Download - Managing AWS CloudFormation Templates€¦ · Managing AWS CloudFormation Templates Managing multiple CloudFormation template files needs more attention. It's high risk if we modify

1Managing AWS

CloudFormation TemplatesManaging multiple CloudFormation template files needs more attention. It's high risk if wemodify our AWS CloudFormation directly on production stage. In this chapter, we learnhow to manage CloudFormation for development, testing and production stages.

The following topics will be covered in this chapter:

Introducing CloudFormation template lifecycleIntroducing AWS CodePipelineDefining your testing and production stagesDemo – deploying testing and production stagesManaging testing and production stagesDeleting CloudFormation stack from AWS CodePipeline

Introducing CloudFormation templatelifecycleDeveloping CloudFormation template has similar process in software development. If youhave experiences in software development lifecycle (SDLC), there are many SDLCmethodologies to perform this process. We can describe a general SDLC in the followingdiagram:

Managing AWS CloudFormation Templates Chapter 1

[ 2 ]

A general development lifecycle

The preceding diagram shows a general SDLC that we can apply in CloudFormationdevelopment. There are five stages to build SDLC. The following is a list of stages:

RequirementDesignDevelopingTestingEvaluation

There are many SDLC methodologies that we can apply to build AWS CloudFormation. Afamous methodology is an agile methodology. We don't describe and focus on that topic. Irecommended that you can read some books or articles related to software engineering.

Introducing AWS CodePipelineIf you have experiences SDLC with involving CI/CD, you will get the same experienceswith AWS CodePipeline. Amazon AWS provides AWS CodePipeline services to manage


[ 3 ]

your software and application in development, testing and production stages. You can seeAWS CodePipeline flows in the following diagram:

AWS CodePipeline lifecycle

The preceding diagram shows our AWS CodePipeline work. Starting from source codes,we can build and test. Depending on what kind of application type, we need to set up allrequirements from building process included run time and libraries.

AWS CodePipeline enables to build a machine for testing with AWS resources. You shouldbe aware of resource cost that you use in the project. You can access AWS CodePipelinedashboard on http:/ /console. aws. amazon. com/ codepipeline/ home. You can see it in thefollowing screenshot:

AWS CodePipeline official website

In this chapter, we will explore AWS CodePipeline to develop AWS CloudFormation. We


[ 4 ]

define some stages on next section.

Define your testing and production stagesIn the real projects, you probably define some stages before you launch your products. In acontext of infrastructure, we should prepare for testing and production environments. Ifyou implement infrastructure environment using AWS solution, you can implement AWSCloudFormation with applying CodePipeline.

We can separate testing and production environment with CloudFormation template. Youdefine some configurations and parameters related to testing stage or production stage. Ifyou find some missing or fault configurations, you can remove and then performprovisioning your CloudFormation template easily.

Next, we will see deploying, testing and production for system environment with AWSCloudFormation and CodePipeline.

Demo – deploying testing and productionstagesIn this section, we try to make practices by implementing testing and production stagesusing AWS CloudFormation and AWS CodePipeline. You can see in the following diagramfor our project scenario. We develop CloudFormation template with utilizing AWS Lambdaand AWS DynamoDB.

Consider we have a system with AWS Lambda and AWS DynamoDB. We will deploy thissystem using AWS CloudFormation and AWS CodePipeline. We will implementproduction and test stages in our project:


[ 5 ]

System architecture for demo

To implement our project, we will perform some steps as follows:

Writing CloudFormation templatePreparing a storage for CloudFormation

Next, we will create a CloudFormation template for our project.

Writing CloudFormation templateThe first step is to write a CloudFormation template. We create three files: lambda-func-instance.json, prod-stack-configuration.json, and test-stack-configuration.json.

We create all AWS resources included common configuration in lambda-func-instance.json. In this demo, we create AWS Lambda function that accesses DynamoDB.We modify program codes from Chapter 5, Building Lambda Functions Using AWSCloudFormation. A complete program from lambda-func-instance.json can be seen as


[ 6 ]

follows:

{ "Description" : "AWS CloudFormation: Lambda and DynamoDB Table", "Parameters" : { "LambdaFunctionName":{ "Description": "AWS Lambda function name", "Type": "String" } }, "Resources" : { "TestLambdaFunction" : { "Type" : "AWS::Lambda::Function", "Properties" : { "FunctionName" : { "Ref": "LambdaFunctionName" }, "Handler" : "index.handler", "Role" : { "Fn::GetAtt" : ["TestLambdaExecutionRole","Arn"] }, "Code" : { "ZipFile" : { "Fn::Join" : [ "\n", [ "var AWS = require('aws-sdk');", "var ddb = new AWS.DynamoDB();", "exports.handler = (event, context, callback) =>{", " var params = {", " TableName: 'mydynamodb',", " Item: {", " 'id': {S:new Date().getTime().toString()},", " 'email': {S:event.email},", " 'name': {S:event.name},", " 'country' : {S:event.country},", " 'age' : {N:event.age},", " }", " };", " ddb.putItem(params, function(err, data) {", " if (err) {", " callback(err, 'Error');", " } else {", " callback(null, 'Insert data was succeed');", " }", " });", "}" ]]} }, "Timeout" : "10", "Runtime" : "nodejs6.10"


[ 7 ]

} }, "myDynamoDBTable" : { "Type" : "AWS::DynamoDB::Table", "Properties" : { "TableName": "mydynamodb", "AttributeDefinitions": [ {"AttributeName" : "id", "AttributeType" : "S"} ], "KeySchema": [ { "AttributeName": "id", "KeyType": "HASH" } ], "ProvisionedThroughput" : { "ReadCapacityUnits" : "5", "WriteCapacityUnits" : "5" } } }, "TestLambdaExecutionRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "lambda.amazonaws.com" ] }, "Action": [ "sts:AssumeRole" ] } ] }, "ManagedPolicyArns": ["arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"], "Policies": [{ "PolicyName": "dynamodb", "PolicyDocument": { "Version": "2012-10-17", "Statement": [{ "Sid": "1", "Effect": "Allow", "Action": [ "dynamodb:PutItem"


[ 8 ]

], "Resource": [ {"Fn::Join" : ["", ["arn:aws:dynamodb:",{"Ref": "AWS::Region"}, ":", {"Ref": "AWS::AccountId"},":table/mydynamodb"]]} ] }] } }], "Path": "/"

} } } }

Save these scripts into a file, called lambda-func-instance.json.

Since we work with testing and production stages, we need configure each stage withdifferent files. test-stack-configuration.json consists of testing parameters. Forproduction, we set environment parameters on prod-stack-configuration.json file.

For simple demo, we only change Lambda function name on testing and production stages.The following is a content of scripts on test-stack-configuration.json file:

{ "Parameters" : { "LambdaFunctionName" : "MyLambdaTest" }}

We also define scripts for production parameters on prod-stack-configuration.jsonfile as follows:

{ "Parameters" : { "LambdaFunctionName" : "MyLambdaProd" }}

Save all scripts files. Then, we compress these files into single file, for instance,lambda.zip. This file will be uploaded to Amazon S3 storage.


[ 9 ]

Preparing CloudFormation storageAfter we create three CloudFormation files for testing and production stages, we shouldprepare a storage for our CloudFormation template files. For demo, we use Amazon S3bucket.

Next, we perform the following tasks:

Creating Amazon S3 bucketUploading CloudFormation template files

Creating Amazon S3 bucketWe need Amazon S3 bucket to store our template files so CloudFormation can downloadthese template files and perform provisions.

You can follow these steps to create Amazon S3 bucket:

Open a browser and navigate to https:/ /s3.console. aws. amazon. com/ s3/ home.1.You should log in with your active account.2.If succeed, you should get Amazon S3 dashboard as shown in the following3.screenshot:


[ 10 ]

Amazon S3 dashboard

Click on the + Create bucket button.4.You should get a dialog as shown in the following screenshot. Fill all required5.fields. If done, click the Next button:


[ 11 ]

Creating a bucket

Then, you should get a form as shown in the following screenshot. Check6.the Versioning option. If done, click the Next button:


[ 12 ]

Filling a bucket data

You will be asked to review all entries. Click Create to complete all tasks. After7.created, you should see your Amazon S3 bucket, for instance, lambacloud, asshown in the following screenshot:


[ 13 ]

A bucket has been created

You have created Amazon S3 bucket. Next, we upload our template files.

Uploading CloudFormation template filesWe can upload our compress template file. For demo, we upload lambda.zip file:

Open Amazon S3 Bucket that we already created1.Click the Upload button and select lambda.zip file. 2.If succeed, we can see our lambda.zip file on Amazon S3 bucket as shown in3.the following screenshot:


[ 14 ]

Uploading a template file to Amazon S3

Next, we configure AWS IAM to enable our CloudFormation user can access AWSCodePipeline.

Configuring AWS IAMSince we make interaction with AWS CodePipeline from AWS CloudFormation, we shouldconfigure our AWS users that access AWS CloudFormation.

This is done if we use AWS IAM. You can open AWS IAM using browser and navigateto https://console. aws. amazon. com/ iam/ home. Attach the AWSCodePipelineFullAccesspolicy into your account or role. You can see the AWSCodePipelineFullAccess policy inthe following screenshot:


[ 15 ]

Adding a policy to a user

If you already configured AWS user/role with CodePipeline, we can continue to createCloudFormation stack.

Creating CloudFormation stackNow we can create CloudFormation stack that we have learned:

You open CloudFormation dashboard and then create a new stack as shown in1.the following screenshot. Select our template file that we have created,lambda.zip:


[ 16 ]

Uploading CloudFormation template

Choose template file from Amazon S3 by putting on template file link.2.Then, we will get a form as shown in the following screenshot. Fill all required3.fields. Then, follow guidelines on the portal:

Fill parameters from CloudFormation template

On confirmation page, you can verify your entries. Make sure your CodePipeline4.fields are correct. You can see my CloudFormation confirmation in the following


[ 17 ]

screenshot:

Reviewing CloudFormation template

If done, check the I acknowledge that AWS CloudFormation might create IAM5.resources checkbox as shown in the following screenshot. Then, click the Createbutton:


[ 18 ]

Checked for acknowledge statement

You can check if your CloudFormation is deployed or not on CloudFormation6.dashboard. You can see my CloudFormation was created in the followingscreenshot:

CloudFormation stack has been created


[ 19 ]

You also can check AWS CodePipeline dashboard. If succeed, you can see our7.CodePipeline on the dashboard as shown in the following screenshot:

CodePipeline resource has been created from CloudFormation process

Next, we try to release our program to test stage.

Release to test stageNow we can move our program to test stage. We can perform this task on AWSCodePipeline dashboard. You can open your CodePipeline project. Then, you should seeyour project is waiting for approval as shown in the following screenshot:


[ 20 ]

CodePipeline to test stage


[ 21 ]

To approve, you can click the Review button. You should get a dialog as shown in thefollowing screenshot. Fill comments on text. If you want to approve, click the Approvebutton. Otherwise, you can click the Reject button:

Confirmation for approval

If succeed, you should see the process on CodePipeline. You can see a status of movingprocess to test stage in the following screenshot:


[ 22 ]

Processing CodePipeline on test stage


[ 23 ]

Next, we can perform to release to production stage.

Release to production stageAfter we approve to test stage, we can see our program is waiting to production stage. Youcan verify it on CloudFormation dashboard, as shown in the following screenshot:

Lambda with production model

We can move to production stage. You can go to CodePipeline dashboard. Then, you openyour project. You can see your program under review as shown in the followingscreenshot:


[ 24 ]

Review Production stage on CodePipeline


[ 25 ]

Click the Review button. Fill comments and click the Approve button. If done, you can seeyour program runs on production stage as shown in the following screenshot:

A project is be approved to production stage


[ 26 ]

You also can verify this process in CloudFormation dashboard. You can see your programfor production stage is running as shown in the following screenshot:

A stack is deployed for production stage

Since our program is Lambda program, you can check your Lambda dashboard. You cansee our program has been deployed as shown in the following screenshot:

Lambda program for production is running

Managing testing and production stagesTechnically, we can modify CloudFormation template by modifying template files. Then,we perform similar tasks to manage test and production stages using CodePipeline.

You can modify each stage of program on CodePipeline such as stage properties. If you


[ 27 ]

modify program codes on CloudFormation, you should recreate CloudFormation stack.

Deleting CloudFormation stack from AWSCodePipelineTo delete CloudFormation stack from AWS CodePipeline, we can perform that task fromCloudFormation dashboard. Select your CloudFormation stack and then select the DeleteStack option. You can see it in the following screenshot:

Deleting a CloudFormation stack

SummaryWe have learned how to manage CloudFormation templates with AWS CodePipeline. Wealso tried to simulate how to work with test and production stages. AWS Lambda programis chosen for demo project.

Download - Managing AWS CloudFormation Templates€¦ · Managing AWS CloudFormation Templates Managing multiple CloudFormation template files needs more attention. It's high risk if we modify

Top Related