AWS: Cloudformation Development - I

AWS: Cloudformation Development - I

Michael Vargas Michael Vargas

Michael Vargas

Published Jul 26, 2018
+ Follow

Overview:

In this series, I'm going to discuss setting up AWS Lambda Functions with Virtual Private Cloud (VPC). If you would like to check out the previous article, you can find it here.

This time around I'm going to go on a bit of tangent about CloudFormation and that is going to allow us to automate our infrastructure through programmatic and automated provisioning.

CloudFormation

A key benefit of cloud computing is the ability to automate provisioning of infrastructure in a programmatic way. The tool that accomplishes this feat is known as CloudFormation. CloudFormation provides the capability of defining a VPC and it's components as well as defining corresponding security groups and roles. This can be done in a file written in JSON. The benefit of using cloudformation is that you provision and automate deployments which happen in a repeatable fashion. More so, you can simply provision a new environment as necessary with on-demand execution of the cloudformation stack. Put practically, if you want to create a development, qa and staging environment, you simply externalize environment settings and pass them as arguments to your cloud formation script which will then internally stand up each environment identically.

CloudFormation can be developed in YAML or JSON. For this article, I'm going to concentrate on JSON. While there is a designer tool, you may have to get deeper into the template that you are developing if things don't necessarily go in order. Having some understanding of the JSON is a good first step for developing CloudFormation templates.

JSON Primer

JSON, or JavaScript Object Notation, is a minimal, readable format for structuring data. It is used primarily to transmit data. There are various envelope types, enclosed and non-enclosed, however, for this, we'll focus on the enclosed type.

The important considerations about JSON are the following:

  • Keys: A key is always a string enclosed in quotation marks.
  • Value: A value can be a string, number, boolean expression, array or object.
  • Key/Value Pair: A key value pair follows a specific syntax, with the key followed by a colon followed by the value. Key/value pairs are comma separated.

The JSON abstract form:

{
    "key" : "value"
}

JSON can contain a mix of elements that range from strings, arrays, numbers and complex arrays.

Here is an example that contains all of those mentioned above:

{
   "aString"   : "string",
   "aNumber" :  0,
   "anArray"  : ["val1", "val2"],
   "aComplexArray" : [{ "name1" : "val1"}, { "name2" : "val2"}],
   "aBoolean" : true  
}

In the above example, the string is a key which maps to...you guessed it a "string". aNumber maps to the value 0 and so on. For us to get a reference to the value, we can use the key on the left side which has a direct mapping to the value on the ride side.

For a complete reference to the JSON specification, you can find that here.

Declaring A CloudFormation Template

In order to develop CloudFormation Templates, you start by creating a template declaration. Although this tags is optional, I like to use it in order to keep track of its compatibility in the potential future.

The current only valid value is 2010-09-09.

Here's how we define it:

{
  "AWSTemplateFormatVersion" : "2010-09-09"
}


Giving The CloudFormation A Description

Also, an optional tag is the Description which allows you to put your comments into the template. The value of the description declaration must be a literal string that is between 0 and 1024 bytes in length.

{
  "AWSTemplateFormatVersion" : "2010-09-09",
  "Description" : "A VPC"
}


Creating AWS Resources

For this template, the is the most important section. The Resource JSON complex type describes the infrastructure we will be developing and creating. Our main goal is to create a Virtual Private Cloud Network (VPC). In order to do this, we'll need to define all the resources that go into creating it manually through a JSON template way.

We define the Resources type like so:

{
   "AWSTemplateFormatVersion" : "2010-09-09",
   "Description" : "A VPC Example",
   "Resources"  : {

   }
}

I - Defining the VPC

To define a valid VPC, you can take a look at its sample code construct:

{
   "Type" : "AWS::EC2::VPC",
   "Properties" : {
      "CidrBlock" : String,
      "EnableDnsSupport" : Boolean,
      "EnableDnsHostnames" : Boolean,
      "InstanceTenancy" : String,
      "Tags" : [ Resource Tag, ... ]
   }
}

In the above example, notice that we have a type key which tells CloudFormation that this is the definition of a VPC.

The type AWS::EC2::VPC is used for creating a virtual private network.

  • CidrBlock - our block of IP addresses we want accessible by the VPC.
  • EnableDnsSupport - Specifies whether DNS resolution is supported for the VPC. Basically, does it use an IP address or a hostname to locate it.
  • EnableDnsHostnames - Specifies whether the instances launched in the VPC get DNS hostnames.
  • InstanceTenancy - For dedicated (hardward isolation) or shared instances.
  • Tags - An optional tag that can help you locate it for later.

To define our VPC, let's start with this:

{
   "AWSTemplateFormatVersion" : "2018-09-09",
   "Description" : "A VPC Example",
   "Resources" : {
        "VPC" : {
            "Type" : "AWS::EC2::VPC",
            "Properties" : {
                "CidrBlock" : "IP_ADDRESS_HERE",
                "EnableDnsSupport" : true,
                "EnableDnsHostnames" : true,
                "InstanceTenancy" : "default",
                "Tags" : [{
                   "Key" : "Name",
                   "Value" : "ACME Corp VPC"
                }]
            }
        } 
   } 
}

This is the beginning of constructing our template. In the above, we've defined a CloudFormation template with a specified version and description. In addition, the Resources tag was developed specifying our "VPC" key/value pair. We could have called the key anything, what CloudFormation is looking for is the corresponding "type" to indicate what it is. The properties key maps to our definition of the VPC. In it, we specify the details which will make up the network in the cloud. Here we can specify the CIDRBLOCK, DNS, Hostname and Tenancy. Finally, we can make it easy to find in AWS by using Tags to locate our environments.

In the next article, we'll continue developing our CloudFormation template. We'll start attaching an Internet Gateway and defining subnets too. For more information on CloudFormation and all things AWS related, check out uxdsummit.com!

Thanks for reading!

To view or add a comment, sign in

More articles by Michael Vargas

  • AWS Step Functions Part V
    Mar 20, 2019

    AWS Step Functions Part V

    We've put together the workflow to support an on-boarding badge process. In this article, we're going to tweak the…

  • AWS Step Functions Part IV
    Mar 13, 2019

    AWS Step Functions Part IV

    We've put together the foundation for our workflow. In this article, we're ready to integrate all the different moving…

  • Workflow Series III: AWS Step Functions
    Mar 6, 2019

    Workflow Series III: AWS Step Functions

    Hey there! We're working on putting together a workflow that implements a distributed processes. A process that could…

  • Workflow Series II: Creating A Simple Workflow With DynamoDB Streams
    Feb 27, 2019

    Workflow Series II: Creating A Simple Workflow With DynamoDB Streams

    Before we begin, check out the previous article here to give some background. We're working on developing a workflow.

  • Workflow Series: AWS Step Functions
    Feb 20, 2019

    Workflow Series: AWS Step Functions

    A workflow consists of an orchestrated and repeatable pattern which can resemble or model a business or technical…

  • The Serverless Framework
    Feb 13, 2019

    The Serverless Framework

    What's Serverless? The Serverless Framework is a free and open-source web framework written using Node.js.

  • Writing Asynchronous Lambda Functions
    Feb 6, 2019

    Writing Asynchronous Lambda Functions

    Thanks to the introduction of NodeJS 8.10 runtime environments, it's now possible to create asynchronous AWS Lambda…

  • ES8 Features: Async/Await
    Jan 18, 2019

    ES8 Features: Async/Await

    The asynchronous function was developed to solve the problem of dealing with promises and callback h, e, double hockey…

    2 Comments
  • What is Serverless Architecture anyways?
    Jan 11, 2019

    What is Serverless Architecture anyways?

    This article is about the fundamentals to decide if it's something you want to consider. I promise to not write about…

  • Unit Testing AWS Lambda Functions
    Jan 4, 2019

    Unit Testing AWS Lambda Functions

    Background: In my previous article, we defined an interface that communicates to our database. This could be specific…

See all articles

Explore content categories