Open in app

Sign in

Write

Sign in

Getting Started with Cloud Formation

Julia Scheel
7 min readFeb 18, 2020

An intuitive step-by-step tutorial required tools and term definitions of AWS CloudFormation.

Written by Julia Scheel and Uzodimma

Photo by Dallas Reedy on Unsplash

Audience: AWS CloudFormation beginners

Amazon Web Services provides an easy-to-use and secure cloud platform. AWS offers database storage, compute power, delivery and easy scalability. It offers a common language to model both infrastructure and application resources via text files. Third party contents can be easily introduced and managed.

AWS CloudFormation is a scripting language that helps us manage, configure and deploy necessary structures using one language.

In an organization that has, maintains and manages its computing infrastructure, there is a great need for:

  1. Development team: Make Software — Pass Software to Operations who will then configure it.
  2. Operational team: manage, monitor and configure software. Make sure software runs correctly and at top performance

There are often gaps in communication, creating unnecessary complications. DevOps is the idea of those two groups working together as a team, so everything runs smoothly. Effective communication is key.

Why we need Cloud DevOps:

There have been situations in an organization where a deployment that ran smoothly as expected on a test environment crashed or bricked something in a production environment. This can be a result of one of the following:

  1. Mismatch environments: hardware used to develop (test environment) and hardware used to deploy (production environment) differ (example specifications CPU, memory, storage). Operating systems may also differ and cause a difference in performance.
  2. Configuration Drift: Usually caused by an unreported configuration change. E.g: Something breaks in production — operations team fixes it by making change in production server and did not communicate the change to the Development team — configuration on the test environment no longer matches the configuration on the development environment — this will become an issue with the next update, as development did not have a note of the manual change.
  3. Unpredictable deployment: Operations was not involved in creation of software. Operations gets a list 1. of specifications and then try their best to get things running.

DevOps eliminate the above issues.

Benefits of Cloud DevOps

  1. Offers set of best practices and tools to solve problems above. E.g. Configuration Management tools: Chef, Puppet, ansible, Changes are written as code and sit in the repository. Operations can access the same repository, create a patch or change configurations, until everything works. Once this is done the change can be applied to the development environment.
  2. Deployments are automated and predictable. It does not matter who deploys (e.g. development staging production) — it will still run.
  3. Enables Continuous Integration Continuous Deployment (CI/CD): Tracks the development changes, which are written as code and sit in the repository. Operations can access that same repository, create a patch or change configurations, until everything works. Once this is done the change can be applied to the development environment.

Additional Information:

Jenkins or Circle CI tools help developers push features out faster

CI: continuously monitor repositories — when developers add new code a process to build and perform uni tests, and deploy the latest version of the software is triggered— increases predictability

Additional Literature:

The difference between DevOps and software configuration management

How to configure AWS for Cloudformation

CloudFormation helps us manage, configure and deploy necessary structure to have everything run smoothly. It is a scripting language so we need a code editor for JSON and YAML and it is advisable to use version control.

Steps:

  1. Configure IAM user
  2. AWS CLI tool configuration
  3. API
  1. Setting up IAM user
  • Create access Key ID
  • Search “IAM” in the AWS Management Console
  • Click on “Users”
  • click “Add user”
Search “IAM” in the AWS Management Console
Click on “Users” and then “Add User”
  • Add User Name
  • tick programmatic access to enable access key ID and subsequent CLI access instead of having to interact with the website to make changes.
  • click Next Permissions to get to the next step
add User name, tick “Programmatic access” as shown and click “Next: Permissions”
  • check “Administrator Access”: In this example we want to do everything ourselves and have access to everything. Leave this unchecked, if you would like to create a more limited user access
  • click “Next: Tags” to get to the next step
check “Administrator Access” and click “Next: Tags”

Tages are used to add information, such as addresses or job titles. In the end you can add whatever information you deem important.

Click “Next” to receive your key ID and Secret access key.

Additional Information:

Save your Access key ID and Secret access key and keep them private.

Best Practice:

1. Change your access key ID and Secret access key frequently.

2. Make them interactive if you know you will not use them for a while.

3. Never save them on Github, s3 bucket plain-text file, or anything comparable

Setup your code editor to communicate with your AWS account

To configure the AWS command line tool you need to follow these steps as mentioned above:

  1. Configure IAM user (done)
  2. AWS CLI tool configuration
  3. API

Step by step:

  • Verify you have AWS command line tool — open cmd line and type:
aws --version
  • You should see the version of the AWS cli. In this example the AWS Cli was not installed yet, so we received this message (path will vary):
  • if not installed, download and install
  • Open your CLI and type (I used the Ubuntu CLI, but you can use whatever you are comfortable with):
pip3 install aws cli
  • hold your access keys ready and type:
aws configure
  • You will be prompted to enter your access key ID and secret access key
  • verify your setup by listing your s3 buckets. Type this command in your CLI:
aws s3 ls

This command will list all the s3 buckets you have under your account. Should you have none, nothing may happen. The important part is that you do not get an error. It should look somewhat like this (user and AWS CLI may vary):

Let’s confirm this using the AWS Management Console, just in case:

  • go back to your AWS Management Console
  • click “Users”
  • click on the User you created earlier. In this example it is “udacity 1”
  • click on “Security Credentials”: You will see your Access key ID and the the Status “Active”
Next to your status you have the option “make inactive”: this is useful if you lose your key. You also have the option to create a second access key, which I am not doing here.

Deploy your first cloud script

CloudFormation is a declarative language: Meaning you declare the resources you want, without worrying about the interdependencies needed to create a server and a network — how does amazon know which one to create first? –with AWS you don’t need to worry about it. You specify your dependencies and AWS does the rest, is all.

  • open your text editor (in this example sublime)
  • set it up to be compatible with CloudFormation
  • change to file to YAML (json is also supported. It seems that yaml is more common at the moment, which is why we are sticking to that)
  • For this example, we’ll assume your CloudFormation file name is called testcfn.yml, and you’re giving your stack the name myfirsttest.

Run CloudFormation

  • In the your CLI to use your yml code and to request the resources, type the following (in the same directory):
aws cloudformation create-stack--stack-name myfirsttest--region us-west-2 (or any region you choose)--template-body file://testcfn.yml

The results should look like this:

Let’s verify this using the AWS Management Console

  • go to your AWS Management Console
  • click “VPC”
  • click “Your VPCs”. It should look somewhat like this:
  • go back to AWS Management Console
  • click on “CloudFormation” to verify the successful creation of the stack.

Additional glossary and information:

  • Name: A name you want to give to the resource (does this have to be unique across all resource types?)
  • Type: Specifies the actual hardware resource you are deploying.
  • Properties: Specifies configuration options for your resource. Think of these as all the drop-down menus and checkbox options that you would see in the AWS console if you were to request the resource manually.
  • Stack: A stack is a group of resources. These are the resources that you want to deploy, and that are specified in the YAML file
  • Most settings have smart defaults. Check for the “required” line. Should there be a “no” you do not have to set it.

Best practices:

Coding best practice: Create separate files to organize your code. You can either create separate files for similar resources, or create files for each developer who uses those resources.

AWS
Cloudformation
Beginner
Baby Steps
Udacity

--

--

Julia Scheel

Written by Julia Scheel

15 Followers

Scientist turning self-taught data analyst, eternal student, diver, tango and mental health enthusiast.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams