CloudFormation Outputs

  CloudFormation

https://www.udemy.com/aws-cloudformation-master-class/learn/v4/t/lecture/8162150?start=0

Course Main Menu

Section 6 Main Menu

Overview

What are outputs

  • Outputs are optional outputs values that we can import into other stacks.
  • You can also view the outputs in the AWS Console or by using the AWS CLI
    • If you want to view a return value
  • Usage Examples:
    • To get the VPC ID and Subnet IDs if you define a network CloudFormation.
    • To collaborate on a stack with someone else.  You can use their outputs for your part of the stack.

Create Security Group with Outputs Hands On

https://www.udemy.com/aws-cloudformation-master-class/learn/v4/t/lecture/8162152?start=0

First we will create a Security Group with specific rules that will output

  • Create and SSH Security Group
  • Important!
    • The Export Name must be globally unique!

 

Outputs:
   Logical ID:
      Description: Information about the value
      Value: Value to return
      Export:
         Name: Value to export

Resources:
  # here we define a SSH security group that will be used in the entire company
  MyCompanyWideSSHSecurityGroup:
    # http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Enable SSH access via port 22
      SecurityGroupIngress:
        # we have a lot of rules because it's a perfect security group
        # finance team network
      - CidrIp: 10.0.48.0/24
        FromPort: 22
        IpProtocol: tcp
        ToPort: 22
        # marketing team network
      - CidrIp: 10.0.112.0/24
        FromPort: 22
        IpProtocol: tcp
        ToPort: 22
        # application team support network
      - CidrIp: 10.0.176.0/24
        FromPort: 22
        IpProtocol: tcp
        ToPort: 22

Outputs:
  StackSSHSecurityGroup:
    Description: The SSH Security Group for our Company
    Value: !Ref MyCompanyWideSSHSecurityGroup
    Export:
      Name: SSHSecurityGroup

As entered into AWS:

  • Stack Name: My-SG-Stack
    • All Defaults > Create

  • From CloudFormation

Cross Stack Reference Hands On

https://www.udemy.com/aws-cloudformation-master-class/learn/v4/t/lecture/8162154?start=0

Now we’ll use the data output from the first Hands On into a new CF template.

  • Create a second template that leverages that security group
    • Fn::ImportValue
  • Important!
    • You cannot delete the underlying stack until all references are deleted too!
Resources:
  MySecureInstance:
    # http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html
    Type: AWS::EC2::Instance
    Properties:
      AvailabilityZone: us-east-1a
      ImageId: ami-a4c7edb2
      InstanceType: t2.micro
      SecurityGroups:
        # we reference the output here, using the Fn::ImportValue function
        - !ImportValue SSHSecurityGroup

 

Quiz

Outputs are

  • Mandatory
  • Optional

Any Outputs can be referenced crossed stack

  • Yes
  • No

You need to export the output value before being able to use it in another stack

LEAVE A COMMENT