Skip to content

Welcome to the collection of AWS CloudFormation base templates authored by Apper.ph organization. This repo contains code examples of AWS CloudFormation templates used to provision specific AWS resources and group of collective templates to solve a particular use case.

License

Notifications You must be signed in to change notification settings

apperph/aws-cfn-base

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AWS CloudFormation Base Templates

Welcome to the collection of base AWS CloudFormation templates authored by Apper.ph organization. This repo contains code examples of AWS CloudFormation templates used to provision specific AWS resources and group of collective templates to solve a particular use case. We recommend that you use sample templates as a starting point for creating your own templates, not for launching production-level environments. Before launching a template, always review the resources that it will create and the permissions it requires.

About the Repository

The Apper DevOps team and approved contributors provide and maintain sample templates in the services and its subfolders. We encourage your contributions to these templates.

WIP: To-do

  • docs
    • virtual-network.md
    • common.md
    • persistent.md
    • ephemeral.md
  • ops
    • fetch.sh
    • create-parameter.sh
    • generate.sh
      • CrossAccountInfraPipeline
    • setup-hooks.sh
  • services
    • common
    • ephemeral
      • compute
        • ecs
          • ecs-cluster.yaml
          • ecs-service.yaml
        • elasticbeanstalk.yaml
        • ec2-bastion.yaml
        • ec2-mutable.yaml
        • eks
        • lambda
      • network
        • service-discovery
          • namespace.yaml
        • elbv2-listener-target-group.yaml
        • elbv2.yaml
    • persistent
      • documentdb.yaml
      • dynamodb.yaml
      • elasticache-memcached.yaml
      • elasticache-redis.yaml
      • opensearch.yaml
      • rds.yaml
      • s3.yaml
      • secretsmanager-dbsecrets.yaml
      • vpc-2azs.yaml
      • vpc-3azs.yaml
      • vpc-4azs.yaml

Submitting Templates

Before you submit a template, we suggest that you follow these guidelines to help maintain consistency between templates.

  • Test your template. Can you successfully create a stack with it? When you create a stack, AWS CloudFormation uses the ValidateTemplate API to check your template. When you delete a stack, is the stack (and all of its resources) successfully deleted? Make sure users aren't left with stray resources or stacks that have deletion errors.
  • In the Description section, add a brief description of your template. The description should indicate what the template does and why it's useful. For example: Description: "Create a LAMP stack using a single EC2 instance and a local MySQL database for storage. This template demonstrates using the AWS CloudFormation bootstrap scripts to install the packages and files necessary to deploy the Apache web server, PHP, and MySQL when the instance is launched."
  • Format your template to make it human readable:
    • Err on the side of human readability. If it makes your template easier to read, do it.
    • Use a linter. Make sure it also checks for syntax errors. We highly recommend that you use cfn-lint and yamllint.
    • Consider using two-space indents to reduce line wrapping.
  • Review IAM resources. If you include IAM resources, follow the standard security advice of granting least privilege (granting only the permissions required to do a task).
  • Remove secrets/credentials from your template. You might hardcode credentials or secrets in your template when you're testing. Don't forget to remove them before submitting your template. You can use this tool to help you scrub secrets: https://github.com/awslabs/git-secrets.
  • Add your template to the correct folder so that others can discover it. If your template demonstrates a particular service, add it to the services folder.

Git Hooks

To setup Git hooks on your local repository to run linters on files, run the setup-hooks script.

./ops/setup-hooks.sh

Additional Resources

In the AWS CloudFormation User Guide, you can view more information about the following topics:

License

Apper AWS CF Base Templates is licensed under Affero GPL v3 with additional terms

About

Welcome to the collection of AWS CloudFormation base templates authored by Apper.ph organization. This repo contains code examples of AWS CloudFormation templates used to provision specific AWS resources and group of collective templates to solve a particular use case.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages