AWS CloudFormation Template Tutorial

00:00

okay so let's get started with some

00:01

hands-on example around cloud formation

00:04

in this example when you create a simple

00:07

ec2 instance and ec2 instances pretty

00:10

much everyone knows about it it's the

00:12

server's in AWS that you can get on

00:14

demand we're also going to create and

00:17

add an elastic IP to that instance and

00:19

we're also going to add two security

00:21

groups to it for now I want you to

00:24

forget about the code syntax I want you

00:26

to forget about what is the content of

00:29

the template just for now we'll do a

00:31

much bigger deeper dive later on in this

00:33

course what I'm going to focus on is how

00:36

it creates my alias CloudFormation

00:38

template how it's being updated what

00:41

happens in my alias account and so on

00:43

okay so we'll see how in no time you are

00:47

able to get started with cloud formation

00:48

so hopefully in the previous lecture you

00:51

did download the code it was attached in

00:54

the resources so you should have the

00:55

code by now so here is your areas

00:58

console and I just created my accounts

01:01

if you don't have one should create one

01:03

obviously you do is tap it with cloud

01:05

signup and you have it when you're

01:08

logged in you see this screen the first

01:10

thing I want to make sure is that for

01:12

the rest of this class just to make sure

01:14

we're on the same page I want you to

01:16

work in a North Virginia US East region

01:20

and that's called USGS one and the only

01:22

reason is I want you to have the exact

01:24

same setup as me

01:25

it doesn't matter when you get to work

01:27

into your own region you can change the

01:29

region later on but for this course

01:31

please bear with me and please use the

01:33

US East North Virginia region okay so if

01:37

you find CloudFormation you click on

01:38

services and then you just type in cloud

01:42

formation and this is the first link we

01:46

are being greeted by the screen which

01:49

prompts us to create stack stack set

01:52

designing a template or from educating

01:54

resources for now we're just going to

01:57

create a new stack when we get into that

02:00

screen it's ask us for a template we can

02:03

either design a template and we'll go

02:05

over that's in there for next lectures

02:06

or we can choose a template we can

02:09

select from some templates that they

02:10

already have for us we can upload a file

02:13

to Amazonas

02:13

three or specify an Amazon s3 template

02:16

URL so what we notice is already that

02:19

either we do something in the cloud or

02:22

directly we have to select something

02:25

that lives already in Amazon s3 so we'll

02:29

choose upload a template Amazon s3 now

02:32

if we look at the templates

02:33

we'll have to we have just easy to and

02:35

easy to is security group II IP which is

02:38

the more complex one so we'll just start

02:40

with just ec2 and you can have a look

02:43

already but what this will do is that it

02:45

will create one ec2 instance in the US

02:47

east one a availability zone and there

02:50

will be a teacher micro which is part of

02:52

the free tier so what I'll do is I'll

02:55

just upload this file for this there

02:57

easy

02:57

I choose a file and I click on 0 just

03:01

ec2 alright so far so good then we click

03:05

Next and the template is being uploaded

03:07

to Amazon s3

03:09

and it's being validated now we have to

03:12

specify it's stacked a stack name for

03:15

this I will call it introduction and you

03:17

can choose whatever you want but I like

03:19

to call things but what they are this is

03:21

an introduction so we'll call this

03:23

introduction

03:24

next you are able to specify some tags

03:27

in your resources and tags we'll just

03:30

add one the name of the tag will be

03:33

course and the value will be

03:35

CloudFormation just to show you what

03:38

this does when we do create these

03:40

resources we have a bunch of Advanced

03:42

Options we'll go over there later on

03:44

next here is our template URL it has

03:49

been uploaded through Amazon s3 there's

03:52

no description here we can estimate the

03:54

class booking on a cost the stock name

03:56

is introduction we have a tag name

03:58

confirmation and that's about it and we

04:01

click on creates so here we go we see

04:04

now the screen is being populated with

04:06

the stock name introduction and has been

04:09

created at this time and the status is

04:11

created in progress

04:12

so while we wait basically what this

04:14

will do is that it will go ahead and

04:16

create whatever was in a CloudFormation

04:20

document in which case what we had was

04:23

just an ec2 instance

04:27

so this CloudFormation template will not

04:28

go green up until that ec2 instance has

04:32

been created and is working ok so that's

04:35

why right now you see create in progress

04:37

the really cool thing though is that you

04:39

can refresh obviously and you see that

04:43

there's an events tab right here which

04:45

tells you exactly with the timestamp how

04:48

the events are going for example I

04:50

started at 22 29 32 and 26 seconds later

04:55

the create was completes ok so you can

04:59

see all the events into one very nice

05:01

timeline now if you go to overview

05:04

there's nothing new I put nothing but if

05:06

we go to resources now we see that there

05:09

is an ec2 instance that has been create

05:12

complete and the logical idea is my

05:14

instance so if you click on it and open

05:18

it in a new tab we get redirected to the

05:21

ec2 management console and we see right

05:24

here that we have our instance I opposed

05:26

to just teach you micro in the

05:28

availability zone that we wanted u.s. 1a

05:30

and it's been created so pretty amazing

05:32

right we just dumped a file into cloud

05:36

formation around the cloud formation and

05:38

all of a sudden we end up with an issue

05:40

2 instance what's even better is that if

05:43

you go to tags we can see that this

05:45

instance has been tagged with a lot of

05:47

things already first of all there is

05:49

this course CloudFormation tag that I

05:52

specified during the lunch so what that

05:54

means that for your cloud formations any

05:56

tags that you specify in the cloud

05:59

formation prompts will be applied to any

06:01

resource in the stack which is amazing

06:04

but also you inherit three areas

06:08

specific tags based on cloud formation

06:10

the number one is the logical idea of

06:13

the thing which is my instance the

06:15

second one is the stack ID

06:17

it belongs to my big AR n stack and

06:20

finally this tech name which was cool

06:23

introduction so that's really cool

06:25

because from a management and from a

06:27

custom perspective you have lots and

06:29

lots of control over which instance is

06:32

tagged with what what it belongs to and

06:34

so on so it's pretty amazing

06:36

so to summarize I've created a cloud

06:38

formation template

06:40

and has just an easy-to instance now say

06:43

you go you go you go and guess what

06:45

things change your boss asked for two

06:48

security groups and an elastic IP as we

06:52

can see right now there are no security

06:54

groups there's just a default one okay

06:57

and there is no elastic IP just a public

07:00

IP but it was random so let's go ahead

07:02

and edit this cloud formation templates

07:05

well it turns out you can't edit

07:07

CloudFormation template instead what you

07:11

have to do is to provide a new cloud

07:13

formation templates so let's do this

07:15

we're going to click on update stack and

07:17

we get right back to that first screen

07:20

of selected templates again we have to

07:23

upload a new file okay we can't edit

07:25

what already existed we have to plot a

07:27

new file and now we have one easy to

07:30

with s G and E IP if you don't look at

07:33

the code again we'll go an emerge deeper

07:35

dive later on in this course but now we

07:38

have our instance and it has two

07:40

security groups which are defined right

07:43

here but also it has an elastic IP and

07:47

that elastic IP belongs to my instance

07:51

so let's to take on again it believe me

07:54

that basically creates the resources and

07:56

links them together ok so I would put

08:01

the file I click on next and I'm going

08:05

to be asked to review the cloud

08:06

formation name and as you can see this

08:09

is grayed out we can't change the name

08:11

after it's been created ok so if you do

08:14

specify a stack name you can't change it

08:16

later you have to delete your task stack

08:18

and recreate it to change the name press

08:21

next and as you can see we can add more

08:25

tags we can delete the previous ones

08:26

it's pretty cool ok anyway what we'll do

08:30

is go on next and what we see is that we

08:35

can review what's happening there's a

08:37

new template URL the stack names the

08:39

same the tags are the same but oh here

08:42

we go

08:43

something happens cloud formations tells

08:47

us there's going to be changes and of

08:49

course they're gonna be changes because

08:50

we did upload a new templates but what's

08:53

really

08:54

is that we can preview what the changes

08:57

are going to be and that's really nice

08:59

because if you were to change something

09:01

you really want to make sure that you're

09:03

not you know messing things around so

09:06

here we go we're going to add an elastic

09:09

IP and it says add we're going to modify

09:12

our ec2 instance okay and because we

09:16

added security groups to it and that

09:18

change actually will trigger a

09:20

replacement of that instance so very

09:23

good to know that previous one will be

09:24

replaced entirely finally we'll have two

09:29

security groups that will be created all

09:32

right so yeah I'm pretty happy with this

09:35

changes I'll click on updates and here

09:39

we go so now if we look at the events

09:41

log again the previous events are kept

09:45

but now we are into an update in

09:47

progress events so as I as a refresh we

09:52

can see that the event is getting more

09:54

and more populated for example here it

09:57

created my two security groups and now

10:00

it's going to create my ec2 instance so

10:03

it's going to create a whole new one and

10:04

stuff so as I let it happen basically

10:08

Arius CloudFormation figures out the

10:11

order in which things need to happen it

10:14

understood that first you needed to

10:16

create the security groups before you

10:19

could create the ec2 instance and that's

10:21

why the security rules were created

10:22

first and then my ec2 instance was being

10:25

created so if you're crippling freshing

10:28

for example once the ec2 instance has

10:30

been created then we can go ahead and

10:33

have our elastic IP being created and

10:36

finally once the elastic IP is created

10:39

which might take a while it weighs we'll

10:41

go and remove the old ec2 instance so

10:45

one more refresh

10:50

anyway in the meantime what we can do is

10:53

go to resources and as you can see now

10:56

in the resources we don't see one item

10:58

though and now we see four items we see

11:01

that we have two security groups my

11:04

instance and an elastic IP that has this

11:08

IP and that's really cool because

11:09

everything was provisioned from within a

11:12

template okay so as we've seen here

11:14

every resources has been created

11:17

successfully and some were created

11:19

somewhere updated and then finally in

11:22

the event log is going to delete the old

11:25

database instance that we didn't use

11:27

okay so let's go ahead and review all

11:31

these resources if we go to the

11:34

management console we see that the new

11:36

instance is running but now it has two

11:39

security groups attached to them so

11:40

let's just go and go to the security

11:43

groups and if you check the security

11:45

groups we can see that the group name is

11:47

introduction which is the name of my

11:49

stack and then the idea of my group and

11:52

some random number the tags are what we

11:55

expect them to be here is the course

11:57

CloudFormation tag and it has the right

12:01

rules we assign them to this is my

12:03

second group right here and again the

12:05

tags are correct

12:06

the group name is different obviously

12:08

and so on finally if we check something

12:13

the elastic IP parent has been defined

12:15

and we can open it and again obviously

12:19

you know what if you guess now the

12:21

elastic IP will be exactly what we want

12:23

it to be okay anyone have the right

12:25

association so it's all very very very

12:29

very nice but finally let's look at what

12:32

happened the previous instance got

12:34

terminated so on top of like creating a

12:38

new instance areas cloud formation was

12:41

smart enough to say wait wait I'm going

12:44

to terminate the old instance because my

12:47

user doesn't want it anymore and it went

12:50

ahead and terminated it so that's

12:53

awesome

12:53

because it just cleaned up after itself

12:55

and that's really cool that's something

12:58

we can see in the events log and for

13:00

example here

13:01

the cleanup was happening and it was

13:03

delete

13:04

the old instance and completing the

13:06

deletes so so far we've seen a create an

13:11

updates and to finish this little part

13:16

of the tutorial say we want to delete

13:18

say we want to clean up what we did

13:19

because we created one is you to

13:21

instance we have created two security

13:24

groups and we have created elastic IPS

13:27

so how do we go about and cleaning

13:29

everything do I go here and and

13:31

terminate and everything or or is there

13:33

a better way or in fact there's a better

13:36

way if you go to the cloud formation

13:39

right-click and say delete stack it will

13:42

go ahead and delete all the stack

13:44

resources for you which is amazing

13:46

because everything you've created

13:48

through cloud formation will be deleted

13:50

with your cloud formation so I'll go

13:52

ahead and say yes deletes and the delete

13:56

is in progress and as you can guess it

13:58

will start deleting things in order as

14:00

well so you don't have to figure out

14:02

what to delete first and what not to

14:04

delete first it with cloud formation

14:07

will figure this out for you so as you

14:09

go ahead first will be deleted the

14:12

elastic IP then the instance and then

14:15

finally the security groups when all of

14:18

this is over

14:20

basically the cloud formation will

14:22

disappear and you can change the filter

14:24

to go and delete it so I'll just pause

14:26

when this is done so after using the

14:28

filter and everything disappears you can

14:30

see that you can just use the filters

14:32

get back to your CloudFormation template

14:34

and then you see that the event log

14:36

everything was being deleted and the

14:38

delete is complete so now if I go to my

14:40

management console and just refresh all

14:44

my instances have been terminated if I

14:46

go to my security groups my two new

14:49

secrets are gone and if I go to my

14:51

elastic IPS I would see the elastic IP

14:54

will be gone so it's really cool because

14:56

CloudFormation just cleaned up

14:57

everything in one click so here we just

15:00

witness the power of cloud formation for

15:02

creating updating and deleting errors

15:05

resources in no time