DEV Community

Arthurite Integrated
Arthurite Integrated

Posted on

Infrastructure as Code: AWS CloudFormation Basics

#cloudformation #aws #infrastructureascode #arthuriteintegrated

In today's cloud-driven world, manually configuring resources is no longer sustainable. Enter Infrastructure as Code (IaC) – a practice that allows you to define and provision your entire infrastructure using code. AWS CloudFormation is Amazon's native IaC service that enables you to manage AWS resources through templates rather than manual configuration.

What is AWS CloudFormation?

CloudFormation treats infrastructure as code, allowing you to model your entire infrastructure in text files. These templates describe all the AWS resources you need (like EC2 instances, S3 buckets, or RDS databases) and their configurations. CloudFormation then provisions and configures these resources for you in a safe, repeatable manner.

Key Benefits

  1. Consistency and Reproducibility: Deploy identical environments every time
  2. Version Control: Track changes to your infrastructure like any other code
  3. Automation: Remove manual steps and human error
  4. Dependency Management: CloudFormation handles resource dependencies automatically
  5. Rollback Capability: If something fails during deployment, CloudFormation rolls back to the last known good state

CloudFormation Template Basics

CloudFormation templates are written in either JSON or YAML format. Here's a simple template structure:

AWSTemplateFormatVersion: '2010-09-09'
Description: 'A simple EC2 instance template'

Resources:
  MyEC2Instance:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: t2.micro
      ImageId: ami-0c55b159cbfafe1f0
      SecurityGroups:
        - !Ref WebServerSecurityGroup

  WebServerSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Enable HTTP access
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
Enter fullscreen mode Exit fullscreen mode

Key Components of a Template

  1. Resources: The AWS resources you want to create (required)
  2. Parameters: Values that can be passed when creating or updating a stack
  3. Mappings: Key-value pairs for conditional value lookup
  4. Outputs: Values that are available after stack creation
  5. Conditions: Statements that control resource creation

Creating Your First Stack

A CloudFormation "stack" is a collection of AWS resources that you manage as a single unit. Here's how to create one:

  1. Write your template in YAML or JSON
  2. Save it to a local file or S3 bucket
  3. Deploy it using one of these methods:
    • AWS Management Console
    • AWS CLI: aws cloudformation create-stack --stack-name MyFirstStack --template-body file://template.yaml
    • AWS SDK

Practical Example: A Web Server Stack

Let's create a simple web server environment:

AWSTemplateFormatVersion: '2010-09-09'
Description: 'Basic Web Server Stack'

Parameters:
  InstanceType:
    Type: String
    Default: t2.micro
    Description: EC2 instance type

Resources:
  WebServerSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Allow HTTP and SSH
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 22
          ToPort: 22
          CidrIp: 0.0.0.0/0

  WebServer:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: !Ref InstanceType
      ImageId: ami-0c55b159cbfafe1f0
      SecurityGroups:
        - !Ref WebServerSecurityGroup
      UserData:
        Fn::Base64: !Sub |
          #!/bin/bash -xe
          yum update -y
          yum install -y httpd
          systemctl start httpd
          systemctl enable httpd
          echo "<html><body><h1>Hello from CloudFormation!</h1></body></html>" > /var/www/html/index.html

Outputs:
  WebsiteURL:
    Description: URL for the web server
    Value: !Sub http://${WebServer.PublicDnsName}
Enter fullscreen mode Exit fullscreen mode

Best Practices

  1. Use Parameters for values that might change between deployments
  2. Utilize Nested Stacks for complex infrastructures to break down into manageable components
  3. Implement Change Sets to preview changes before implementing them
  4. Add Deletion Policies to prevent accidental deletion of critical resources
  5. Use Stack Policies to prevent updates to specific resources

Updating Stacks

After creating a stack, you can update it by modifying your template and using the update-stack command:

aws cloudformation update-stack --stack-name MyFirstStack --template-body file://updated-template.yaml
Enter fullscreen mode Exit fullscreen mode

CloudFormation will only change the resources that need to be updated, leaving everything else intact.

Conclusion

AWS CloudFormation provides a powerful way to define, deploy, and manage your AWS infrastructure as code. By defining your resources in templates, you gain consistency, version control, and automation that manual configuration simply cannot match. Start with simple templates focusing on a single service, and gradually expand as you become more comfortable with the CloudFormation syntax and capabilities.

For more advanced features, look into CloudFormation modules, drift detection, and integration with AWS CodePipeline for continuous deployment of your infrastructure.

Top comments (0)