC2 security groups, auto-scaling groups, Elastic Load Balancers, Amazon RDS DB instances, and Amazon RDS security groups in an existing VPC.

Q: How can I get involved in the CloudFormation community?

Please become a member of the AWS CloudFormation GitHub Community.

Q: Can I manage resources that were created outside of CloudFormation?

Yes. There is Resource Import for this. With Resource Import, you can bring an existing resource into AWS CloudFormation Management.