1 00:00:08,599 --> 00:00:12,960 Welcome back to Backspace Academy. In this lecture on cloud formation we're 2 00:00:12,960 --> 00:00:18,090 going to look into a lot more detail the different sections of a cloudformation 3 00:00:18,090 --> 00:00:22,199 template then we'll look at stack sets into a bit more detail and then cloudformer 4 00:00:22,199 --> 00:00:27,810 and finally we'll finish up with cloudformation designer, so let's have a 5 00:00:27,810 --> 00:00:31,650 look in a little bit more detail the different sections of a cloudformation 6 00:00:31,650 --> 00:00:35,520 template so at the start we're going to have that format version which will be 7 00:00:35,520 --> 00:00:41,340 the version of the cloudformation interpreter that our code conforms to 8 00:00:41,340 --> 00:00:44,969 then we're obviously going to have a description must follow the format 9 00:00:44,969 --> 00:00:50,160 version then we can add metadata which will be JSON objects that are just there 10 00:00:50,160 --> 00:00:55,320 to provide additional information if we need to so we should already know that 11 00:00:55,320 --> 00:01:00,870 parameters allow values to be passed at state creation and we can supply a 12 00:01:00,870 --> 00:01:05,210 default parameter for the situation where a parameter has not been supplied 13 00:01:05,210 --> 00:01:09,900 so here we can see an example of the parameters section so here it's looking 14 00:01:09,900 --> 00:01:14,580 for the instance type to be entered in from a user it will be looking for a 15 00:01:14,580 --> 00:01:18,780 string and the default will be t2 micro and the allowed values there will be 16 00:01:18,780 --> 00:01:23,490 those three of micro small and large and there'll be description they're saying 17 00:01:23,490 --> 00:01:29,460 enter T2 micro or whatever so what will happen is that when someone goes to 18 00:01:29,460 --> 00:01:35,159 launch this cloud formation stack a message will come up saying enter 19 00:01:35,159 --> 00:01:41,579 t2 micro m1 small or M1 large and it will be by default selected as t2 micro 20 00:01:41,579 --> 00:01:45,720 but there will be a drop down list there that the user can select from if they 21 00:01:45,720 --> 00:01:51,899 want to go for an M1 small or an M1 large. Mappings match keys to 22 00:01:51,899 --> 00:01:57,390 corresponding name value pairs and in the example they we've got a mapping 23 00:01:57,390 --> 00:02:01,710 section which has a region map and that's going to map the region that is 24 00:02:01,710 --> 00:02:06,930 selected to the correct ami and we've got two options there of a 32 or a 25 00:02:06,930 --> 00:02:11,670 64-bit AMI so we can refer to regionmap in our 26 00:02:11,670 --> 00:02:14,280 resources so there we can see in air resources 27 00:02:14,280 --> 00:02:20,400 got an ec2 instance and the image ID is looking it's using a function find in 28 00:02:20,400 --> 00:02:26,820 map and the map is regionmap and it's looking for the AWS region that we 29 00:02:26,820 --> 00:02:32,160 selected so if we selected us east it'll select one of those 32 or 64 and then 30 00:02:32,160 --> 00:02:37,590 the next line is is selecting for a 32-bit option so we'll select that first 31 00:02:37,590 --> 00:02:44,790 to AMI there are two types of transforms that can be applied to a cloudformation 32 00:02:44,790 --> 00:02:49,680 template the first one there being serviced and that defines the serverless 33 00:02:49,680 --> 00:02:55,200 application model being used if this is specifically for a deployment of a 34 00:02:55,200 --> 00:03:00,390 serverless application and then the next one is include which allows you to 35 00:03:00,390 --> 00:03:06,690 include code snippets that could be stored in an Amazon s3 bucket 36 00:03:06,690 --> 00:03:12,090 so there we can see we've got a resources section there that has properties for a Amazon 37 00:03:12,090 --> 00:03:18,299 s3 bucket and those properties are using a function transform and so what that is 38 00:03:18,299 --> 00:03:23,760 going to do it's going to include properties from a bucket location and so 39 00:03:23,760 --> 00:03:26,940 that bucket location there is going to be the bucket name and there's another 40 00:03:26,940 --> 00:03:32,610 one there for the bucket access control list as well and so those that code in 41 00:03:32,610 --> 00:03:39,870 those two files will be included into your cloud formation template conditions 42 00:03:39,870 --> 00:03:45,420 define the conditions around when a resource can be created or a property 43 00:03:45,420 --> 00:03:49,650 defined so let's have a look at this here so we've got some parameters here 44 00:03:49,650 --> 00:03:54,060 that are going to be entered and one of those parameters is going to be the 45 00:03:54,060 --> 00:03:59,100 environment type and so that's going to be either prod or tests are there 46 00:03:59,100 --> 00:04:04,290 allowed values and then we've got a condition and that is called create 47 00:04:04,290 --> 00:04:11,360 products or tsa's now that condition will be true if the environment type 48 00:04:11,360 --> 00:04:16,709 equals prod now if we go into our resources we can 49 00:04:16,709 --> 00:04:24,180 see that we've got an ec2 instance and the ec2 instance mount point is a volume 50 00:04:24,180 --> 00:04:32,290 attachment now we are not going to be a people to attach that volume unless that 51 00:04:32,290 --> 00:04:39,400 condition createProdResources is true so unless we're selected prod and that 52 00:04:39,400 --> 00:04:45,520 condition is true we will not be able to mount that volume. The resources section 53 00:04:45,520 --> 00:04:50,590 is the only mandatory section of a cloudformation template and obviously it 54 00:04:50,590 --> 00:04:54,669 declares the resources to be included so there we can see an example of a 55 00:04:54,669 --> 00:05:00,340 resources section we've got a resource called my instance it's an ec2 instance 56 00:05:00,340 --> 00:05:04,479 it has some properties there it has some user data that is going to be passed it 57 00:05:04,479 --> 00:05:11,550 has an availability zone selected there and it has an image ID of an ami then 58 00:05:11,550 --> 00:05:17,229 the outputs section can be used for a number of purposes first of all it can 59 00:05:17,229 --> 00:05:23,830 be used as the inputs to another cloudformation template or stack it can also 60 00:05:23,830 --> 00:05:29,229 be used to return information when I describe stack call as made using the 61 00:05:29,229 --> 00:05:33,820 SDK or the command-line interface and it could also be used to display 62 00:05:33,820 --> 00:05:39,310 information to the user on the management console in the example here 63 00:05:39,310 --> 00:05:43,360 for an output section we can see that we've got an output called backup load 64 00:05:43,360 --> 00:05:48,490 balancer DNS name and what it's doing it's returning a value from a function 65 00:05:48,490 --> 00:05:52,599 get attributes for that backup load balancer and the attribute that it's 66 00:05:52,599 --> 00:05:58,300 looking for is the DNS name so it's going to return the DNS name of your 67 00:05:58,300 --> 00:06:02,620 load balancer the other one there is instance ID and it's going to return the 68 00:06:02,620 --> 00:06:08,470 ec2 instance so when this stack is deployed the end-user is going to 69 00:06:08,470 --> 00:06:13,030 receive the DNS name of that load balancer and they can connect to that 70 00:06:13,030 --> 00:06:19,389 using their browser the AWS cloud formation stack set service is great if 71 00:06:19,389 --> 00:06:23,740 you're a large organization that has multiple accounts and you want to 72 00:06:23,740 --> 00:06:31,030 centrally manage the deployment of stacks across multiple AWS accounts the 73 00:06:31,030 --> 00:06:35,889 administrator account will be the account where the stack was created and 74 00:06:35,889 --> 00:06:40,350 that will be the account that will control the deployment of the stacks 75 00:06:40,350 --> 00:06:46,670 and that allows a stack set to be created from the original stack and that 76 00:06:46,670 --> 00:06:53,100 stack set can launch stack instances across multiple accounts and within 77 00:06:53,100 --> 00:06:58,470 those accounts across multiple regions and the administrator accounts can 78 00:06:58,470 --> 00:07:05,850 decide which accounts and which regions to launch that stack into 79 00:07:05,850 --> 00:07:11,880 The Cloudformer tool will create a cloud formation template from your existing AWS 80 00:07:11,880 --> 00:07:17,460 resources in your account you select the resources from your account using the 81 00:07:17,460 --> 00:07:24,090 web interface of the AWS Cloudformer tool the cloud formation template that is 82 00:07:24,090 --> 00:07:31,260 produced will be saved into an Amazon s3 bucket the Cloudformer tool is launched 83 00:07:31,260 --> 00:07:36,720 using cloud formation and there is a stack created for Cloudformer so you 84 00:07:36,720 --> 00:07:42,090 launch that cloud formation stack it will launch an ec2 instance and that ec2 85 00:07:42,090 --> 00:07:46,800 instance will have the cloudformer application running on it and it 86 00:07:46,800 --> 00:07:52,860 supports both JSON and YAML for its output templates the cloudformation 87 00:07:52,860 --> 00:07:57,870 designer is a great productivity tool for using with cloudformation it allows 88 00:07:57,870 --> 00:08:04,770 you to drag and drop resources onto a canvas and that will produce JSON or YAML 89 00:08:04,770 --> 00:08:10,170 cloudformation templates for you and the files produced by cloudformation 90 00:08:10,170 --> 00:08:15,960 designer can be saved locally you can use them with your own version control 91 00:08:15,960 --> 00:08:20,490 system and when you import them back into cloudformation designer visually 92 00:08:20,490 --> 00:08:24,900 they're exactly the same as when you left them so that brings us to the end 93 00:08:24,900 --> 00:08:29,610 of the cloudformation lecture I hope you've learned a lot and I hope you've 94 00:08:29,610 --> 00:08:34,550 enjoyed it and I look forward to seeing you in the next one