CloudFormation Template Practical
Build on your understanding of CloudFormation by running templates.
Understanding CloudFormation templates is crucial for the exam. In this practical, we’ll review and run some templates to deploy AWS infrastructure.
Practical
In the widget below, we’ll perform the following steps to demonstrate our knowledge of AWS CloudFormation:
- Create a security group using the
security_group.yamlfile and export the security group ID as a CloudFormation export. - Create an EC2 instance using the
ec2_instance.yamlfile. This file automatically imports the ID of the security group created above from CloudFormation exports.
Note: You need to know all the YAML CloudFormation codes used in the practical below. You may need to enter Q in the terminal if it gets stuck on long outputs.
ec2_instance_stack_name=`cat ec2_instance_stack_name.txt`
security_group_stack_name=`cat security_group_stack_name.txt`
echo "Deleting CloudFormation stacks"
aws cloudformation delete-stack --stack-name ${ec2_instance_stack_name}
aws cloudformation wait stack-delete-complete --stack-name ${ec2_instance_stack_name}
aws cloudformation delete-stack --stack-name ${security_group_stack_name}
aws cloudformation wait stack-delete-complete --stack-name ${security_group_stack_name}
echo "Resources destroyed."Note: Please use the
dos2unix destroy.sh && sh destroy.shcommand to destroy resources. Notice that in thedestroy.shfile, we don’t delete individual resources (like EC2 instances or security groups). We delete the CloudFormation stacks, which automatically deletes all the resources they created.
The following image shows the events of the security group stack created by the practical. Note that we can’t delete a stack if other stacks import its outputs. The top events (red arrows) show that the delete operation was stopped because the EC2 stack uses the exported value.
Code explanation
Let’s review the code used in the widget above.
Security group template
We use the security_group.yaml file to provision the AWS security group. Here’s the explanation of the code within that file:
AWSTemplateFormatVersion: "2010-09-09": Defines the CloudFormation template version. The date format used here indicates the version, and 2010-09-09 is currently the only valid version.Description: Provides a general description of what this template does.