New Training: Self Service Catalog using AWS CloudFormation
In this 8-video skill, CBT Nuggets trainer Bart Castle teaches you how to implement advanced CloudFormation templates for IAM and other AWS resources. Gain an understanding of the S3Objects Transform macro, user secret access key, and the importance of offering secure, simplified self-service options to cloud users and administrators. Watch this new AWS training.
Watch the full course: AWS Certified SysOps Administrator – Associate
This training includes:
- 8 videos
- 1.1 hours of training
You’ll learn these topics in this skill:
- Enabling Self-Service with CloudFormation
- Designing Multi-Layer CloudFormation Solutions
- S3 Bucket Base Lab Template and Stack
- Permissions Template and Stack
- Deploying the S3Objects Transform Macro
- Creating the New Lab User Template
- Deploying the Service Catalog Product
- Testing User Permissions and the Lab Environment
What is AWS CloudFormation?
AWS CloudFormation is a service that can help you model and set up the AWS resources that you will need. By using CloudFormation, you can spend your time focused on your application instead of managing cloud resources. CloudFormation can simplify infrastructure management, quicken replication of infrastructure, and both control and track changes made to the infrastructure.
You use CloudFormation by creating a template that specifies the AWS resources that you will use. The service then uses what are called stacks to provision and configure these services. If you need to change resources running in a stack, you can generate a changeset before updating the stack. This will show you the impact of the changes.
Should changes need to be reverted, CloudFormation implements mechanisms for developers to review any changes that were previously made. Revision controls act as a method for source control, much like Git, but for CloudFormation templates.
It should be noted that CloudFormation will only perform actions that you have permission to perform. So, if you have a stack that creates an EC2 instance, for it to work, you need permission to create an EC2 instance. Likewise, it can be configured so that it works with delegating privileges so only approved resources can be created.