Working with CloudFormation templates

An AWS CloudFormation template defines the AWS resources you want to create, update, or delete as part of a stack. It consists of several sections, but the only required section is the Resources section, which must declare at least one resource.

You can create templates using the following methods:

• AWS Infrastructure Composer – A visual interface for designing templates.

• AWS CloudFormation Designer – An older visual interface for template design.

• Text Editor – Write templates directly in JSON or YAML syntax.

• IaC generator – Generate templates from resources provisioned in your account that are not currently managed by CloudFormation. The IaC generator works with a wide range of resource types that are supported by the Cloud Control API in your Region.

This section provides a comprehensive guide on how to use the different sections of a CloudFormation template and how to start creating stack templates. It covers the following topics:

Topics

• Where templates get stored
• Validating templates
• Getting started with templates
• Template formats
• Template sections
• Infrastructure Composer
• IaC generator
• Get values stored in other services
• Get exported outputs
• Use CloudFormation-supplied parameter types
• Walkthroughs
• Template snippets
• Working with Windows stack templates
• Create reusable resource configurations with modules
• Use CloudFormation-supplied resource types

Where templates get stored

Amazon S3 bucket

You can store CloudFormation templates in an Amazon S3 bucket. When creating or updating a stack, you can specify the S3 URL of the template instead of uploading it directly.

If you upload templates directly through the AWS Management Console or AWS CLI, an S3 bucket is automatically created for you. For more information, see Create a stack from the CloudFormation console.

Git repository

With Git sync, you can store templates in a Git repository. When creating or updating a stack, you can specify the Git repository location and branch containing the template instead of uploading it directly or referencing an S3 URL. CloudFormation automatically monitors the specified repository and branch for template changes. For more information, see Create a stack from repository source code with Git sync.

Validating templates

Syntax validation

You can verify the JSON or YAML syntax of your template by using the validate-template CLI command or by specifying your template on the console. The console performs validation automatically. For more information, see Create a stack from the CloudFormation console.

However, these methods only verify the syntax of your template and don't validate the property values that you specified for a resource.

Additional validation tools

For more complex validations and best practice checks, you can use additional tools like:

• CloudFormation Linter (cfn-lint) – Validate templates against the resource provider schemas. Includes checking valid values for resource properties and best practices.

• CloudFormation Rain (rain fmt) – Format your CloudFormation templates to a consistent standard or reformat a template from JSON to YAML (or YAML to JSON). It preserves comments when using YAML and switches the use of intrinsic functions to the short syntax where possible.

Getting started with templates

To get started with creating a CloudFormation template, follow these steps:

1. Choose resources – Identify the AWS resources you want to include in your stack, such as EC2 instances, VPCs, security groups, and more.

2. Write the template – Write the template in JSON or YAML format, defining the resources and their properties.

3. Save the template – Save the template locally with a file extension like: .json, .yaml, or .txt.

4. Validate the template – Validate the template using the methods described in the Validating templates section.

5. Create a stack – Create a stack using the validated template.

Plan to use the CloudFormation template reference

As you write your templates, you can find documentation for the detailed syntax for different resource types in the AWS resource and property types reference.

Often, your stack templates will require intrinsic functions to assign property values that are not available until runtime and special attributes to control the behavior of resources. As you write your template, refer to the following resources for guidance:

• Intrinsic function reference – Some commonly used intrinsic functions include:

  • Ref – Retrieves the value of a parameter or the physical ID of a resource.

  • Sub – Substitutes placeholders in strings with actual values.

  • GetAtt – Returns the value of an attribute from a resource in the template.

  • Join – Joins a set of values into a single string.

• Resource attribute reference – Some commonly used special attributes include:

  • DependsOn – Use this attribute to specify that one resource must be created after another.

  • DeletionPolicy – Use this attribute to specify how CloudFormation should handle the deletion of a resource.

  • Metadata – Use this attribute to specify structured data with a resource.