[AWS] CloudFormation Workshop#01 - template and stack

In the Intermediate part of the workshop, you will:

• Learn how to manage multiple stacks by creating Nested Stacks  and Layered Stacks 
• You will learn how to Package and Deploy  a Nested Stack from an S3 bucket.

In the Advanced part of the workshop, you will:

• Learn about the AWS CloudFormation registry 
• Learn how to extend CloudFormation by creating modules 
• Learn how to extend CloudFormation by creating resource types 

AWS Cloud9 (CloudShell) Setup

Clone lab resources using git

git clone https://github.com/aws-samples/cfn101-workshop

Install the latest version of AWS CLI

cd cfn101-workshop/code/solutions/cloud9
chmod +x awscliv2.sh
source awscliv2.sh
aws --version
# aws-cli/2.31.34 Python/3.13.9 Linux/6.1.155-176.282.amzn2023.x86_64 exec-env/CloudShell exe/x86_64.amzn.2023

Local Development Setup

We recommend you install the AWS CloudFormation Linter . A linter 

will proactively flag basic errors in your CloudFormation templates before you deploy them.

If you are using Visual Studio Code, you should install the cfn-lint plugin.

pip install cfn-lint

Default VPC

default VPC using the Amazon VPC console

$ aws ec2 describe-vpcs --filters Name=isDefault,Values=true --query "Vpcs[].VpcId" --region us-east-1
[
    "vpc-xxxxxxxxxxxxxaa89"
]

Basics

cd cfn101-workshop/code/workspace
aws cloudformation create-stack --stack-name cfn-workshop-template-and-stack --template-body file://template-and-stack.yaml

template-and-stack.yaml file

Resources:
  S3Bucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketEncryption:
        ServerSideEncryptionConfiguration:
          - ServerSideEncryptionByDefault:
              SSEAlgorithm: AES256

use the AWS CLI to create the stack - create-stack command was successfully sent, CloudFormation will return StackId

$ aws cloudformation create-stack --stack-name cfn-workshop-template-and-stack --template-body file://template-and-stack.yaml
{
    "StackId": "arn:aws:cloudformation:us-east-1:xxxxxxxx7753:stack/cfn-workshop-template-and-stack/xxxxxxxx-xxxx-xxxx-xxxx-0e672ed843db"
}

Challenge

객체가 삭제되거나 덮어쓰는 것을 방지하거나, 객체를 보관하여 이전 버전으로 복구할 수 있도록 S3 버킷에서 버전 관리를 활성화

- S3 리소스의 속성 섹션에 VersioningConfiguration 속성을 생성
- 상태를 enabled 설정
- 템플릿에서 변경된 내용을 반영하도록 스택을 업데이트

# add Properties
        VersioningConfiguration:
          Status: Enabled

스택 업데이트

$ aws cloudformation update-stack --stack-name cfn-workshop-template-and-stack --template-body file://template-and-stack.yaml
{
    "StackId": "arn:aws:cloudformation:us-east-1:xxxxxxxx7753:stack/cfn-workshop-template-and-stack/xxxxxxxx-xxxx-xxxx-xxxx-0e672ed843db"
}