Questions tagged [amazon-cloudformation]
Amazon Web Services CloudFormation is a JSON- or YAML-based templating system that can be used to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion. You can think of it as 'Infrastructure-as-code'.
265
questions
37
votes
5
answers
43k
views
AWS CloudFormation - Custom variables in templates
Is there any way to define shortcuts for often-used values derived from CloudFormation template parameters?
For example - I've got a script that creates a Multi-AZ Project stack with ELB name project ...
37
votes
1
answer
36k
views
using CloudFormation with an existing S3 bucket
Using CloudFormation, I want to set some of the properties in AWS::S3::Bucket on an existing bucket. In other words, I don't want to create the bucket, I just want to enforce some of the settings. ...
33
votes
3
answers
18k
views
How can I reuse existing resources in CloudFormation?
I have an S3 bucket as a resource in my CloudFormation template, with DeletionPolicy set to Retain. This works as expected: when deleting the stack, it does indeed retain the bucket. However, when I ...
27
votes
3
answers
26k
views
AWS CloudFormation: VPC default security group
I have a cfn stack that (among other things), creates a VPC, several security groups, and a handful of EC2 instances. It's trivial to assign security groups that are created within the stack to ...
23
votes
2
answers
12k
views
Aws vpc default route table in CloudFormation
Am I missing something but is there no way to add a route via CloudFormation to the default route table that comes provisioned with a VPC?
21
votes
3
answers
15k
views
Is it possible to force Re-creation of EC2::Instance or RDS::DBInstance in amazon cloudformation?
It's possible to force the re-creation of a EC2 or RDS instance using cloudformation stacks?
My stack goes stuck in a point where simply destroying and creating the resource will fix it, instead of ...
20
votes
2
answers
35k
views
How to upload a file into S3 bucket using CloudFormation script?
How do I upload a file into my AWS S3 bucket CloudFormation template?
AWSTemplateFormatVersion: '2010-09-09'
Resources:
S3Bucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: ...
20
votes
2
answers
30k
views
How do I get AWS CloudFormation to recreate a resource I manually deleted?
I'm experimenting with CloudFormation right now. I deployed a stack that included an AutoScalingGroup (and LaunchConfig and CloudFormation::Init), LoadBalancer, a single EC2 instance (and ...
16
votes
2
answers
15k
views
Can FindInMap return a list?
I'm using CloudFormation to deploy an ELB to a pre-existing VPC which has pre-existing Subnets. I've listed the subnets in a Mappings section of the template and select the mapping based on the ...
16
votes
4
answers
22k
views
Referring to an existing resource in CF Template
We have multiple CloudFormation scripts to create our stack.
Now, we want to write (automate) new scripts which will be used just to updated 1 specific resource (business requirement).
The thing ...
16
votes
5
answers
16k
views
in cloudformation is it possible to create a reusable string?
i have a string the is formed from a number of variables which i use for many different things such as Tags and host names.
is there a way of creating a reusable string that i can just Ref though ...
14
votes
4
answers
19k
views
Why doesn't the aws cloud formation install the packages that I specify?
I'm very new to the AWS services. I'm trying to use the AWS cloud formation and I created a template. The template is error free and I am able to create machines using that.
But I have added some ...
13
votes
4
answers
7k
views
AWS CloudFormation returning "Invalid request" when trying to create a AWS::Route53::RecordSet
I'm at a loss on this one.
99% of the time CloudFormation is pretty good at giving you some kind of debug message you can work with, but "Invalid request" has left me stumped, especially when the ...
13
votes
3
answers
7k
views
AWS Cloudformation and manual changes
I can't seem to find any documentation about what happens when you manually mess with Cloudformation's objects.
I see it tags its objects, but does it recover if, say, someone deletes a routing rule? ...
13
votes
1
answer
9k
views
How do I setup Route 53 to point to Api Gateway
I'm writing a Cloudformation config file to create a website all in one go. This includes, creating lambda functions, creating the API Gateway, Setting up a S3 Bucket, Creating the Route 53 zone and ...
12
votes
2
answers
14k
views
Conditional Property in AWS CloudFormation
We've got an AWS CloudFormation template for creating some EC2 instances. Some of those however require a specific PrivateIpAddress and I'm struggling to figure out how to incorporate that to the ...
11
votes
2
answers
9k
views
Cloudformation fails with "AMI cannot be described"
I made a change to my cloudformation template, just adding mappings, and userdata in the AWS::AutoScaling::LaunchConfiguration,
and now it fails to create my stack with the message "AMI cannot be ...
11
votes
1
answer
12k
views
How to retrieve AWS SNS Arn value
Im planning to use nested stack to create (SNS,ELB and application ) stacks.so
now once the sns is created i have to pass arn value to ELB and application json(cloud formation templates)so what is the ...
10
votes
4
answers
28k
views
Cloudformation can I create a new role referencing an existing policy?
At the moment I have a shared S3 bucket which has specific access to particular key paths (i.e. folders) for different instances. I've been able to create instance profile with my new role and test no ...
10
votes
2
answers
9k
views
Is it possible to update an existing EC2 security group from CloudFormation?
I have a manually created security group to access Redis, and I am creating a LAMP stack with AWS CloudFormation. I need to update the Amazon EC2 security group from Redis to allow access from this ...
10
votes
2
answers
6k
views
Can an AWS CloudFormation create a KeyPair to subsequently use when starting instances?
I would like to launch my stack using a keypair that is created as part of the CloudFormation.
Is that possible?
....
"Resources": {
"ReverseProxyKeyPair": {
"Type": "AWS::EC2::KeyPair"...
9
votes
1
answer
2k
views
Can't SSH into AWS CloudFormation Stack Instance
I have a scalable load balancer set up right now that was mostly followed from this template:
https://github.com/satterly/AWSCloudFormation-samples/blob/master/LAMP_Multi_AZ.template
After adjusting ...
8
votes
2
answers
16k
views
How do I associate an ssh key pair with the instance created by a stack in Amazon CloudFormation?
Previously I have created an EC2 instance based on an image. During the creation process the Amazon wizard created a key pair and then provided it to me so I could connect.
Now I am trying to use ...
8
votes
1
answer
21k
views
How to specify VPC and subnet in AWS CloudFormation template
I am trying to launch an example CloudFormation template as described in Getting Started with CloudFormation.
I removed the default VPC, added new one (10.0.0.0/16), and created a new subnet in it (10....
7
votes
5
answers
9k
views
AWS Cloudformation - can't add multiple subnet associations to a public routing table
We have a VPC with an Internet Gateway. We have 3 subnets (one in each AZ) and want to use one routing table for all three. This RT contains a rule to route 0.0.0.0/0 to the igw however when we try ...
7
votes
2
answers
558
views
generate permissions for cloudformation stack deployment
I have CloudFormation stack, which is frequently updated by a script (changing source AMIs for launch configuration). I would love to have it deployed by the same script, executed by non-privileged ...
7
votes
1
answer
3k
views
How can one configure an AWS ElasticSearch access policy using CloudFormation?
The AWS documentation on ElasticSearch access control talks about how to grant access to the ES domains subresources while preventing changes to the domain's configuration by creating an ES domain ...
6
votes
3
answers
9k
views
how to pull docker image on ECR using cloudformation template
I want to use docker image hosted on ECR and i want to automate the pull operation using cloudformation template.
I attached IAM role with ECR full access to ec2 instance and it doesn't work.
i am ...
6
votes
1
answer
9k
views
Cloud Formation template add ingress rule to existing security group
Problem scope
I have an application built using multiple cloud formation templates. They need to interact with each other but are too large/complicated to build in one template.
Detail of scenario
...
6
votes
1
answer
9k
views
Adding an existing security group CloudFormation EC2 template
Instead of having to set ingress and egress rules, how do I reference existing EC2 security groups in a CloudFormation Template?
Resources:
EC2Instance:
Type: AWS::EC2::Instance
...
6
votes
2
answers
11k
views
AWS Fargate task fails ELB health checks
How can I troubleshoot it further? I am trying to run a simple nginx container but the load balancer complains that health checks are failed and the task does not respond on its ip number, likely ...
6
votes
3
answers
3k
views
Determine IAM requirements for Cloudformation Stack
I'm currently developing and launching a relatively simple cloudformation stack. Just some simple RDS stuff, triggered through and external CI+CD service.
However, my current cycle for development is ...
5
votes
1
answer
3k
views
Specifying a VPC in a CloudFormation template for an EC2 instance
I'm launching an EC2 instance via a CloudFormation template, however, the specified instance t2.micro requires a VPC.
How do I specify a VPC in the CloudFormation template?
Here's my template:
{
...
5
votes
1
answer
8k
views
AWS::CloudFormation::Init not executing commands
I'm trying to get ansible installed on an instance. I figured I could use AWS::CloudFormation::Init to execute sudo pip install ansible. That doesn't seem to be working, though. This is my instance ...
5
votes
1
answer
9k
views
Passing parameters to AWS Lambda
I'm trying to write a CloudFormation template that subscribes a Lambda function to a CloudWatch Logs LogGroup. This Lambda function should then parse the logs and put them in to an Amazon ES cluster.
...
5
votes
2
answers
11k
views
Cloudformation intrinsic function Fn::Sub mapping
I don't understand why Fn::Sub in this template is not working.
I get the following error:
Template contains errors.: Template error: One or more Fn::Sub intrinsic functions don't specify expected ...
5
votes
3
answers
4k
views
Is it possible to populate an S3 bucket through a CloudFormation template?
I need to store some files for my CF template (GraphQL schema, Lambda source, etc) into an S3 bucket that will also (hopefully) be defined in the same template, as that seems to be the only way ...
5
votes
2
answers
2k
views
Can we register domain in AWS route 53 via cloudformation?
I am new Cloudformation and I am trying to find a Cloudformation script to register the domain, say example.com under Route53. I looked at cloudformation pdf and found nothing related to domain ...
5
votes
3
answers
8k
views
How do I create DNS entries for EC2 instances created by Auto Scaling?
I'm looking into using auto scaling groups for a tier of webservers that would be fronted by an ELB. One of the things I'm having a hard time with is how to give each new instance the proper DNS name....
5
votes
1
answer
13k
views
Received 0 SUCCESS signal(s) out of 1. Unable to satisfy 100% MinSuccessfulInstancesPercent requirement
I am running this template in cloud formation to create auto scaling in ubuntu-18.04 machine and it will rollback the all instances automatically that is created by this template and giving such error ...
5
votes
1
answer
5k
views
Autoscaling health checks fail in Amazon-provided ECS CloudFormation template.
I am attempting to stand up a new ECS cluster using the CloudFormation ECS Service template AWS provided here as a guide. My ECS instances boot within the AutoScaling group, but then fail a health ...
5
votes
0
answers
1k
views
CloudFormation fails deleting a stack if a hostedzone contains non-required records, how can it be avoided?
I wrote a CloudFormation template which creates a whole environment which includes the creation of VPC, HostedZone, Subnets, Autoscaling Groups, etc...
The servers which are created and are members ...
4
votes
4
answers
17k
views
Amazon CloudFormation: How to get an ELB's private IP for a specific subnet?
TL;DR - Is it possible for a CloudFormation template to insert the subnet-specific internal IP address of a specific ELB into the UserData of an instance within that subnet?
We have a fleet of EC2 ...
4
votes
3
answers
8k
views
AWS Cloud Formation.Requires capabilities : [CAPABILITY_IAM] (Child Stack)
IMPORTANT
I'm building the TemplateURL dynamically.
"TemplateURL" : { "Fn::Join" : ["", [ { "Ref" : "TemplateURL"}, "substack.template" ]] }
I'm running a CloudFormation template in the AWS ...
4
votes
1
answer
951
views
How to connect instances in CloudFormation
We would like to create a template for a fairly standard stack in AWS. We need three layers.
Layer: Elastic Load Balancer
Layer: several web servers which are created / destroyed according to alarms ...
4
votes
1
answer
8k
views
Assigning a public ip to an ec2 in cloudformation?
In the vpc I am using on aws ec2's do not get a public ip address by default. I am trying to add one manually after referencing this and this bit of documentation.
Currently my cloudformation ...
4
votes
1
answer
6k
views
Create new EC2 instance with existing EBS volume as root device using CloudFormation
I'm trying to mount an existing volume to a new EC2 Windows instance using CloudFormation. This seems like something that should be possible.
Big Picture
I have a vendor provided AMI which installs ...
4
votes
2
answers
6k
views
How to fix / why are Conditions causing Unresolved resource dependencies
Edit
Original details below.
In the process of chasing this down, I've now narrowed it down to the fact that this security group
DatabaseSecurityGroup:
Type: AWS::EC2::SecurityGroup
...
4
votes
1
answer
2k
views
Run EC2 instance into specific non-default VPC in random subnet
I have a problem and I expect that someone help me.
I'm working with AWS and I have 2 VPC. The default VPC an another VPC created by me. Each VPC has 3 subnets in differents AZ (eu-west-1a, eu-west-...
4
votes
1
answer
1k
views
Per-instance alarms inside auto-scaling groups in CloudFormation
Basically what it ways on the tin, how can I create individual per-instance alarms inside an auto-scaling group created with a CloudFormation template?
I can reference the ASG itself in an alarm and ...