Questions on AWS Cloudformation Tags and Logical ID's?

0
votes

What am I trying to achieve : Trying to create a VPC using cloud formation template.

  1. What did I observe: When I create a VPC using Cloud-formation template, under the TAGS for every service created[Like subnet, NAT, Internet gateway ] I see

aws:cloudformation:logical-id

aws:cloudformation:stack-id

aws:cloud formation:stack-name

I see the above mentioned under KEY/VALUE,even though my JSON template doesn't include the above lines.They get created automatically. At the same time, when I create a VPC without cloud formation[Using the dashboard], I don't see any of the above mentioned under TAGS.Can somebody explain why these TAGS gets created only with Cloudformation template?

  1. Whenever services like AWS::EC2::VPCGatewayAttachment and AWS::EC2::Route are used, which is predominantly used to attach the already created NAT and Internet gateways either to the subnet or VPC, I see a logical ID getting created with it. I see them under "Preview your changes"] before the update happens. Questions
    1. After the update, I am not able to refer/see that logical ID anywhere?
    2. Do logical ID's get created even for services AWS::EC2::VPCGatewayAttachment and AWS::EC2::Route which just acts as an enabler for the hardware [virtualised hardware]?
1
amazon-web-servicesamazon-cloudformation

1 Answers

1
votes

CloudFormation adds these tags by default to all resources it creates. It's actually very helpful to run cost allocation reports and get a "cost per stack". CloudFormation uses these tags to group your resources, and allows you to perform commands against the stack using the logical identifiers without knowing the actual identifiers of the resources that were created. (Example: when using wait conditions you need to signal cloud formation using the logical identifier and not the actual resource identifier)

After updating, you should be able to see the logical identifiers, and actual identifiers for all resources under the "Resources" tab of the CloudFormation stack as well in the tags of the resource. I believe CloudFormation does create logical identifiers for all resources it creates.

One thing I have noticed that is annoying is when using S3 buckets in cloud formation. CloudFormation adds the aws:* tags to the bucket, which prevents you from manually adding/removing other tags because on save it complains that aws:* tags are not valid. Therefore the only way to adjust the S3 bucket tags is through the cloud formation stack.

Screenshot: Screenshot