CloudFormation Parameters: Make your life simple
- Updated on - May 7, 2022
CloudFormation Parameters pass input values to the CloudFormation template when you create or update a stack of AWS resources.
That definition is like watching a movie from the second half! So, lets rewind and start with a fundamental question.
What is AWS CloudFormation ?
AWS CloudFormation is an Infrastructure as Code service by Amazon to model, provision and configure AWS resources in the Cloud. You do this by creating a template, which is a simple text file in JSON or YAML format.
In case you are not familiar with JSON and YAML, JSON stands for JavaScript Object Notation and is lightweight data-interchange format easy for humans and machines to comprehend. Similarly, YAML (“YAML Aint Markup Language”) is a data-serialization language and uses indentation for formatting. This minimal syntax makes it easy to understand and write.
Let’s walk thru an example to make better sense.
Assume you want to create a DynamoDB table with indexes. You would have to manually provision and configure the table name, keys, capacity units, field attributes, primary and secondary indexes and more. With CloudFormation, you specify your required AWS resources and its properties in your template and create a stack from either the CLI, API or Console. Think of it as automating the traditional manual and tedious process.
Now let’s get back to focusing on CloudFormation Parameters and look at their attributes.
AWS CloudFormation Basics
A CloudFormation template is composed of multiple sections – Format Version, Description, Metadata, Parameters, Mappings, Conditions, Transform, Resources and Output. Parameters, though an optional section in the template can be used to turbo charge your resource deployment game.
Like I mentioned earlier, CloudFormation Parameters are used to pass input values to the template during run-time when creating or updating a stack. These parameters are then referenced from the Resources or Output sections in the template. Keep the following points in mind when you use parameters in your CloudFormation template.
- A parameter can only be referenced in the context of the template it is declared in. In other words, they are not global.
- You have to provide a value during runtime. If you decide to declare a parameter and not use it, then it has to have a default value assigned.
- You can have a maximum of 60 parameters in a template and each one must have a unique logical name.
- And finally, every parameter should have a type assigned to it.
CloudFormation Parameters - Properties
When using CloudFormation Parameters, there are 11 properties you can specify for control and structure. Almost all of them are optional, except for the Type parameter. The table below lists the parameter properties and description.
| Parameter Properties | What it does | |
| 1 | AllowedPattern | The approved format for the string type specified as a regular expression. For a database password for instance, this could be “^[a-zA-Z0-9]*$” |
| 2 | AllowedValues | List containing the valid values for a parameter |
| 3 | ConstraintDescription | Descriptive text on why a constraint was violated |
| 4 | Default | Fallback value to use if a specific parameter is not specified |
| 5 | Description | A description of what the parameter does limited to 4000 bytes |
| 6 | MaxLength | Largest value allowed for a String type |
| 7 | MaxValue | Largest value allowed for a Number type |
| 8 | MinLength | Smallest value allowed for a String type |
| 9 | MinValue | Smallest value allowed for a Number type |
| 10 | NoEcho | Used to mask the parameter value displayed. As a best practice, try not to use this parameter |
| 11 | Type | The datatype of the parameter. Can be String, Number, List, CommaDelimitedList, AWS-Specific Parameter types or SSM Parameter Types |
Related: Amazon Athena SQL basics
CloudFormation Parameters - Types
As mentioned earlier, a CloudFormation template has multiple sections, and CloudFormation Parameters are used to pass input values to the template.
A CloudFormation Parameter Type is the data type for the parameter. There are 6 CloudFormation parameter types and it is a required property of a parameter.
| Parameter Type | What it does | |
| 1 | String | Literal String |
| 2 | Number | Integer or floating-point number |
| 3 | List | An array of integers such as [“10″,”20”] |
| 4 | CommaDelimitedList | An array of strings such as [“Name1”, “Name2”] |
| 5 | AWS-Specific Parameter Types | AWS Specific parameter types |
| 6 | SSM Parameter Types | Parameters from the System Manager Parameter Store |
CloudFormation Parameters examples
If all this technical jargon is making your head spin, don’t fret! We will walk through the top 5 frequently used CloudFormation Parameter patterns. Once you get familiar with them, try tweaking them for your specific use cases.
Example 1: Create an AWS-Specific Cloudformation Parameter for an EC2 Key Pair
JSON
"Parameters" : {
"KeyName": {
"Description" : "EC2 Key Pair Name",
"Type": "AWS::EC2::KeyPair::KeyName",
"ConstraintDescription" : "EC2 Key Pair must exist"
}
}YAML
Parameters :
KeyName:
Description : EC2 Key Pair Name
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription : EC2 Key Pair must exist
Example 2: Create CloudFormation Parameters for SSH access to an EC2 Instance
JSON
"Parameters" : {
"SSHLocation" : {
"Description" : " IP address for SSH to the EC2 instance",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\
(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "IP in x.x.x.x/x format."
}
}YAML
Parameters :
SSHLocation :
Description : IP address for SSH to the EC2 instance
Type: String
MinLength: 9
MaxLength: 18
Default: 0000/0
AllowedPattern: (\\d13)\\(\\d13)\\(\\d13)
\\(\\d13)/(\\d12)
ConstraintDescription: IP CIDR range in xxxx/x format
Example 3: Create CloudFormation Parameters for a Database
In this example, we will create 3 parameters for a DynamoDB database. One for the Database Name (DBName),One for the Database User (DBUser) and one for the Database Password (DB Password).
This example can be used for other databases and any scenario requiring Username and Password parameters.
JSON
"Parameters" : { "DBName": {"Default": "testDynamoDB",
"Description" : "DynamoDB database name",
"Type": "String",
"MinLength": "1",
"MaxLength": "64",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "Must start with a letter and contain only alphanumeric characters"
};
"DBUser": {
"NoEcho": "true",
"Description" : "Username for DynamoDB database",
"Type": "String",
"MinLength": "1",
"MaxLength": "16",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "Must start with a letter and contain only alphanumeric characters"
},
"DBPassword": {
"NoEcho": "true",
"Description" : "Password for DynamoDB database",
"Type": "String",
"MinLength": "8",
"MaxLength": "41",
"AllowedPattern" : "[a-zA-Z0-9]*",
"ConstraintDescription" : "Alphanumeric characters only"
}
}
YAML
Parameters :
DBName:Default: testDynamoDB
Description : DynamoDB database name
Type: String
MinLength: 1
MaxLength: 64
AllowedPattern : [a-zA-Z][a-zA-Z0-9]*
ConstraintDescription : Must start with a letter and contain only alphanumeric characters
DBUser:NoEcho: true
Description : Username for DynamoDB database
Type: String
MinLength: 1
MaxLength: 16
AllowedPattern : [a-zA-Z][a-zA-Z0-9]*
ConstraintDescription : Must start with a letter and contain only alphanumeric characters
DBPassword:NoEcho: true
Description : Password for DynamoDB database
Type: String
MinLength: 8
MaxLength: 41
AllowedPattern : [a-zA-Z0-9]*
ConstraintDescription : Alphanumeric characters only
Example 4: Create CloudFormation Parameters for an Email Address
JSON
"Parameters": {
"EMailAddress": {
"Description": "Email address for issue notification",
"Type": "String",
"AllowedPattern": "([a-zA-Z0-9_\\-\\.]+)@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.)|
(([a-zA-Z0-9\\-]+\\.)+)) ([a-zA-Z]{2,4}|[0-9]{1,3})(\\]?)",
"ConstraintDescription": "Enter a valid email address."
}
}YAML
Parameters:
EMailAddress:
Description: Email address for issue notification
Type: String
AllowedPattern: [a-zA-Z0-9_\\-\\.]+)@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.)|(([a-zA-Z0-9\\-]+\\.)+))
([a-zA-Z]{2,4}|[0-9]{1,3})(\\]?
ConstraintDescription: Enter a valid email address
Example 5: Create CloudFormation Parameters for a SageMaker EC2 Instance Type
JSON
"Parameters" : {
"InstanceType" : {
"Description" : "SageMaker EC2 instance type",
"Type" : "String",
"Default" : "ml.m4.xlarge",
"AllowedValues" : [ "ml.m4.xlarge",
"ml.m4.4xlarge",
"ml.m4.10xlarge",
"ml.c4.xlarge",
"ml.c4.2xlarge",
"ml.c4.8xlarge",
"ml.p2.xlarge",
"ml.p2.8xlarge",
"ml.p2.16xlarge"],
"ConstraintDescription" : "Must be a valid EC2 instance type." }
}
YAML
Parameters :
InstanceType :
Description : SageMaker EC2 instance type
Type : String
Default : ml.m4.xlarge
AllowedValues :
- ml.m4.xlarge
- ml.m4.4xlarge
- ml.m4.10xlarge
- ml.c4.xlarge
- ml.c4.2xlarge
- ml.c4.8xlarge
- ml.p2.xlarge
- ml.p2.8xlarge
- ml.p2.16xlarge
ConstraintDescription : Must be a valid EC2 instance type
In Conclusion
Keep the following key points in mind:
- CloudFormation Parameters are an optional section in the template. However, using them will make your template flexible and dynamic.
- At a minimum, you need to specify a logical id (name) and type for your parameter.
- For AWS specific values, always use the AWS-Specific Parameter Types.
- Though not required, using Parameter Constraints and Defaults is considered best practice.
Now that we covered some of the basics. See if you can provision an Amazon Redshift Cluster using AWS CloudFormation. Here are a few articles to get you started
- Understanding the difference between Redshift and RDS.
- Automate Amazon Redshift cluster creation using AWS CloudFormation
Related: 10 Redshift Create table examples
Table of Contents
Helpful links
AWS CloudFormation User Guide
AWS Official User guide on CloudFormation
Service Offerings by Obstkel
Get to know the AWS Cloud Services offered by Obstkel