AWS CloudFormation

Disclaimer: This post sat in draft for a while as I’m not using AWS at the moment I cannot guarantee that all works still or the post is 100% complete, but I’m going to publish it anyway, in case it’s of use.

AWS CloudFormation is a service that is essentially a way to group together AWS resources into a stack. We can define the stack using the AWS Dashboard or using either JSON or YAML.

For example, in JSON

{
  "Resources": {
    "S3Bucket": {
      "Type": "AWS::S3::Bucket",
      "Properties": {
        "BucketName": "mybucket"
      }
    }
  }
}

or in YAML

Resources:
  S3Bucket:
    Type: 'AWS::S3::Bucket'
    Properties:
      BucketName: mybucket

In this example the S3 bucket will be created within the Stack. Remember the bucket name must be unique across all accounts.

From the dashboard type CloudFormation into the search box
Once you’re on the CloudFormation page click the Create stack button

From the Create stack page you can select a JSON or YAML template from your local machine, an Amazon S3 URL or from a Git repos. using the Template is ready option. Or you can Use a sample template to load a pre-existing stack, for example LAMP, Ruby on Rails, WordPress etc. Or you can select the Create template in designer option to use the stack designer.

Let’s see what we can do with CloudFormation by creating our simple Echo service web API and let some tools generate our CloudFormation configuration file for us.

Setting up our credentials

First we’re going to need to set up our credentials.

You’ll hopefully have stored the credentials when you create your IAM user, access id and secret are what’s required for this next step.

If you prefer to handle this from a UI such as Visual Studio Extensions, then you can use the edit credential button in the AWS Explorer (load via the menu View | AWS Explorer) but let’s first do this ourselves.

Credentials are obviously meant to be kept secret, so they’re stored on your local machine in the folder C:\Users\<your-username>\.aws in the file named credentials. The file is an INI type file and should look like this when you’ve added your credentials

[profilename]
aws_access_key_id = IDSUPPLIEDBYAWS
aws_secret_access_key = SECRETSUPPLIEDBYAWS

The profilename is the profile name as seen in tools such as AWS Explorer or will be used in the CLI, this allows us to have multiple access key/secrets for multiple apps.

Note: if you edit this file via AWS Explorer it will add further information to the profile

Using Visual Studio Extensions

If you install the AWS extensions for Visual Studio, you can create CloudFormation based applications using the project templates. If you create yourself a project based upon AWS Serverless Application (.NET Core – C#) for example, you’ll then get the option to choose a project type, I chose Minimal Wweb API.

The resultant project includes everything you need to build and deploy your application to AWS serverless.

For example from Visual Studio 2022 with the current AWS Extensions installed

Create a new project, select AWS Serverless Application (.NET Core – C#) or the with Tests version

Once create simply replace the minimal API root method with the following

app.MapGet("/", () => "Use /echo?text=<text>");
app.MapGet("/echo", (string text) => $"Echo: {text}");

Open the serverless.template file and change the Descriptiom to something meaningful to your project
Build and run locally to check everything works, i.e. /echo?text=Scooby should echo back Scooby
We can now simply right mouse click on the serverless.template file and select Publish to AWS Lambda
From the Publish to AWS Lambda popup, enter a Stack Name if it doesn’t exist it will be created
Enter an S3 Bucket name or click the New button and supply a name
You might need to change the AWS Credentials if required for your specific application and Region
Click Publish and if all goes well, your application will be published to a stack in AWS and upon completion the AWS extension will show the URL for you service and you can go and try it

At this point if you log into AWS using the same IAM account that your stack was deployed to, go to CloudFormation and you’ll see our stack was added, it should show Status as CREATE_COMPLETE it’ll have the desription we changed in the serverless.template file. In the Outputs tab we can see the ApiURL (in case you forgot to note it down).

Now if you enter S3 into the search box and go and look at our buckets, you’ll see the bucket we created and finally if you enter Lambda into the search box and go to the Lambda Functions page you’ll see the function name for our Web API.

I’m not going to dig too much into the serverless.template file but note that the Type

"Type": "AWS::Serverless::Function",

Essentially creates the web API as a lamba function, sets up the IAM execution role and adds the HTTP triggers to invoke the function.

Valid types are as followis

AWS::Serverless::Function as already looked at this will create the Lambda function, the execution role and any required triggers
AWS::Serverless::Api denotes a resource type for creating an API Gateway
AWS::Serverless::HttpApi denotes a resource type used to create REST API’s
AWS::Serverless::SimpleTable denotes a resource type to create a DynamoDB table with a single primary key

My Memory

Outsourcing my memory and thoughts (and other ramblings) to the web

AWS CloudFormation