Following the live-streamed vide0 on week 10 about CloudFormation(CFN), I was able to complete the required tasks.
create a file called template.yaml under the aws/cfn
AWSTempleteFormatVersion: 2010-09-09
Description: |
Setup ECS Cluster
Resources:
ECSCluster: #Logical Name
Type: 'AWS::ECS::Cluster'
Properties:
ClusterName: MyCluster
CapacityProviders:
- FARGATE
#Parameters:
#Mappings:
#Resources:
#Outputs:
#MetadataInstall cfn lint using the following command
pip install cfn-lintand also add into gitpod.yml file.
- name: CFN
before: |
pip install cfn-lint
cargo install cfn-guardCreate a task-definition.guard under the aws/cfn
aws_ecs_cluster_configuration {
rules = [
{
rule = "task_definition_encryption"
description = "Ensure task definitions are encrypted"
level = "error"
action {
type = "disallow"
message = "Task definitions in the Amazon ECS cluster must be encrypted"
}
match {
type = "ecs_task_definition"
expression = "encrypt == false"
}
},
{
rule = "network_mode"
description = "Ensure Fargate tasks use awsvpc network mode"
level = "error"
action {
type = "disallow"
message = "Fargate tasks in the Amazon ECS cluster must use awsvpc network mode"
}
match {
type = "ecs_task_definition"
expression = "network_mode != 'awsvpc'"
}
},
{
rule = "execution_role"
description = "Ensure Fargate tasks have an execution role"
level = "error"
action {
type = "disallow"
message = "Fargate tasks in the Amazon ECS cluster must have an execution role"
}
match {
type = "ecs_task_definition"
expression = "execution_role == null"
}
},
]
}
To install cfn-guard
cargo install cfn-guardlaunch the following command
cfn-guard rulegen --template /workspace/aws-bootcamp-cruddur-2023/aws/cfn/template.yamlit will give the following result
let aws_ecs_cluster_resources = Resources.*[ Type == 'AWS::ECS::Cluster' ]
rule aws_ecs_cluster when %aws_ecs_cluster_resources !empty {
%aws_ecs_cluster_resources.Properties.CapacityProviders == ["FARGATE"]
%aws_ecs_cluster_resources.Properties.ClusterName == "MyCluster"
}
copy the following code and create a file called ecs-cluster.guard under aws/cfn
and run the following command
cfn-guard validate -r ecs-cluster.guard
I was able to create a Networking Template yaml file and a config toml file, for the purpose of implementing and identifying the Networking Stack in AWS Cloudformation. Furtheremore, I was able to create a network bash script to deploy the networking stack into CloudFormation. Here is the proof of
I was able to create a Cluster Template yaml file and a config toml file, for the purpose of implementing and identifying the Cluster Stack in AWS Cloudformation. Furtheremore, I was able to create a cluster bash script to deploy the cluster stack into CloudFormation.
I was able to create a Backend Template yaml file and a config toml file, for the purpose of implementing and identifying the Backend Stack in AWS Cloudformation. Furtheremore, I was able to create a backend bash script to deploy the backend stack into CloudFormation.
I was able to create a Database Template yaml file and a config toml file, for the purpose of implementing and identifying the Database Stack in Cloudformation. Furtheremore, I was able to create a Database Bash script to deploy the stack to AWS Cloudformation
I was able to create a CICD Template yaml file and also a nested codebuild yaml file and a config toml file, for the purpose of implementing and identifying the CICD Stack in Cloudformation. I also create a CICD Bash script to deploy the stack to AWS Cloudformation.
install the SAM packages to our gitpod.yml
- name: aws-sam
init: |
cd /workspace
wget https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip
unzip aws-sam-cli-linux-x86_64.zip -d sam-installation
sudo ./sam-installation/install
cd $THEIA_WORKSPACE_ROOTI was able to create a DynamoDb Template yaml file and a config toml file, for the purpose of implementing and identifying the DynamoDb Stack in Cloudformation. I also create a DynamoDb Bash script to deploy the stack to AWS Cloudformation.
I was able to create a Frontend template yaml file, alongside a config toml file for the purpose of implementing and identifying the Frontend Stack in Cloudformation. I also create a Frontend Bash script to deploy the stack to AWS Cloudformation.
Here is a screenshot showing that all the Cloudformation Stacks that were implemented successfully and deployed in Cloudformation.
Following the vidoes on each service, Andrew Brown proceeded to make diagrams about these services and how they function, as for me, I had to first finish up the entire week before implementing my diagrams which i was able to do using LucidChart and Draw.io.
Lucid Chart has a very limited free tier plan for shapes and i ran out of shapes, but i did implement a little of it and managed to copy them to Draw.io, where i finished the diagram for CloudFormation.
Below is the proof of Implementing Architectural Diagarams using LucidChart and Draw.io;