Improve Reusability of IaC With AWS CloudFormation Modules

Tech Blog / Improve Reusability of IaC With AWS CloudFormation Modules
Businessman building towers with blocks AWS CloudFormation is a helpful tool for provisioning and managing AWS assets in a standardized and repeatable way with infrastructure as code (IaC). Creating an AWS CloudFormation template, however, involves entering a series of parameters to use for every resource you want to define in a deployment stack. Yet, in our experience, operators don't always know the best practice criteria for every resource. As a result, to help improve reusability and ensure best practice values are used across multiple CloudFormation templates, AWS recently introduced AWS CloudFormation Modules.  

What are AWS CloudFormation Modules?

AWS CloudFormation Modules pre-define best practices so you don't have to when you set up your CloudFormation templates. This can include best practice configurations and more. AWS CloudFormation Modules are foundational pieces teams can use (and re-use) across their CloudFormation templates. Because they can be used like a native CloudFormation resource, they can be found in your CloudFormation registry. It's worth noting that CloudFormation Modules can be used for single or multiple resources and like Legos they can be stacked to build bigger best practice elements. 

AWS CloudFormation Modules use cases

While AWS has created several modules to get operators started with the new feature, we see several additional use cases for AWS CloudFormation Modules.
 
Community Driven Modules - AWS offers a public repository for community driven modules, which we believe will further serve to popularize AWS and native AWS tools. This will, in turn, drive even more demand for help to start using best practices as organizations adopt more tools. Combined, AWS tools and CloudFormation Modules can help organization decrease time to market.

Company Driven Public Modules - Companies can publish their products as public modules. We see this as a great way for organizations to enable their customers, embedding product deployments in customers’ CloudFormation templates. This will speed customer deployments while ensuring best practices are included across customer builds.
 
Company Driven Private Modules - Companies can create their own set of modules with best practices that will accelerate their development teams through reusability of IaC and help achieve best practices at scale.
 

AWS CloudFormation Modules advantages

In addition to being able to share modules within an organization -- or with customers, partners, or the entire AWS community -- CloudFormation Modules offer several advantages. They provide greater transparency and visibility. With the new modules feature, AWS addresses visibility issues when using CloudFormation nested stacks where visibility with the creation and updating of nested stacks is lost. This can lead to significant risks during an update because you don’t see what resources will be updated and what update strategy will be used. Conversely, AWS CloudFormation Modules don’t have this problem because the module’s resources are part of the AWS CloudFormation stack, giving you full visibility. We also like the modularity and reusability of the new modules. And, it’s worth noting that you can nest modules up to three layers deep.
 

Areas for future improvement

As a relatively new technology, AWS CloudFormation Modules have a few limitations that we hope will be addressed in future releases. For example, we would like to see added macro support within modules as well as support for Type or Constraint enforcement in the module parameters. In addition, modules don’t currently solve issues with items like maximum CloudFormation template size. CloudFormation quotas, such as the maximum number of resources allowed in a stack, or the maximum size of the template body, apply to the processed template whether the resources included in that template come from modules or not. Last, we were surprised that modules don’t support drift detection when you release a new module version. It’s still possible to update stacks when you release a new module version, though it is not as straightforward as we’ve come to expect from other vendors’ modular design implementation.

Despite these drawbacks, AWS CloudFormation Modules are a strong alternative to HashiCorp Terraform and AWS Cloud Development Kit (CDK) for a company’s solution portfolio development. If you use AWS CloudFormation today, you can begin using the new modules feature to improve reusability and modularity without migrating to a new solution. Organizations have turned to IaC to grow their infrastructure modularity, codify best practices and grow consistency through version control. AWS CloudFormation Modules help further these benefits, while growing developer productivity and speeding time to market.

Stay abreast of the latest cloud solutions. Subscribe to the Tech Blog below. 


Post Date: 05/05/2021

About the Author:

Artem Kobrin

Ph.D. is Solutions Architect at NTT DATA and an AWS APN Ambassador. In his role, he helps enterprises adopt new approaches and technologies to bring solutions to market faster and deliver an improved customer experience. He advises organizations on their migration strategy, DevOps, networking, and security of AWS workloads.

X