AWS Cloudformation - How to manually add/delete an export? - amazon-web-services

Is there a way to add/delete an export manually, say via the console? I could not find any info regarding this?

No. Everything in CloudFormation is controlled via the template file.
You would need to edit the template to add/remove the export, then update the stack to invoke the change.

Related

Cloudformation how to import existing resources into Stack?

We have a lot of resources created manually. How do I add them to CloudFormation stack without manually adding each of them in template? There are so many resources added manually, that's why it will take too much time If I start adding them manually one by one to template.
Update:
Looks like there is no other way than adding them to new template manually. I completed it by updating the infrastructure with new template for the resources that I wanted to sync on PROD env.
Yes, you have to do it manually. But to jump start the process you can use former2 tool, which can generate the cloudformation templates from existing resources for you.

AzureDevOps - Parameters question for YAML templates

Alright so I have no idea if this is possible, but I was told so by someone more experienced than me...
I have a pipeline in azure devops to create a cloud formation stack. The cloudformation stack is created from a template. The template requires some parameters
Currently i am passing the parameters through hardcoding the value in the template file. This is just for testing purposes.
But I was told that there is a way to, from azure devops, prompt the customer in a GUI like way and ask them for inputs that azure devops will then place to the template?
The GUI bit...is confusing for me. Hope this is clear if anyone can help?
Yes, you can.
When creating a first level yaml pipeline the parameters works like an input source for your pipeline execution.
Just declare your parameters and it's types and use it on your pipeline tals as you need.
For example:
Creating a parameter:
Running you pipeline:

Is CloudFormation not suitable for creating SSM documents?

I'm wondering if creating SSM documents via CloudFormation actually makes sense or if instead I should use another mechanism.
My concern is, that when the content changes, CloudFormation actually creates a new document and destroys the old one. In that process also the name of the document changes. The name cannot be hardcoded or CloudFormation complains with:
CloudFormation cannot update a stack when a custom-named resource requires replacing
With permanently changing names its going to be impossible to reference the document anywhere.
I haven't seen a possibility to create a new document version via CFN, as I can do manually in the AWS console.
What's best practice here?
I know I can create a custom CFN resource and deal with the document update in a lambda. But ain't there a simple solution?
The challenge you describe has, I think, been solved or mitigated by the (recently released?) UpdateMethod property for AWS::SSM::Document. Now, you can specify NewVersion for that property, and that will create a new version of the same document and set it as the default version.
See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html#cfn-ssm-document-updatemethod

Choosing active SES ReceiptRuleSet in CloudFormation / Troposphere

I am creating a ReceipRuleSet with troposphere like this :
ReceiptRuleSet(
title="SesRuleset",
RuleSetName="ses-ruleset"
)
However, when I upload the stack with the generated CloudFormation template, the RuleSet appears as inactive in SES.
Does anyone knows if there is a way to set the created RuleSet as active without having to interact with the online console nor the CLI ?
troposphere maintaner here. I don't actually know a ton about SES, but have you included the ReceiptRuleSet in a ReceiptRule? My guess is that if a RuleSet is not used by a Rule, it's probably inactive, since I can't see anything in either cloudformation or the API that would indicate you can set it to "active".
Unfortunately, this doesn't seem to be supported by Cloudformation. I found the following blog post leveraging a lambda doing an API call to activate the RuleSet after creation: https://binx.io/blog/2019/11/25/how-to-set-the-active-receipt-rule-set-in-ses-using-cloudformation/
This seemed one moving piece too many for me, so I'm currently activating the RuleSet through the console.

How Cloud Formation Works

I see that there are a lot of success stories using CloudFormation, we're planning to use it to make sure our Prod/Dev environments are identical. I heard that its a a great place to have a single file, in version control, for deploying multiple similar environments.
I've a doubt, lets say if I use CloudFormer and create a template of say my DB instance and save it GIT, and say in next 10-15 days I make couple of changes like add new volumes in instance to store DataFiles, or delete some volumes etc, Now, when I use that Template in say our Dev Environment will it reflect the volumes which I added/deleted. I mean how does it work behind the scene.
This is the basic way to use CloudFormation:
Create a JSON template describing your stack. You can write it manually, or write code that creates the JSON for you.
Create one or more stacks based on the template.
Whenever you want to change something, edit your template (always committing changes to version control) and update the stack(s).
You will often have several templates, where stacks based on one template uses resources created by stacks based on other templates. Outputs and parameters are good for coordinating this.
Most importantly: You should never change resources created using CloudFormation in any other way than by changing the stack template and updating the stack.
No, such changes would not be reflected automatically.
A CloudFormation template is a declarative description of AWS resources. When you create a Stack from a template, AWS will provision all resources described in the template. You can also update a stack with new resources or delete entire stacks.
ClodFormer is a separate tool that will scan you account for resources and create a template describing them.
So, if you create two stacks from the same template, they will be similar only after created, but totally separate lives thereafter. But you can have resources that are shared between stacks, for example, you can have one database stack that is referenced by two application stacks, if that makes sense to your environment.