Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

CloudFormation Stacks

  1. Home
  3. AWS Certified DevOps Engineer Professional
  5. CloudFormation Stacks
  • In CloudFormation, manage related resources as a single unit called a stack.
  • create, update, and delete a collection of resources by
    • creating
    • updating
    • and deleting stacks.
  • Resources in stack are defined by the stack’s AWS CloudFormation template.
  • Creating Stack – Stack Name, region cannot be changed, VPC (instances need internet access to communicate with OpsWorks Orchestration Engine),
  • Subnet can be changed, OS cannot be changed (windows/linux), SSH keys, Custom Cookbooks for Git, Advanced options (not changed mostly,
  • can be changed later)
  • Stack Options:
    • Resources tab – allows registration of exisiting resource with stack(EIPs, Volumes, RDS)
    • Layers – logical group of instances share common config elements; Ex: General settings, Auto healing enabled switch; Recipes tab can add recipes
    • Network – allows ELB, associate EIPs; EBS Voumes – allow EBS optimized instances; Security – allows to select instance profiles/SGs
    • Layer Types: OpsWorks Layer, ECS, RDS
  • An RDS instance can only be associated with one opsworks stack.
  • A stack clone operation doesn’t copy an existing RDS instance.
  • work with stacks by using AWS CloudFormation console, API, or AWS CLI.

Stack Creation Depends On:

  • Template Upload/S3 Template reference
  • Template Syntax Check
  • Stack Name & verification & ingestion
  • CFN template processing & stack creation
  • Resource ordering
  • Resource creation
  • Output Generation
  • Stack completion or Rollback
  • DependsOn – influences automatic dependency checking of CFN; directs CFN how to handle dependencies;

CFN Nesting

  • to allow huge set of infra to be split over multiple templates, 460k template size limit for S3, 200 resource limit per template,
  • 100 mapping, 60 parameters, 60 outputs limit per stack/template, nesting can overcome these limits.
  • resource type – AWS::CloudFormation::Stack

CFN Creation Policies, Wait Conditions & Wait Condition Handlers:

  • Influence when a resource is marked as competed – delaying until its actually ready.
  • Creation Policies – only be used on EC2 instance and ASG. Creation Policy Definition & Signal Configuration
  • WC & WCH can be used in complex scenarios involving complex interaction between resources; two related components;
  • WCH is a CFN resource with no properties, but it generated signed URL which can be used to communicate SUCCESS or FAILURE.
  • WC – 4 components 1) they DependOn the resources waiting on 2) a Handle property reference 3) response timeout 4) count (default 1)
  • WCH – Signed URL

CFN Custom Resources

  • resource type within CFN that is backed by SNS or Lambda; Custom::ResourceName(SNSTopic or Lambda Function); ServiceToken – arn for SNS topic
  • Use the presigned URL; provide a response payload; Important elements: status, stack id & request id, physical & logical resource id, data
  • Use cases: stack linked to on-premise resource creation, stack linked to advanced logic – resource discovery, stack deletion linke to
  • advanced tidy operations – backup/montioring deactivation, stacks linked to on-premise CMS, web stack creation – linked to monitoring/penetration
  • testing system, stack creation/deletion updates a lambda based backup solution – EBS snapshotting, Stack deletion spawns account wide pruning for orphaned EBS volumes.

Using CloudFormation Console

  • The CloudFormation console URL is – https://console.aws.amazon.com/cloudformation/.
  • Creating a stack using the AWS CloudFormation console, is wizard-driven process with steps
    • Starting the Create Stack wizard
    • Selecting a stack template
    • Specifying stack parameters
    • Setting AWS CloudFormation Stack Options
    • Reviewing stack
  • After stack creation,
    • monitor the stack’s progress
    • view the stack’s resources and outputs
    • update the stack
    • delete it
  • Amazon EC2 key pair for authentication is needed for access
  • No additional charge for AWS CloudFormation
  • AWS Management Console can also list stack’s data and resources like
    • stack name, stack ID, and root stack
    • tags associated with stack
    • resources part of stack
    • stack’s parameters and their values
  • Stack Status Codes lists the status of stack like
    • CREATE_COMPLETE – Successful creation of one or more stacks
    • CREATE_IN_PROGRESS – Ongoing creation of one or more stacks.
    • CREATE_FAILED – Unsuccessful creation of one or more stacks.

Using AWS CLI for CloudFormation Templates

  • To create a stack you run “aws cloudformation create-stack” command and must list stack name, location of template, and input parameters.
  • For information about CloudFormation stacks – aws cloudformation list-stacks and aws cloudformation describe-stacks.
  • To delete a stack, you run the aws cloudformation delete-stack command.

Nested Stacks

  • They are stacks created as part of other stacks.
  • Needs the AWS::CloudFormation::Stack resource for creating nested stack
  • Example
    • Stack A is the root stack for all the other, nested, stacks in the hierarchy.
    • For stack B, stack A is both the parent stack, as well as the root stack.
    • For stack D, stack C is the parent stack; while for stack C, stack B is the parent stack.

Menu