Voiced by Amazon Polly |
Overview
CloudFormation enables us to create and provision its infrastructure deployments predictably and repeatedly. CloudFormation helps us leverage AWS products such as Elastic Load Balancing, Amazon Elastic Block Store, Amazon EC2, Amazon SNS, and Auto Scaling to build highly scalable, cost-effective, and highly reliable applications in the cloud without worrying about creating and configuring the underlying AWS infrastructure. AWS CloudFormation enables us to utilize a template file to create and delete a collection of resources together as a single unit (a stack).
This service helps us set up and model our AWS resources so that we can spend less time managing those resources and more time focusing on applications that run in AWS. We create a template that describes all the AWS resources that we want (like Amazon EC2 instances or Amazon RDS DB instances), and CloudFormation takes care of configuring and provisioning those resources for us. We do not need to individually create and configure AWS resources and figure out what is dependent on what; CloudFormation handles that.
The benefits of using CloudFormation
CloudFormation offers a variety of benefits, including:
- Improved automation: The simplicity of the template allows you to declare what you want your resources to look like. This eliminates the need to rely on other scripting tools to create the resources.
- Quick infrastructure replication: You can quickly replicate your infrastructure without affecting other resources that your template previously created. The template is used to create as many stacks as needed.
- Infrastructure consistency: The declarative way of defining templates allows for consistency you can be assured that stacks created with the template will be identical.
- Easy-to-read template: If you are in the web application or microservice space, you have used YAML or JSON at some point. They are both widely used, so making it easy to find resources on it or to understand.
Customized Cloud Solutions to Drive your Business Success
- Cloud Migration
- Devops
- AIML & IoT
Working of CloudFormation
There are three concepts we need to be aware of when using CloudFormation, these concepts are fundamental to how it works and those are,
- Template
It is a declarative way of defining resources as a JSON or YAML file. This template can then be used to deploy the resources either using the CLI or console.
- Stack
When deploying a template, it creates both resources (EC2 and EIP) as a stack. These resources are created as a unit; therefore, any deletion or update of resources will be applied to the stack.
- Change Set
When a stack needs to be updated, can simply run an update on the stack and let CloudFormation take care of replacing the necessary resources. It takes that further and gives the ability to see the impact of the modifications you are applying before they are applied.
Step-by-Step Guide to Process Drift Detection using CloudFormation
Step 1: Log in to AWS Console and create a key-pair as shown below
Step 2: Create a JSON/yml template file to create a stack. Give the EC2 name, KeyName which was created earlier, new security group name, and get ImageId, SubnetId, and VpcId from AWS services.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
sample_template.yml { "AWSTemplateFormatVersion": "2010-09-09", "Description": "Create a Ubuntu machine", "Resources": { "demoInstance":{ "Type": "AWS::EC2::Instance", "Properties": { "ImageId": "your_ami_id", "InstanceType": "t2.micro", "KeyName": "sample-key", "SubnetId": "your_subnetid", "SecurityGroupIds":[ { "Ref": "samplesecuritygroup" } ] } }, "sureshsecuritygroup":{ "Type" : "AWS::EC2::SecurityGroup", "Properties" : { "VpcId" : "your_vpcid", "GroupDescription" : "Enable HTTP via port 80", "SecurityGroupIngress": [ { "IpProtocol":"tcp", "FromPort":"80", "ToPort":"80", "CidrIp":"0.0.0.0/0" }, { "IpProtocol":"tcp", "FromPort":"22", "ToPort":"22", "CidrIp":"0.0.0.0/0" } ] } } } } |
Step 3: Go to CloudFormation, select the region in which you have chosen the VpcId region, click on Create Stack, and under that click on new resources(standard)
Step 4: Choose Template is ready, upload a template file, choose file, upload the .yml file, and Click on Next.
Step 5: Give the name for the Stack and Click on Next.
Step 6: Scroll down and Click on Next.
Step 7: Scroll down and Click on Create Stack
EC2 instance
Security Group
Step 8: Click on Stack actions and choose to Detect Drift option.
Step 9: Click on Stack actions and Choose View Drift results
Step 10: Go to the security group and select inbound rules and select port 80. Click on Edit inbound rules.
Step 11: Go to CloudFormation and check drift detection as you can see it is drifted.
Conclusion
AWS CloudFormation offers an easy way to model the necessary AWS resources, allocate them and manage them throughout their lifecycle by working with them as code. CloudFormation so that you can create multiple infrastructures, troubleshoot your components, and recover your application’s resources whenever there is a failover.
Get your new hires billable within 1-60 days. Experience our Capability Development Framework today.
- Cloud Training
- Customized Training
- Experiential Learning
About CloudThat
CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.
CloudThat is the first Indian Company to win the prestigious Microsoft Partner 2024 Award and is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 850k+ professionals in 600+ cloud certifications and completed 500+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, Microsoft Gold Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, AWS GenAI Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, Amazon ECS Service Delivery Partner, AWS Glue Service Delivery Partner, Amazon Redshift Service Delivery Partner, AWS Control Tower Service Delivery Partner, AWS WAF Service Delivery Partner, Amazon CloudFront Service Delivery Partner, Amazon OpenSearch Service Delivery Partner, AWS DMS Service Delivery Partner, AWS Systems Manager Service Delivery Partner, Amazon RDS Service Delivery Partner, AWS CloudFormation Service Delivery Partner, AWS Config, Amazon EMR and many more.
FAQs
1. How does CloudFormation handle drift?
ANS: – CloudFormation displays an information bar stating that drift detection has been initiated for the selected stack. Wait until CloudFormation finishes the drift detection operation. When the drift detection operation completes, CloudFormation updates the Drift status and Last drift check time for the stack.
2. How does CloudFormation detect changes?
ANS: – A resource is considered to have drifted if one or more of its properties have been deleted, or had their value changed. It generates detailed information on each resource in the stack that has drifted. It detects drift on those AWS resources that support drift detection.
3. Why is drift detection important?
ANS: – Data drift is the main reason model accuracy decreases over time. Thus, monitoring the changes continuously in our model’s behaviour is of utmost importance.

WRITTEN BY Suresh Kumar Reddy
Yerraballi Suresh Kumar Reddy is working as a Research Associate - Data and AI/ML at CloudThat. He is a self-motivated and hard-working Cloud Data Science aspirant who is adept at using analytical tools for analyzing and extracting meaningful insights from data.
Comments