How to Use CloudFormation Templates on AWS

Using AWS infrastructure can be complex, so deploying resources efficiently and consistently is essential. AWS CloudFormation is a powerful tool that helps you define your infrastructure in a code format using templates. These templates can be deployed to create and manage AWS resources in an automated and repeatable way.??

This article shows you how to download, understand, and deploy a CloudFormation template to create a Virtual Private Cloud (VPC) in your AWS account.?

Downloading the?sample Template:?

To start, download the CloudFormation template you need from the provided source (https://static.us-east-1.prod.workshops.aws/public/80075f14-aeed-4c3a-a5f3-b372ffdc20f7/static/3_change_management/Deploy_and_Update_CloudFormation/Code/CloudFormation/simple_stack.yaml). CloudFormation templates are written in YAML or JSON, so use a text editor that supports the YAML format, such as Notepad++, vi/vim, VS Code, or a YAML Linter: https://www.yamllint.com/.?

Understanding the Template:?

Open the template in your text editor and take some time to understand its structure and contents. The template is divided into several sections:?

- Parameters: This section prompts for inputs that can be used throughout the template. Default values are provided for each parameter.?

- Conditions: Here, you can set up conditional logic to control the creation or configuration of resources based on certain circumstances.?

- Resources: This is where you define the infrastructure to be deployed. The first resource designated is the VPC, which includes a logical ID, type, and properties.?

- Outputs: These show selective information about resources in the stack.?

- Metadata: Groups and orders how CloudFormation parameters are displayed during deployment using the AWS Console.?

Pay attention to the YAML file's indentation and syntax to avoid errors during deployment.?

Deploying the CloudFormation Stack:?

Once you understand the template, it's time to deploy it to create the AWS resources:?

1. Access the AWS CloudFormation console and click "Create Stack > With new resources."?

2. Choose to upload the template file (simple_stack.yaml).?

3. Review the settings and acknowledge AWS permissions.?

4. Create the stack.?

The deployment process usually takes about 30 seconds. Monitor the progress in the CloudFormation console under the "Events" tab. Once the status shows "CREATE_COMPLETE," the deployment is finished.?

This diagram illustrates a basic VPC created using a CloudFormation stack. In this VPC, IP addresses enable communication between resources within the VPC and with resources over the Internet.?

Classless Inter-Domain Routing (CIDR) notation represents an IP address and network mask. The format of these addresses is as follows:?

- An IPv4 address comprises 32 bits, with four groups of up to 3 decimal digits. For example, the VPC CIDR 10.0.0.0.?

- An IPv4 CIDR block consists of four groups of up to three decimal digits, separated by periods and followed by a slash and a number from 0 to 32. For example, 10.0.0.0/16.

Exploring Deployed Infrastructure:?

After deployment, explore the resources created by the CloudFormation stack. You can see the resources in the AWS CloudFormation console under the "Resources" tab for the stack (CloudFormationLab). Compare the resources listed here to those defined in the "simple_stack.yaml" template.?

We will notice that only the VPC resource?was created, even though the template specified additional resources. This occurred because the conditional statements in the template were evaluated to be false based on the default parameter values.?

Comparing Template to Deployed Resources:?

Inspect the VPC resource created in the CloudFormation console. Note its logical ID (SimpleVPC) and compare its attributes to those specified in the template. This comparison helps you understand how CloudFormation translates template definitions into actual resources in your AWS account.?

Here are the steps to configure resources using parameters:?

1. Go to the AWS CloudFormation console and select 'Stacks'.?

2. Choose the 'CloudFormationLab' stack and select 'Update'.?

3. Change 'PublicEnabledParam' to 'true' and choose 'Create stack'.?

4. Please wait for the stack update to be completed. This architectural diagram represents the current deployment:?

For example, creating a VPC with CIDR block 10.0.0.0/16 supports 65536 IP addresses. We can break this CIDR block into 256 subnets, each supporting 256 IP addresses. One subnet uses CIDR block 10.0.0.0/24 (for addresses 10.0.0.0 - 10.0.0.255), another uses CIDR block 10.0.1.0/24 (for addresses 10.0.1.1 - 10.0.1.255), and the last one uses CIDR block 10.0.255.0/24 (for addresses 10.0.255.0 - 10.0.255.255).

It's essential to have a good understanding of CIDR blocks and CIDR notation to learn how CIDR works.?

A CIDR block is a group of IP addresses that share the same network prefix and number of bits. Larger blocks have more IP addresses and a more diminutive suffix.

The Internet Assigned Numbers Authority (IANA) assigns large CIDR blocks to regional internet registries (RIRs). These RIRs, in turn, allocate smaller blocks to local internet registries (LIRs), which then assign them to organizations.?

On the other hand, private users can apply for CIDR blocks from their internet service providers.

A route table is a custom table that is associated with a specific public subnet. When you create a route table, we can choose to explicitly associate it with a particular public subnet. This route table will direct all traffic from the subnet to the internet gateway, which makes the subnet public.

Let's consider an example. Suppose the VPC has an IPv4 CIDR block. In that case, IPv4 traffic?is treated?according to the following route table:

The Local route covers the IPv4 traffic to be routed within the VPC, which means that any traffic with the IP address 10.0.0.0/16 will be routed locally.

The route for all IPv4 traffic (0.0.0.0/0) sends traffic to an internet gateway, making it accessible from the Internet.

By following?these steps, we can successfully download, understand, and deploy a CloudFormation template to create AWS resources. CloudFormation simplifies infrastructure management and enables consistent, automated deployments across your AWS environment.?

References:?

• https://aws.amazon.com/cloudformation/resources/templates/
• https://www.yamllint.com/?
• https://datatracker.ietf.org/doc/html/rfc1918
• https://www.solarwinds.com/free-tools/advanced-subnet-calculator#subnetcalculator

?