Question: [September 22nd, 2017 10:07 AM] jhuizy: hey guys, just wondering who is manually creating CF templates or using other tools (troposphere, terraform, serverless etc)? Are there good tools for working with CF templates? (VSCode plugins, editors etc)

Asked By
jhuizy
Asked At
2017-09-22 02:14:41

Found 15 possible answers.

User Answered At Possible Answer
bnzmnzhnz 2017-09-22 02:15:18 @jhuizy recommend https://github.com/seanedwards/cfer if you like ruby
jhuizy 2017-09-22 02:16:42 does it have good support for typing? I have used troposphere (and looked at terraform) but my problem is that it lacks a sort of ‘compile time’ check for resource validation (as an example - valid s3 bucket name or invalid parameter name) I’m thinking maybe that’s a gap in the market for a small tool - but may not be worth it if people aren’t using cloudformation
jeremyolliver 2017-09-22 02:18:45 Resource validation (does X exist) is usually not supported because the name for X is derived from state earlier in the run (for both CloudFormation and terraform etc)
bnzmnzhnz 2017-09-22 02:19:24 @jhuizy not sure exactly what you're getting at: the CFN API itself validates resources
jeremyolliver 2017-09-22 02:20:10 I however added a CI lint check to my CloudFormation repo recently using aws cloudformation validate-template --template-body to ensure my YAML/json was valid CloudFormation
bnzmnzhnz 2017-09-22 02:20:21 not sure anything sane would be possible without hitting the API, since so much depends on state
jeremyolliver 2017-09-22 02:21:44 but it still only catches simple typos (which is most of the errors), objects like policy are just validated as arbitrary JSON which can still fail on creation
bnzmnzhnz 2017-09-22 02:23:01 @jhuizy you may want to use changesets if you are averse to converging without assurances
jhuizy 2017-09-22 02:23:03 the validation hasn’t been that great. I can’t think of an example now but I can remember it causing problems where I had a reference to an input (eg. !Ref VpcId) that wasn’t declared anyhwere. It was still valid but the tool didn’t pick it up
bnzmnzhnz 2017-09-22 02:23:44 @jhuizy CFN should spit back an undefined ref ... happens to me all the time when I typo :slightly_smiling_face:
jhuizy 2017-09-22 02:24:03 troposphere helped with the typo thing but still was a PITA for things like checking to make sure an S3 key was valid Or, for example, if a resource parameter expects a type of EC2 :: Instance :: Id and you put in something else it won’t fail until you try to upload the stack/changeset
jeremyolliver 2017-09-22 02:26:01 Yeah, that’s what I’ve found too. I think some of that is by necessity (can’t always validate), and some by missing features
bnzmnzhnz 2017-09-22 02:26:54 @jhuizy parameter types should be easy to write a linter, but you need to make sure to keep it up with the rapid changes to AWS ecosystem
jhuizy 2017-09-22 02:28:47 exactly. But just trying to figure out if its worth writing a linter for vanilla CF templates or whether most people are using other tools anyways. The benefits of vanilla CF linting is that there’s a lower barrier for new devs to work on the template. If we use CF generators (a la cfer) they would have to learn both cloud formation and cfer
jeremyolliver 2017-09-22 02:31:25 I’ve got a mix of (troposphere (python), raw JSON, and raw YAML) However, I’m not so sure that writing all raw templates scales very well. I now have a lot more templates, and currently upload them all by hand, which is getting pretty bad. I really want a CI/workflow to automatically update them, along with parameters. That workflow is likely to be way easier with a wrapper tool, than with raw template files (though not impossible) Yes, often writing the troposphere one, I had to reference CFN docs, *and* troposphere docs if there wasn’t an example of an already implemented resource

Related Questions