Harnessing the Power of AWS CloudFormation (with examples)

Harnessing the Power of AWS CloudFormation (with examples)

Create a stack from a template file

The create-stack command in AWS CloudFormation allows you to model and provision AWS resources by treating infrastructure as code. This command creates a stack based on a template file that describes the desired state of your infrastructure. Here’s an example of how you can use this command:

aws cloudformation create-stack --stack-name my-stack --region us-west-2 --template-body file://path/to/template.yml --profile my-profile
  • --stack-name (required): The name to assign to the stack. This should be unique within your AWS account.
  • --region (required): The AWS region in which to create the stack.
  • --template-body (required): The path to the template file. You can specify either a local file or a file stored in an S3 bucket.
  • --profile (optional): The AWS CLI profile to use for authentication and authorization.

Motivation: This example is useful when you want to create a new stack in AWS CloudFormation based on a template file. By defining your infrastructure as code, you can version control and manage your infrastructure changes more effectively.

Example output:

{
    "StackId": "arn:aws:cloudformation:us-west-2:123456789012:stack/my-stack/1a2b3c4d5e6f7g8h9i0j",
    ...
}

Delete a stack

The delete-stack command allows you to delete a stack and all its associated resources. This is a powerful command that should be used with caution as it permanently deletes the stack. Here’s an example of how to use this command:

aws cloudformation delete-stack --stack-name my-stack --profile my-profile
  • --stack-name (required): The name of the stack to delete.
  • --profile (optional): The AWS CLI profile to use for authentication and authorization.

Motivation: You may want to delete a stack when you no longer need the associated resources or want to clean up after a failed deployment. By deleting a stack, you ensure that all resources created by the stack are removed from your account.

Example output: None (if the command is successful)

List all stacks

The list-stacks command allows you to retrieve a list of all stacks in your AWS account. This can be helpful when you want to get an overview of the existing stacks. Here’s an example:

aws cloudformation list-stacks --profile my-profile
  • --profile (optional): The AWS CLI profile to use for authentication and authorization.

Motivation: This command is useful for getting a quick overview of the stacks in your AWS account. You can see the stack names, stack status, and other relevant details.

Example output:

{
    "StackSummaries": [
        {
            "StackId": "arn:aws:cloudformation:us-west-2:123456789012:stack/my-stack/1a2b3c4d5e6f7g8h9i0j",
            "StackName": "my-stack",
            "StackStatus": "CREATE_COMPLETE",
            ...
        },
        ...
    ]
}

List all running stacks

The list-stacks command can be further filtered to list only the stacks that are in a specific status, such as CREATE_COMPLETE. Here’s an example:

aws cloudformation list-stacks --stack-status-filter CREATE_COMPLETE --profile my-profile
  • --stack-status-filter (required): The status of the stacks to list. In this example, we are filtering for stacks that are in the CREATE_COMPLETE status.
  • --profile (optional): The AWS CLI profile to use for authentication and authorization.

Motivation: Filtering stacks by status can be useful when you want to focus on stacks that have completed their creation process. This allows you to quickly identify stacks that are ready for use.

Example output: Same as the output for the previous command (list all stacks), but only includes stacks in the specified status.

Check the status of a stack

The describe-stacks command provides detailed information about a specific stack, including its current status. This can be helpful when you want to verify the progress of a stack creation or updates. Here’s an example:

aws cloudformation describe-stacks --stack-name my-stack --profile my-profile
  • --stack-name (required): The name or ID of the stack to describe.
  • --profile (optional): The AWS CLI profile to use for authentication and authorization.

Motivation: By checking the status of a stack, you can monitor its progress and ensure that it is reaching the desired state. This can help you troubleshoot any issues that may arise during the stack creation or update process.

Example output:

{
    "Stacks": [
        {
            "StackId": "arn:aws:cloudformation:us-west-2:123456789012:stack/my-stack/1a2b3c4d5e6f7g8h9i0j",
            "StackName": "my-stack",
            "StackStatus": "CREATE_COMPLETE",
            ...
        }
    ]
}

Initiate drift detection for a stack

The detect-stack-drift command is used to check for differences between the expected configuration of a stack and its actual configuration. By initiating drift detection, AWS CloudFormation compares the stack’s current state with the expected state defined in its template. Here’s an example:

aws cloudformation detect-stack-drift --stack-name my-stack --profile my-profile
  • --stack-name (required): The name or ID of the stack to perform drift detection on.
  • --profile (optional): The AWS CLI profile to use for authentication and authorization.

Motivation: Drift detection helps you identify any changes made to a stack’s resources that are not reflected in its template. By detecting drift, you can assess whether the stack’s configuration matches its intended state and take corrective measures if needed.

Example output:

{
    "StackDriftDetectionId": "1234abcd-5678efgh",
    ...
}

Check the drift status output of a stack

After initiating drift detection for a stack, you can use the describe-stack-resource-drifts command to get the drift status of individual resources within the stack. This provides detailed information about any detected drift. Here’s an example:

aws cloudformation describe-stack-resource-drifts --stack-name 1234abcd-5678efgh --profile my-profile
  • --stack-name (required): The ID of the stack drift detection as obtained from the previous drift detection command.
  • --profile (optional): The AWS CLI profile to use for authentication and authorization.

Motivation: Checking the drift status of a stack allows you to understand the differences between the expected and actual configurations of its resources. This helps you identify any manual changes made to the stack’s resources and take appropriate actions to align them with the desired state.

Example output:

{
    "StackResourceDrifts": [
        {
            "StackId": "arn:aws:cloudformation:us-west-2:123456789012:stack/my-stack/1a2b3c4d5e6f7g8h9i0j",
            "LogicalResourceId": "MyBucket",
            "PhysicalResourceId": "my-bucket",
            "ResourceType": "AWS::S3::Bucket",
            "DriftStatus": "MODIFIED",
            ...
        }
    ]
}

By utilizing these eight different use cases of AWS CloudFormation commands, you can gain more control, automation, and manageability over your infrastructure as code. Automating infrastructure deployments and updates using CloudFormation enables you to consistently and reliably provision AWS resources, reducing manual errors and improving scalability.

Related Posts

How to use the command 'hive' (with examples)

How to use the command 'hive' (with examples)

The ‘hive’ command is a CLI tool for Apache Hive, which is a data warehouse infrastructure built on top of Hadoop.

Read More
How to use the command 'npm-home' (with examples)

How to use the command 'npm-home' (with examples)

The npm-home command is a useful tool for quickly opening the npm page, Yarn page, or GitHub repository of a specific package in the web browser.

Read More
How to use the command "virsh-pool-build" (with examples)

How to use the command "virsh-pool-build" (with examples)

Code: virsh pool-build --pool pool1 Motivation: This command is used to build the underlying storage system for a virtual machine storage pool.

Read More