AWS Cloudformation Step by Step Tutorial - Create a DynamoDB Table!
Summary
TLDRThis tutorial video introduces AWS CloudFormation, guiding viewers through key concepts and the process of creating a CloudFormation stack via the console. It covers the creation of a template file in YAML or JSON format, defining AWS resources like a DynamoDB table and IAM role. The video demonstrates deploying resources, managing changes with change sets, and the convenience of stack deletion to clean up resources systematically. It provides a hands-on example and emphasizes the benefits of Infrastructure as Code using CloudFormation.
Takeaways
- 📝 The video is a guide for beginners on getting started with AWS CloudFormation.
- 📑 It introduces the concept of creating a template file in JSON or YAML format, which defines all AWS resources for deployment.
- 🔑 The script demonstrates using a YAML template to create a DynamoDB table and an IAM role for access.
- 🚀 The process involves creating a stack in AWS CloudFormation, which is a logical grouping of AWS resources.
- 🔄 Change sets are used for modifying properties of resources without redeploying the entire stack.
- 📚 The script provides an example of a 'dynamotemplate.yml' file, detailing the structure and properties for a DynamoDB table.
- 🔗 The 'DependsOn' attribute in the template file specifies the order of resource creation, ensuring dependencies are met.
- 🛠 The video shows how to use the AWS console to create a stack and deploy resources from the template file.
- 🔍 It explains the importance of specifying the correct IAM role with necessary permissions for resource creation.
- 🛑 The script mentions the automatic rollback feature of CloudFormation, which reverts to the previous state in case of deployment errors.
- 🗑️ Finally, the video demonstrates how to delete a CloudFormation stack, which also deletes all associated resources, emphasizing caution due to its impact.
Q & A
What is the main focus of the video script?
-The video script focuses on explaining the key concepts of AWS CloudFormation, demonstrating how to create a template file, set up a CloudFormation stack, and deploy resources to an AWS account.
What is the purpose of a CloudFormation template file?
-A CloudFormation template file is a definition file that specifies all the AWS resources to be created when the file is uploaded into CloudFormation.
What are the two formats that CloudFormation template files can be in?
-CloudFormation template files can be in JSON or YAML (YML) format, with YAML being the convention most commonly used by the community.
What is a CloudFormation stack and what is its role?
-A CloudFormation stack is a logical grouping of AWS resources that belong to a project. It is used to specify the initial template file to deploy and to manage the resources as a collective unit.
What is a change set in the context of AWS CloudFormation?
-A change set in AWS CloudFormation is used to modify properties of a resource. It allows you to create a preview of the changes needed before applying them to the stack, ensuring incremental updates to resources.
How does the 'depends on' attribute in a template file work?
-The 'depends on' attribute in a CloudFormation template file specifies that the creation of one resource is dependent on the successful creation of another resource, ensuring a particular order of deployment.
What is the advantage of using 'depends on' relationships in a CloudFormation template?
-Using 'depends on' relationships helps in creating a nested sequence of resources that need to be deployed in a certain order, which is crucial for resources that have a specific dependency like a Lambda function needing a log group.
What is the process of modifying a CloudFormation stack after its initial creation?
-To modify a CloudFormation stack, you need to create a change set with the updated template file, preview the changes, and then execute the change set to apply the modifications to the stack.
What does CloudFormation do if it detects an error during the deployment process?
-If CloudFormation detects an error during the deployment process, it will automatically roll back the stack to its previously known state to prevent further issues.
How can you delete all the resources associated with a CloudFormation stack?
-You can delete all the resources associated with a CloudFormation stack by deleting the stack itself. This action will trigger CloudFormation to clean up all underlying resources that were part of the stack.
What is the importance of having termination protection enabled on production CloudFormation stacks?
-Termination protection is important on production CloudFormation stacks to prevent accidental deletion of the stack, which could lead to significant downtime or loss of critical infrastructure.
Outlines
🚀 Introduction to AWS CloudFormation
This video is aimed at helping beginners get started with AWS CloudFormation. It covers key concepts and provides a step-by-step guide to setting up a CloudFormation stack to deploy resources to an AWS account. The video emphasizes the creation of a template file in JSON or YAML format, with YAML being the preferred format in the community.
📋 Creating and Deploying a CloudFormation Stack
The process of creating a CloudFormation stack involves defining a template file and specifying it during stack creation. The stack groups AWS resources logically, and upon deployment, CloudFormation provisions resources like DynamoDB tables and IAM roles as specified in the template file. The video also introduces the concept of change sets, which allow for modifications to the stack by updating the template file and applying the changes.
🔧 Template File Walkthrough
The video demonstrates an example of a CloudFormation template file named 'dynamotemplate.yml.' This file includes definitions for resources like a DynamoDB table and IAM policies. Key aspects such as specifying resource properties and using the 'depends on' attribute to manage resource creation order are discussed. The importance of defining properties correctly for different AWS services is highlighted.
🛠️ Advanced Configuration and Change Sets
Advanced configuration options for CloudFormation stacks are explored, including parameter injection for dynamic values, tagging, and IAM role permissions. The video explains the process of creating and applying change sets to update existing stacks, demonstrating a modification to the provisioned throughput of a DynamoDB table. The CloudFormation console's validation and review steps ensure correct template syntax and preview changes before execution.
📤 Deleting a CloudFormation Stack
The video concludes by demonstrating the deletion of a CloudFormation stack, which automatically cleans up all associated resources. It emphasizes the importance of enabling termination protection on production stacks to prevent accidental deletions. The viewer is reminded to be cautious with the delete stack function to avoid unintended disruptions to their environment.
Mindmap
Keywords
💡AWS CloudFormation
💡Template file
💡Stack
💡Change sets
💡DynamoDB
💡IAM role
💡YAML
💡Depends on
💡Provisioned throughput
💡Infrastructure as Code (IaC)
Highlights
Introduction to AWS CloudFormation for beginners.
Key concepts of AWS CloudFormation are discussed.
Demonstration of creating a template file for AWS resources.
Template files can be in JSON or YAML format, with YAML being the community convention.
Explanation of how to set up a CloudFormation stack via the console.
Creating a stack involves specifying an initial template file.
CloudFormation deploys resources by reading the template file.
Introduction to the concept of change sets for modifying stack properties.
Creating a change set generates a preview of incremental changes.
Example of a template file that creates a DynamoDB table and IAM role.
Details of the template file structure, including resource properties and types.
The 'DependsOn' attribute for creating resources in a specific order.
How to create an IAM policy and attach it to a role within the template.
Availability of the template file for download in the description section.
Step-by-step guide to creating a stack in the AWS console.
Explanation of stack parameters and their use for dynamic value injection.
The importance of specifying the correct IAM role for resource creation permissions.
Demonstration of stack creation, including the review and creation process.
Observation of stack creation progress and resource ordering.
Verification of the created DynamoDB table in the AWS console.
Modifying the template file to update provisioned throughput.
Creating and executing a change set to update the stack.
Observation of the stack update process and confirmation of changes.
Discussion on the advantages of CloudFormation for infrastructure management.
Demonstration of stack deletion and automatic resource cleanup.
Recommendation to enable termination protection for production stacks.
Transcripts
if you've been struggling getting
started with aws cloud formation
then this is going to be the video for
you so in this video we're going to talk
about some of the key concepts of aws
cloud formation
then i'm going to walk you through the
console and show you how to set up a
cloudformation stack
and how to use it to deploy resources to
your aws account
so let's just jump right into it and
start going over what we have in front
of us here
so the first thing that we need to worry
about in terms of cloudformation
is creating a template file so that's
the first thing that we're going to do
after we go through the concepts here
we're going to create this template file
and a template file is just basically a
definition file of all of the aws
resources that you're going to be
creating
when you upload this file into
cloudformation in the next few minutes
i'm going to show you an example of what
one looks like that creates a dynamodb
table and an iam role that allows you to
access it
so that's the first thing we need to do
create the template file and the
template files can either be in json or
yml format
for whatever reason yml has really
picked up it's really
kind of been selected as the convention
that the community seems to use for the
most part
don't ask me why i thought it would be
json but it is what it is
so just keep that in mind so after we
create this template yml
file uh we're going to go into aws
cloudformation and we are going to
create a stack
that is going to be our second task and
when we create a stack we have to
specify an initial
template file that we want to deploy to
that stack and the stack is just
basically like a logical grouping of the
aws resources that are going to belong
to
this project so after we create the
stack one of the settings is obviously
to define the template file
so we're going to select that template
file and we're going to tell
cloudformation to
deploy this stack using this template
file that we just specified
then cloudformation is going to go out
it's going to go to services like
dynamodb
it's going to go dynomo yep it's going
to go to iam
and it's going to create all the
resources that we specified in step
number one over here
so that's the basic idea of how you
initially get your resources created in
cloud formation
what comes after that is a concept
called change sets
so say we want to modify one of the
properties of our file over here we want
to change some value maybe from
x to y or something like that so how
this works in cloud formation
is you need to create a change set and
re-upload that modified file
into cloudformation and apply the change
set
to the stack that you originally created
what that's going to do is generate a
preview
of the changes that it needs to make the
incremental changes
that is um so if we changed x to y
it's going to detect that you know what
a resource change and it's going to need
to make
a modification to that resource when the
change set gets executed
so like i kind of alluded to we're going
to upload that new file we're going to
execute the change set
and then again cloudformation is going
to go out to dynamo
or whatever we're modifying in this case
and change the value of the dynamodb
table so that's what we're going to do
in this video i want to walk you through
now what the template file looks like
because that's an important
component of this whole question so
let's head over there now all right so
here we are looking at a template file
and this template file is just called
dynamotemplate.yml
so let's go through some of the
resources here and see what's actually
going on
uh so the first thing you notice is that
we're just specifying a version that's
fine you just specify the version that
you're going to be using
this seems to be the convention here we
have resources that we're going to be
creating
so we're creating a orders table here a
named resource called orders table
that's going to be a dynamodb table we
specify our table name here inside the
properties field
just keep in mind that whatever resource
type you're going to be creating
all the properties are going to be
different for instance if i were
creating a lambda function you wouldn't
expect to put a table name
for a lambda function it would probably
be something like function name so just
keep that in mind when you're specifying
your properties here
so all of these things like attribute
definitions author name
attribute type string these are all
specific properties to dynamodb
and we're kind of setting these values
through this cloudformation template
so you see there's a lot of things that
you can specify here such as attribute
definitions
the key schema if you want this key to
be a hash key
if you want this key to be a range key
you can specify
pretty much anything that you can
specify in the aws console
provided that cloudformation supports
the resource type
so even further time to lift
specification it's a great feature of
dynamodb
they can also specify things like the
provision throughput so the scaling
factors on your table
so down below over here we have a
different resource but i just want to
call your attention to this
important detail here this depends on a
line
and what we're doing in this case is
we're specifying the name of a different
resource dyno db
query policy and you see that this thing
right here this is what we're referring
to right so when i say depends on
in this dynamodb table i'm saying the
creation of this dynamodb table
is dependent on this policy being
created first
and this can be anything it can be a iam
role
it can be a lambda function it could be
an sqs
uh queue it could be anything that you
want you can create these complex
depends on relationships
just by specifying uh depends on here
and then creating kind of a nested
sequence of things that you want to
deploy
in a certain order and this makes sense
for things that have
a particular order in which they need to
be created
such as a log group on a lambda function
the lambda function needs to exist
before the law group can exist for that
lambda function
so there's a whole bunch of use cases
here this is a nifty little thing that i
wish i knew about earlier
uh which is why i wanted to bring it up
here and then down here we're creating a
dynamo to be query policy
we're naming it the dynamodb query
policy and by the way these can be two
different things
um the name of the resource in your
cloudformation yml file and the actual
name of the entity that you're going to
create
in iem in this case so you can name this
you know like whatever you want
and keep dying would be query policy the
same and you see the depends on still
work so
this name can be anything you want is
basically what i'm trying to tell you
here
uh then we create a policy document uh
we want to allow dynamo to be query
should probably specify the arn of the
table i'm about to create but that's a
video for another day
and then we're going to apply this
policy to a role
so this role is defined down here and
we have some you know basic attributes
giving it the sds assume role permission
if you don't know what that means don't
even worry about it it really doesn't
matter
so this is the the general idea of
creating a
template file that has a dynamodb table
in it i'm going to be making this code
available to you so if you want to try
this out yourself
check out the description section for a
download to this particular file
so now that we have this let's head over
into the aws console
where we will create a stack using this
template file and then we're gonna we're
gonna modify some of the attributes i'm
going to change this from 5 to 10 later
and then create a change set and show
you how cloudformation responds when you
want to modify something
so that's coming up in this video so
let's move over into the console now
alrighty so here we are in the aws
console so let's go over to
cloudformation
cloudformation there we go
and so i already have a stack set up
here for my website so let's just ignore
that we're going to go to the top right
over here
and we're going to click on create stack
and then we're going to say with new
resources
so this kind of brings up a wizard here
where you can specify a whole bunch of
different attributes
um a couple options in terms of the
prerequisites so
we've already created a template like i
already have one saved
to local to disk you can also if you're
just getting started use the
samples that are available to you here
and there's a designer functionality
where you can actually drag and drop
things
and create things kind of through a
visual ui haven't had a lot of success
with this unfortunately but
um if you're trying to set something up
that maybe a little bit foreign to you
can check that out and maybe just kind
of
ballpark how everything is going to fit
together so let's specify a template
down here
so there is an option just to refer to a
template that is stored in s3
uh we don't need that so we're just
going to say upload a template file
it's asking us to upload a template file
i'm going to click on choose
i'm going to click on my dynamodb
template file here
there's a validation step that happens
behind the scene so if you have a
issue with your template syntax maybe
you forgot a space or a tab it should
tell you right here
so you can actually click this view and
designer button i'm not going to do that
in this video but this will show you
what this template looks like in a ui
and it's got a whole bunch of
new features where it shows you all the
interconnections between them
so if you have a little bit of time go
check that out since ours is pretty
simple we don't need to do that it's
just a dynamodb table with a policy and
a role so
let's just move on so gonna click next
now in the bottom right
okay now we need to create a stack name
so let's just call this dynamodb demo
tv demo that looks good
the parameter section i didn't take
advantage of this in this video but if
you want to
dynamically inject values into your
template
and then substitute um a variable with
that value you can do that
so for instance if you want to use the
same template file
to deploy to both your test and your
production
environments um you can pass in a
dynamic parameter
into your cloudformation stack and then
set up your resources such that they are
named and appended to them at the end
is the name of the environment so it
would be either test or production
in this case so it's a great way to
dynamically set values
i'm not going to go through it in this
video because it is a more of an
advanced topic but just know that that
option exists
so let's move on now click on next and
a whole bunch of other options available
to you so if you want to specify some
tags for your cloudformation
stack go ahead and do that this could be
useful for grouping your applications
together
if you have a whole bunch of resources
that are going to be created out of this
we're going to skip that here and the
next section is the permission section
so what it's asking for here
is a iam role that has the permissions
to create the resources that you're
about to
create from the template file so if you
don't specify a role here it'll
automatically
as it's telling you if you don't choose
a role cloudformation uses permissions
based on your user credentials
now since i am a root user i don't need
any special permissions
i have all the permissions so
administrator access
but if you don't have that you may need
to create a role here
that has the correct permission so in
this example
you would need to give a role the
permission to
create a dynamo table create a iam
policy
and create a role it would need those
three things
i have a video on that if you want to go
check it out i'll put that in the
description section below
on how to create a im role and policy
and attach it to there
uh okay so moving on a little bit more a
whole bunch of more detailed things so
in terms of stack policy
you can set a policy here as to how you
want it to behave
so you can upload a file here that
contains the definition of that
things like preventing uh deletion of
your stack if someone fat fingers
something and you know accidentally
clicks delete stack
stuff like that that can all be
configured through this file here i wish
they had kind of a nice ui to do that
but you know unfortunately we got we got
what we got
uh in terms of rollback configuration
you can set some alarms to say
you know if something happens as as a
result of this deployment and it
triggers some sns topic
then automatically roll back the
creation of the stack that's a useful
thing that i didn't really talk about
which was that
um cloud formation will automatically
roll back
to its previously known state if it
detects that there's an error during the
deployment process so pretty neat
functionality
i'm going to minimize that notification
options if you want sns topic alerts
for every state as the resources are
being created so every state update like
dynamodb table created dynamodb table
updated things like that you can specify
an arn here
and i don't know maybe make a lambda
function or something that listens to it
and does something special
not what we're going to do here and then
stack creation options so
more things and this is where the i
believe the stack policy comes into
place it affects things like this
not 100 sure though but we're going to
leave this stuff as default as it
doesn't really matter for this exercise
and just move on to the creation step so
on the bottom right now i'm going to
click on
next and this should be the last step so
we can set our parameters
configure options and this is just a
review step
so we're just going to scroll all the
way down you have to click this checkbox
here which says that
cloudformation is going to create iem
resources and that's because i left that
role blank in the middle i'm the the
root user so it's going to create a role
that has all the permissions i need for
this exercise so let's click this
box here and now we're going to click on
create a stack and watch the magic
happen
so let's click on this guy and so what
do we see here so we see
our stack over here on the left we see
here let me just minimize here so this
doesn't look too funky oh that's weird
okay never mind
we see create in progress so this stack
is being created
going to click on the refresh button
you're going to see this stuff change
over time
so this is the initial stack here dyno
would be demo remember i had that
depends on thing in my dynamodb table so
we can see here
the order in which it's creating the
resources it's
it's choosing the query role or the
orders table query rule
ahead of the dynamodb table because we
specified
that depends on in the template file
so it respects the ordering which is
pretty cool so you see here
after a bunch of things change but let's
just go through this one by one
so we see here that the orders table
query role was uh created
successfully we see the policy started
creating progress
we see um okay there's a different step
here for that that's fine
we see it successfully created and then
finally the orders table is getting
going now so we should just keep an eye
on this
so the orders table was created
successfully and the stack is now done
so if i click on refresh nothing's going
to happen anymore now so let's just go
over really quick to dynamodb
and just verify that our table is
actually there right or else what is all
this for
uh so clicking on that let's see dynamo
what do you got for us
and there's our table so it's got
authors table prod which is what we
named it in the template file
it's got our author name which was our
hash key and our sort key
which is book title so everything seemed
to work pretty well that's great for us
so the next step is we wanted to modify
something on this
um template file that we created so
let's go modify our template file now
just with a small change
and see how that impacts our
cloudformation stack
so here's the original template file i'm
just going to make a small innocent
change
provision through but we're going to
change this value from 5 to
10. i'm just going to click on control
save now so now this is saved to my disk
so now what do we need to do what we
want to create a
change set so there we go so we're going
to click on stack
actions when we are in our stack so
dynamically demo in this case
click on stack actions in the top right
and then we are going to create a change
set
for the current stack and this is
basically the repeat
of the step that we did when we
initially created the stack so
same thing is going to happen here you
can you know use your current one or you
can replace it
i'm going to replace it with the one
that we just modified
so upload file and then just choose the
updated one there everything's looking
good click on next
no parameters keep on moving none of
this matters
keep on moving none of this matters
again and
this should finally be the last one so
create change set so the change set is a
preview of how the stack will be
configured before creating the stack
it allows you to examine various
configurations before executing the
change set
so as it kind of describes here
cloudformation is going to diff
what it has on file of what it thinks
the current state is of your dynamodb
table or your stack in this case and
then it's going to compare it with what
you just uploaded so it's basically a
git diff between
template files so we're gonna click on
create change set
and after a moment here so yeah it's
still creating it's probably just gonna
take a second here
to create the diff it was pretty quick
because this was a small file so let's
see what we got going
on so we see here that a modification is
required
for the orders table so it detected that
nothing changed with the iam role
nothing changed with the policy but
something did change with the table
so it's smart enough to detect that and
now it knows that when i go and execute
this change set
the only thing i need to do is modify
the authors table in this case
if you click on some of these guys you
can see some of the interesting
properties i don't think inputs has
anything no it doesn't it's a
template this shows you basically what
you just uploaded um you know nothing
special here you can see
the recapacity units got set to 10 so
everything is looking good
and then this thing i believe does shows
you a diff if i'm not mistaken
no it doesn't um but it does show you
some of the guts of how cloud formation
works right like oh here it is
so target provision throughput uh
attribute properties and these must be
passed in dynamically
and we're seeing it's going to do a
direct modification so this just shows
you kind of what's going on under the
hood in cloud formation
it must use this kind of syntax to
delineate how the modification is going
to actually take place and it kind of
gives you a neat little preview of it
too which is pretty neat
um so let's go back here so all we need
to do now to actually update the stack
with that new value is just click on
this bright orange button in the top
right
go click on execute and then if we
refresh this guy now
remember this is our stack page like the
previous run
completed now we see update in progress
i'm gonna click on that
and it's still gonna update this may
take a little time because provision
throughput sometimes takes a little bit
but we're not going to dwell on this if
this takes too long
because it was just something minor so
from here the other interesting part of
cloud formation a real big advantage of
it
actually is that now if i want to delete
everything in this application
like i want to delete the table i want
to create delete the
policy i want to delete the role i don't
need to worry about going to clean all
that
stuff up all i could need to do is
delete the dynamodb demo stack
and when it gets deleted confirmation is
going to take care of deleting
all the underlying resources as well
that are associated with it so let's
just demonstrate that now
so you can see here this finally
completed let's just head over to
dynamo again really quick just to show
you and prove that
everything did change uh click on that
really quick here authors table prod oh
wait i just saw it so provisioned
there you go so provisioned capacity is
now
10. previously it was five so we do see
that it did indeed work
uh so let's just demonstrate the
deletion step now and kind of what
happens after that
so i'm gonna go to the top right here
actually oh it's just this button here
the delete button
so just be careful with this i mean if
you have a whole environment that
is backed by a cloud formation stack
this is a good way to ruin a company
or like ruin a product just by clicking
this so just be very very very careful
with this
this is the reason it's always a good
idea to have the termination protection
enabled
on your production cloud formation
stacks
so i'm going to click on delete now i'm
going to click on delete stack
and if we refresh this and just watch
the event stream
we're gonna see everything is going to
get torn down
and we're going to be left with
basically a clean slate
um so this is cloud formation i have
another great video on infrastructure
as code in general and how cloud
formation kind of compares to some other
providers such as terraform serverless
and some other ones
i'll put that on the right here so be
sure to check that out if you like this
video don't forget to like and subscribe
and i'll see you next time
Weitere ähnliche Videos ansehen
5.0 / 5 (0 votes)