AWS Cloudformation is a service that helps us initiate aws resources using json or yaml files. It’s know as IaaS (Infrastructure As A Service).

Structure of the Document

  • AWS Template Format Version: It contains the version of the file.
  • Description: It basically the description of what the script will do written by the owner of the script. It’s a string field.
  • MetaData: This contains the properties of the templates.
  • Parameters: Any values we pass to the templates
  • Mappings: Dependencies between our AWS resources.
  • Conditions: we add these when stack is being created.
  • Outputs: The outputs are the ones displayed when are stack is created.
  • Resources: The AWS Resources we need to initiate. (The most important part)

Example CloudFormation.

A simple CloudFormation script that initiates EC2 instances with SSH

{
  "Description": "Create an EC2 instance by AWS CloudFormation",
  "Resources": {
    "SecurityGroupDemoSvrTraffic": {
      "Type": "AWS::EC2::SecurityGroup",
      "Properties": {
        "GroupName": "ssh-group",
        "SecurityGroupIngress": [
          {
            "IpProtocol": "tcp",
            "FromPort": 22,
            "ToPort": 22,
            "CidrIp": "0.0.0.0/0",
            "Description": "For traffic from Internet"
          }
        ],
        "GroupDescription": "Security Group for demo server",
        "VpcId": "[Find you VpcId in VPC-->Subnets]"
      }
    },
    "EC2InstanceDemoSvr": {
      "Type": "AWS::EC2::Instance",
      "Properties": {
        "AvailabilityZone": "[Find you AvailabilityZone in VPC-->Subnets]",
        "ImageId": "[Find your ImageId in EC2-->Launch Instance-->Step1]",
        "InstanceType": "[Find your InstanceType in EC2-->Launch Instance-->Step2]",
        "KeyName": "[Find your KeyName in EC2-->Key Pairs]",
      }
    }
  }
}

Starting Windows Machine using CloudFormation

Description: "A simple script that starts Window EC2 instances on AWS Cloud"
Resources:
  WinInstance:
    Type: "AWS::EC2::Instance"
    Properties:
      SecurityGroups:
        - !Ref InstanceGroupSecurity
      InstanceType: # t1.micro
      KeyName: # Your key
      ImageId: ""
  InstanceGroupSecurity:
    Type: "AWS::EC2::SecurityGroup"
    Properties:
      GroupDescription: '' # Description
      SecurityGroupIngress:
        - IpProtocol: # Enter Protocol Like TCP
          FromPort: # RDP Port
          ToPort: 3389
          CidrIp: 0.0.0.0/0

About the Author

Muhammad Raza is a Senior DevOps Engineer and former AWS Professional Services Consultant with 5 years of experience in cloud infrastructure, CI/CD automation, and DevOps solutions. He has helped numerous clients optimize AWS costs, implement Infrastructure as Code, and build reliable deployment pipelines.

Need help with your DevOps workflows? I'm available for consulting on CI/CD pipelines, infrastructure automation, and AWS architecture. Book a free 30-min call or email me.

Connect on LinkedIn Follow on X/Twitter GitHub