AWS Cloudformation – Resources, Tips and Tricks

Recently been creating CF templates for a job and just learning more in this area of AWS. Listed below are resources, tips and tricks that were helpful.

Resources

AWS User Guide:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html

AWS Github Sample Templates:
https://github.com/awslabs/aws-cloudformation-templates

AWS Sample Templates:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-sample-templates.html

Bogotobogo excellent post on Cloudformation, Templates, Change Sets and CLI:
https://www.bogotobogo.com/DevOps/AWS/aws-CloudFormation-Templates.php

Stelligent Cloudformation Templates
https://github.com/stelligent/cloudformation_templates

AWS::CloudFormation::Init
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-init.html

Tips and Tricks

yamllint – A linter for YAML files.

yamllint does not only check for syntax validity, but for weirdnesses like key repetition and cosmetic problems such as lines length, trailing spaces, indentation, etc.
https://github.com/adrienverge/yamllint

CloudFormation Linter

Validate CloudFormation yaml/json templates against the CloudFormation spec and additional checks. Includes checking valid values for resource properties and best practices.
https://github.com/aws-cloudformation/cfn-python-lint

validate-template

Validates a specified template. AWS CloudFormation first checks if the template is valid JSON. If it isn’t, AWS CloudFormation checks if the template is valid YAML. If both these checks fail, AWS CloudFormation returns a template validation error.
https://docs.aws.amazon.com/cli/latest/reference/cloudformation/validate-template.html

CreationPolicy Attribute

Associate the CreationPolicy attribute with a resource to prevent its status from reaching create complete until AWS CloudFormation receives a specified number of success signals or the timeout period is exceeded. To signal a resource, you can use the cfn-signal helper script or SignalResource API. AWS CloudFormation publishes valid signals to the stack events so that you track the number of signals sent.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-creationpolicy.html

UpdatePolicy Attribute

Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup, AWS::Lambda::Alias, or AWS::ElastiCache::ReplicationGroup resources.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html

DeletionPolicy Attribute

With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default.

Note that this capability also applies to stack update operations that lead to resources being deleted from stacks. For example, if you remove the resource from the stack template, and then update the stack with the template. This capability does not apply to resources whose physical instance is replaced during stack update operations. For example, if you edit a resource’s properties such that AWS CloudFormation replaces that resource during a stack update.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html


Bookmark the permalink.