Why We Use AWS CloudFormation

Why We Use AWS CloudFormation

By Tyler Distad ~

In the world of software development, the relationship between hardware and software is often strained. How many times have you heard stories like this?

“Hey, Bob. IT finally built those two new managed servers we ordered. Could you check them out?”

“Sure. Hmmm. This one only has 4GB of storage, but I ordered 4TB. This one has the right storage, but it’s only writable by root.”

Does this true story sound painfully familiar? How about this one:

“Hey, Bob. IT patched the database servers last night, and now the entire test environment is down. Check it out?”

These are the standard horror stories of enterprise IT. Software development hardware is owned and managed by “IT”, that other group “over there,” with different priorities, different management, different requisitioning policies, and different approaches to change management. There is no easy way for the development team to reliably verify that any two servers are really, truly exactly alike, and how their configurations may have changed since yesterday.

AWS CloudFormation and the idea of Infrastructure-As-Code go a long, long way toward solving these challenges. On our projects, we heavily promote source-controlled CloudFormation templates as the only way to change infrastructure-level configurations. With these templates, we can:

  • Know exactly how a server was configured at any point in time, including:
    • Details of related storage, RAM, CPU, and network connections
    • What security groups and access control rules were applied
    • What scripts were launched when the server was created or restarted
    • What baseline software was installed
  • Easily create a perfect clone of a server’s configuration
  • Build reports on expected costs, network topography, or security architecture
  • Make managed configuration changes that are deployed across environments alongside code
  • Re-apply the templates at any time to overwrite any ad-hoc changes.

 

Having once begun to work with AWS CloudFormation, we never want to go back to the bad old days. CloudFormation is a tool, not a panacea, but when used properly, it lets developers focus on development. Building a server becomes just another coding exercise. Infrastructure changes are quick, easy, and safe. The customer gets improved system reliability and higher development throughput. Everyone goes home happy.