Selectively provisioning AWS resources by setting conditions on Cloud Formation
In the world of cloud computing, it’s essential to deploy resources smartly. Our guide walks you through using AWS CloudFormation to make resource creation flexible and cost-effective. We explain how to set conditions based on whether you’re in a testing or production environment, allowing you to choose the right resources for each. We’ve made it easy with step-by-step instructions using AWS Cloud9 and AWS CLI. Learn how to create instances selectively and even adjust their types based on your needs. This blog isn’t just theory — it’s a practical guide for real-world situations, helping you save costs and work efficiently. Come along as we make cloud resource management a breeze!
Prerequisites
- Have an AWS account. If you don’t have one, sign up here and enjoy the benefits of the Free-Tier Account
- View project files
AWS Cloud9 Setup
- Search for
cloud9on the AWS Console and click on it.
2. Click on Create environment
3. Configure as shown below then click on Create at the bottom:
4. Open the environment
5. Clone the repository to the working directory. On the terminal, run
git clone https://github.com/aws-samples/cfn101-workshop6. Ensure that you are running AWS CLI Version 2 by running aws --version. The result should have aws-cli/2.X.X
7. If running on Version 1, please update using the provided script. Make the script executable by running chmod +x cfn101-workshop/code/solutions/cloud9/awscliv2.sh then run the script using source cfn101-workshop/code/solutions/cloud9/awscliv2.sh
Setting Conditions
- Change the directory to:
code/workspace/conditions - Open the
condition-resource.yamltemplate - Add the content below to the template
Parameters:
LatestAmiId:
Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
Default: /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2
EnvType:
Description: Specify the Environment type of the stack.
Type: String
AllowedValues:
- test
- prod
Default: test
ConstraintDescription: Specify either test or prod.4. Next, we describe the IsProduction a condition that evaluates whether the EnvType parameter is equal to prod. Append the following to the file content
Conditions:
IsProduction: !Equals
- !Ref EnvType
- prod5. Next, we associate conditions to resources we want to conditionally provision based on the IsProduction condition. In the following example, you associate the Volume and MountPoint resources with IsProduction. Therefore, these resources are created only when the IsProduction condition is true: that is, if the EnvType parameter value is equal to prod. Otherwise, only the EC2 instance resource will be provisioned.
Append the following code to the template file:
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: !Ref LatestAmiId
InstanceType: t2.micro
MountPoint:
Type: AWS::EC2::VolumeAttachment
Properties:
InstanceId: !Ref EC2Instance
VolumeId: !Ref Volume
Device: /dev/sdh
Condition: IsProduction
Volume:
Type: AWS::EC2::Volume
Properties:
Size: 2
AvailabilityZone: !GetAtt EC2Instance.AvailabilityZone
Encrypted: true
Condition: IsProductionDeploying the Test Environment
Here, we will pass test as the EnvType and observe the provisioned resources
- In the Cloud9 terminal navigate to
code/workspace/conditions:
cd cfn101-workshop/code/workspace/conditions2. Use the AWS CLI to create the stack. The required parameters have been pre-filled for you (test as the EnvType)
aws cloudformation create-stack --stack-name cfn-workshop-condition-test \
--template-body file://condition-resource.yaml \
--parameters ParameterKey="EnvType",ParameterValue="test"3. If the create-stack command was successfully sent, CloudFormation will return StackId.
4. Open the CloudFormation console to check if the stack status is CREATE_COMPLETE
5. Click on the stack name link and under the resources tab, you will be the resources created by the stack. In this case, only an EC2Instance
6. You will also see the corresponding instance created by the stack on the EC2 console
Deploying the Prod Envionment
- Run the
create-stackcommand on theCloud9terminal but this time set theParameterValuetoprod
aws cloudformation create-stack --stack-name cfn-workshop-condition-prod \
--template-body file://condition-resource.yaml \
--parameters ParameterKey="EnvType",ParameterValue="prod"
2. Open the CloudFormation console to check if the stack status is CREATE_COMPLETE
3. Once complete, click on the stack name and on the resources tab, you will see the resources created by the stack ie EC2Instance, MountPoint and Volume
Great, now we can conditionally create resources.
Let’s now look at another conditioning concept
Defining Conditions at the Property Level
Let’s assume that you wanted to create a t2.micro instance for the test environment and an t2.small instance for the production environment. Let’s see how to do that.
- Make sure you are in the following directory on
Cloud9:code/workspace/conditions - open the
condition-resource-property.yamlfile - Append the following template onto the file (This part is similar to the previous template):
Parameters:
LatestAmiId:
Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
Default: /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2
EnvType:
Description: Specify the Environment type of the stack.
Type: String
AllowedValues:
- test
- prod
Default: test
ConstraintDescription: Specify either test or prod.
Conditions:
IsProduction: !Equals
- !Ref EnvType
- prod4. Next, let’s wire up the IsProduction condition to conditionally specify a property values. In this example, you use the Fn::if intrinsic function , in its YAML short form, to evaluate if the IsProduction condition is true: if that is the case, the t2.small property value will be used for InstanceType; otherwise, t2.micro will be used if the condition is false. Copy and append the following code to the template:
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: !Ref LatestAmiId
InstanceType: !If [IsProduction, t2.small, t2.micro]This means that if IsProduction is True, deploy a t2.small instance, otherwise, deploy a t2.micro instance
Deploying the stack with property level conditions
- Deploy the
teststack by running the following command on the Cloud9 terminal
aws cloudformation create-stack --stack-name cfn-workshop-condition-property-test \
--template-body file://condition-resource-property.yaml \
--parameters ParameterKey="EnvType",ParameterValue="test"2. Confirm the instance type of the instance created by the stack
3. Deploy the prod stack by running the following command on the Cloud9 terminal
aws cloudformation create-stack --stack-name cfn-workshop-condition-property-prod \
--template-body file://condition-resource-property.yaml \
--parameters ParameterKey="EnvType",ParameterValue="prod"4. Confirm the instance type of the instance created by the stack
Great, now we can provision diferrent property resources based on conditions.
Clean up
- Navigate to the
CloudFormationconsole and click onstacks. - Select one of the stacks deployed during this lab and click on
Delete. Thestatuschanges fromCREATE_COMPLETEtoDELETE_IN_PROGRESS
3. Repeat the process for all the other stacks. Once the stacks are deleted, they disappear from the stacks page. On success, all resources created by the stacks are terminated.
Conclusion
In conclusion, mastering the art of setting conditions in AWS CloudFormation opens the door to efficient resource management tailored to your specific needs. By strategically adapting deployments based on environment types, we empower users to optimize costs and enhance operational flexibility. The step-by-step examples provided using AWS Cloud9 and AWS CLI demonstrate the simplicity and practicality of implementing conditions at both stack and property levels. With this knowledge, you’re equipped to navigate the complexities of AWS CloudFormation with confidence, ensuring your cloud infrastructure aligns seamlessly with your operational goals. Happy cloud provisioning!
