,Introduction
This book is for aspiring and intermediately experienced cloud practitioners. This book is
designed to be extremely hands-on, focusing primarily on outcomes and code necessary to
arrive at those outcomes without a great deal of additional discussion.
The book begins with a day in the life of a fictional cloud engineer who lives in a world devoid
of infrastructure-as-code frameworks and tooling to make his life easier. In the absence of
these tools, the engineer undertakes the daunting task of building a bespoke set of tools to
tackle the requirements of his daily tasks. Through his experiences, we begin to realize that
simply maintaining and extending such tooling just to meet a very basic set of needs is a full-
time job in and of itself.
With the reader primed to understand the critical enabling role that this class of tools plays
in modern environments, we take a look at the general landscape of infrastructure-as-code
tools, discussing general-purpose tools and also examining some of the more niche tools that
exist and what problems they aim to solve. With this general survey completed, we begin to
take a more in-depth look at several representative tools.
CloudFormation is the first stop. CloudFormation represents the vendor solution; we analyze
the benefits bestowed to users by virtue of this fact. From there, we look at the semantics
used by CloudFormation code and how to deploy and manage resources using it.
Next, we take a look at the third-party heavyweight, Terraform. Terraform is differentiated
from CloudFormation in many key areas, areas we discover in this chapter. We also explore
resources defined as-code with Terraform. We also discuss how to leverage Terraform’s
multifaceted command set to create and manage infrastructure.
Following Terraform, we reprise CloudFormation, looking at the tools that have emerged to
form an ecosystem around CloudFormation since its 2011 launch. Tools have emerged to
address several pain points with the offering. We examine those pain points and how the
tools address these pain points. While many tools exist in many domains, we focus
on DSL providers and orchestrators. By focusing on a leading tool in each domain, we keep
the scope of the chapter small enough to focus on these two key domains. While we only
address two tools throughout the chapter, the Appendix contains a mind-bogglingly long list
of tools from each class if you find that you might need tooling that aligns to a different set
of needs than those addressed in the chapter.
“Next-gen” infra-as-code frameworks follow. Emerging tools such as the
AWS CDK and Pulumi are shaking up how we are creating infrastructure these days, all the
while continuing to lean on the lessons and power of our two mainstays: CloudFormation
and Terraform. This chapter provides insight on how these newer tools are set up for success
by leaning on the strengths of their predecessors. We also look at how to work with these
tools and create and manage infrastructure with each of them.
,With a firm understanding of several well-known and emerging technologies in this space,
we put each through its paces by using it to build a mainstay of AWS architecture: a high-
availability (HA) (or non-high-availability, as desired) VPC that supports HA features via
toggles built directly into the code base itself. In the course of doing so, we are able to clearly
establish tradeoffs made between building the same bundle of resources across multiple
tools.
We end not with a protracted rehashing of previously discussed topics but with some
additional “lessons learned” over the last few years of functioning within multiple roles
primarily focused on cloud architecture, engineering, and automation of software delivery
into such environments.
Table of Contents
Chapter 1: Infra the Beginning
A New and Novel Approach to Infrastructure
Into an Unknown World
Out of the Dream
New Tools for New Problems
For the Business
For IT
Chapter 2: The Current Landscape
Declarative Tools
CloudFormation
CloudFormation DSLs and Template Generators
CloudFormation Orchestrators
Tools Not Based on CloudFormation
Non-declarative Tooling
Conclusion
Chapter 3: CloudFormation In-Depth
Template Anatomy
AWSTemplateFormatVersion
Description
Parameters
Deployment
Web Console
Command-Line Interface
Custom Resources
Advanced Intrinsic Functions and Macros
Fn::Transform and AWS::Serverless
Fn::Transform and AWS::Include
Macros
Nested Stacks
StackSets
Discussion
, Conclusion
Chapter 4: Terraform In-Depth
Code Anatomy
Provider
Data
Variables
Resources
Code Layout and Structure
Variable Values
terraform.tfvars
Variables in Context of Deployment
Advanced tfvars Files Usage
Runtime Variable Values
Modules, Locals, Remote State, Providers, and Pinning
Modules
Providers Revisited
Remote State
Version Pinning
Conclusion
Chapter 5: CloudFormation-Based Tools
Troposphere
Why Troposphere?
Getting Started
A Basic Exercise
The Benefits of a Full Programming Language
Sceptre
Why Sceptre?
Getting Started
Project Setup and Hooks Demonstration
Conclusion
Chapter 6: The AWS CDK and Pulumi
AWS CDK
Why CDK?
Getting Started with the CDK
Reprise – EC2 Instance with the CDK
Pulumi
Why Pulumi?
Getting Started with Pulumi
First Pulumi Project – EC2 Instance
Conclusion
Chapter 7: Let’s Build a VPC
Architecture
High-Availability Design
Non-High-Availability Design
Solutions
CloudFormation
This book is for aspiring and intermediately experienced cloud practitioners. This book is
designed to be extremely hands-on, focusing primarily on outcomes and code necessary to
arrive at those outcomes without a great deal of additional discussion.
The book begins with a day in the life of a fictional cloud engineer who lives in a world devoid
of infrastructure-as-code frameworks and tooling to make his life easier. In the absence of
these tools, the engineer undertakes the daunting task of building a bespoke set of tools to
tackle the requirements of his daily tasks. Through his experiences, we begin to realize that
simply maintaining and extending such tooling just to meet a very basic set of needs is a full-
time job in and of itself.
With the reader primed to understand the critical enabling role that this class of tools plays
in modern environments, we take a look at the general landscape of infrastructure-as-code
tools, discussing general-purpose tools and also examining some of the more niche tools that
exist and what problems they aim to solve. With this general survey completed, we begin to
take a more in-depth look at several representative tools.
CloudFormation is the first stop. CloudFormation represents the vendor solution; we analyze
the benefits bestowed to users by virtue of this fact. From there, we look at the semantics
used by CloudFormation code and how to deploy and manage resources using it.
Next, we take a look at the third-party heavyweight, Terraform. Terraform is differentiated
from CloudFormation in many key areas, areas we discover in this chapter. We also explore
resources defined as-code with Terraform. We also discuss how to leverage Terraform’s
multifaceted command set to create and manage infrastructure.
Following Terraform, we reprise CloudFormation, looking at the tools that have emerged to
form an ecosystem around CloudFormation since its 2011 launch. Tools have emerged to
address several pain points with the offering. We examine those pain points and how the
tools address these pain points. While many tools exist in many domains, we focus
on DSL providers and orchestrators. By focusing on a leading tool in each domain, we keep
the scope of the chapter small enough to focus on these two key domains. While we only
address two tools throughout the chapter, the Appendix contains a mind-bogglingly long list
of tools from each class if you find that you might need tooling that aligns to a different set
of needs than those addressed in the chapter.
“Next-gen” infra-as-code frameworks follow. Emerging tools such as the
AWS CDK and Pulumi are shaking up how we are creating infrastructure these days, all the
while continuing to lean on the lessons and power of our two mainstays: CloudFormation
and Terraform. This chapter provides insight on how these newer tools are set up for success
by leaning on the strengths of their predecessors. We also look at how to work with these
tools and create and manage infrastructure with each of them.
,With a firm understanding of several well-known and emerging technologies in this space,
we put each through its paces by using it to build a mainstay of AWS architecture: a high-
availability (HA) (or non-high-availability, as desired) VPC that supports HA features via
toggles built directly into the code base itself. In the course of doing so, we are able to clearly
establish tradeoffs made between building the same bundle of resources across multiple
tools.
We end not with a protracted rehashing of previously discussed topics but with some
additional “lessons learned” over the last few years of functioning within multiple roles
primarily focused on cloud architecture, engineering, and automation of software delivery
into such environments.
Table of Contents
Chapter 1: Infra the Beginning
A New and Novel Approach to Infrastructure
Into an Unknown World
Out of the Dream
New Tools for New Problems
For the Business
For IT
Chapter 2: The Current Landscape
Declarative Tools
CloudFormation
CloudFormation DSLs and Template Generators
CloudFormation Orchestrators
Tools Not Based on CloudFormation
Non-declarative Tooling
Conclusion
Chapter 3: CloudFormation In-Depth
Template Anatomy
AWSTemplateFormatVersion
Description
Parameters
Deployment
Web Console
Command-Line Interface
Custom Resources
Advanced Intrinsic Functions and Macros
Fn::Transform and AWS::Serverless
Fn::Transform and AWS::Include
Macros
Nested Stacks
StackSets
Discussion
, Conclusion
Chapter 4: Terraform In-Depth
Code Anatomy
Provider
Data
Variables
Resources
Code Layout and Structure
Variable Values
terraform.tfvars
Variables in Context of Deployment
Advanced tfvars Files Usage
Runtime Variable Values
Modules, Locals, Remote State, Providers, and Pinning
Modules
Providers Revisited
Remote State
Version Pinning
Conclusion
Chapter 5: CloudFormation-Based Tools
Troposphere
Why Troposphere?
Getting Started
A Basic Exercise
The Benefits of a Full Programming Language
Sceptre
Why Sceptre?
Getting Started
Project Setup and Hooks Demonstration
Conclusion
Chapter 6: The AWS CDK and Pulumi
AWS CDK
Why CDK?
Getting Started with the CDK
Reprise – EC2 Instance with the CDK
Pulumi
Why Pulumi?
Getting Started with Pulumi
First Pulumi Project – EC2 Instance
Conclusion
Chapter 7: Let’s Build a VPC
Architecture
High-Availability Design
Non-High-Availability Design
Solutions
CloudFormation
