7. CloudFormation Mappings
Now let’s talk about mappings. Mappings are fixed variables within your cloud formation template. They have to be hard coded. They’re very handy if you need to hardcore some values based on different environments you’re in. So dev versus prod or regions such as exist regions or AMI types, etc. And as I said, all the values must be written out explicitly in your template. As an example, here is a mapping and this is how you write it. So you have a mappings section and then you have the name of the mapping. Then you have a key and underneath you have keys called name and values. So it’s quite a low level type of architecture. And so to make it more concrete, we may have a region map to map regions to Amis.
And so we’re saying, okay, within US east one, UST west one or EU west one based on if you choose a 32 bit or 64 bit type of architecture, here is the AMI ID you should be using. So overall this is just a hard coding saying okay, based on where the template is being run, this is the AMI I want to use. So when we use mapping and parameters, well, mappings are great when you know in advance all the values that can be taken. So for example, amid and so you can deduce them from variables such as region, AZ, list, account environment, et cetera, whatever you can think of. To me they allow safer control over the templates. But if you need the values to be really user specific and the user should input a value and you don’t know in advance what it can be, then you should use the parameters.
Now to access the mapping values, there is this function called FN find in Map and basically it returns a value from a specific key. And the shorthand syntax is this one. We use Finding Map with the little exclamation point and we have to give the map name, then the top level key and the second level key. So three parameters right here. And so that’s something you should know for the exam, just the syntax of it, okay? And so if we look at this little confirmation template, we can see we have a region map that we have defined from before. And so if we want to create an easy to instance and reference get the right AMI ID, then we use the Find in Map function for the image ID. And so the first one is the map name.
So we’ll use region map because here it’s called region map. The second is that we want a reference to the AOS region we’re in. So we’re going to use this pseudo parameter we just talked about and the ref function. So we reference the AIS region the confirmation template is running in. So for example, say we’re running a newest east one, then we are in this block and then we say 32 as the second level key. So we look at the 32 key and we get the value from it. We’ll get this AMI 6411 e 20 D. So this is the one that will be selected. So this is all you should know about mapping. Just remember the syntax with the find in map function and the fact that mappings have to be written out explicitly in your templates.
8. CloudFormation Outputs
So outputs, let’s talk about outputs. And that’s actually a very popular exam question, so pay attention. The output section is optional, but we can declare optional outputs. And if we export these outputs, we’ll be able to import their values into other stacks. And by stack, I mean cloud formation templates. So you can start linking your confirmation templates. We can also view the outputs in the AIS console or using the Auscli. So it allows us to quickly retrieve the value of an output straight from using the UI. In terms of example, for example, you can have a network cloud formation template, and then you would export outputs that would be, for example, the VPC ID and the subnet IDs, and you would reuse those into other confirmation templates.
And so it enables to do a cross stack collaboration where you let the experts handle their own parts of the VPC and the subnet. And you as an app developer, you just reference these values out of the box. Something you should know though, is that if you start using the cloud formation outputs and they start being referenced from another cloud formation tax stack, you cannot delete a stack that still has outputs being referenced somewhere else. So it’s just something to know. Now, if we look at an example of the outputs in this one, we are creating an SSH Security Group as part of the templates. And so we export that value as an output, okay? And basically other templates will be able to get the value of that security group ID.
So the syntax is pretty easy. We have the output section right here, and we have the name of the security group, and we have the description. So the SSH Security Group for our company, here’s the value. So we provide a reference of the security group that was created within the resources. And then we have to specify this export block right here. Okay, this is an optional block. If you don’t specify it, then the value does not get exported, and it will not be able to be imported. So when we specify the export value, we can say, okay, this value, this SSH Security Group ID, is going to be exported as the name SSH Security Group. So now how do we import that value while using a cross tack reference? And so we’ll create a second template that leverages the security group.
And for this, we’ll use the FN import value function, interesting function, and we can’t delete again the previous tack until all this tag will be deleted. So if we look at this little snippet of code right here, we can see that for the security groups, at the very bottom, there’s a shorthand syntax for import value. And then we reference the exact same name as before, called SSH Security Group. So just a reminder, before, we exported the value as SSH Security Group, and here we import the value SSH Security Group. So outputs and exports are a very popular question at the exam, especially if they start asking you how do you link CloudFormation templates or reach you the value from one to another. So you should know about it, you should know about the syntax and you should know about the import value function. So I hope that was helpful and I will see you in the next lecture.
9. CloudFormation Conditions
Finally we’re going to talk about the conditions. And so conditions are used to control the creation of resources or outputs based on some statements, logical statements. And the conditions can be whatever you want them to be. But the common ones are that maybe you want to say if you’re in Dev or if you’re in Test or if you’re in prod, create or don’t create that resource. Maybe it can be based on the region, maybe based on the parameter value. And so each condition can, can reference another condition parameter value of mapping so you can compose them. And so to define them, to make it a bit more concrete, here is a condition that I’ve created under the block conditions.
And so here we say, okay, do we want to create the production resources? And for this you need to have the environment type and that may be a parameter. This environment type right here we need to have the reference so the value of this parameter to be equal to string prod. And so here basically this whole thing is going to be true only if the environment is equal to prod. And so using this prod resources we’re ableto basically define and condition other resources. So it’s up to you how you want to choose it. And so all the functions you can use in there are going to be and equals, if not or or. And so these are logical functions and you can compose them as much as you want.
Now, how do we use a condition? Well, you can apply it, as I said, to resources, outputs, et cetera. And so if we look at a resource, for example, my mount point, the type of it is AOS EC, two volume attachments. And this only gets created if the condition creates prod resources from before is true. So that gives you an idea of how conditions are used basically on the same level as the type right here underneath the name of the resource. So that’s it for conditions. I think they’re pretty much advanced, I’m not sure they ask at the exam, but for you it’s still good to know about them that they exist and you can have some a little bit more logic in your confirmation templates. I hope that was helpful and I will you in the next lecture.
10. CloudFormation Intrinsic Functions
So the exam may ask you about interesting functions and we’ve seen them, but here is a list of the ones you should absolutely know for the exam. The ref function, the get attribute find and map, import value, join sub and the condition functions. So let’s go ahead and have a quick memory refresher on what they are. The ref function is to be the most important. It used to be referencing parameters and in case you reference a parameter, it will return the value of that parameter. So we’ve seen this in practice when you had the security group description and resources. So if you reference another resource in your cloud formation template, it will return the physical ID of the underlying resource.
So for example, if we reference an EC two instance, we will get the EC two instance ID. Now, the shorthand for this is going to be exclamation point ref and this is what it looks like. So here is a quick example. We create a subnet and for the properties VPC ID, we reference the VPC that was created from before and so what we get out of it is the VPC ID. As I said, when you reference a resource, it returns to physical ID. So super important to know. Now, how do we get other information out of resources, right? Because if we only can get the ID information out of the resources using a ref, then we’re pretty much stuck for some things.
So we can use get at and attributes can be attached to any resources you create. And so to basically get a list of all the resources and all the attributes that get exposed from these resources, you will have to look in the documentation. So let’s do a quick look at it just to get an idea. So if we look at our EC two instance and we go to return values, we can see that there’s a ref. So the ref will return the ID of that instance. Okay? And then using the get attribute function, we’re able to get the availability Zone, the DNS name, the private IP and so on. So all these things are exposed. So to know what attributes are exposed in each resource, you have to go to the resource and look at the documentation.
Now for example, if we want to get the AZ of an Et two machine, we saw we could do it. Here is our resource block. So we have our EC two instance with an image ID and an instance type and we want to get the AZ out of it. For example, when we create an EBS volume for this, we’re going to create a new volume under resources and we say the type is an EC two volume condition if we had a condition from before. But the important thing here and there is that if you look at the properties, the size is 100 and the AZ is using the get attribute function EC two dot availability Zone.
So the EC two instance is coming straight out of this name on the left hand side and then the dot says it tells get attribute what we want to get out of it. So we want to get the Availability Zone. So this is quite a popular exam question as well. How do we get this attribute of this resource? And the answer is use the Get at function. You have Find in Map and we’ve seen this before. We use this finding Map function and the shorthand syntax is this we have to specify the map name, the top level key and the second level key. And so here is a quick summary. In this example we were using the Find in Map function to find the image ID based on the region we were in and the type of architecture 32 or 64 bits.
Import value is to import values that have been exported as outputs in other templates and for this we’ll use the import value function. So again, remember when we import a value we just give the import value name that was exported and it should work just easy. Now for join join, we haven’t seen it yet but we can join value with the delimiter. So this is the shorthand syntax we should define join. We give the delimiter name and then we provide a comma delimited list of values. To make it slightly more concrete, to create the A column B column C string, we can use the join function with the column and then we specify ABC on the right hand side. So if you do programming, this is quite a common function in programming.
So just know about it sometimes maybe you’ll be asked hey, what is the output of this interesting function? And if you use join well, you know that you have to just put the columns in between the A and the B and the B and the C. Okay? Finally we have the sub function. The sub function is a shorthand for substitutes. It’s super handy, it allows you to substitute values within strings and so you can use it with references or pseudo variables. And the string must contain this dollar sign and open with the variable name to do a substitution. So this is a bit obscure, but just remember sub does substitution and it will totally make sense when you see it, if you see it in the exam.
Okay? Sub is to substitute values. Finally conditions conditions is when we define for example, a condition to only create the prod resources and we can use a bunch of functions in there. And so the interesting functions we can use is and equals if not and or and maybe others that will get added to confirmation over time. But that’s all for the intricate functions you should use. You recognize the function is called intrang when there is this FN column column or when you have that little exclamation point before a name that represents a function. This is all you need to know for Cloud Formation functions. I hope that was helpful and I will see you in the next lecture.
