Download - Deep Dive: AWS CloudFormation

Elastic Beanstalk OpsWorks CloudFormation EC2

Convenience Control

Higher-level services Do it yourself

Continuous integration for your complete stack

Version Control Jenkins

Test

Live

Amazon

S3

AWS

CloudFormation

App commit

Infra commit

Pull

Deploy new

template

Deploy

new app

Continuous integration for your complete stack

Version Control Jenkins

Test

Live

Amazon

S3

AWS

CloudFormation

App commit

Infra commit

Pull

Promote new

template

Promote

new app

"Parameters"

"Mappings"

"Conditions"

"Resources"

"Outputs"

create custom resources

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-custom-resources-lambda.html

"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]}

"Outputs" : {

"InstancePublicDnsName" : {

"Description" : "The public DNS name of the newly created EC2 instance",

"Value" : { ”Fn::GetAtt" : [ "Ec2Instance”, “PublicDnsName” ] }

}

}

"MountPoint" :

{

"Type" : "AWS::EC2::VolumeAttachment",

"Condition" : "CreateProdResources",

"Properties" : {

"InstanceId" : { "Ref" : "EC2Instance" },

"VolumeId" : { "Ref" : "NewVolume" },

"Device" : "/dev/sdh“

}

}

http://aws.amazon.com/cloudformation/aws-

cloudformation-templates/

http://docs.aws.amazon.com/AWSCloudFormation/latest/U

serGuide/CHAP_TemplateQuickRef.html

http://aws.amazon.com/cloudformation/aws-cloudformation-templates/

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/CHAP_TemplateQuickRef.html

https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=lambda-etl&templateURL=https://s3.amazonaws.com/awslambda-reference-architectures/extract-transform-load/lambda_etl.template

https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=lambda-etl&templateURL=https://s3.amazonaws.com/awslambda-reference-architectures/extract-transform-load/lambda_etl.template

"Metadata" : {

"AWS::CloudFormation::Init" : {

"webapp-config": {

"packages" : {},

"sources" : {},

"files" : {},

"groups" : {},

"users" : {},

"commands" : {},

"services" : {}

}

}

},

"packages" : {},

"sources" : {},

"files" : {},

"groups" : {},

"users" : {},

"commands" : {},

"services" : {}

Managing your stacks

Frontend Services

• E-Commerce Website

Backend Services

• Search, Payment Gateway, Reviews, Recommendations

Shared Services

• Common Monitoring tools, Queues

Base Network

• VPCs, Subnets, VPNs, NATs

Identity • IAM Users, Groups, Roles

E-Commerce Website Recommendations Engine

"Parameters" : {

“RecommendationsEndPoint” : {

“Description” : “URL of the recommendations ELB”,

“Type” : “String”

}

},

"Outputs" : {

"RecommendationsEndPoint" : {

"Description" : "URL of the recommendations ELB",

"Value" : { ”Fn::GetAtt" : [ "RecommendationsELB”, “PublicDnsName” ] }

}

}

ELB_AND_AS

“Resources” : {

“ELB”,

“AutoScaling”

}

Website1

“Resources” : {

“NestedStack”,

“RDS”

}

Website2

“Resources” : {

“NestedStack”,

“DynamoDB”

}

Website1

“Resources” : {

“ELB”,

“AutoScaling”,

“RDS”

}

Website2

“Resources” : {

“ELB”,

“AutoScaling”,

“DynamoDB”

}

Amazon

Route 53

"UpdatePolicy" : {

"AutoScalingRollingUpdate" : {

"MaxBatchSize" : “2”,

"MinInstancesInService" : ”2”,

"PauseTime" : “PT20M”

}

}

"UpdatePolicy": {

"AutoScalingRollingUpdate": {

"PauseTime": "PT0S",

"MaxBatchSize": “6",

"MinInstancesInService": "0"

}

}

"UpdatePolicy": {

"AutoScalingRollingUpdate": {

"PauseTime": "PT15S",

"MaxBatchSize": "2",

"MinInstancesInService": "2"

}

}

AWS::EC2::VPC::Id

List<AWS::EC2::Subnet::Id>

List<AWS::EC2::SecurityGroup::Id>

AWS::EC2::KeyPair::KeyName

{

"AWSTemplateFormatVersion" : "2010-09-09",

"Resources" : {

"myS3Bucket" : {

"Type" : "AWS::S3::Bucket",

"DeletionPolicy" : "Retain"

"Properties" : {

"BucketName" : “MyBucket”

}

}

}

}

{

"AWSTemplateFormatVersion" : "2010-09-09",

"Resources" : {

"myVolume" : {

"Type":"AWS::EC2::Volume",

"DeletionPolicy" : "Snapshot”

"Properties" : {

"AvailabilityZone" :”us-east-1a”,

"Size” : “100”

}

}

}

}

MyBucket myVolume Snapshot

“Do not update the databases”

"Effect" : "Deny",

"Principal" : "*",

"Action" : "Update:*",

"Resource" : "*",

"Condition" : {

"StringEquals" : {

"ResourceType” : [

"AWS::RDS::DBInstance”,

"AWS::Redshift::Cluster”

]

}

}

“Okay to update, unless the update requires replacement”

"Effect" : "Deny",

"Principal": "*",

"Action" : "Update:Replace",

"Resource" : "LogicalResourceId/MyInstance"

{

"Version": "2012-10-17",

"Statement": [

{

"Effect": ”Deny",

"Action": “*",

"Resource": "*"

},

{

"Effect" : ”Allow",

"Action" : [

"Action": "ec2:Describe*”

],

"Condition": {

"Null": { "ec2:ResourceTag/*cloudformation*" : "true" }

},

"Resource" : "*"

}

]

}

Download - Deep Dive: AWS CloudFormation

Top Related