Skip to content Skip to sidebar Skip to footer
Home / Best Practices to Upload Cloud Formation Templates

Best Practices to Upload Cloud Formation Templates

Post a Comment

If you're automating your workload deployments on the Amazon Web Services (AWS) Deject using AWS CloudFormation, yous can take steps to save time during and afterward initial development. In addition to saving time, yous can prevent your templates from becoming obsolete. In this web log post, I cover some best practices for AWS customers and AWS Partners to follow when developing infrastructure every bit code with AWS CloudFormation. The post also covers best practices for testing and maintaining AWS CloudFormation templates.

Virtually this blog post
Time to read ix min.
Learning level Intermediate (200)
AWS service AWS CloudFormation

Virtually AWS CloudFormation

AWS CloudFormation streamlines the deployment of key workloads on the AWS Cloud. With AWS CloudFormation, you model and provision all the resources needed for your applications across multiple Regions and accounts in an automated and secure style. You can use programming languages or simple text files. AWS CloudFormation templates are text files, written in YAML or JSON format, that ascertain the AWS resources to exist deployed.

You can integrate automation tools, such as AWS Lambda and AWS Systems Manager, into your AWS CloudFormation templates. With automation tools, you can automate the provisioning of custom workloads on elevation of the divers AWS infrastructure.

The AWS Quick Start program provides over 170 examples of AWS Partner and AWS native deployments, all of which employ AWS CloudFormation templates.

Best practices

  1. First with existing AWS CloudFormation templates
  2. Create modular templates
  3. Use existing repositories every bit submodules
  4. Use an integrated development environment with linting
  5. Apply parameters to define paths to your external assets
  6. Employ the same names for common parameters
  7. Automate AWS CloudFormation testing with TaskCat
  8. Maintain your templates

i. Start with existing AWS CloudFormation templates

When you use AWS CloudFormation to develop infrastructure as code, first check to see if what you program to deploy has already been developed and shared with the customs. Cheque for your entire solution also equally aspects of it.

For example, await at AWS Quick Starts, which are open-source and available on GitHub. On the AWS Quick Starts home folio, you lot tin can search the catalog by partner, product, or keyword, and yous tin filter by common employ cases. Also wait at AWS Labs, another open up-source GitHub organization with a number of sample AWS CloudFormation templates adult by AWS and by the community of AWS Partners and customers.

If you lot're edifice an automated deployment on AWS infrastructure that includes common AWS resources, starting with an existing template tin can salvage y'all hours or days worth of effort. Common resources include Amazon Elastic Cloud Compute (Amazon EC2) instances, Amazon Simple Storage Service (Amazon S3) buckets, Lambda functions, and Amazon Relational Database Service (Amazon RDS) databases.

2. Create modular templates

While you could use a single AWS CloudFormation template to automate a complex deployment, it's easier to work with multiple smaller templates. For example, permit's take a iii-tier web application with the following parts:

  • A highly available Amazon RDS database
  • An Amazon EC2 Motorcar Scaling group for the application layer
  • An Amazon EC2 Automobile Scaling grouping for the web layer
  • Load balancers for both the application and web layers

If you were to define every part of this deployment in a single AWS CloudFormation template, the template would exist large and difficult to troubleshoot. Troubleshooting and iterating would be easier if, instead, y'all created a template for each of these components. You would take a child template for the database, a child template for the awarding layer, a child template for the web layer, and a parent template that deploys the child templates in sequence.

Using a modular approach like this, you and others could reuse the smaller templates. For example, you might copy the database template and employ information technology for some other web awarding.

3. Use existing repositories equally submodules

main repository with two submodules and a sub-submoduleUse submodules to take advantage of work that has already been done. Submodules non only save you time during development but also reduce the need to maintain redundant resource.

If you're maintaining your AWS CloudFormation templates in a GitHub repository, you can import other GitHub repositories every bit submodules and deploy them from your parent AWS CloudFormation template. To do this, utilise the git submodule add command.

The Amazon Virtual Private Deject (Amazon VPC) Quick Commencement is a good instance. If you're deploying infrastructure that requires a new VPC, you lot can add the Amazon VPC Quick Start to your repository as a submodule. Either fork the quickstart-aws-vpc repo to your GitHub account or clone it directly from the aws-quickstart account. And so, your parent stack can telephone call the submodule template as a kid stack, passing parameters into it to define the VPC. Parameters include the number of Availability Zones to use, whether to deploy network address translation (NAT) gateways, etc.

Other common submodules include the Linux breastwork Motorcar Scaling group, Microsoft Active Directory Domain Services, and Amazon Elastic Kubernetes Service (Amazon EKS).

4. Utilize an integrated evolution environment with linting

The corporeality of fourth dimension it takes to launch an AWS CloudFormation template varies from a few minutes to several hours. With complex deployments, a programmer might make a simple mistake and not realize it until a stack fails late during testing. Discovering mistakes at he concluding minute tin can lead to unnecessary frustration and wasted time.

While AWS CloudFormation templates and scripts tin can be developed with any text editor, working in an integrated development environment (IDE) can improve the procedure. An IDE can take hold of formatting mistakes in real time, can display aspects of your code in dissimilar colors to highlight them, and can reformat multiple lines of code simultaneously. Nigh IDEs can comprise 3rd-party linting tools to ensure that your lawmaking is developed correctly for particular applications, including AWS CloudFormation.

AWS CloudFormation Linter (cfn-lint) is an open-source tool maintained by the AWS CloudFormation team. Cfn-lint analyzes AWS CloudFormation templates and checks for syntactic errors. (The cfn in cfn-lint stands for CloudFormation.) By using an IDE with this linter installed, developers tin catch errors immediately, reducing development and testing fourth dimension. You tin can find cfn-lint plugins for popular IDEs on the CloudFormation Linter GitHub page under Editor Plugins.

5. Use parameters to define paths to your external avails

Future-proof your AWS CloudFormation templates by avoiding hardcoded paths to external assets. For instance, imagine that you lot have developed a template that deploys an EC2 case that downloads installation media from an S3 bucket. You could hardcode the path to the installation media as something like this:

https://customerbucket.s3.u.s.a.-east-one.amazonaws.com/install.tar.gz

If y'all did, though, future changes to the S3 bucket (in this case, customerbucket)—such as removing public access or deleting the bucket entirely—would cause the deployment to neglect.

Instead of hardcoding the path to the installation media, ascertain it every bit a parameter, and set up the URL every bit the default.

Another way to future-proof access to your external assets is to store them in the aforementioned repository as your AWS CloudFormation templates. Y'all tin can store external assets that are called past the AWS CloudFormation template in the same repository as the template, decreasing external dependencies. Common repositories include AWS CodeCommit, GitHub, and GitLab. Assets that are commonly stored alongside the AWS CloudFormation templates that call them include Lambda functions, Bash or PowerShell scripts, and installation media.

6. Use the same names for common parameters

When you use a modular approach with complex deployments, yous may find yourself working with a large number of AWS CloudFormation templates. The Amazon EKS Quick First, for instance, has xv templates. In the Amazon EKS Quick Starting time, outputs from 1 template are passed as parameter values to other templates. Keeping parameter names consequent across all AWS CloudFormation templates makes it easier to troubleshoot and iterate.

For example, have the parameter VPCID (the ID of VPC into which the Quick Start is deployed). If yous were to deploy the Amazon VPC Quick Start as a submodule, then y'all would deploy assets into the new VPC past passing the VPCID output from the submodule as a parameter value to your other templates. Using the parameter name VPCID in all your templates simplifies keeping track of your outputs and parameter values.

Hither are some other common parameter names to keep the same:

  • VPCCIDR – Classless Inter-Domain Routing (CIDR) block of the VPC into which the Quick Commencement is deployed
  • PrivateSubnet1ID – ID of the first Availability Zone's individual subnet
  • PrivateSubnet2ID – ID of the second Availability Zone's private subnet
  • PublicSubnet1ID – ID of the first Availability Zone's public subnet
  • PublicSubnet2ID – ID of the 2nd Availability Zone's public subnet

7. Automate AWS CloudFormation testing with TaskCat

When yous build AWS CloudFormation templates, you must test them. Testing typically involves the following steps:

  1. Upload your templates to an S3 bucket.
  2. Sign in to the AWS Direction Console.
  3. Open the AWS CloudFormation console.
  4. Enter the S3 path to your parent template.
  5. Manually enter parameter values.
  6. Launch the stack.
  7. Look to run into if the deployment succeeds or fails.

It's time-consuming to manually deploy AWS CloudFormation templates beyond multiple AWS Regions and then make clean up the avails you deployed during testing. In addition, y'all may lose track of the assets you lot deployed. Then when you clean up the exam environment manually, you may overlook avails that remain agile in your business relationship. These overlooked avails tin can lead to unexpected charges on your next AWS billing statement.

To address these issues, the AWS Quick Outset squad has developed a process to automate AWS CloudFormation testing using an open-source tool chosen TaskCat. Yous enter Regions and parameter values into a YAML-formatted file called taskcat.yml in the root of your repository. TaskCat uses these values to automatically deploy your AWS CloudFormation templates. It then logs the results of the deployment—whether it succeeded or failed (and, if information technology failed, the reason)—and deletes whatever assets that were deployed.

When yous use TaskCat to test your AWS CloudFormation templates, you tin focus on other things while waiting for the deployment to complete. You can likewise foreclose resources that were deployed during testing from lingering in your AWS accounts.

8. Maintain your templates

Since AWS CloudFormation templates are used to automate deployments, they are often reused for months or years. As a outcome, they can leave of date. For example, EC2 instance types may go deprecated, Amazon Motorcar Images (AMIs) may be removed from general availability, and new functionality may be added to a database service.

Exam your AWS CloudFormation templates periodically to ensure that they continue to piece of work equally expected. Contain new service functionality as information technology becomes bachelor.

Conclusion

As an AWS CloudFormation programmer, you tin can salve time, try, and frustration when you follow the all-time practices described in this post. For more, meet the following resources:

  • TaskCat testing tool: Learn how to use TaskCat to automate AWS CloudFormation testing.
  • AWS CloudFormation page: Access AWS CloudFormation documentation and resources.
  • AWS CloudFormation console: Sign in to the AWS Direction Console and open up the AWS CloudFormation console to deploy your templates.
  • Infrastructure & Automation blog: Detect additional web log posts on AWS automation.

Let me know your thoughts in the comments, or transport an email to quickstart@amazon.com.

farringtoncalsomed.blogspot.com

Source: https://aws.amazon.com/blogs/infrastructure-and-automation/best-practices-automating-deployments-with-aws-cloudformation/

You may like these posts

Post a Comment for "Best Practices to Upload Cloud Formation Templates"