Cloudformation doesn't support tags for event rules, and I heard somewhere that there's a workaround using cloud formation stacks but I haven't been able to find how exactly.
I know I could use AWS CLI, or tag the resource manually after it's created but I would like to know if there is a workaround using CloudFormation only.
Thanks.
You can create a custom resource using AWS CloudFormation.
Here’s a blog post describing the process and a GitHub project that you might want to look into for examples.
Related
I would like to have my CloudFormation Launch template enable the EC2 Tag Access. I am seeing it on the Launch Template options in the console.
Which means I technically could add it to my Launch Template, but I would rather keep all of my configuration changes in source control. So that isn't really an option. I know there is a way to turn it on via CLI, and Console
I started digging through documentation, but I couldn't find anything. Is there a place I can go to see the progress on CloudFormation capabilities and maybe even implement this myself in AWS's codebase?
If something is not directly supported in CloudFormation, you can create your own custom resource. So as long as any AWS SDK supports your functionality, you can add it to your CloudFormation templates as well.
For general view of what is supported and not yet supported in CloudFormation, you can got to official AWS github page cloudformation-coverage-roadmap. You can also create an issue there to report missing or broken functionality.
I have a bunch of AWS resources (ec2 instances, rds, s3, etc.)
Those resources were created manually over the years in AWS console.
Now I would like to duplicate this environment using CloudFormation. What is the best approach? Is there a tool, that converts all the resources into a cloudformation stack or template?
I couldn't find anything, or maybe I didn't understand the process correctly...
These days you would use a third party, free and fully open-source tool called former2 developed by renovated AWS Hero. The former2 is used by corporate clients of AWS as explained in the AWS blog post.
You could potentially try the AWS Console Recorder extension for Chrome/Firefox which supposedly could create CloudFormation templates based on your AWS Console clicks.
From their README:
Records actions made in the AWS Management Console and outputs the equivalent CLI/SDK commands and CloudFormation/Terraform templates.
Caveat:
Not all resources are supported.
There was a service named CloudFormer that could perform this action but has since become deprecated.
Functionality does exist within CloudFormation to create a stack from existing resources.
However, to use this you will want to design the stack to use the same options and setup as your resources. Once this is completed you could then manage these resources via CloudFormation.
More information is available in the Import Existing Resources into a CloudFormation Stack blog post.
I'm new to a large AWS deployment where stuff is mostly deployed through CloudFormation (and some through Terraform). But there are always cases where something has been deployed manually and not through code. Is there a reliable way to quickly figure out if a resource (say, an EC2 instance) already existing in the deployment was deployed through IaC or manually? A CloudFormation-specific answer will be good enough for now.
Going through literally hundreds of CloudFormation stacks manually and looking for the resource is not an option.
You can identify the resources created by cloudformation. Cloudformation applies few default tags as mentioned here
aws:cloudformation:logical-id
aws:cloudformation:stack-id
aws:cloudformation:stack-name
You can run a script to check whether the resource contain one/all of these tags to update your count.
Offical documentation on resource tags
Unfortunately looking at an AWS resource you don't see how it got created. While some resources might have been tagged by CloudFormation indicating that they got created by a CloudFormation stack, that's only valid for a subset of resources.
The only reliable way to figure out whether or not a resource got created via a CloudFormation stack is to go through all CloudFormation stacks and check whether or not the resource in question is a part of it. While that might be cumbersome when doing manually, it's also something you can automate using the AWS CLI.
As part of infra automation we are using cloudformation for automating the AWS infrastructure. We are utilising the service ElaticTranscoder as well, as i understand cloudformation yet does not provide support for ElasticTranscoder, is there any efficient way to automate ElasticTranscoder using cloudformation.
Custom resources provide a way for you to write custom provisioning logic in AWS CloudFormation template and have AWS CloudFormation run it during a stack operation, such as when you create, update or delete a stack.
Check out this example.
Also, a quick google search gives me this result.
Another option is not using CloudFormation. You can use Terraform which does support Elastic Transcoder.
https://www.terraform.io/docs/providers/aws/r/elastic_transcoder_pipeline.html
Ansible also has third-party support for it.
https://github.com/wimnat/ansible-modules/blob/master/elastictranscoder/elastictranscoder.py
Last but not least, you can vote for this feature in AWS wish list by liking or retweeting the request.
https://twitter.com/search?q=%23awswishlist%20transcoder&src=typd
https://awswishlist.com/
I´m using AWS CLI and CloudFormation, and I could not find any reference in the documentation.
Does anybody know if it´s possible to create a CloudFormation template from a current configuration.
Let´s say that I want to get a CloudFormation template from my current security group configuration.
Any idea if it´s possible to export that configuration as a template using CLI?
Based on our experience we found 3 possible ways to translate existing manually deployed (from Web Console UI) AWS infra to Cloudformation (CF).
Using a new CloudFormation native introduced feature (since Nov 2019) that allows you to Import existing resources into a CloudFormation stack
Using aws cli execute $aws service_name_here describe for each element that make up your stack eg for RDS Database Stack:
RDS Instance -> Type: AWS::RDS::DBInstance,
RDS (EC2) SG -> Type: AWS::EC2::SecurityGroup,
RDS Subnet Group -> Type: AWS::RDS::DBSubnetGroup and
RDS DB Param Group -> Type: AWS::RDS::DBParameterGroup
And manually translate to CF based on the outputs obtained from the aws cli for each of the components. This approach usually requires more experience in both AWS and CF but the templates that you are creating can be structured and designed under good practices, fully parameterized (Sub, Ref, Join, Fn::GetAtt:, Fn::ImportValue), modular, applying conditions and in a 1st iteration the result would probably be close to the final state of the templates (interesting reference examples: https://github.com/widdix/aws-cf-templates/).
Extra points! :)
Some other new alternatives to export your current deployed AWS infra to Cloudformation / Terraform code:
https://former2.com
https://modules.tf
https://www.brainboard.co/
Related Article: https://medium.com/#exequiel.barrirero/aws-export-configuration-as-code-cloudformation-terraform-b1bca8949bca
It's not possible using the AWS CLI but you can use the CloudFormer [1] tool to create a CloudFormation template from existing resources. I've had decent success with it. The templates aren't as "pretty" as hand-made templates but they provide a good starting point.
[1] http://aws.amazon.com/developertools/6460180344805680
In addition to CloudFormer, you might want to take a look at Bellerophon: https://github.com/arminhammer/bellerophon.
I had some problems getting the tradidtional tools - mentioned above - working in our environment; we have a complicated API Gateway. Former2 didnt' find it at all (although seemed ideal for other resources)
I found another tool, "Terraformer" which extracts AWS into Terraform, which can then be turned into CloudFormation -or used directly as IaC.
https://github.com/GoogleCloudPlatform/terraformer#installation
Maybe that will work for others if the above tools don't.