1. Home
  2. Training Library
  3. Amazon Web Services
  4. Courses
  5. How to Use CloudFormation for AWS Automation

The anatomy of a CloudFormation Template


Getting Started with CloudFormation
The anatomy of a CloudFormation Template


Modern IT infrastructures can be quite complex and are usually built from many distinct components: computing instances, load balancers, storage volumes, CDNs, caching nodes, one or more database clusters, etc. You need to set up each component specifically for the environment that you are using (like production, staging, development, etc.), to keep them updated and to remove or swap components due to software changes. CloudFormation is a great tool that helps system administrators by managing these details automatically.

In this course, CloudAcademy's Senior DevOps Engineer, Antonio Angelino, will discuss how AWS CloudFormation works and how you can use it to build scalable infrastructures. AWS CloudFormation allows you to easily create sets of cloud resources such as Amazon EC2 instances, CloudFront distributions, RDS database instances, and other services by just writing a template file.

Intended Audience

This is an intermediate-level course, so you should have some experience with AWS and its basic services like EC2, ELB, AutoScaling, and RDS. Also, some knowledge of high availability concepts, the JSON file format, and Wordpress would be helpful to understand the ideas behind the practical part of the course and the template's syntax.

If you need to learn more about the AWS services cited here, please check our collection of AWS courses, in particular, the courses about EC2 and RDS. Also, if you want to test your knowledge on the basic topics covered in this course, check out our AWS questions.


The cornerstone of any CloudFormation powered infrastructure is the template file. Here is an empty CloudFormation template. As you can see there are seven main sections. The format version and date, the document description, set of parameters, conditional values, resources and output information. The only mandatory block is resources where you need to declare at least one resource. The AWS template format version is the variable that specifies the CloudFormation template version, against which the template was written. For example it may be equal to 2010-09-09.

Description is an optional field that you can use to describe your infrastructure. It's your template documentation. During the template creation you may need to dynamically choose what kind of EC2 instance should be use or how many database instances should be created.

You need to fill in the parameter section of your template. Thanks to the parameter set, you can pass values to resource services during the stack creation. A parameter can have a default value that is overwritten if you specify a value during the stack creation. You can create string, number or comma to limited parameters.

Numeric in string parameters can also be validated defining specific and strengths like minlength, allowed values or allowed pattern. Do you want to create an EC2 instance type parameter? Here's an example of how you can do it. If you don't specify the instance type T2.micro will be use.

CloudFormation automatically declare some parameters that are called pseudo parameters, for example, you can use AWS account ID to retrieve your account ID or AWS region to get the AWS region in which the in composing resource has been created. During the template creation you may need to specify some conditional parameters. Think about how to choose the right AMI during the EC2 instance creation. The same OS image usually has different IDs depending on the AWS region.

You can solve this problem using the mapping of set. In this example we specified four different AMI in order to be able to deploy your infrastructure in four different regions. The resources at is the main and mandatory section of a CloudFormation template. Here you declare the AWS resources that you want to manage.

You must declare one resource at least and each resource declaration includes three parts, an alpha numerical, logical name that is unique within the template, a resource type and properties for that resource. The logical name is use to reference the resource and other parts of the template. For example, if you want to map a security group or an EBS volume to an Amazon EC2 instance, your reference to logical IDs are both to specify the mapping. Resource properties are additional options that you can specify in a resource. Most resources require you to set resource specific property values before they can be created. The following examples shows the declaration of a resource named CloudVolume which declares three properties, size, snapshotID and availability zone. The optional condition section is where you define conditions that control whether serving resources are created or whether serving resource properties are assigned to value during stack creation or update. For example, you could conditionally create a resource depending on whether the stack is for a production or test environment. To create prod instance condition evaluates the true if the environment type parameter is equal to prod. The environment type parameter is an input parameter that you can specify when you create or update a stack. As you can see in this example there are two interesting keywords, fn and ref. Thanks to the ref function you specify the logical name of any resource to difference a value for another resource, parameter, output etcetera. For example, in the resource's section you might declare a security group resource with the logical name ProdSecurityGroup.

Elsewhere in another resource declaration you can use Ref:ProdSecurityGroup as the value for another resource's property. You can use the template output section to declare information to be pass back by the AWS CloudFormation describe stacks command. You can use literal values or AWS CloudFormation functions to declare output information. In the following example the output name URL returns the literal value cloudacademy.com

About the Author

Antonio is an IT Manager and a software and infrastructure Engineer with 15 years of experience in designing, implementing and deploying complex webapps.

He has a deep knowledge of the IEEE Software and Systems Engineering Standards and of several programming languages (Python, PHP, Java, Scala, JS).

Antonio has also been using and designing cloud infrastructures for five years, using both public and private cloud services (Amazon Web Services, Google Cloud Platform, Azure, Openstack and Vmware vSphere).

During his past working experiences, he designed and managed large web clusters, also developing a service orchestrator for providing automatic scaling, self-healing and a Disaster Recovery Strategy.

Antonio is currently the Labs Product Manager and a Senior DevOps Engineer at Cloud Academy; his main goal is providing the best learn-by-doing experience possible taking care of the Cloud Academy Labs platform.