AWS CloudFormation Templates – AWS CloudFormation Tutorial – Part 3

In this session will discuss more about AWS CloudFormation Templates, here will be working with template basics and objects in detail. Will Cover below mentioned options:

• Resources and resources parameters
• References
• Intrinsic Functions
• Outputs

Resources

Resources are the stack’s members we want to create. Our templates must declare a resources section with at least one resource that this is the only mandatory options.

Each resource declaration includes three parts:

• A logical name that is unique within the template: For example, “Myinstance”, “demo-vpc” ,”MyELB”
• A resource type: For example, “AWS::EC2::Instance”, “AWS::RDS::DBInstance”
• Properties for that resource: For example, “SecurityGroups”, “MasterUsername”

Here we define an EC2 instance with AZ “eu-west-1a” and imageId “ami-7fd4e10b”

 "Resources" : {
    "MyInstance" : {
        "Type" : "AWS::EC2::Instance",
        "Properties" : {
            "AvailabilityZone" : "us-east-1a",
            "ImageId" : "ami-7fd4e10b"
        }
    }
}

There are resource-specific property values before we crate the resource. Below there is the list of an “AWS::EC2::Instance” specific resource properties list:

{
   "Type" : "AWS::EC2::Instance",
   "Properties" : {
      "AvailabilityZone" : String,
      "BlockDeviceMappings" : [ EC2 Block Device Mapping, ... ],
      "DisableApiTermination" : Boolean,
      "EbsOptimized" : Boolean,
      "IamInstanceProfile" : String,
      "ImageId" : String,
      "InstanceType" : String,
      "KernelId" : String,
      "KeyName" : String,
      "Monitoring" : Boolean,
      "NetworkInterfaces" : [ EC2 Network Interface, ... ],
      "PlacementGroupName" : String,
      "PrivateIpAddress" : String,
      "RamdiskId" : String,
      "SecurityGroupIds" : [ String, ... ],
      "SecurityGroups" : [ String, ... ],
      "SourceDestCheck" : Boolean,
      "SubnetId" : String,
      "Tags" : [ EC2 Tag, ... ],
      "Tenancy" : String,
      "UserData" : String,
      "Volumes" : [ EC2 MountPoint, ... ]
   }
}

You can find the orhers by using this link.

References

“Ref” is a function to use the value of a resource for another resource,output etc. We’ve senn the usage of “Ref” before. As seen below:

“ImageId” : { “Fn::FindInMap” : [ “RegionMap”, { “Ref” : “AWS::Region” }, “AMI” ]} – > 
Our region is defined by using the “AWS:Region” pseudo parameter.

“MasterUserPassword” : { “Ref” : “DBPassword” } -> 
Here, “MasterUserpassword” prpğerty of an RDS instance will get its value by using the “DBPassword” parameter.

There are other references and their return values in this link.

Intrinsic Functions

Intrinsic functions are used to pass values that are not available until runtime. Below you can find the function list:

Fn::Base64
The base64 encoding of the argument. We can use this function to pass base64 encoded data as Userdata of an instance.

{ “Fn::Base64” : valueToEncode }

For example:

"UserData" : {
      "Fn::Base64" : { "Fn::Join" : ["", [
        "#!/bin/bash\n",
        "touch /tmp/log.txt\n"
      ]]
    }},

Fn::FindInMap
Returns the value of a key from the specified Mapping. We’ve seen its usage before.

“Fn::FindInMap” : [ “MapName”, “TopLevelKey”, “SecondLevelKey”]

For example:

“ImageId” : { “Fn::FindInMap” : [ “RegionMap”, { “Ref” : “AWS::Region” }, “32”]},

Fn::GetAtt

Returns the attribute value of the specified resource.

“Fn::GetAtt” : [ “logicalNameOfResource”, “attributeName” ]

For example:

“Fn::GetAtt” : [ “MyLB” , “DNSName” ]
“Fn::GetAtt” : [ “MyDbinstance” , “PublicDnsName” ]

There is a list of attributes here.

Fn::GetAZs

Get the Availability Zones

“Fn::GetAZs” : “region”

For example:

"MyAutoscalingGroup" : {
      "Type" : "AWS::AutoScaling::AutoScalingGroup",
      "Properties" : {
        "AvailabilityZones" : { "Fn::GetAZs" : "" },

Fn::Join
This function appends a set of values into a single value, separated by the specified delimiter.

“Fn::Join” : [ “delimiter”, [ comma-delimited list of values ] ]

For example:

“Value” : { “Fn::Join” : [ “”, [ “https://”, { “Fn::GetAtt” : [ “S3Bucket”, “DomainName” ] } ] ] },

This will create a https url with the resource “S3Bucket” “DomainName” as “https://wekanban.s3-website-eu-west-1.amazonaws.com”

“Value” : { “Fn::Join” : [ “”, [ “http://”, { “Fn::GetAtt” : [ “ElasticLoadBalancer”, “DNSName” ]}]]}

This will create a http url for my ELB using its DNSname as “http://ELB-for-Spot-ASG-147924098.eu-west-1.elb.amazonaws.com”

Another example that will create an php code:

"content" : {
 "Fn::Join" : ["", [
                  "Hello World';\n",
                  "?>\n"
                ]]},

will create the content as :

Ref Return a resource or value based on a logical name or parameter. You know how to use it anymore.

Outputs

Outputs will return one or more values after the stack completed. For example, we may create a stack that will launch multiple instances, ELB and RDS instances. In output section we can return the DNS names of the resources to connect them. Here we return our ELB “DNSname” as the output:

"Outputs" : {
    "URL" : {
      "Description" : "The URL of your demo website",
      "Value" :  { "Fn::Join" : [ "", [ "http://", { "Fn::GetAtt" : [ "ElasticLoadBalancer", "DNSName" ]}]]}
    }
  }

Another example as returning the “PublicIp” of our EC2 instance.

"PublicIP" : {
      "Description" : "Public IP address of demo instance",
      "Value" : { "Fn::GetAtt" : [ "Ec2Instance", "PublicIp" ] }
    }

Hope Now all good, Next will see how to create a stack etc. Read More: AWS CloudFormation Tutorial – Part 4