- CloudFormation template: yaml
This document contains some common CloudFormation parameters which are included in other documents in this project.
Parameter names should adhere to AWS parameter naming standards.
DeploymentName: Type: String Description: A name for this deployment
A deployment is a deployed application, potentially comprised of many
CloudFormation stacks. This is sometimes called an "environment", but that is an
overloaded and confusing term. Use the
DeploymentName to indicate which
logical deployment a stack belongs to.
If a deployment is completely specified by exactly one CloudFormation template,
DeploymentName and the AWS::StackName refer to the same things. In that
case, consider not using a
KeyName: Type: AWS::EC2::KeyPair::KeyName Description: The name of an EC2 KeyPair Default: test
AWS does not provide a CloudFormation type for EC2 KeyPairs. This is a deliberate choice: a KeyPair consists of a public and private key, and AWS does not want to expose the private key in CloudFormation outputs.
This is one example where Terraform has an advantage: since Terraform runs locally, it can create a KeyPair and save the private key locally.
In CloudFormation, you have two options:
- Create the KeyPair beforehand, then provide the
KeyNameto your CloudFormation template as a parameter.
- Create the KeyPair using a CloudFormation Custom Resource (i.e. a Lambda Function) defined in your CloudFormation template. The Custom Resource must save the private key somewhere (like SecretsManager or SSM Parameter Store).
SSHCIDR: Type: String Description: IP CIDR range
Allow SSH access from this CIDR range.