Automate the Cloudformation template Deployment

2
votes

I am currently using Cloudformation templates to provision resources in AWS.

Currently, if I need to create a VPC and Security groups, First I will create VPC from a template and again I will launch another template for security group where I manually input the VPC ID.

Now, I need to automate this manual process in Cloudformation. How can I do this? Can I use AWS Developer tools or other automation tools?

2
amazon-web-servicesamazon-cloudformation

2 Answers

3
votes

Short answer

You need to follow a practice of outputting the ARNs/Names of any AWS resources that you create so if you need them later on, you can easily do that by a simple reference by doing an import in the new template.

As explained in the answer above by Nimo, for this, you will need to use the Export function in the Outputs section for all templates for any resources that you expect might be reused. And then later you can easily use Fn::ImportValue to use a previously created resource, without knowing the actual physical ID of the resource. This is called cross-stack referencing.

Explanation for the automation part

It seems like you need Continuous Integration and Continuous Deployment (CICD) for your infrastructure so your code changes will be deployed directly/automatically to AWS. You will have to set up pipelines for this and following is the simplest but not the only way:

  1. Use Github/AWS codecommit etc. for storing your CloudFormation code and set its trigger to a branch e.g. your master branch so any changes in it will trigger the pipeline and it will deploy those changes automatically.

  2. Use AWS's native service AWS CodePipeline for this purpose. This is where you can define a complete pipeline with various stages while each stage may have many actions and each creating a stack. All stacks may use outputs from the previously created stacks and some stuff can be passed into the parameters as well. For this, you will have to create a new stack with AWS::CodePipeline::Pipeline as a resource.

  3. Use outputs also for the resources without the export function for those resources which you think you will need. Like for example, you might want the load balancer's DNS endpoint, if you have one.

Here is a Reference Pipeline Stack which uses s3 as the source for the stored code.

0
votes

You haven't really given enough information. If you are using CICD, for example jenkins.

You can specify output variables in your cloud-formation template, that can be referenced by other templates.

So you could have something like.

Outputs:
  VpcId:
    Value: !Ref VPC
    Export:
      Name: Unique-VpcId

and then import it in another stack like

VpcId:
    Fn::ImportValue: Unique-VpcId