AWS Wishlist : 1-Click CloudFormation Resource Group Creation

Resource Groups are one of coolest but most obscure features in AWS. My theory around that was around due to the powerful search bar in EC2 AWS Management Console which can accept regex, range queries and auto-suggest the tags and their values. This is looks good as long as the components you manage are only EC2 instances.

CloudFormation automatically creates a tag called aws:cloudformation:stack-id which gets applied to all of the entities created / managed by CloudFormation – AWS uses it internally to logically group the components created by the CloudFormation. The aws:cloudformation:stack-id is pretty much all that’s required to create a Resource Group.

resource-group-wireframeresource-groupresource-group-screenshot

I would like to request AWS to consider the feature like a button in the CloudFormation windows which says – Create a Resource Group which would take you the Resource Group windows to view and manage the entities at a single place.

Advertisements

Sleep function in AWS CloudFormation

IMHO one of the most important missing pieces in CloudFormation is not having the ability to explicitly specify a SLEEP or WAIT function. It is not that it is totally impossible to the implement the same, except that, it would involve having a hard work around one of which is to inject the wait script via the user data with WaitHandle and WaitConditions on EC2 instances.

A sample implementation of wait using EC2 Instance’s WaitHandle

There is absolutely no downside to the approach and also it is easier to bake the wait script inside the CloudFormation template; the problem would arise if you wanted to have the same WAIT functionality to be implemented for the stacks which do not have EC2 instances as part of the stack.

I tried and succeeded using Amazon Lambda for the purpose instead of EC2. To summarize the implementation; a CloudFormation custom resource would call a lambda function and all that the function would do is to respond after 5 minutes [current maximum execution time for lambda function execution time]. Again, if you need to wait longer than 5 minutes, you would use the DependsOn in CloudFormation and cascade the Custom Resource Calling.

Wait Function – AWS Lambda

Below is the sample Code where you create a VPC and a Security Group after waiting a 5 minute delay time and 10 minute delay.

 

Output

CloudFormation_Management_Console

AWS CloudFormer for Non Default VPC

AWS CloudFormer helps you to create a CloudFormation template fcfnrom the AWS resources currently running in your account using a few simple steps. The current CloudFormer makes use of the Default VPC to get started; this is usually fine except for the scenarios where we have deleted the Default VPC. This is CloudFormer template forked from AWS provided to extend the capability to provide the ability to specify the VPC.

View in GitHub

If I were to write AWS CloudFormation template

This is a post where I would like to share about the things which I picked up over the course of time which has come really enjoyable writing an AWS CloudFormation template.

1. Editor : Sublime Text Editor with Neon Theme

I use Sublime Text Editor with Neon Theme to save time and not going mad over the missing { or } during the development phase. Sublime editor highlights the closing or opening of the braces which aids not having to run the counting of [Push & Pop] Compliers’ Stack program for the braces. It is not that other IDEs like Visual Studio or Eclipse or PyCharm are not useful; well actually they all have in fact inbuilt plugins with CloudFormation to deploy directly; but Sublime is light weight and simple. The intellisense like code suggestion in Sublime would really help not having to ignore the long naming styling for easy readability; example : ADInstanceEIP, ADInstanceEIPAttachment wouldn’t be a problem as the Sublime editor would automatically prompt that for you.

Untitled picture

To summarize, Sublime editor helps highlighting Opening and Closing { } and has a very good code suggestion and nice color.

2. Use the File format as JSON

The .json file extension for the CloudFormation template just works fine and we don’t have a hard and fast rule to use the .template all the time. Actually using the .json activates the IDEs to treat the code base with intelligence, syntax coloring and code suggestion prompts.

3. Prefer Mappings over Parameters

When I started writing the CloudFormation template, I used Parameters where ever possible and when ever possible; there by having the possibility of dynamism in the CloudFormation template. Essentially, that may not be true all the cases. It was more like a thumb-rule to use AMI mappings in MAPPINGS block and rest of them in Parameters.

test_json_—_disyscloud

When I realized there was a very very handful number of times, I actually had used the parameters. When I moved the entities from Parameters to Mappings; I actually started building the Class like structure for the entire stack. It is not hard coding at the same time easy to have all the things that would change in exactly one place and aid rapid copy pasting functionality.

test_json1

3. Region Mapping with AZ Dropdown

All the sample templates from CloudFomation library has the region mapping; so template becomes region independent with no additional effort except that you need to ensure the AMI are created (or copied) to the designated regions and those AMIs are placed in Mappings block.

https___s3-us-west-2_amazonaws_com_cloudformation-templates-us-west-2_LAMP_Single_Instance_template

I use the AWS::EC2::AvailabilityZone::Name which is extremely handy during my AWS DR Scenario or DR-like Scenario or DR Drills [ Yes I just coined the term DR-like Scenario 🙂 ] where it prompts the available AZ.

4. Splitting CloudFormation Templates – Networks Separately, Instance Separately [Nested Stack]

Nested Stacks would be in the must use case where the environment involves several Route Table Routes and/or ACL rules as every single rule is resource in the terminology of the CloudFormation where it is currently maxed at 200 resources. The solution is to separate the Route Table rules in a separated nested template and ACL rules in a different one.

5 . A Resource can wait for dependency of completion after multiple other Resources

There are few cases where you might need to wait for multiple resources to be completed before initiating the new resources creation; this is not required most of the time but during the demo :).

Also the DependsOn doesn’t require usage of Ref i.e. DependsOn : {Ref : “Resource”} but DependsOn : “Resource” or  DependsOn : [“Resource”]

planning-24_json_—_disyscloud

6. Don’t use IDE’s Default format code

I prefer to not use any of the IDE’s default formatting options as IMHO make the code look long if there is anything it make the JSON / JS code look lengthier.