Searching in

Enter search term to find items
to navigate, to select, and to close

AWS CloudFormation Best Practices

Posted on by Nithin Mohan TK 1 min read

CloudFormation remains the most common IaC tool for AWS. Here are best practices I’ve learned from production deployments.

Template Organization

  • Use nested stacks for large deployments
  • One template per service or component
  • Organize parameters at the top
  • Use conditions for environment differences

Useful Intrinsic Functions

Resources:
  MyBucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: !Sub "${AWS::StackName}-${AWS::Region}-data"
      Tags:
        - Key: Environment
          Value: !Ref Environment
        - Key: CostCenter
          Value: !If [IsProd, "prod-budget", "dev-budget"]

Stack Policies

Protect critical resources from accidental updates or deletion:

{
  "Statement": [{
    "Effect": "Deny",
    "Action": "Update:Replace",
    "Principal": "*",
    "Resource": "LogicalResourceId/ProductionDatabase"
  }]
}

Change Sets

Always preview changes before applying:

aws cloudformation create-change-set \
  --stack-name MyStack \
  --change-set-name MyChanges \
  --template-body file://template.yaml

References

Discover more from C4: Container, Code, Cloud & Context

Subscribe to get the latest posts sent to your email.

Posted in Uncategorized
Tagged

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.