CloudFormation Parameters: Make your life simple
Before we dive into the details of CloudFormation Parameters, lets build some context around what CloudFormation is. It is a service by Amazon, used to model, provision and configure AWS resources in the Cloud. You do this by creating a template, which is a a simple text file in JSON or YAML format.
In case you are not familiar with JSON and YAML, JSON stands for JavaScript Object Notation and is lightweight data-interchange format easy for humans and machines to comprehend. Similarly, YAML ( “YAML Aint Markup Language“) is a data-serialization language and uses indentation for formatting. This minimal syntax makes it easy to understand and write.
Lets walk thru an example to make better sense. Assume you want to create a DynamoDB table with indexes. You would have to manually provision and configure the table name, keys, capacity units, field attributes, primary and secondary indexes and more. With CloudFormation, you specify your required AWS resources and its properties in your template and create a stack from either the CLI, API or Console.
In this post, lets look at the below Cloudformation Parameters and their attributes
1. CloudFormation Basics
A CloudFormation template is composed of multiple sections – Format Version, Description, Metadata, Parameters, Mappings, Conditions, Transform, Resources and Output. Parameters, though an optional section in the template can be used to turbo charge your resource deployment game.
CloudFormation Parameters are used to pass input values to the template during run-time when creating or updating a stack. These parameters are then referenced from the Resources or Output sections in the template. Keep the following points in mind when you use parameters in your CloudFormation template.
- A parameter can only be referenced in the context of the template it is declared in. In other words, they are not global.
- You have to provide a value during runtime. If you decide to declare a parameter and not use it, then it has to have a default value assigned.
- You can have a maximum of 60 parameters in a template and each one must have a unique logical name.
- And finally, every parameter should have a type assigned to it.
CloudFormation Parameter Types
AWS CloudFormation Parameter types require a bit more attention. So, what are Cloudformation Parameter Types ?
A Parameter Type in a CloudFormation template is the data type of the parameter. This a required property of a parameter. Currently, there are 6 CloudFormation Parameter Types.
Now lets look at a simple example of an AWS CloudFormation Parameter in JSON and YAML format.
Parameter Format for JSON
"Parameters" : {
"ParameterLogicalID" : {
"Type" : "DataType",
"ParameterProperty" : "value"
}
} Parameter Format for YAML
Parameters :
ParameterLogicalID:
Type : DataType
ParameterProperty : value
CloudFormation Parameter Properties
When using CloudFormation Parameters, there are 13 properties you can specify for control and structure. Almost all of them are optional, except for the Type parameter. The table below lists the parameter properties and description.
Parameter Properties | What it does | |
1 | AllowedPattern | The approved format for the string type specified as a regular expression. For a database password for instance, this could be “^[a-zA-Z0-9]*$” |
2 | AllowedValues | List containing the valid values for a parameter |
3 | ConstraintDescription | Descriptive text on why a constraint was violated |
4 | Default | Fallback value to use if a specific parameter is not specified |
5 | Description | A description of what the parameter does limited to 4000 bytes |
6 | MaxLength | Largest value allowed for a String type |
7 | MaxValue | Largest value allowed for a Number type |
8 | MinLength | Smallest value allowed for a String type |
9 | MinValue | Smallest value allowed for a Number type |
10 | NoEcho | Used to mask the parameter value displayed. As a best practice, try not to use this parameter |
11 | Type | The datatype of the parameter. Can be String, Number, List, CommaDelimitedList, AWS-Specific Parameter types or SSM Parameter Types |
12 | AWS-Specific Parameter Types | Used to specify an existing AWS Parameter in your account |
13 | SSM Parameter Types | Used to specify existing AWS Parameters in System Manager Parameter Store. |
CloudFormation Parameter Examples
If all this technical jargon is making your head spin, don’t fret! We will walk through the top 5 frequently used CloudFormation Parameter patterns. Once you get familiar with them, try tweaking them for your specific use cases.
Example 1: Create an AWS-Specific Cloudformation Parameter for an EC2 Key Pair
JSON
"Parameters" : {
"KeyName": {
"Description" : "EC2 Key Pair Name",
"Type": "AWS::EC2::KeyPair::KeyName",
"ConstraintDescription" : "EC2 Key Pair must exist"
}
} YAML
Parameters :
KeyName:
Description : EC2 Key Pair Name
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription : EC2 Key Pair must exist
Example 2: Create a CloudFormation Parameter for SSH access to an EC2 Instance
JSON
"Parameters" : {
"SSHLocation" : {
"Description" : " IP address for SSH to
the EC2 instance",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.
(\\d{1,3})\\.(\\d{1,3})\\
(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "IP in x.x.x.x/x
format."
}
} YAML
Parameters :
SSHLocation :
Description : IP address for SSH to
the EC2 instance
Type: String
MinLength: 9
MaxLength: 18
Default: 0000/0
AllowedPattern: (\\d13)\\(\\d13)\\(\\d13)
\\(\\d13)/(\\d12)
ConstraintDescription: IP CIDR range in
xxxx/x format
Example 3: Create CloudFormation Parameters for a Database
In this example, we will create 3 parameters for a DynamoDB database. One for the Database Name (DBName),One for the Database User (DBUser) and one for the Database Password (DB Password).
This example can be used for other databases and any scenario requiring Username and Password parameters.
JSON
"Parameters" : { "DBName": {"Default": "testDynamoDB",
"Description" : "DynamoDB database name",
"Type": "String",
"MinLength": "1",
"MaxLength": "64",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "Must start with a letter and contain only alphanumeric characters"
};
"DBUser": {
"NoEcho": "true",
"Description" : "Username for DynamoDB database",
"Type": "String",
"MinLength": "1",
"MaxLength": "16",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "Must start with a letter and contain only alphanumeric characters"
},
"DBPassword": {
"NoEcho": "true",
"Description" : "Password for DynamoDB database",
"Type": "String",
"MinLength": "8",
"MaxLength": "41",
"AllowedPattern" : "[a-zA-Z0-9]*",
"ConstraintDescription" : "Alphanumeric characters only"
}
}
YAML
Parameters :
DBName:Default: testDynamoDB
Description : DynamoDB database name
Type: String
MinLength: 1
MaxLength: 64
AllowedPattern : [a-zA-Z][a-zA-Z0-9]*
ConstraintDescription : Must start with a letter and contain only alphanumeric characters
DBUser:NoEcho: true
Description : Username for DynamoDB database
Type: String
MinLength: 1
MaxLength: 16
AllowedPattern : [a-zA-Z][a-zA-Z0-9]*
ConstraintDescription : Must start with a letter and contain only alphanumeric characters
DBPassword:NoEcho: true
Description : Password for DynamoDB database
Type: String
MinLength: 8
MaxLength: 41
AllowedPattern : [a-zA-Z0-9]*
ConstraintDescription : Alphanumeric characters only
Example 4: Create a CloudFormation Parameter for an Email Address
JSON
"Parameters": {
"EMailAddress": {
"Description": "Email address for issue notification",
"Type": "String",
"AllowedPattern": "([a-zA-Z0-9_\\-\\.]+)@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.)|
(([a-zA-Z0-9\\-]+\\.)+)) ([a-zA-Z]{2,4}|[0-9]{1,3})(\\]?)",
"ConstraintDescription": "Enter a valid email address."
}
} YAML
Parameters:
EMailAddress:
Description: Email address for issue notification
Type: String
AllowedPattern: [a-zA-Z0-9_\\-\\.]+)@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.)|(([a-zA-Z0-9\\-]+\\.)+))
([a-zA-Z]{2,4}|[0-9]{1,3})(\\]?
ConstraintDescription: Enter a valid email address
Example 5: Create a CloudFormation Parameter for a SageMaker EC2 Instance Type
JSON
"Parameters" : {
"InstanceType" : {
"Description" : "SageMaker EC2 instance type",
"Type" : "String",
"Default" : "ml.m4.xlarge",
"AllowedValues" : [ "ml.m4.xlarge",
"ml.m4.4xlarge",
"ml.m4.10xlarge",
"ml.c4.xlarge",
"ml.c4.2xlarge",
"ml.c4.8xlarge",
"ml.p2.xlarge",
"ml.p2.8xlarge",
"ml.p2.16xlarge"],
"ConstraintDescription" : "Must be a valid EC2
instance type." }
}
YAML
Parameters :
InstanceType :
Description : SageMaker EC2 instance type
Type : String
Default : ml.m4.xlarge
AllowedValues :
- ml.m4.xlarge
- ml.m4.4xlarge
- ml.m4.10xlarge
- ml.c4.xlarge
- ml.c4.2xlarge
- ml.c4.8xlarge
- ml.p2.xlarge
- ml.p2.8xlarge
- ml.p2.16xlarge
ConstraintDescription : Must be a valid EC2
instance type
In Conclusion
Keep the following key points in mind:
- CloudFormation Parameters are an optional section in the template. However, using them will make your template flexible and dynamic.
- At a minimum, you need to specify a logical id (name) and type for your parameter.
- For AWS specific values, always use the AWS-Specific Parameter Types.
- Though not required, using Parameter Constraints and Defaults is considered best practice.
Now that we covered some of the basics. See if you can provision an Amazon Redshift Cluster using AWS CloudFormation. Here are a few articles to get you started
- Understanding the difference between Redshift and RDS.
- Automate Amazon Redshift cluster creation using AWS CloudFormation
- Once your done provisioning, test using a few of these redshift create table examples.
Helpful links
AWS CloudFormation User Guide
AWS Official User guide on CloudFormation
Service Offerings by Obstkel
Get to know the AWS Cloud Services offered by Obstkel