{"id":296422,"date":"2022-01-05T12:00:00","date_gmt":"2022-01-05T20:00:00","guid":{"rendered":"https:\/\/digitalcloud.training\/?p=296422"},"modified":"2022-05-06T14:00:41","modified_gmt":"2022-05-06T22:00:41","slug":"aws-cloudformation","status":"publish","type":"post","link":"https:\/\/digitalcloud.training\/aws-cloudformation\/","title":{"rendered":"AWS CloudFormation"},"content":{"rendered":"<div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">Please use the menu below to navigate the article sections:<\/p><ul class=\"toc_list\"><li><a href=\"#key-benefits\">Key Benefits<\/a><\/li><li><a href=\"#key-concepts\">Key Concepts<\/a><\/li><li><a href=\"#templates\">Templates<\/a><ul><li><a href=\"#template-elements\">Template elements<\/a><\/li><li><a href=\"#template-components\">Template components<\/a><\/li><li><a href=\"#parameters\">Parameters<\/a><\/li><li><a href=\"#pseudo-parameters\">Pseudo Parameters<\/a><\/li><li><a href=\"#mappings\">Mappings<\/a><\/li><li><a href=\"#outputs\">Outputs<\/a><\/li><li><a href=\"#conditions\">Conditions<\/a><\/li><li><a href=\"#transform\">Transform<\/a><\/li><li><a href=\"#intrinsic-functions\">Intrinsic Functions<\/a><\/li><\/ul><\/li><li><a href=\"#stacks-and-stack-sets\">Stacks and Stack Sets<\/a><ul><li><a href=\"#stacks\">Stacks<\/a><\/li><li><a href=\"#stack-sets\">Stack Sets<\/a><\/li><li><a href=\"#nested-stacks\">Nested Stacks<\/a><\/li><\/ul><\/li><li><a href=\"#best-practices\">Best Practices<\/a><\/li><li><a href=\"#serverless-application-model-sam\">Serverless Application Model (SAM)<\/a><\/li><li><a href=\"#user-data-with-ec2\">User data with EC2<\/a><\/li><li><a href=\"#cloudformation-helper-scripts\">CloudFormation Helper Scripts<\/a><\/li><li><a href=\"#creation-policies-and-wait-conditions\">Creation Policies and Wait Conditions<\/a><\/li><li><a href=\"#rollbacks-and-creation-failures\">Rollbacks and Creation Failures<\/a><\/li><li><a href=\"#monitoring-and-reporting\">Monitoring and Reporting<\/a><\/li><li><a href=\"#authorization-and-access-control\">Authorization and Access Control<\/a><\/li><li><a href=\"#charges\">Charges<\/a><\/li><li><a href=\"#snippets\">Snippets<\/a><\/li><\/ul><\/div>\n\n<div class=\"wp-block-image\"><figure class=\"alignright is-resized\"><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg\" alt=\"Amazon AWS CloudFormation Services\" class=\"wp-image-317134\" width=\"375\" height=\"188\" srcset=\"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg 750w, https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation-300x150.jpg 300w, https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation-624x312.jpg 624w, https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation-600x300.jpg 600w, https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation-120x60.jpg 120w, https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation-180x90.jpg 180w\" sizes=\"(max-width: 375px) 100vw, 375px\" \/><\/figure><\/div>\n\n\n\n<p>AWS CloudFormation is a service that allows you to manage, configure and provision your AWS infrastructure as code.<\/p>\n\n\n\n<p>AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment.<\/p>\n\n\n\n<p>Resources are defined using a CloudFormation template.<\/p>\n\n\n\n<p>CloudFormation interprets the template and makes the appropriate API calls to create the resources you have defined.<\/p>\n\n\n\n<p>Supports YAML or JSON.<\/p>\n\n\n\n<p>CloudFormation can be used to provision a broad range of AWS resources.<\/p>\n\n\n\n<p>Think of CloudFormation as deploying infrastructure as code.<\/p>\n\n\n\n<p>CloudFormation has some similarities with AWS Elastic Beanstalk though they are also quite different as detailed in the table below:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td><strong>CloudFormation<\/strong><\/td><td><strong>Elastic Beanstalk<\/strong><\/td><\/tr><tr><td>\u201cTemplate-driven provisioning\u201d<\/td><td>\u201cWeb apps made easy&#8221;<\/td><\/tr><tr><td>Deploys infrastructure using code<\/td><td>Deploys applications on EC2 (PaaS)<\/td><\/tr><tr><td>Can be used to deploy almost any AWS service<\/td><td>Deploys web applications based on Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker<\/td><\/tr><tr><td>Uses JSON or YAML template files<\/td><td>Uses ZIP or WAR files<\/td><\/tr><tr><td>Similar to Terraform<\/td><td>Similar to Google App Engine<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"key-benefits\">Key Benefits<\/span><\/h2>\n\n\n\n<p>Infrastructure is provisioned consistently, with fewer mistakes (human error).<\/p>\n\n\n\n<p>Less time and effort than configuring resources manually.<\/p>\n\n\n\n<p>You can use version control and peer review for your CloudFormation templates.<\/p>\n\n\n\n<p>Free to use (you\u2019re only charged for the resources provisioned).<\/p>\n\n\n\n<p>It can be used to manage updates and dependencies.<\/p>\n\n\n\n<p>It can be used to rollback and delete the entire stack as well.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"key-concepts\">Key Concepts<\/span><\/h2>\n\n\n\n<p>The following table describes the key concepts associated with AWS CloudFormation:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td><strong>Component<\/strong><\/td><td><strong>Description<\/strong><\/td><\/tr><tr><td>Templates<\/td><td>The JSON or YAML text file that contains the instructions for building out the AWS environment<\/td><\/tr><tr><td>Stacks<\/td><td>The entire environment described by the template and created, updated, and deleted as a single unit<\/td><\/tr><tr><td>StackSets<\/td><td>AWS CloudFormation StackSets extends the functionality of stacks by enabling you to create, update, or delete stacks across multiple accounts and regions with a single operation<\/td><\/tr><tr><td>Change Sets<\/td><td>A summary of proposed changes to your stack that will allow you to see how those changes might impact your existing resources before implementing them<\/td><\/tr><tr><td>Templates<\/td><td>The JSON or YAML text file that contains the instructions for building out the AWS environment<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"templates\">Templates<\/span><\/h2>\n\n\n\n<p>A template is a YAML or JSON template used to describe the end-state of the infrastructure you are either provisioning or changing.<\/p>\n\n\n\n<p>After creating the template, you upload it to CloudFormation directly or using Amazon S3.<\/p>\n\n\n\n<p>CloudFormation reads the template and makes the API calls on your behalf.<\/p>\n\n\n\n<p>The resulting resources are called a \u201cStack\u201d.<\/p>\n\n\n\n<p>Logical IDs are used to reference resources within the template.<\/p>\n\n\n\n<p>Physical IDs identify resources outside of AWS CloudFormation templates, but only after the resources have been created.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"template-elements\">Template elements<\/span><\/h3>\n\n\n\n<p>Mandatory:<\/p>\n\n\n\n<ul><li>List of resources and associated configuration values.<\/li><\/ul>\n\n\n\n<p>Not mandatory:<\/p>\n\n\n\n<ul><li>Template parameters (limited to 60).<\/li><li>Output values (limited to 60).<\/li><li>List of data tables.<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"template-components\">Template components<\/span><\/h3>\n\n\n\n<p><strong>Resources<\/strong>&nbsp;\u2013 the&nbsp;<em>required<\/em>&nbsp;Resources&nbsp;section declares the AWS resources that you want to include in the stack, such as an Amazon EC2 instance or an Amazon S3 bucket.<\/p>\n\n\n\n<ul><li>Mandatory.<\/li><li>Represent AWS components that will be created.<\/li><li>Resources are declared and can reference each other.<\/li><\/ul>\n\n\n\n<p>The following example YAML code declares an EC2 instance as a resource:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"> Resources:\n  MyEC2Instance:\n    Type: \"AWS::EC2::Instance\"\n    Properties:\n      ImageId: \"ami-0ff8a91507f77f867\"<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"parameters\">Parameters<\/span><\/h3>\n\n\n\n<p>Use the&nbsp;<em>optional<\/em>&nbsp;Parameters&nbsp;section to customize your templates. Parameters enable you to input custom values to your template each time you create or update a stack.<\/p>\n\n\n\n<ul><li>Provide inputs to your CloudFormation template.<\/li><li>Useful for template reuse.<\/li><\/ul>\n\n\n\n<p>The following example declares a parameter named InstanceTypeParameter. This parameter lets you specify the Amazon EC2 instance type for the stack to use when you create or update the stack.<\/p>\n\n\n\n<p><strong><em>Note:<\/em><\/strong><em>&nbsp;the InstanceTypeParameter has a default value of t2.micro. This is the value that AWS CloudFormation uses to provision the stack unless another value is provided.<\/em><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Parameters: \n  InstanceTypeParameter: \n    Type: String\n    Default: t2.micro\n    AllowedValues: \n      - t2.micro\n      - m1.small\n      - m1.large\n    Description: Enter t2.micro, m1.small, or m1.large. Default is t2.micro.<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"pseudo-parameters\">Pseudo Parameters<\/span><\/h3>\n\n\n\n<p>Pseudo parameters are parameters that are predefined by AWS CloudFormation. You do not declare them in your template. Use them the same way as you would a parameter, as the argument for the Ref function.<\/p>\n\n\n\n<p>Examples include:<\/p>\n\n\n\n<ul><li>AWS::AccountId \u2013 Returns the AWS account ID of the account in which the stack is being created.<\/li><li>AWS::NotificationARNs \u2013 Returns the list of notification Amazon Resource Names (ARNs) for the current stack.<\/li><li>AWS::Region \u2013 Returns a string representing the AWS Region in which the encompassing resource is being created.<\/li><li>AWS::StackId \u2013 Returns the ID of the stack as specified with the&nbsp;aws cloudformation create-stack&nbsp;command.<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"mappings\">Mappings<\/span><\/h3>\n\n\n\n<p>The&nbsp;<em>optional<\/em>&nbsp;Mappings&nbsp;section matches a key to a corresponding set of named values.<\/p>\n\n\n\n<ul><li>Fixed variables.<\/li><li>Good for differentiating between regions, environments, AMIs etc.<\/li><li>Need to know the values in advance.<\/li><li>For user-specific values use parameters instead.<\/li><\/ul>\n\n\n\n<p>The following example has region keys that are mapped to two sets of values: one named HVM64 and the other HVMG2.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">RegionMap:\n\n&nbsp;&nbsp;&nbsp; us-east-1:\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; HVM64: ami-0ff8a91507f77f867\n\n&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;HVMG2: ami-0a584ac55a7631c0c\n\n&nbsp;&nbsp;&nbsp; us-west-1:\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; HVM64: ami-0bdb828fd58c52235\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; HVMG2: ami-066ee5fd4a9ef77f1<\/pre>\n\n\n\n<p><strong><em>Exam tip:<\/em><\/strong><em>\u00a0with mappings you can, for example, set values based on a region. You can create a mapping that uses the region name as a key and contains the values you want to specify for each specific region.<\/em><\/p>\n\n\n<div class=\"adplugg-tag\" data-adplugg-zone=\"challenge_labs_body\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"outputs\">Outputs<\/span><\/h3>\n\n\n\n<p>The&nbsp;<em>optional<\/em>&nbsp;Outputs&nbsp;section declares output values that you can&nbsp;import into other stacks&nbsp;(to&nbsp;create cross-stack references), return in response (to describe stack calls), or&nbsp;view on the AWS CloudFormation console.<\/p>\n\n\n\n<ul><li>Outputs can be imported into other stacks.<\/li><li>Can view the outputs in the console or using the AWS CLI.<\/li><li>Cannot delete a Stack if its outputs are being referenced by another CloudFormation Stack.<\/li><\/ul>\n\n\n\n<p>In the following example YAML code, the output named StackVPC returns the ID of a VPC, and then exports the value for cross-stack referencing with the name VPCID appended to the stack\u2019s name<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Outputs:\n\n&nbsp; StackVPC:\n\n&nbsp;&nbsp;&nbsp; Description: The ID of the VPC\n\n&nbsp;&nbsp;&nbsp; Value: !Ref MyVPC\n\n&nbsp;&nbsp;&nbsp; Export:\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Name: !Sub \"${AWS::StackName}-VPCID\"<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"conditions\">Conditions<\/span><\/h3>\n\n\n\n<p>The&nbsp;<em>optional<\/em>&nbsp;Conditions&nbsp;section contains statements that define the circumstances under which entities are created or configured.<\/p>\n\n\n\n<ul><li>Control the creation of resources based on a condition.<\/li><li>Applied to resources and outputs.<\/li><\/ul>\n\n\n\n<p>In the sample YAML code below, resources are created only if the EnvType parameter is equal to prod:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Conditions:\n\n&nbsp; CreateProdResources: !Equals [ !Ref EnvType, prod ]<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"transform\">Transform<\/span><\/h3>\n\n\n\n<p>The optional&nbsp;Transform&nbsp;section specifies one or more macros that AWS CloudFormation uses to process your template.<\/p>\n\n\n\n<p>The transform section can be used to reference additional code stored in S3, such as Lambda code or reusable snippets of CloudFormation code.<\/p>\n\n\n\n<p>The&nbsp;AWS::Serverless&nbsp;transform, which is a macro hosted by AWS CloudFormation, takes an entire template written in the AWS Serverless Application Model (AWS SAM) syntax and transforms and expands it into a compliant AWS CloudFormation template.<\/p>\n\n\n\n<p>In the following example, the template uses AWS SAM syntax to simplify the declaration of a Lambda function and its execution role:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Transform: AWS::Serverless-2016-10-31\n\nResources:\n\n&nbsp; MyServerlessFunctionLogicalID:\n\n&nbsp;&nbsp;&nbsp; Type: AWS::Serverless::Function\n\n&nbsp;&nbsp;&nbsp; Properties:\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Handler: index.handler\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Runtime: nodejs8.10\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CodeUri: 's3:\/\/testBucket\/mySourceCode.zip'<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"intrinsic-functions\">Intrinsic Functions<\/span><\/h3>\n\n\n\n<p>AWS CloudFormation provides several built-in functions that help you manage your stacks. Use intrinsic functions in your templates to assign values to properties that are not available until runtime.<\/p>\n\n\n\n<p><strong><em>EXAM TIP:<\/em><\/strong><em>&nbsp;At a minimum, know the intrinsic functions listed below for the exam. The full list can be found at: https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/intrinsic-function-reference.html<\/em><\/p>\n\n\n\n<p><strong>Ref<\/strong><\/p>\n\n\n\n<ul><li>Fn::Ref (or !Ref in YAML),<\/li><li>The intrinsic function Ref returns the value of the specified parameter or resource.<\/li><li>When you specify a parameter\u2019s logical name, it returns the value of the parameter.<\/li><li>When you specify a resource\u2019s logical name, it returns a value that you can typically use to refer to that resource, such as a physical ID.<\/li><\/ul>\n\n\n\n<p>The following resource declaration for an Elastic IP address needs the instance ID of an EC2 instance and uses the&nbsp;Ref&nbsp;function to specify the instance ID of the MyEC2Instance resource:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">MyEIP:\n\n&nbsp; Type: \"AWS::EC2::EIP\"\n\n&nbsp; Properties:\n\n&nbsp;&nbsp;&nbsp; InstanceId: !Ref MyEC2Instance<\/pre>\n\n\n\n<p><strong>Fn::GetAtt<\/strong><\/p>\n\n\n\n<ul><li>The Fn::GetAtt intrinsic function returns the value of an attribute from a resource in the template.<\/li><li>Full syntax (YAML):&nbsp;Fn::GetAtt: [ logicalNameOfResource, attributeName ]<\/li><li>Short form (YAML):&nbsp;!GetAtt logicalNameOfResource.attributeName<\/li><\/ul>\n\n\n\n<p>The following example template returns the&nbsp;SourceSecurityGroup.OwnerAlias&nbsp;and&nbsp;SourceSecurityGroup.GroupName&nbsp;of the load balancer with the logical name&nbsp;myELB.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><em>AWSTemplateFormatVersion: 2010-09-09<\/em>\n\n<em>Resources:<\/em>\n\n<em>&nbsp; myELB:<\/em>\n\n<em>&nbsp;&nbsp;&nbsp; Type: AWS::ElasticLoadBalancing::LoadBalancer<\/em>\n\n<em>&nbsp;&nbsp;&nbsp; Properties:<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; AvailabilityZones:<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; - eu-west-1a<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Listeners:<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; - LoadBalancerPort: '80'<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; InstancePort: '80'<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Protocol: HTTP<\/em>\n\n<em>&nbsp; myELBIngressGroup:<\/em>\n\n<em>&nbsp;&nbsp;&nbsp; Type: AWS::EC2::SecurityGroup<\/em>\n\n<em>&nbsp;&nbsp;&nbsp; Properties:<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; GroupDescription: ELB ingress group<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SecurityGroupIngress:<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; - IpProtocol: tcp<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; FromPort: '80'<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ToPort: '80'<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SourceSecurityGroupOwnerId: !GetAtt myELB.SourceSecurityGroup.OwnerAlias<\/em>\n\n<em>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SourceSecurityGroupName: !GetAtt myELB.SourceSecurityGroup.GroupName<\/em><\/pre>\n\n\n\n<p><strong>Fn::FindInMap<\/strong><\/p>\n\n\n\n<ul><li>The intrinsic function Fn::FindInMap returns the value corresponding to keys in a two-level map that is declared in the Mappings section.<\/li><li>Full syntax (YAML):&nbsp;Fn::FindInMap: [ MapName, TopLevelKey, SecondLevelKey ]<\/li><li>Short form (YAML):&nbsp;!FindInMap [ MapName, TopLevelKey, SecondLevelKey ]<\/li><\/ul>\n\n\n\n<p>The following example shows how to use&nbsp;Fn::FindInMap&nbsp;for a template with a&nbsp;Mappings&nbsp;section that contains a single map,&nbsp;RegionMap, that associates AMIs with AWS regions:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Mappings:\n\n&nbsp; RegionMap:\n\n&nbsp;&nbsp;&nbsp; us-east-1:\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; HVM64: \"ami-0ff8a91507f77f867\"\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; HVMG2: \"ami-0a584ac55a7631c0c\"\n\n&nbsp;&nbsp;&nbsp; us-west-1:\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; HVM64: \"ami-0bdb828fd58c52235\"\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; HVMG2: \"ami-066ee5fd4a9ef77f1\"\n\nResources:\n\n&nbsp; myEC2Instance:\n\n&nbsp;&nbsp;&nbsp; Type: \"AWS::EC2::Instance\"\n\n&nbsp;&nbsp;&nbsp; Properties:\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ImageId: !FindInMap\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; - RegionMap\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; - !Ref 'AWS::Region'\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; - HVM64\n\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; InstanceType: m1.small<\/pre>\n\n\n\n<p><strong>Fn::ImportValue<\/strong><\/p>\n\n\n\n<ul><li>The intrinsic function Fn::ImportValue returns the value of an output exported by another stack.<\/li><li>You typically use this function to create cross-stack references.<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\">Fn::ImportValue:\n\n&nbsp; !Sub \"${NetworkStackName}-SecurityGroupID\"<\/pre>\n\n\n\n<p><strong>Fn::Join<\/strong><\/p>\n\n\n\n<ul><li>Full syntax (YAML):&nbsp;Fn::Join: [ delimiter, [ comma-delimited list of values ] ]<\/li><li>Short form (YAML):&nbsp;!Join [ delimiter, [ comma-delimited list of values ] ]<\/li><\/ul>\n\n\n\n<p>The following example uses&nbsp;Fn::Join&nbsp;to construct a string value. It uses the&nbsp;Ref&nbsp;function with the&nbsp;Partition&nbsp;parameter and the&nbsp;AWS::AccountId&nbsp;pseudo parameter.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">!Join\n\n&nbsp; - ''\n\n&nbsp; - - 'arn:'\n\n&nbsp;&nbsp;&nbsp; - !Ref Partition\n\n&nbsp;&nbsp;&nbsp; - ':s3:::elasticbeanstalk-*-'\n\n&nbsp;&nbsp;&nbsp; - !Ref 'AWS::AccountId'<\/pre>\n\n\n\n<p><strong>Fn::Sub<\/strong><\/p>\n\n\n\n<ul><li>The intrinsic function Fn::Sub substitutes variables in an input string with values that you specify.<\/li><li>In your templates, you can use this function to construct commands or outputs that include values that aren\u2019t available until you create or update a stack.<\/li><\/ul>\n\n\n\n<p>The following example uses a mapping to substitute the ${Domain} variable with the resulting value from the Ref function:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Name: !Sub\n\n&nbsp; - www.${Domain}\n\n&nbsp; - { Domain: !Ref RootDomainName }<\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"stacks-and-stack-sets\">Stacks and Stack Sets<\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"stacks\">Stacks<\/span><\/h3>\n\n\n\n<p>Deployed resources based on templates.<\/p>\n\n\n\n<p>Create, update, and delete stacks using templates.<\/p>\n\n\n\n<p>Deployed through the Management Console, CLI or APIs.<\/p>\n\n\n\n<p>Stack creation errors:<\/p>\n\n\n\n<ul><li>Automatic rollback on error is enabled by default.<\/li><li>You will be charged for resources provisioned even if there is an error.<\/li><\/ul>\n\n\n\n<p>Updating stacks:<\/p>\n\n\n\n<ul><li>AWS CloudFormation provides two methods for updating stacks: direct update or creating and executing change sets.<\/li><li>When you directly update a stack, you submit changes and AWS CloudFormation immediately deploys them.<\/li><li>Use direct updates when you want to quickly deploy your updates.<\/li><li>With change sets, you can preview the changes AWS CloudFormation will make to your stack, and then decide whether to apply those changes.<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"stack-sets\">Stack Sets<\/span><\/h3>\n\n\n\n<p>AWS CloudFormation StackSets extends the functionality of stacks by enabling you to create, update, or delete stacks across multiple accounts and regions with a single operation.<\/p>\n\n\n\n<p>Using an administrator account, you define and manage an AWS CloudFormation template, and use the template as the basis for provisioning stacks into selected target accounts across specified regions.<\/p>\n\n\n\n<p>An administrator account is the AWS account in which you create stack sets.<\/p>\n\n\n\n<p>A stack set is managed by signing in to the AWS administrator account in which it was created.<\/p>\n\n\n\n<p>A target account is the account into which you create, update, or delete one or more stacks in your stack set.<\/p>\n\n\n\n<p>Before you can use a stack set to create stacks in a target account, you must set up a trust relationship between the administrator and target accounts.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span id=\"nested-stacks\">Nested Stacks<\/span><\/h3>\n\n\n\n<p>Nested stacks allow re-use of CloudFormation code for common use cases.<\/p>\n\n\n\n<p>For example standard configuration for a load balancer, web server, application server etc.<\/p>\n\n\n\n<p>Instead of copying out the code each time, create a standard template for each common use case and reference from within your CloudFormation template.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"best-practices\">Best Practices<\/span><\/h2>\n\n\n\n<p>AWS provides Python \u201chelper scripts\u201d which can help you install software and start services on your EC2 instances.<\/p>\n\n\n\n<ul><li>Use CloudFormation to make changes to your landscape rather than going directly into the resources.<\/li><li>Make use of Change Sets to identify potential trouble spots in your updates.<\/li><li>Use Stack Policies to explicitly protect sensitive portions of your stack.<\/li><li>Use a version control system such as CodeCommit or GitHub to track changes to templates.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"serverless-application-model-sam\">Serverless Application Model (SAM)<\/span><\/h2>\n\n\n\n<p>Use SAM for deploying serverless applications using CloudFormation.<\/p>\n\n\n\n<p>SAM is an extension to CloudFormation used to define serverless applications.<\/p>\n\n\n\n<p>Simplified syntax for defining serverless resources: APIs, Lambda Functions, DynamoDB Tables etc.<\/p>\n\n\n\n<p>Use the SAM CLI to package your deployment code, upload it to S3 and deploy your serverless application.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"user-data-with-ec2\">User data with EC2<\/span><\/h2>\n\n\n\n<p>User data can be included in CloudFormation.<\/p>\n\n\n\n<p>The script is passed into Fn::Base64<\/p>\n\n\n\n<p>The user data script logs are stored in \/var\/log\/cloud-init-output.log<\/p>\n\n\n\n<p>Binary is available on Amazon EC2 at \/opt\/aws\/bin\/cfn-init<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"cloudformation-helper-scripts\">CloudFormation Helper Scripts<\/span><\/h2>\n\n\n\n<p>cfn-init:<\/p>\n\n\n\n<ul><li>The cfn-init helper script reads template metadata from the AWS::CloudFormation::Init key and acts accordingly to:<\/li><li>Fetch and parse metadata from AWS CloudFormation<\/li><li>Install packages<\/li><li>Write files to disk<\/li><li>Enable\/disable and start\/stop services<\/li><li>cfn-init does not require credentials, so you do not need to use the&nbsp;\u2013access-key,&nbsp;\u2013secret-key,&nbsp;\u2013role, or&nbsp;\u2013credential-file&nbsp;options.<\/li><li>Logs go to \/var\/log\/cfn-init.log<\/li><\/ul>\n\n\n\n<p>cfn-signal:<\/p>\n\n\n\n<ul><li>The cfn-signal helper script signals AWS CloudFormation to indicate whether Amazon EC2 instances have been successfully created or updated.<\/li><li>If you install and configure software applications on instances, you can signal AWS CloudFormation when those software applications are ready.<\/li><li>You use the cfn-signal script in conjunction with a&nbsp;<a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-attribute-creationpolicy.html\"><strong>CreationPolicy<\/strong><\/a>&nbsp;or an Auto Scaling group with a&nbsp;<a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-attribute-updatepolicy.html\"><strong>WaitOnResourceSignals<\/strong><\/a>&nbsp;update policy.<\/li><li>When AWS CloudFormation creates or updates resources with those policies, it suspends work on the stack until the resource receives the requisite number of signals or until the timeout period is exceeded.<\/li><li>You can signal a creation policy (<a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-attribute-creationpolicy.html\"><strong>CreationPolicy<\/strong><\/a>) or a wait condition handle (<a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-attribute-updatepolicy.html\"><strong>WaitOnResourceSignals<\/strong><\/a>).<\/li><\/ul>\n\n\n\n<p>Troubleshooting errors:<\/p>\n\n\n\n<ul><li>Make sure the AMI has the CloudFormation helper scripts included.<\/li><li>Check that the cfn-init and cfn-signal commands have run successfully.<\/li><li>Verify internet connectivity.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"creation-policies-and-wait-conditions\">Creation Policies and Wait Conditions<\/span><\/h2>\n\n\n\n<ul><li>CreationPolicy attribute:<\/li><li>Use the&nbsp;CreationPolicy&nbsp;attribute when you want to wait on resource configuration actions before stack creation proceeds.<\/li><li>You can associate the&nbsp;CreationPolicy&nbsp;attribute with a resource to prevent its status from reaching create complete until AWS CloudFormation receives a specified number of success signals, or the timeout period is exceeded.<\/li><li>To signal a resource, you can use the&nbsp;<a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/cfn-signal.html\"><strong>cfn-signal<\/strong><\/a>&nbsp;helper script or&nbsp;<a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/APIReference\/API_SignalResource.html\"><strong>SignalResource<\/strong><\/a>&nbsp;API.<\/li><li>AWS CloudFormation publishes valid signals to the stack events so that you track the number of signals sent.<\/li><\/ul>\n\n\n\n<p>The following CloudFormation resources support creation policies:<\/p>\n\n\n\n<ul><li><a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-properties-as-group.html\"><strong>AWS::AutoScaling::AutoScalingGroup<\/strong><\/a><\/li><li><a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-properties-ec2-instance.html\"><strong>AWS::EC2::Instance<\/strong><\/a><\/li><li><a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-properties-waitcondition.html\"><strong>AWS::CloudFormation::WaitCondition<\/strong><\/a><\/li><\/ul>\n\n\n\n<p>DeletionPolicy attribute:<\/p>\n\n\n\n<ul><li>With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted.<\/li><li>You specify a DeletionPolicy attribute for each resource that you want to control.<\/li><li>If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default.<\/li><\/ul>\n\n\n\n<p>DependsOn attribute:<\/p>\n\n\n\n<ul><li>With the&nbsp;DependsOn&nbsp;attribute you can specify that the creation of a specific resource follows another.<\/li><li>When you add a&nbsp;DependsOn&nbsp;attribute to a resource, that resource is created only after the creation of the resource specified in the&nbsp;DependsOn&nbsp;attribute.<\/li><\/ul>\n\n\n\n<p>WaitCondition:<\/p>\n\n\n\n<ul><li>Note: For Amazon EC2 and Auto Scaling resources, AWS recommends that you use a CreationPolicy attribute instead of wait conditions.<\/li><li>You can use a wait condition for situations like the following:<\/li><li>To coordinate stack resource creation with configuration actions that are external to the stack creation.<\/li><li>To track the status of a configuration process.<\/li><\/ul>\n\n\n\n<p>UpdatePolicy Attribute (WaitOnResourceSignals)<\/p>\n\n\n\n<p>Use the&nbsp;UpdatePolicy&nbsp;attribute to specify how AWS CloudFormation handles updates to the following resources:<\/p>\n\n\n\n<ul><li><a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-properties-as-group.html\"><strong>AWS::AutoScaling::AutoScalingGroup<\/strong><\/a>,<\/li><li><a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-resource-elasticache-replicationgroup\"><strong>AWS::ElastiCache::ReplicationGroup<\/strong><\/a><\/li><li><a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-resource-elasticsearch-domain.html\"><strong>AWS::Elasticsearch::Domain<\/strong><\/a><\/li><li><a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/aws-resource-lambda-alias.html\"><strong>AWS::Lambda::Alias<\/strong><\/a><\/li><\/ul>\n\n\n\n<p>UpdateReplacePolicy attribute:<\/p>\n\n\n\n<ul><li>Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"rollbacks-and-creation-failures\">Rollbacks and Creation Failures<\/span><\/h2>\n\n\n\n<p><a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/troubleshooting.html\"><strong>Stack creation failures<\/strong><\/a>:<\/p>\n\n\n\n<ul><li>By default everything will be deleted.<\/li><li>You can optionally disable rollback (good for troubleshooting failures).<\/li><\/ul>\n\n\n\n<p>Stack update failures:<\/p>\n\n\n\n<ul><li>The stack will automatically roll back to the previous known working state.<\/li><li>The logs can assist with understanding what issue occurred.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"monitoring-and-reporting\">Monitoring and Reporting<\/span><\/h2>\n\n\n\n<p>You can monitor the progress of a stack update by viewing the stack\u2019s events. The console\u2019s&nbsp;<strong>Events<\/strong>&nbsp;tab displays each major step in the creation and update of the stack sorted by the time of each event with latest events on top.<\/p>\n\n\n\n<p>For resources created by CloudFormation, use AWS monitoring and reporting tools applicable to the service.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"authorization-and-access-control\">Authorization and Access Control<\/span><\/h2>\n\n\n\n<p>You can use IAM with AWS CloudFormation to control what users can do with AWS CloudFormation, such as whether they can view stack templates, create stacks, or delete stacks.<\/p>\n\n\n\n<p>In addition to AWS CloudFormation actions, you can manage what AWS services and resources are available to each user.<\/p>\n\n\n\n<p>That way, you can control which resources users can access when they use AWS CloudFormation.<\/p>\n\n\n\n<p>For example, you can specify which users can create Amazon EC2 instances, terminate database instances, or update VPCs. Those same permissions are applied anytime they use AWS CloudFormation to do those actions.<\/p>\n\n\n<div class=\"adplugg-tag\" data-adplugg-zone=\"challenge_labs_end_of_the_article_desktop_\"><\/div>\r\n<div class=\"adplugg-tag\" data-adplugg-zone=\"challenge_labs_end_of_the_article_mobile_\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"charges\">Charges<\/span><\/h2>\n\n\n\n<p>There is no additional charge for AWS CloudFormation.<\/p>\n\n\n\n<p>You pay for AWS resources (such as Amazon EC2 instances, Elastic Load Balancing load balancers, etc.) created using AWS CloudFormation in the same manner as if you created them manually.<\/p>\n\n\n\n<p>You only pay for what you use, as you use it; there are no minimum fees and no required upfront commitments.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span id=\"snippets\">Snippets<\/span><\/h2>\n\n\n\n<p><a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/CHAP_TemplateQuickRef.html\">https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/CHAP_TemplateQuickRef.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Please use the menu below to navigate the article sections:Key BenefitsKey ConceptsTemplatesTemplate elementsTemplate componentsParametersPseudo ParametersMappingsOutputsConditionsTransformIntrinsic FunctionsStacks and Stack SetsStacksStack SetsNested StacksBest PracticesServerless Application Model (SAM)User&hellip;<\/p>\n","protected":false},"author":2,"featured_media":317134,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1585,1588,1546,1648,1480,1699,1675,1465,1597,1594],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v19.1 (Yoast SEO v22.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>AWS CloudFormation | AWS Cheat Sheet<\/title>\n<meta name=\"description\" content=\"This cheat sheet contains detailed facts about the infrastructure as code service AWS CloudFormation to help you pass AWS certification exams.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/digitalcloud.training\/aws-cloudformation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"AWS CloudFormation\" \/>\n<meta property=\"og:description\" content=\"This cheat sheet contains detailed facts about the infrastructure as code service AWS CloudFormation to help you pass AWS certification exams.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/digitalcloud.training\/aws-cloudformation\/\" \/>\n<meta property=\"og:site_name\" content=\"Digital Cloud Training\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/digitalcloudtraining\/\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/groups\/awscertificationqa\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-05T20:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-05-06T22:00:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg?update_image_id_1689027891\" \/>\n\t<meta property=\"og:image:width\" content=\"750\" \/>\n\t<meta property=\"og:image:height\" content=\"375\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Neal\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@nealkdavis\" \/>\n<meta name=\"twitter:site\" content=\"@DigitalCloudT\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/\"},\"author\":{\"name\":\"Neal\",\"@id\":\"https:\/\/digitalcloud.training\/#\/schema\/person\/f3a3b658a52ddd4063efc7cc6b1fddbd\"},\"headline\":\"AWS CloudFormation\",\"datePublished\":\"2022-01-05T20:00:00+00:00\",\"dateModified\":\"2022-05-06T22:00:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/\"},\"wordCount\":2821,\"publisher\":{\"@id\":\"https:\/\/digitalcloud.training\/#organization\"},\"image\":{\"@id\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg?update_image_id_1715028332\",\"articleSection\":[\"AWS Cheat Sheets\",\"AWS Developer Associate\",\"AWS Management Tools\",\"AWS Management Tools (DVA)\",\"AWS Management Tools (SAA)\",\"AWS Management Tools (SAP)\",\"AWS Management Tools (SOA)\",\"AWS Solutions Architect Associate\",\"AWS Solutions Architect Professional\",\"AWS SysOps Administrator Associate\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/\",\"url\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/\",\"name\":\"AWS CloudFormation | AWS Cheat Sheet\",\"isPartOf\":{\"@id\":\"https:\/\/digitalcloud.training\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg?update_image_id_1715028332\",\"datePublished\":\"2022-01-05T20:00:00+00:00\",\"dateModified\":\"2022-05-06T22:00:41+00:00\",\"description\":\"This cheat sheet contains detailed facts about the infrastructure as code service AWS CloudFormation to help you pass AWS certification exams.\",\"breadcrumb\":{\"@id\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/digitalcloud.training\/aws-cloudformation\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/#primaryimage\",\"url\":\"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg?update_image_id_1715028332\",\"contentUrl\":\"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg?update_image_id_1715028332\",\"width\":750,\"height\":375,\"caption\":\"Amazon AWS CloudFormation Services\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/digitalcloud.training\/aws-cloudformation\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/digitalcloud.training\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AWS Cheat Sheets\",\"item\":\"https:\/\/digitalcloud.training\/category\/aws-cheat-sheets\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"AWS Management Tools\",\"item\":\"https:\/\/digitalcloud.training\/category\/aws-cheat-sheets\/aws-management-tools\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"AWS CloudFormation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/digitalcloud.training\/#website\",\"url\":\"https:\/\/digitalcloud.training\/\",\"name\":\"Digital Cloud Training\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/digitalcloud.training\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/digitalcloud.training\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/digitalcloud.training\/#organization\",\"name\":\"Digital Cloud Training\",\"url\":\"https:\/\/digitalcloud.training\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/digitalcloud.training\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/digitalcloud.training\/wp-content\/uploads\/2020\/08\/cropped-Digital-Cloud-Training-blue-logo.png?update_image_id_1690391242\",\"contentUrl\":\"https:\/\/digitalcloud.training\/wp-content\/uploads\/2020\/08\/cropped-Digital-Cloud-Training-blue-logo.png?update_image_id_1690391242\",\"width\":1440,\"height\":900,\"caption\":\"Digital Cloud Training\"},\"image\":{\"@id\":\"https:\/\/digitalcloud.training\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/digitalcloudtraining\/\",\"https:\/\/x.com\/DigitalCloudT\",\"https:\/\/instagram.com\/digitalcloudtraining\/\",\"https:\/\/www.linkedin.com\/in\/nealkdavis\/\",\"https:\/\/youtube.com\/c\/digitalcloudtraining\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/digitalcloud.training\/#\/schema\/person\/f3a3b658a52ddd4063efc7cc6b1fddbd\",\"name\":\"Neal\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/digitalcloud.training\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/digitalcloud.training\/wp-content\/uploads\/avatars\/2\/615b68ad8ffc9-bpthumb.png\",\"contentUrl\":\"https:\/\/digitalcloud.training\/wp-content\/uploads\/avatars\/2\/615b68ad8ffc9-bpthumb.png\",\"caption\":\"Neal\"},\"description\":\"My name is Neal and I have been working in IT for over 20 years in a variety of roles ranging from support to architecture. I founded Digital Cloud Training in 2018 with the goal of bringing the highest quality AWS certification training resources to the market. This allows me to exercise my passion for learning technology whilst helping others to achieve their own career aspirations.\",\"sameAs\":[\"https:\/\/digitalcloud.training\/neal-davis\/\",\"https:\/\/www.facebook.com\/groups\/awscertificationqa\",\"https:\/\/www.instagram.com\/digitalcloudtraining\/\",\"https:\/\/www.linkedin.com\/in\/nealkdavis\/\",\"https:\/\/x.com\/nealkdavis\",\"https:\/\/www.youtube.com\/c\/digitalcloudtraining\"],\"url\":\"https:\/\/digitalcloud.training\/author\/neal\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"AWS CloudFormation | AWS Cheat Sheet","description":"This cheat sheet contains detailed facts about the infrastructure as code service AWS CloudFormation to help you pass AWS certification exams.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/digitalcloud.training\/aws-cloudformation\/","og_locale":"en_US","og_type":"article","og_title":"AWS CloudFormation","og_description":"This cheat sheet contains detailed facts about the infrastructure as code service AWS CloudFormation to help you pass AWS certification exams.","og_url":"https:\/\/digitalcloud.training\/aws-cloudformation\/","og_site_name":"Digital Cloud Training","article_publisher":"https:\/\/www.facebook.com\/digitalcloudtraining\/","article_author":"https:\/\/www.facebook.com\/groups\/awscertificationqa","article_published_time":"2022-01-05T20:00:00+00:00","article_modified_time":"2022-05-06T22:00:41+00:00","og_image":[{"width":750,"height":375,"url":"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg?update_image_id_1689027891","type":"image\/jpeg"}],"author":"Neal","twitter_card":"summary_large_image","twitter_creator":"@nealkdavis","twitter_site":"@DigitalCloudT","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/digitalcloud.training\/aws-cloudformation\/#article","isPartOf":{"@id":"https:\/\/digitalcloud.training\/aws-cloudformation\/"},"author":{"name":"Neal","@id":"https:\/\/digitalcloud.training\/#\/schema\/person\/f3a3b658a52ddd4063efc7cc6b1fddbd"},"headline":"AWS CloudFormation","datePublished":"2022-01-05T20:00:00+00:00","dateModified":"2022-05-06T22:00:41+00:00","mainEntityOfPage":{"@id":"https:\/\/digitalcloud.training\/aws-cloudformation\/"},"wordCount":2821,"publisher":{"@id":"https:\/\/digitalcloud.training\/#organization"},"image":{"@id":"https:\/\/digitalcloud.training\/aws-cloudformation\/#primaryimage"},"thumbnailUrl":"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg?update_image_id_1715028332","articleSection":["AWS Cheat Sheets","AWS Developer Associate","AWS Management Tools","AWS Management Tools (DVA)","AWS Management Tools (SAA)","AWS Management Tools (SAP)","AWS Management Tools (SOA)","AWS Solutions Architect Associate","AWS Solutions Architect Professional","AWS SysOps Administrator Associate"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/digitalcloud.training\/aws-cloudformation\/","url":"https:\/\/digitalcloud.training\/aws-cloudformation\/","name":"AWS CloudFormation | AWS Cheat Sheet","isPartOf":{"@id":"https:\/\/digitalcloud.training\/#website"},"primaryImageOfPage":{"@id":"https:\/\/digitalcloud.training\/aws-cloudformation\/#primaryimage"},"image":{"@id":"https:\/\/digitalcloud.training\/aws-cloudformation\/#primaryimage"},"thumbnailUrl":"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg?update_image_id_1715028332","datePublished":"2022-01-05T20:00:00+00:00","dateModified":"2022-05-06T22:00:41+00:00","description":"This cheat sheet contains detailed facts about the infrastructure as code service AWS CloudFormation to help you pass AWS certification exams.","breadcrumb":{"@id":"https:\/\/digitalcloud.training\/aws-cloudformation\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/digitalcloud.training\/aws-cloudformation\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/digitalcloud.training\/aws-cloudformation\/#primaryimage","url":"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg?update_image_id_1715028332","contentUrl":"https:\/\/digitalcloud.training\/wp-content\/uploads\/2022\/01\/AWS-CloudFormation.jpg?update_image_id_1715028332","width":750,"height":375,"caption":"Amazon AWS CloudFormation Services"},{"@type":"BreadcrumbList","@id":"https:\/\/digitalcloud.training\/aws-cloudformation\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/digitalcloud.training\/"},{"@type":"ListItem","position":2,"name":"AWS Cheat Sheets","item":"https:\/\/digitalcloud.training\/category\/aws-cheat-sheets\/"},{"@type":"ListItem","position":3,"name":"AWS Management Tools","item":"https:\/\/digitalcloud.training\/category\/aws-cheat-sheets\/aws-management-tools\/"},{"@type":"ListItem","position":4,"name":"AWS CloudFormation"}]},{"@type":"WebSite","@id":"https:\/\/digitalcloud.training\/#website","url":"https:\/\/digitalcloud.training\/","name":"Digital Cloud Training","description":"","publisher":{"@id":"https:\/\/digitalcloud.training\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/digitalcloud.training\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/digitalcloud.training\/#organization","name":"Digital Cloud Training","url":"https:\/\/digitalcloud.training\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/digitalcloud.training\/#\/schema\/logo\/image\/","url":"https:\/\/digitalcloud.training\/wp-content\/uploads\/2020\/08\/cropped-Digital-Cloud-Training-blue-logo.png?update_image_id_1690391242","contentUrl":"https:\/\/digitalcloud.training\/wp-content\/uploads\/2020\/08\/cropped-Digital-Cloud-Training-blue-logo.png?update_image_id_1690391242","width":1440,"height":900,"caption":"Digital Cloud Training"},"image":{"@id":"https:\/\/digitalcloud.training\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/digitalcloudtraining\/","https:\/\/x.com\/DigitalCloudT","https:\/\/instagram.com\/digitalcloudtraining\/","https:\/\/www.linkedin.com\/in\/nealkdavis\/","https:\/\/youtube.com\/c\/digitalcloudtraining"]},{"@type":"Person","@id":"https:\/\/digitalcloud.training\/#\/schema\/person\/f3a3b658a52ddd4063efc7cc6b1fddbd","name":"Neal","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/digitalcloud.training\/#\/schema\/person\/image\/","url":"https:\/\/digitalcloud.training\/wp-content\/uploads\/avatars\/2\/615b68ad8ffc9-bpthumb.png","contentUrl":"https:\/\/digitalcloud.training\/wp-content\/uploads\/avatars\/2\/615b68ad8ffc9-bpthumb.png","caption":"Neal"},"description":"My name is Neal and I have been working in IT for over 20 years in a variety of roles ranging from support to architecture. I founded Digital Cloud Training in 2018 with the goal of bringing the highest quality AWS certification training resources to the market. This allows me to exercise my passion for learning technology whilst helping others to achieve their own career aspirations.","sameAs":["https:\/\/digitalcloud.training\/neal-davis\/","https:\/\/www.facebook.com\/groups\/awscertificationqa","https:\/\/www.instagram.com\/digitalcloudtraining\/","https:\/\/www.linkedin.com\/in\/nealkdavis\/","https:\/\/x.com\/nealkdavis","https:\/\/www.youtube.com\/c\/digitalcloudtraining"],"url":"https:\/\/digitalcloud.training\/author\/neal\/"}]}},"_links":{"self":[{"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/posts\/296422"}],"collection":[{"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/comments?post=296422"}],"version-history":[{"count":5,"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/posts\/296422\/revisions"}],"predecessor-version":[{"id":391175,"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/posts\/296422\/revisions\/391175"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/media\/317134"}],"wp:attachment":[{"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/media?parent=296422"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/categories?post=296422"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/digitalcloud.training\/wp-json\/wp\/v2\/tags?post=296422"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}