1 00:00:00,049 --> 00:00:02,125 ‫We are getting to the fascinating section 2 00:00:02,125 --> 00:00:04,538 ‫of CloudFormation, and CloudFormation is one 3 00:00:04,538 --> 00:00:06,607 ‫of my favorite topic in AWS. 4 00:00:06,607 --> 00:00:09,225 ‫It is something I could talk about for hours and hours, 5 00:00:09,225 --> 00:00:11,775 ‫but I'll try to make it short for you and for this exam. 6 00:00:11,775 --> 00:00:13,897 ‫So infrastructure as code, what is it? 7 00:00:13,897 --> 00:00:16,686 ‫Well currently we've been doing a hell lot of manual work. 8 00:00:16,686 --> 00:00:19,721 ‫We've been doing manual work, we've automated it 9 00:00:19,721 --> 00:00:22,033 ‫a little bit with Elastic Beanstalk, 10 00:00:22,033 --> 00:00:25,433 ‫we've set up our Pipelines to be able to automate our CICD 11 00:00:25,433 --> 00:00:28,369 ‫using CodeBuild etc. and CodePipeline. 12 00:00:28,369 --> 00:00:31,621 ‫But, all this manual work that we've been is kind of tough 13 00:00:31,621 --> 00:00:33,661 ‫to reproduce right, if we want to reproduce it 14 00:00:33,661 --> 00:00:35,439 ‫in another region, here we go again, 15 00:00:35,439 --> 00:00:37,109 ‫we click click click click everywhere 16 00:00:37,109 --> 00:00:38,344 ‫and that's a bit boring. 17 00:00:38,344 --> 00:00:40,273 ‫If you wanted to do it in another AWS account, 18 00:00:40,273 --> 00:00:43,503 ‫that would be even more painful, or even if someone went 19 00:00:43,503 --> 00:00:46,334 ‫ahead in my company and deleted everything, 20 00:00:46,334 --> 00:00:49,419 ‫for me to recreate all in my region 21 00:00:49,419 --> 00:00:50,977 ‫that would be a nightmare. 22 00:00:50,977 --> 00:00:52,772 ‫So what we'd like to have really, 23 00:00:52,772 --> 00:00:55,522 ‫is our infrastructure to be code. 24 00:00:56,598 --> 00:00:59,275 ‫And so that's a new concept and this is, 25 00:00:59,275 --> 00:01:02,063 ‫quite a new phenomenon, a new trend in the IT world 26 00:01:02,063 --> 00:01:04,341 ‫called infrastructure as code. 27 00:01:04,341 --> 00:01:07,071 ‫And so that means this code that we're going to write, 28 00:01:07,071 --> 00:01:10,845 ‫we'll be able to deploy it and it will in turn create, 29 00:01:10,845 --> 00:01:13,725 ‫update and delete our infrastructure. 30 00:01:13,725 --> 00:01:15,747 ‫This is where CloudFormation comes in. 31 00:01:15,747 --> 00:01:18,705 ‫CloudFormation is going to be a declarative way 32 00:01:18,705 --> 00:01:22,498 ‫of outlining your AWS Infrastructure, for any kind 33 00:01:22,498 --> 00:01:24,902 ‫of resources and most of them are supported. 34 00:01:24,902 --> 00:01:28,948 ‫For example, let's take a high level pseudo CloudFormation 35 00:01:28,948 --> 00:01:32,178 ‫template and we say I want a security group and I want 36 00:01:32,178 --> 00:01:34,270 ‫two EC2 machines using this group, 37 00:01:34,270 --> 00:01:36,073 ‫I want two Elastic IPs for these machines, 38 00:01:36,073 --> 00:01:37,201 ‫and I want an S3 bucket, 39 00:01:37,201 --> 00:01:40,073 ‫and by the way I want a load balancer that is connected 40 00:01:40,073 --> 00:01:41,254 ‫to these machines. 41 00:01:41,254 --> 00:01:44,731 ‫So we say in a declarative way, this is declarative, 42 00:01:44,731 --> 00:01:47,680 ‫what we want CloudFormation to do, and then CloudFormation 43 00:01:47,680 --> 00:01:50,860 ‫creates all these things for us in the right order, 44 00:01:50,860 --> 00:01:53,512 ‫with the exact configuration that we specify 45 00:01:53,512 --> 00:01:55,270 ‫and so that's kind of nice. 46 00:01:55,270 --> 00:01:57,719 ‫So benefits of CloudFormation but I guess you've already 47 00:01:57,719 --> 00:01:59,956 ‫got a good idea of them, is that number one we get our 48 00:01:59,956 --> 00:02:02,300 ‫infrastructure as code, so no resources 49 00:02:02,300 --> 00:02:05,516 ‫will be manually created, which is excellent for control. 50 00:02:05,516 --> 00:02:08,694 ‫All the code can be version controlled for example using git 51 00:02:08,694 --> 00:02:11,822 ‫so we can version control our CloudFormation which is nice. 52 00:02:11,822 --> 00:02:14,423 ‫And, all the changes to the infrastructure will 53 00:02:14,423 --> 00:02:17,567 ‫be reviewed through code review which is also very nice. 54 00:02:17,567 --> 00:02:20,297 ‫In terms of cost, CloudFormation itself is free, 55 00:02:20,297 --> 00:02:24,114 ‫but each stack that you create has an identifier, 56 00:02:24,114 --> 00:02:28,117 ‫and so you can easily track the cost of a stack, 57 00:02:28,117 --> 00:02:30,649 ‫and you can estimate the cost of your resources using 58 00:02:30,649 --> 00:02:32,775 ‫the CloudFormation template itself. 59 00:02:32,775 --> 00:02:34,162 ‫So if you want to have a savings strategy 60 00:02:34,162 --> 00:02:37,444 ‫using CloudFormation, in your development environment, 61 00:02:37,444 --> 00:02:40,108 ‫or your small AWS account, you could automate the deletion 62 00:02:40,108 --> 00:02:42,612 ‫of all the templates at 5pm and then recreate them 63 00:02:42,612 --> 00:02:46,368 ‫at 8am safely, and so because your infrastructure is code, 64 00:02:46,368 --> 00:02:49,292 ‫everything will come back up and you save a lot of money. 65 00:02:49,292 --> 00:02:51,801 ‫Other benefits of CloudFormation is going to be productivity 66 00:02:51,801 --> 00:02:54,630 ‫so you're able to destroy and recreate your infrastructure 67 00:02:54,630 --> 00:02:56,942 ‫on the fly as many times as you want. 68 00:02:56,942 --> 00:02:58,286 ‫You can automate the generation 69 00:02:58,286 --> 00:03:00,104 ‫of diagrams for your templates which is quite nice 70 00:03:00,104 --> 00:03:01,659 ‫if you create presentations. 71 00:03:01,659 --> 00:03:02,910 ‫And it's declarative programming, 72 00:03:02,910 --> 00:03:05,382 ‫so you don't need to figure out what goes before what, 73 00:03:05,382 --> 00:03:07,772 ‫in terms of ordering or orchestration, 74 00:03:07,772 --> 00:03:10,082 ‫CloudFormation tracks and does that for you. 75 00:03:10,082 --> 00:03:11,963 ‫There's a true separation of concern as well, 76 00:03:11,963 --> 00:03:14,722 ‫so you can have as many stacks as you want for many apps 77 00:03:14,722 --> 00:03:16,331 ‫and many layers, and so it's quite common to have 78 00:03:16,331 --> 00:03:18,448 ‫a VPC CloudFormation stack that creates 79 00:03:18,448 --> 00:03:20,477 ‫all the networks into the Subnet. 80 00:03:20,477 --> 00:03:22,646 ‫There is an application stack so for each application 81 00:03:22,646 --> 00:03:25,058 ‫you'll deploy, there's gonna be an application 82 00:03:25,058 --> 00:03:27,914 ‫confirmation stack and so that's something we actually see 83 00:03:27,914 --> 00:03:31,296 ‫already with Elastic Beanstalk, each time we created 84 00:03:31,296 --> 00:03:34,059 ‫an environment in Elastic Beanstalk, it went ahead 85 00:03:34,059 --> 00:03:37,747 ‫and created a CloudFormation template behind the scenes. 86 00:03:37,747 --> 00:03:39,430 ‫And so the idea is that we want to reuse 87 00:03:39,430 --> 00:03:41,741 ‫as much work out there, so we're not going to reinvent 88 00:03:41,741 --> 00:03:44,098 ‫the wheel, there's a lot of CloudFormation templates 89 00:03:44,098 --> 00:03:46,061 ‫on the web that we can already leverage. 90 00:03:46,061 --> 00:03:49,309 ‫And we can also leverage documentation which is huge, 91 00:03:49,309 --> 00:03:52,681 ‫by the way, and hard to navigate sometimes, 92 00:03:52,681 --> 00:03:54,312 ‫but on the documentation there 93 00:03:54,312 --> 00:03:55,853 ‫is everything you will ever know. 94 00:03:55,853 --> 00:03:57,339 ‫So CloudFormation, how do they work? 95 00:03:57,339 --> 00:04:00,214 ‫Well we will upload the templates in AmazonS3 behind 96 00:04:00,214 --> 00:04:03,487 ‫the scenes and CloudFormation pulls them from S3, 97 00:04:03,487 --> 00:04:05,688 ‫and so when we want to update the template we actually 98 00:04:05,688 --> 00:04:09,181 ‫can't edit a previous template, we'll see it in the next 99 00:04:09,181 --> 00:04:11,638 ‫lecture anyway, what we have to do is re upload 100 00:04:11,638 --> 00:04:14,247 ‫a new version of the template to AWS, 101 00:04:14,247 --> 00:04:16,024 ‫and then CloudFormation will do the difference 102 00:04:16,024 --> 00:04:18,650 ‫and figure out what it needs to do to update 103 00:04:18,650 --> 00:04:20,716 ‫from version one to version two. 104 00:04:20,716 --> 00:04:23,070 ‫Stacks will be identified by a name and the names 105 00:04:23,070 --> 00:04:25,315 ‫can be very long, and if you delete a stack 106 00:04:25,315 --> 00:04:28,007 ‫every single artifact, anything that was created 107 00:04:28,007 --> 00:04:30,455 ‫through the CloudFormation stack will be deleted with it. 108 00:04:30,455 --> 00:04:32,960 ‫So it's really nice because you can delete all 109 00:04:32,960 --> 00:04:34,973 ‫these resources that have been created with one click, 110 00:04:34,973 --> 00:04:38,212 ‫and so you're sure that you're not leaving anything behind. 111 00:04:38,212 --> 00:04:41,241 ‫Now to deploy CloudFormation templates, there's a manual way 112 00:04:41,241 --> 00:04:44,308 ‫in which we edit templates and do CloudFormation designer, 113 00:04:44,308 --> 00:04:46,289 ‫and using the console to input parameters, 114 00:04:46,289 --> 00:04:48,788 ‫and then the automated way which is to edit templates in 115 00:04:48,788 --> 00:04:50,845 ‫the YAML file using a text editor, 116 00:04:50,845 --> 00:04:53,735 ‫and then you use the Amazon CLI or Command Line Interface 117 00:04:53,735 --> 00:04:55,375 ‫to deploy the templates. 118 00:04:55,375 --> 00:04:56,956 ‫It's the recommended way when you want 119 00:04:56,956 --> 00:05:00,049 ‫to have some automation out of your flow, 120 00:05:00,049 --> 00:05:01,997 ‫but you're free to choose either manual or automate, 121 00:05:01,997 --> 00:05:03,376 ‫I think they're both fine. 122 00:05:03,376 --> 00:05:05,839 ‫In terms of the building blocks, you're going to learn 123 00:05:05,839 --> 00:05:07,796 ‫about those in this section quite a lot. 124 00:05:07,796 --> 00:05:09,792 ‫But there's the template components 125 00:05:09,792 --> 00:05:11,687 ‫and so we'll get the resources 126 00:05:11,687 --> 00:05:13,882 ‫and so the resources are basically the AWS resources 127 00:05:13,882 --> 00:05:15,179 ‫that we'll declare in the template 128 00:05:15,179 --> 00:05:18,554 ‫and that has to be a mandatory section, 129 00:05:18,554 --> 00:05:20,154 ‫your CloudFormation template cannot work 130 00:05:20,154 --> 00:05:22,475 ‫if you don't specify resources. 131 00:05:22,475 --> 00:05:26,070 ‫So resources can be EC2 machines, Elastic IPs, 132 00:05:26,070 --> 00:05:28,162 ‫security groups, load balancers, 133 00:05:28,162 --> 00:05:30,745 ‫name it, everything you can think of really. 134 00:05:30,745 --> 00:05:32,829 ‫And parameters, so these are dynamic inputs that 135 00:05:32,829 --> 00:05:34,260 ‫you can ask for your templates, 136 00:05:34,260 --> 00:05:36,402 ‫so users will just reference those. 137 00:05:36,402 --> 00:05:39,139 ‫Mappings which are static inputs for your templates, 138 00:05:39,139 --> 00:05:40,203 ‫static varialbles. 139 00:05:40,203 --> 00:05:42,770 ‫Outputs which is basically saying okay out 140 00:05:42,770 --> 00:05:45,474 ‫of our template we can export some stuff 141 00:05:45,474 --> 00:05:47,700 ‫and other templates can reference it. 142 00:05:47,700 --> 00:05:49,801 ‫Conditionals which are a list of conditions, 143 00:05:49,801 --> 00:05:53,922 ‫so if statements basically to control what gets created. 144 00:05:53,922 --> 00:05:57,585 ‫And Metadata overall we'll see a deep dive into all of those 145 00:05:57,585 --> 00:05:59,464 ‫so don't worry too much, you'll get to understand 146 00:05:59,464 --> 00:06:01,035 ‫them in their own time. 147 00:06:01,035 --> 00:06:03,000 ‫And for templates you get helpers and so 148 00:06:03,000 --> 00:06:06,053 ‫you can use references so you can basically link your stuff 149 00:06:06,053 --> 00:06:08,161 ‫within your template, and you can use functions 150 00:06:08,161 --> 00:06:11,016 ‫to transform data within your templates. 151 00:06:11,016 --> 00:06:14,108 ‫So high level I'll review again but I just wanted to give 152 00:06:14,108 --> 00:06:15,191 ‫you this 101. 153 00:06:16,085 --> 00:06:17,872 ‫Now this is an introduction to CloudFormation, 154 00:06:17,872 --> 00:06:20,327 ‫to me it takes over 3 hours to properly learn 155 00:06:20,327 --> 00:06:22,970 ‫and master CloudFormation, and I do teach somewhere else, 156 00:06:22,970 --> 00:06:26,073 ‫so this section is really meant for you to get a good idea 157 00:06:26,073 --> 00:06:28,980 ‫of how it works, but not drill too deep into it 158 00:06:28,980 --> 00:06:31,862 ‫because it's not needed for the exam, 159 00:06:31,862 --> 00:06:34,557 ‫so we'll be slightly less hands-on than in other sections 160 00:06:34,557 --> 00:06:36,412 ‫but still hands-on enough so you get a good idea 161 00:06:36,412 --> 00:06:37,653 ‫of how things work. 162 00:06:37,653 --> 00:06:40,106 ‫We'll learn everything anyway to answer questions for 163 00:06:40,106 --> 00:06:42,447 ‫the exam so do not worry about this, 164 00:06:42,447 --> 00:06:44,996 ‫and the exam does not require you to actually write 165 00:06:44,996 --> 00:06:48,159 ‫CloudFormation, it mostly will ask you about what feature 166 00:06:48,159 --> 00:06:51,191 ‫should you use yo perform x, y, z, 167 00:06:51,191 --> 00:06:53,305 ‫and so you should be fine. 168 00:06:53,305 --> 00:06:54,804 ‫So the exam though, expects you to understand 169 00:06:54,804 --> 00:06:56,888 ‫how to read CloudFormation, and we're going to read 170 00:06:56,888 --> 00:06:58,633 ‫a lot of CloudFormation this course. 171 00:06:58,633 --> 00:07:00,417 ‫So that was a short introduction to CloudFormation, 172 00:07:00,417 --> 00:07:02,654 ‫in the next lecture we'll go ahead with a small example 173 00:07:02,654 --> 00:07:04,923 ‫to get an idea of how it actually works 174 00:07:04,923 --> 00:07:05,881 ‫so see you in the next lecture.