How To Specify Cloudformation Tags In Template

This is the correct article for y'all if you desire to know:

what is CloudFormation?
how to write a CloudFormation template
deploy CloudFormation template from the command line interface
deploy CloudFormation template from AWS web interface

What is CloudFormation?

AWS CloudFormation is an Amazon infrastructure-as-a-code service to easily group and automate the deployment of resource in the AWS Cloud. In fact, creating a model is essential when nosotros desire to reuse a fix of resources that depend on each other, replicate or drift the same configuration several times without making mistakes.

Just before we brainstorm, permit's beginning with a small definition: what is a stack?

In computer science, astack is an abstruse data type that serves every bit a collection of elements, with two main chief operations:

Push, which adds an element to the drove, and Pop, which removes the almost recently added element that was not yet removed.
Stack (abstract data type) – Wikipedia

CloudFormation is the tool in the AWS deject that allows us to create a stack of internal or external resources. We can write the CloudFormation templates using JSON or YAML languages, and describe the properties and dependencies of each resource inside the stack.

Take the following example:

          AWSTemplateFormatVersion: "2010-09-09" Description: MySQL dump to Amazon S3 with Python Resources:   Bucket:     Type: AWS::S3::Bucket     DependsOn:       - SNSTopicPolicy     Properties:       BucketName: !Join ["-", [!Ref AWS::StackName, "bucket"]]       AccessControl: Private       PublicAccessBlockConfiguration:         BlockPublicAcls: True         BlockPublicPolicy: True         IgnorePublicAcls: True         RestrictPublicBuckets: True       NotificationConfiguration:         TopicConfigurations:           - Topic: !Ref Topic             Event: s3:ObjectCreated:*   SNSTopicPolicy:     Type: AWS::SNS::TopicPolicy     Properties:       PolicyDocument:         Statement:           - Consequence: Allow             Main:               Service: s3.amazonaws.com             Activity: sns:Publish             Resource: !Ref Topic             Condition:               ArnLike:                 aws:SourceArn:                   !Join ["", ["arn:aws:s3:::", !Ref AWS::StackName, "-saucepan"]]

The template we have only seen does nothing more than creating two resource related to each other:

a private S3 saucepan
an SNS Topic Policy that allows the S3 resource to invoke an SNS Topic to ship an email when we create an object in the saucepan.

This simple case demonstrates how information technology is possible to declare dependency betwixt two resources using CloudFormation templates. Indeed, through the DependsOn keyword, we declare that the Bucket resource depends on the SNSTopicPolicy resource. Nosotros will see how to create the total CloudFormation template later in this article.

How to write a CloudFormation template

We tin write CloudFormation templates using JSON or YAML languages. Every bit we already said, to write a template we need to draw each resource in detail, and to specify every property and every dependency that the resources has within the stack.

In this article, we will create a complete CloudFormation template stride-by-pace in order to obtain a stack with 3 resources:

S3 bucket: a simple storage service by AWS to shop and retrieve object efficiently;
SNS Topic: to notify an email every time we create an object inside the S3 bucket;
SNS Topic Policy: to give the SNS Topic the privileges to mind to the S3 bucket "putObject" event.

Let's see now how to prepare our starting time template. To start, create a "stack.yml" file and paste this code:

          AWSTemplateFormatVersion: "2010-09-09" Clarification: CloudFormation example template from Polynique Parameters:   Email:     Type: String     Default: email@example.com     Description: Email to receive S3 object created notification   BucketName:     Type: String     Default: bucket     Description: Unique S3 saucepan name Resources:   # ...

Note that we are declaring ii parameters, in order to be able to reference these values afterward in the template:

Email: the default value is "e-mail@example.com", volition be the recipient to receive the SNS email notification;
BucketName: default is "bucket", nosotros concatenate this value together with the stack name to generate a unique bucket name.

Create the S3 bucket resource

Afterward the Resources property, we are going to create the template for each resources. Permit's get started with the S3 saucepan.

Paste the following code later on the "Resources" holding in the "stack.yml" file:

          Saucepan:   Blazon: AWS::S3::Bucket   DependsOn:     - SNSTopicPolicy   Properties:     BucketName: !Join ["-", [!Ref AWS::StackName, !Ref BucketName]]     AccessControl: Private     PublicAccessBlockConfiguration:       BlockPublicAcls: Truthful       BlockPublicPolicy: True       IgnorePublicAcls: True       RestrictPublicBuckets: True     NotificationConfiguration:       TopicConfigurations:         - Topic: !Ref Topic           Event: s3:ObjectCreated:*

Hey! Some definitions!

!Ref role: nosotros use !Ref to "reference" a dynamic value from the template. For instance, !Ref AWS::StackName refers to the variable stack proper noun or !Ref Saucepan refers to the S3 bucket proper noun;
!Bring together office: we utilise !Join to "bring together" strings with variables. For example, !Join ["-", [!Ref Bucket, "resource"]] will employ "-" equally character to join the variable !Ref Bucket (the reference to the name of the saucepan) with the string "resource", producing something like "mybucket-resource"

Also, if we read the template, we meet that:

BucketName: we utilise the StackName to dynamically generate the proper noun of the bucket, together with the "BucketName" variable. This ways that, if the stack name is "mystack" and the BucketName parameter is "mybucket", BucketName will be: "mystack-mybucket". We do this to reduce the chance of having an already used bucket proper noun because in AWS every saucepan must have a unique name.
PublicAccessBlockConfiguration: the S3 bucket is private;
NotificationConfiguration: we specify to send a notification to the !Ref Topic resource when the s3:ObjectCreated issue volition trigger. We will create the Topic resource later in this tutorial;
DependsOn SNSTopicPolicy: the Bucket resources depends on the SNSTopicPolicy resources. This is important because explicitly says to CloudFormation to create the SNSTopicPolicy followed by the Saucepan;

Let's at present create the SNS Topic resource that will send a notification to a specific electronic mail address. To practice then, paste the following code into the "stack.yml" file:

          Topic:   Type: AWS::SNS::Topic   Properties:     DisplayName: !Join ["-", [!Ref AWS::StackName, "topic"]]     TopicName: !Join ["-", [!Ref AWS::StackName, "topic"]]     Subscription:       - Protocol: email         Endpoint: !Ref Electronic mail

This is pretty piece of cake:

DisplayName and TopicName: as we saw in the Bucket template, we use the stack name to generate the proper noun of the Topic dynamically;
Subscription: we specify that the topic is an electronic mail subscription, and the email to subscribe is the value retrieved from the E-mail parameter (email@example.com)

Finally, we need to create the Policy to requite the permissions to the S3 bucket to invoke the SNS notification when and object is created.

To do and then, paste the following lawmaking into the "stack.yml" file:

          SNSTopicPolicy:   Type: AWS::SNS::TopicPolicy   Properties:     PolicyDocument:       Statement:         - Effect: Let           Principal:             Service: s3.amazonaws.com           Action: sns:Publish           Resource: !Ref Topic           Condition:             ArnLike:               aws:SourceArn:                 !Bring together [                   "",                   [                     "arn:aws:s3:::",                     !Bring together ["-", [!Ref AWS::StackName, !Ref BucketName]],                   ],                 ]     Topics:       - !Ref Topic

Like we saw before, we use the BucketName parameter and the StackName to reference the bucket resources, and !Ref Topic to reference the SNS Topic resource.

Complete CloudFormation template

Hither you can find the complete "stack.yml":

          AWSTemplateFormatVersion: "2010-09-09" Clarification: CloudFormation case template from Polynique Parameters:   E-mail:     Type: Cord     Default: email@case.com     Description: Email to receive S3 object created notification   BucketName:     Type: String     Default: bucket     Description: Unique S3 bucket proper noun Resources:   Bucket:     Type: AWS::S3::Saucepan     DependsOn:       - SNSTopicPolicy     Properties:       BucketName: !Join ["-", [!Ref AWS::StackName, !Ref BucketName]]       AccessControl: Private       PublicAccessBlockConfiguration:         BlockPublicAcls: True         BlockPublicPolicy: Truthful         IgnorePublicAcls: True         RestrictPublicBuckets: True       NotificationConfiguration:         TopicConfigurations:           - Topic: !Ref Topic             Event: s3:ObjectCreated:*   Topic:     Type: AWS::SNS::Topic     Backdrop:       DisplayName: !Join ["-", [!Ref AWS::StackName, "topic"]]       TopicName: !Bring together ["-", [!Ref AWS::StackName, "topic"]]       Subscription:         - Protocol: email           Endpoint: !Ref Email   SNSTopicPolicy:     Type: AWS::SNS::TopicPolicy     Properties:       PolicyDocument:         Argument:           - Effect: Let             Chief:               Service: s3.amazonaws.com             Action: sns:Publish             Resource: !Ref Topic             Status:               ArnLike:                 aws:SourceArn:                   !Join [                     "",                     [                       "arn:aws:s3:::",                       !Join ["-", [!Ref AWS::StackName, !Ref BucketName]],                     ],                   ]       Topics:         - !Ref Topic

Deploy CloudFormation template from CLI

To deploy a CloudFormation template using the command line interface, firstly nosotros need to install the AWS CLI. After the installation, we need to configure the CLI to access our AWS account and publish the resource in a specific region.

To configure the AWS CLI, run:

          aws configure

After the AWS CLI is set upwards, nosotros are now finally able to deploy a CloudFormation template. To practise so, open a terminal window and go to the directory where you created the "stack.yml" file.

One time in the directory, y'all can simply run:

          aws cloudformation deploy --template-file stack.yml --stack-name my-cloudformation-example-template --capabilities CAPABILITY_NAMED_IAM

The "–stack-name" statement is followed past the proper name you want to give to the stack. In my case, I'thou using my-cloudformation-case-template, but yous tin replace it with whatever other proper noun you want to assign to your stack. Besides, "–capabilities CAPABILITY_NAMED_IAM" is required considering nosotros are creating an SNSTopicPolicy.

Deploy a template with parameters

As you may call up, we created some parameters in our "stack.yml" template file. How practise nosotros override those parameters?

This is straightforward. To override a template parameter, we add the "—parameter-overrides" argument followed by "ParameterName=value". For instance, if nosotros want to change the Electronic mail that will receive the SNS notification, we but demand to run the following command:

          aws cloudformation deploy --template-file stack.yml --stack-proper name my-cloudformation-instance-template --parameter-overrides Email=mynewemail@example.com --capabilities CAPABILITY_NAMED_IAM

Too, keep in mind that yous can update the parameters re-deploying the stack. Indeed, every time you run the control with different values, the CloudFormation stack volition update with the new parameters.

Deploy CloudFormation template from AWS web

To deploy a CloudFormation template using AWS web interface, get to the AWS console and search for "CloudFormation":

and so click on "CloudFormation". Into the CloudFormation dashboard, click on the "Create stack" so "With new resources (standard)" button:

This will open a guided wizard to create the stack. Firstly, nosotros need to prepare the template and upload the "stack.yml" file we created in the previous section. Click on "Template is fix", "Upload a template file" and "Choose file" to upload the stack file:

We now need to specify the "Stack name" that will be the proper noun used to identify the stack and change the parameters according to our needs. Endeavour to not give the stack a very generic name, because equally we know we used the stack name reference to create all the other resource names. Also, note that in the "Parameters" department we encounter the default values already populated as we have specified in our template.

Give the stack a name and change the Email parameter with your e-mail address, then click on "Next":

setting CloudFormation stack parameters and name

Then, we "Configure stack options". A proficient practice is to give a Tag with the "Name" central and a unique value that identify the stack. This tin be useful to easily place costs in AWS.

Give the stack a Tag, then click on "Next":

Review your stack, and finally click on "Publish":

CloudFormation Events and Resource

Afterward clicking the "Publish" button, we volition be redirected to the "Events" section of our stack. In this department, we can see every stack's event, in particular, we come across that all the resources specified in the template are in the "CREATE_IN_PROGRESS" status because we just created the stack: