Release: AWS CloudFormation on 2012-06-11
New Features in AWS CloudFormation
Identity and Access Management (IAM) Roles for EC2 Instances
AWS CloudFormation now allows you to use IAM Roles for EC2 instances to enable applications running on an Amazon EC2 instance to securely access your AWS resources.
New resources are available to support IAM roles:
New template snippets have also been added to the documentation with examples demonstrating the use of IAM roles.
- Controlling User Access with AWS Identity and Access Management
- Identity and Access Management (IAM) Template Snippets
Spot Prices for EC2 Instances with AutoScaling Groups
AWS CloudFormation now provides support for setting a spot price on EC2 Instances with AutoScaling. You can set a target maximum price and your instances will run only when the current spot price is less than your target maximum.
The following CloudFormation resource types have been updated to support spot instances:
A number of CloudFormation templates have been updated to support setting the spot price:
The StarCluster template has been updated to include the spot price as a parameter and to pass it in to the
starclustercommand, as shown here:/usr/bin/starcluster -c /home/ec2-user/.starcluster/config start -b ", { "Ref" : "SpotPrice" }, " ec2-cluster"
The Bees With Machine Guns template creates a swarm of "bees" (EC2 micro-instances) to load-test your web site. It includes a SpotPrice value in AWS::AutoScaling::LaunchConfiguration to limit the price at which the swarm will launch.
The Asynchronous Processing template adjusts the number of workers (EC2 instances) that are pulling data from an SQS queue, increasing the number of workers when the queue depth rises above a certain level and reducing it when the number of empty polls on the queue starts to grow. This template also includes a SpotPrice to limit the price at which the workers will launch.
For more information about these templates and for more information about using spot prices with your EC2 instances, see Jeff Barr's blog post on the Amazon Web Services Blog, and Using Auto Scaling to Launch Spot Instances in the AutoScaling Developer Guide.
Documentation Updates
Elastic Network Interface (ENI)
The documentation has been updated with information about using EC2 Elastic Network Interfaces (ENI) with CloudFormation. New topics are:
- AWS::EC2::NetworkInterface
- EC2 Network Interface Association
- EC2 Network Interface Attachment
- EC2 Network Interface Group Item
A template snippet using these features can be viewed in the CloudFormation documentation. For details, see: Elastic Network Interface (ENI) Template Snippets.
Fixes to AWS CloudFormation Resources and Types
A number of topics have been updated with new information and/or fixes:
AWS::EC2::SubnetNetworkAclAssociation has been updated to provide the correct properties.
AWS::Route53::RecordSet has been updated to correctly specify that TTL is not a required property, but that when it is included, ResourceRecords is also required.
AWS::EC2::NetworkAclEntry incorrectly specified Tags as a property. This has been fixed. If you want to specify tags for an access control list (ACL), you can do so on AWS::EC2::NetworkAcl.
Fn::GetAZs has been updated so the examples not semantically identical (specifying an empty string "" and specifying "AWS::Region" are equivalent.
AWS::EC2::DHCPOptions and AWS::EC2::VPCDHCPOptionsAssociation are now capitalized correctly, and the associated code snippets have corrected JSON syntax.
AWS CloudFormation Endpoints has been updated to provide a better description about an endpoint is, and to provide a link so that readers can find more information about them.
