Tag: AWS CloudFormation

In 2017, over 350,000 AWS customers used AWS CloudFormation to manage resources collected across 2.4M stacks. We added coverage for 14 new services and several new features. In this post, I’d like to look back at some features and new content that CloudFormation introduced in 2017, including: New AWS resources that you can provision with […]

The AWS CloudFormation team has been busy in the last couple of months, adding support for new resource types for recently released AWS services. In this post, I take a deep dive into using AWS Glue with CloudFormation. About AWS Glue AWS Glue was first announced at re:Invent in 2016, and was made generally available […]

AWS CloudFormation recently added support for these recently released AWS services: AWS Guard Duty is an automated threat-detection service that can be quickly enabled, does not require agents to be installed, and monitors unusual account usage using sources like AWS CloudTrail logs, DNS logs, and other sources. With the new AWS CloudFormation resource support, you […]

The grant least privilege best practice advises you to grant only the permissions that are required to perform a task. To follow this best practice you should determine what your users need to do and then design IAM policies that let users perform only those tasks. AWS Service Catalog extends the very same best practice. If you […]

AWS CloudFormation has always allowed you to customize your templates by using parameters for runtime input values. Parameters make your template code dynamically configurable, improving the reusability of your code. Previously, the only ways you could specify values for these parameters were to pass the plaintext values as arguments to the CloudFormation API, or hard […]

To manage access to the AWS Cloud, many companies prefer Enterprise Federation over AWS Identity and Access Management (IAM) users. Identity federation provides single sign-on (SSO) to access AWS accounts using credentials from the corporate directory. This method of accessing AWS allows companies to utilize their existing identity solutions, such as Active Directory (AD) or […]

The AWS Partner Network Blog has recently published a series describing a method to automate the creation of an IAM role for cross-account access, and how to collect the information needed for a partner to assume the role after creation. This post gives readers an overview of the series, summarizing each of the individual posts […]

This blog was updated on December, 6, 2023.  The updates included updating the AWS CloudFormation template to use Python 3.11 instead of Python 2.7.  Other minor changes were made to AWS Lambda, to accommodate Python version changes. “We want to get execution logs from our EC2 instances into S3,” my customer said. “Then we can […]

AWS CloudFormation provides the framework to define infrastructure-as-code in AWS and, until last year, this could only be written in JSON. However, in 2016, AWS added YAML 1.1 support for CloudFormation. Let’s take a look at some of the advantages of using YAML over JSON, as well as how to overcome some of the challenges […]

“I wonder what will happen if I touch these two wires together.” – Unix fortune If you’ve worked with cloud-hosted applications or large distributed architectures for any extended period of time, chances are you’ve heard colleagues invoke Murphy’s law: “Anything that can go wrong, will go wrong”. All of us have experienced one of those events in the […]