AWS Management Tools Blog

Category: AWS CloudFormation*

Recovering AWS CloudFormation stacks using ContinueUpdateRollback

AWS CloudFormation treats a stack as a collection of AWS resources that customers can manage as a single unit. After you launch a stack, you can use the AWS CloudFormation console, API, or AWS CLI to update resources in your stacks. You should not make any changes to stack resources outside of CloudFormation. This is […]

Read More

AWS CloudFormation: 2017 in Review

In 2017, over 350,000 AWS customers used AWS CloudFormation to manage resources collected across 2.4M stacks. We added coverage for 14 new services and several new features. In this post, I’d like to look back at some features and new content that CloudFormation introduced in 2017, including: New AWS resources that you can provision with […]

Read More

How to secure infrequently used EC2 instances with AWS Systems Manager

Many organizations have predictable spikes in the usage of their applications and services. For example, retailers see large spikes in usage during Black Friday or Cyber Monday. The beauty of Amazon Elastic Compute Cloud (Amazon EC2) is that it allows customers to quickly scale up their compute power to meet these demands. However, some customers […]

Read More

Analyzing Bitcoin Data: AWS CloudFormation Support for AWS Glue

The AWS CloudFormation team has been busy in the last couple of months, adding support for new resource types for recently released AWS services. In this post, I take a deep dive into using AWS Glue with CloudFormation. About AWS Glue AWS Glue was first announced at re:Invent in 2016, and was made generally available […]

Read More

AWS CloudFormation Update: AWS Guard Duty, Amazon Inspector, and Service Discovery, plus 40 resource updates

AWS CloudFormation recently added support for these recently released AWS services: AWS Guard Duty is an automated threat-detection service that can be quickly enabled, does not require agents to be installed, and monitors unusual account usage using sources like AWS CloudTrail logs, DNS logs, and other sources. With the new AWS CloudFormation resource support, you […]

Read More

Integrating AWS CloudFormation with AWS Systems Manager Parameter Store

AWS CloudFormation has always allowed you to customize your templates by using parameters for runtime input values. Parameters make your template code dynamically configurable, improving the reusability of your code. Previously, the only ways you could specify values for these parameters were to pass the plaintext values as arguments to the CloudFormation API, or hard […]

Read More

Automating IAM Roles For Cross-Account Access Series Overview

The AWS Partner Network Blog has recently published a series describing a method to automate the creation of an IAM role for cross-account access, and how to collect the information needed for a partner to assume the role after creation. This post gives readers an overview of the series, summarizing each of the individual posts […]

Read More

How to Export EC2 Instance Execution Logs to an S3 Bucket Using CloudWatch Logs, Lambda, and CloudFormation

“We want to get execution logs from our EC2 instances into S3,” my customer said. “Then we can store them and process them later, for optimization, audit, and security review, and so on. We’d like to do it in our CloudFormation stacks, as that’s our execution standard. Can you help us?” This blog post shows […]

Read More

The Virtues of YAML CloudFormation and Using CloudFormation Designer to Convert JSON to YAML

AWS CloudFormation provides the framework to define infrastructure-as-code in AWS and, until last year, this could only be written in JSON. However, in 2016, AWS added YAML 1.1 support for CloudFormation. Let’s take a look at some of the advantages of using YAML over JSON, as well as how to overcome some of the challenges […]

Read More

AWS CloudFormation Guardrails: Protecting your Stacks and Ensuring Safer Updates

“I wonder what will happen if I touch these two wires together.” – Unix fortune If you’ve worked with cloud-hosted applications or large distributed architectures for any extended period of time, chances are you’ve heard colleagues invoke Murphy’s law: “Anything that can go wrong, will go wrong”. All of us have experienced one of those events in the […]

Read More