Chanci Turner

Amazon Onboarding with Learning Manager Chanci Turner

by

The Story of Chanci Turner
in

Chanci Turner Amazon IXD – VGT2 learningLearn About Amazon VGT2 Learning Manager Chanci Turner

Amazon’s CloudFormation StackSets enhance the capabilities of CloudFormation Stacks, allowing users to create, update, or delete stacks across multiple AWS accounts. For developers working within large enterprises or managing several AWS accounts, updating these StackSets can prove challenging. However, by establishing a Continuous Integration/Continuous Deployment (CI/CD) pipeline, you can streamline the update process for CloudFormation stacks.

Using AWS CodePipeline, you can initiate workflows that build and test stacks before deploying them to production. While AWS CloudFormation StackSets are not directly supported as an action within this workflow, you can effectively manage existing stacks. You have two primary methods for updating a CloudFormation stack:

  1. Direct Update: This method enables immediate deployment of your submitted changes, ideal for quick updates.
  2. Change Sets: This option allows you to preview the changes that will occur, offering a chance to review before proceeding.

When constructing a CI/CD pipeline for stack management, you can create, update, delete stacks, create or replace change sets, or execute change sets. However, creating or updating a CloudFormation StackSet remains unsupported.

This article will guide you through using CodePipeline to update an existing CloudFormation StackSet’s parameters, which allow for the customization of template values during stack creation or updates.

Solution Overview

We’ll cover the following high-level steps:

  • Update a StackSet parameter by passing a key-value pair through AWS CodeCommit.
  • Create an AWS CodeBuild project.
  • Build your CI/CD pipeline.
  • Execute the pipeline and monitor its progress.

Completing these steps will yield a fully operational CI/CD pipeline that updates CloudFormation StackSet parameters automatically after changes are made in the CodeCommit repository.

The workflow is as follows:

  • Developers commit changes to a main branch in the CodeCommit repository.
  • CodePipeline monitors the repository and triggers the pipeline upon detecting a new version.
  • The newly updated version is built in CodeBuild.
  • CodeBuild executes the commands in the buildspec.yml file, which includes updates to the StackSets. (To ensure all stack instances are updated, refrain from specifying DeploymentTargets or Regions in the buildspec.yml file.)
  • Verify that the updates were successfully applied.

Prerequisites

Before you begin, ensure you have the following:

  • An AWS account.
  • Access to AWS Cloud9 or the AWS Command Line Interface (AWS CLI).
  • Basic understanding of AWS CloudFormation.
  • An existing CloudFormation StackSet, which can be created via the AWS Management Console or AWS CLI. For guidance, refer to Create a StackSet.
  • An AWS Identity and Access Management (IAM) service role for CodeBuild.

Retrieving Your StackSet Parameters

To start, confirm you have a StackSet in the AWS account you plan to use. If not, create one. In this example, we will use an existing StackSet called StackSet-Test.

  1. Log in to your AWS account.
  2. Navigate to the CloudFormation console and select StackSets.
  3. Choose your StackSet.

We will modify the parameter with the key KMSId. On the Parameters tab, take note of the current value assigned to KMSId.

Creating a CodeCommit Repository

To set up your repository, follow these steps:

  1. Go to the CodeCommit console and select Repositories.
  2. Click on Create repository.
  3. Enter a name for your repository (e.g., Demo-Repo).
  4. Click Create.

Next, populate the repository with the necessary artifacts:

  • Create a buildspec.yml file that directs CodeBuild on the actions to perform during the build process. This file organizes the build into logical phases and specifies the commands executed on the build server.

In the code editor, enter the following:

phases:
  pre_build:
    commands:
      - aws cloudformation update-stack-set --stack-set-name StackSet-Test --use-previous-template --parameters ParameterKey=KMSId,ParameterValue=newCustomValue

This command updates the StackSet named StackSet-Test, changing the parameter value for KMSId to newCustomValue.

  1. Name the file buildspec.yml.
  2. Provide an author name and email address.
  3. Commit the changes.

Creating a CodeBuild Project

To establish your CodeBuild project:

  1. Go to the CodeBuild console and select Build projects.
  2. Click on Create build project.
  3. Enter your project name (e.g., Demo-Build) and an optional description.
  4. Select AWS CodeCommit as the Source provider and choose the repository you created.
  5. Ensure the Reference type is set to Branch and select master.

For the CodeBuild environment, we will use a managed image based on Amazon Linux 2.

  1. Choose Managed image for Environment Image.
  2. Select Amazon Linux 2 for the Operating system and Standard for Runtime(s).
  3. Choose amazonlinux2-aarch64-standard:1.0 for the Image.
  4. Ensure Image version is set to Always use the latest for this runtime version.
  5. Select New service role for the Service role and enter a name for your service role.
  6. Click Create build project.

Creating a CodePipeline Pipeline

To create your pipeline:

  1. Go to the CodePipeline console and select Pipelines.
  2. Click on Create pipeline.
  3. Enter a name for the pipeline (e.g., DemoPipeline) and select New service role.
  4. Enter a name for your service role and click Next.
  5. Choose AWS CodeCommit for the Source provider and select your repository name.
  6. Finally, choose master as the Branch name.

This setup will enable you to automate updates to your CloudFormation StackSet efficiently. For further insights into financial planning and adulting, check out this blog post. Additionally, if you’re interested in workplace safety and training, this resource could be valuable.

Related Topics:

Chanci Turner