Simplifying Infrastructure Management with AWS CloudFormation Git Sync – Hands On

Introduction to GitSync and CloudFormation

In today’s fast-paced tech environment, managing infrastructure as code (IaC) efficiently is crucial. GitSync and CloudFormation are two powerful tools that can help streamline this process. By integrating these tools, organizations can achieve more reliable and scalable infrastructure management.

What is GitSync?

GitSync is a concept where your infrastructure configuration files are stored in a Git repository. This allows you to take advantage of Git’s version control features, including branching, merging, and collaboration. By storing your infrastructure as code (IaC), you can ensure that your infrastructure is consistent, reproducible, and easy to manage.

Benefits of GitSync:

1. Version Control: Track changes to your infrastructure configurations over time.
2. Collaboration: Multiple team members can work on the infrastructure code simultaneously.
3. Auditability: Every change is logged, providing a clear history of modifications.
4. Rollback: Easily revert to previous versions if something goes wrong.

AWS CloudFormation

AWS CloudFormation is a service that allows you to define and provision AWS infrastructure using code. You write templates in JSON or YAML that describe the resources you need, and CloudFormation takes care of creating and configuring those resources.

Benefits of CloudFormation:

1. Infrastructure as Code: Manage your entire infrastructure using code, making it easy to version and replicate.
2. Automation: Automatically provision and configure resources, reducing manual intervention.
3. Consistency: Ensure consistent environments across different stages (development, testing, production).
4. Stack Management: Group resources into stacks for easier management and deployment.

AWS CloudFormation Git sync walkthrough-Step by Step with Example.

Step 1: Create stack

1. Login to your AWS account and access the cloudformation service.

2. Click on Create Stack and proceed to the next screen for making the stack. In the Create stack dashboard, in the Prerequisite – Prepare template panel, confirm that Choose an existing template is selected, and in the Specify template panel, choose Sync from Git. Please see the screenshot below to verify that you have chosen the correct options, then proceed with the Next button

Step 2: Specify stack details

1. In the Provide a stack name panel, enter a name for your stack. I’m giving as ‘heyraise-vpc-demo’

2. The Stack deployment file has two options and I’m selecting the first option Create the file using the following parameters and place it in my repository, since this is my first demo and I haven’t uploaded the stack deployment file to my GitHub repository yet. While choosing this option Git sync to create the stack deployment file and place it in my repository.

3. The Template definition repository panel has two options, and I’m choosing Link a Git repository since this is the first time I’m going to link a repository. If you already have a linked repository, you can choose the same for use here. Then I choose Git repository provider as GitHub. For this demo purpose, I’m using GitHub as my SCM. Choose a Connection from the list. If no options appear in the Connection list, go to the Connections console to create a connection to your repository. As I haven’t any previous connections, I’m going to create a new connection to my repository. Please see the below screenshots to proceed with the steps for creating connections.

4. In the Repository list, select the Git repository that we just linked in the previous step after creating the connection. Select the branch name, for this demo, I’m using the main branch itself. For the Deployment file path, provide the file name, I’m providing the file name as deploy.yaml CloudFormation is generating this file for me and it will committed to my repository.  If you already have the deployment file, you just need to give the file name.

5. Add an IAM role. The IAM role includes permissions that are required for CloudFormation to sync the stack from our Git repository. We can choose a New IAM role to generate a new role or choose an Existing IAM role to select an existing role from the CloudFormation account. I have chosen to create a new IAM role and provided the name. For the Template file path, specify the full path from the root of the repository for the stack template file. I provided the template file name as vpc.yml which I already placed in the GitHub repository. If you want to pass parameters to stack via stack deployment file. For this demo purpose, we are not adding parameters in deploy.yaml file. Now verify the options in below screenshot and proceed with the Next

Step 3: Configure stack options

Here mainly we need IAM role to interact with AWS resources. You can add an admin policy just for testing purposes. In my example, the ROLE is heyraiseupstack with AdministratorAccess .

Step 4: Review and deploy

Review your stack settings and confirm the following:

1. The stack template is configured correctly and set to Sync from Git.
2. The deployment file is configured correctly.
3. The template definition repository is configured correctly, in particular, that the correct Repository and Branch name are selected.
4. The preview of the deployment file is correct and contains the expected parameters and values. Choose Submit to create the stack.

So we have two IAM roles used, 1. heyraiseupvpcdemo-policy and heyraiseupstack

heyraiseupvpcdemo-policy is for gitsync, please refer here https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/git-sync-prereq.html

heyraiseupstack is CF Role with AdministratorAccess

Once you submit the stack, there is PullRequest will be created at your GitHub repository and you need to approve, and merge that PR to get your Stack deployment file, ie deploy.yaml file.

Step 5: Review the deployment

Once you merge the PR and deploy.yml will take the completion of stack.

Conclusion

Please refer to the source code here.

By integrating GitSync with a CI/CD pipeline and CloudFormation, you can automate the deployment of your infrastructure, ensuring consistency, repeatability, and reduced manual effort. This approach leverages the strengths of version control and infrastructure as code to streamline your infrastructure management.