Steps to launch an EC2 instance using AWS CloudFormation

AWS CloudFormation basics

AWS CloudFormation is an infrastructure-as-code tool that defines resources and their configurations in a standardized template -- either JSON or YAML format. In general, YAML is the preferable option, as it's more concise; JSON requires a much higher number of characters. YAML also supports the ability to add comments, which JSON does not.

Admins can version and maintain CloudFormation templates as part of a suite of operational components.

A key concept in CloudFormation is a stack. A stack is an AWS resource that is created in addition to the resources configured in the template. A CloudFormation stack groups, launches and manages all the resources defined in a template. Even though a stack could technically contain as little as a single resource, its optimal use case is one where multiple resources launch together.

The most common use case for CloudFormation is to group all or most components of a full application environment within a single stack. This simplifies the launch of multiple environments across deployment stages.

While CloudFormation has a variety of features and capabilities, two are particularly important:

1. Parameters. Admins can configure resources using dynamic values that they specify upon stack creation or updates. This provides flexibility when using the same template to launch multiple stacks across different deployment stages.
2. Internal references. Once resources are created, they can be referenced internally within the CloudFormation stack. For example, users can create a security group in a template and configure an EC2 instance in the same template to use the recently created security group via internal reference.

Use CloudFormation to deploy an EC2 instance

There are important parameters to define before you can launch the CloudFormation stack that deploys the EC2 instance. These parameters include the following:

• The Amazon Machine Image (AMI) ID the new EC2 instance uses.
• The EC2 instance type.
• The VPC ID and subnet ID where the instance launches.
• At least one security group ID.
• An EC2 key pair name.

For this example, assume a key pair was already created and a security group ID is already known, prior to creating the EC2 instance.

Step 1. Specify the Resources block

When defining a CloudFormation template, it is mandatory to specify a Resources block and declare all the relevant AWS resources under it. The most basic block to launch an EC2 instance in CloudFormation looks like this:

Resources:
  MyNewEC2Instance:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: <ami-id>
       InstanceType: <ec2-instance-type>
       SubnetId: <subnet-id>
      SecurityGroupIds:
       - <security-group-id>
      KeyName: <ec2-key-name>

In addition to the essential configurations shown above, it's possible to configure more than 40 parameters when launching an EC2 instance. The following are important parameters that are highly recommended to include:

• BlockDeviceMappings. Enables users to allocate more storage space than specified in the AMI. For example, most AWS Linux AMIs come with a default of 8 GB, which might not be enough for many applications.
• DisableApiTermination. Prevents users from accidentally terminating an EC2 instance.
• IamInstanceProfile. Associates an Identity and Access Management (IAM) profile to the EC2 instance, eliminating the need to configure AWS credentials in local files or environment variables inside the instance -- this provides a secure way to grant AWS permissions to processes running inside an EC2 instance.
• NetworkInterfaces. Defines the allocation of a public IP address to the new instance, depending on whether the instance should be accessible from the internet or only within a VPC.

Step 2. Create the stack

Once you complete the template, create the CloudFormation stack. Do this by clicking on the Create stack button from the CloudFormation console, as seen in Figure 1.

You can also launch a CloudFormation stack using AWS Command Line Interface or SDK. These options fully automate resource creation and minimize manual intervention.

Step 3. Choose and upload a template

Select the options Choose an existing template and Upload a template file, as shown in Figure 2.

Step 4. Name the stack and specify parameters

Define the stack name, and if the template has a parameters section, specify any parameters, as shown in Figure 3.

Next, select advanced options for the deployment. These options include resource tags, IAM roles, stack failure options -- rollback or preserve resources, stack policies and notifications -- and termination protection. A confirmation page includes a button to create the stack, as shown in Figure 4.

Once you create the stack, it appears as CREATE_COMPLETE in the CloudFormation console. Several tabs in the console provide more information about the stack, as pictured in Figure 5. These tabs show the resources that the stack manages and the event timeline regarding creation and updates to these resources. These tabs also include relevant stack attributes, such as outputs, parameters and a visualization of the JSON or YAML template. The Git sync feature enables the automation of stack updates, which are triggered by code commits that take place in a Git repository.

It's also possible to launch a CloudFormation stack using AWS Command Line Interface or SDK. This is the recommended way to have full automation for the resource creation process and minimize manual intervention.

CloudFormation is a helpful tool for launching AWS resources in a consistent and automated way. While this article covers only the launch of an EC2 instance, the most common use case is when multiple components of a full environment are grouped in a single CloudFormation stack. This grouping simplifies the launch of multiple application environments across deployment stages.

Using CloudFormation might present an initial learning curve. But, in the long term, using CloudFormation significantly simplifies the launch and maintenance of application infrastructure in the cloud.

Editor's note: This article was updated for timeliness and to add information about CloudFormation tabs.

Ernesto Marquez is owner and project director at Concurrency Labs, where he helps startups launch and grow their applications on AWS. He enjoys building serverless architectures, building data analytics solutions, implementing automation and helping customers cut their AWS costs.