►
From YouTube: Infrastructure as Code Cookbook - AWS Cloud Formation in Action - Maciej Józefczyk, Grape Up
Description
With a DevOps culture becoming a standard, we face automation everywhere. It simplifies and shortens our daily duties, which de facto leads to cost optimization. Additionally, our infrastructure gets more and more complicated as we evolve towards cloud-native and microservice architectures. That is why Infrastructure as code (IaC) came up. It’s an answer to the growing complexity of our systems. In the webinar, Maciek focuses on what Infrastructure as Code actually means, its main concepts, and gently fills you in on AWS Cloud Formation. We’ll also get some hands-on experience building and spinning up Enterprise Level Infrastructure as Code.
A
A
A
The
quote
comes
from
the
google
sre
book,
which
I
highly
recommend
and
I've
put
it
here
because
in
my
in
my
opinion,
it
is
brilliant
because
it
explains
in
a
simple
words,
how
important
is
automation
nowadays,
and
I
would
like
the
notion
of
this
code
to
be
a
live
motif
of
this
presentation
and
of
course
this
is
the
actual
actual
topic
lecture
topic
which
you
should
already
know.
I'm
today,
I'm
gonna
say
a
few
words
about
how
I
understand
infrastructure.
A
As
a
code
and
later
on,
I'll
gently
fill
you
in
when,
with
one
of
the
infrastructure
infrastructures,
I
could
solutions
which
is
amazon,
web
services,
blood
formation
and
worth
mentioning
is
that
is
that
throughout
the
presentation,
I'm
gonna
use
the
aws
clouds
concepts
and
the
nomenclature,
so
the
basic
basic
cloud,
computing,
knowledge
or
aws
knowledge
would
be
would
be
great,
would
help
to
understand
the
content
so
before
we
actually
get
to
the
remedy,
which
is,
of
course,
infrastructure
as
a
code
I
would
like
to.
A
It
would
be
great
to
recall
the
reasons
why
something
like
I
first
distracted,
the
code
even
came
up,
so
I'm
seeing
I'm
sure,
you've
seen
such
articles
many
times
in
your
life
before
someone
got
built
for
14k.
Some
service
is
done
for
a
week
because
of
the
because
aws
data
center
went
down,
or
even
some
data
centers
sometimes
burns
down,
and
there
is
one
thing
that
people
who
got
affected
by
this
situation
have
in
common.
They
have
never
asked
themselves
the
question.
A
What
would
happen
if
these
things
happen
and
they
have
never
thought
how
much
the
infrastructure
really
costs
or
what
they
are
going
to
do
when
their
data
center
burns
down.
A
A
But
the
question
which
arises,
of
course,
is
how
do
we
prevent
such
a
situation
to
happen
and
well,
of
course,
a
simple
answer
to
that
is
infrastructure
as
a
code
and
to
describe
the
foundation
of
intersections
as
a
code.
We
can
use
a
metaphor
and
compare
it
to
our
modern
factories,
where
the
machinists
are
the
main
remaining
leaders
possible
for
assembling
a
car.
The
person
actually
just
has
to
provide
the
appropriate
parts,
and
the
construction
part
actually
is
automated
by
the
machines
and
by
infrastructure
as
a
code,
we
as
a
developers
or
devopses.
A
We
would
like
to
do
the
same.
We
would
like
to
like
two
machines
to
fold
to
assemble
our
infrastructure
for
us.
While
we
are
drinking
our
coffees
and
the
infrastructure,
physical
is
nothing
more
than
a
set
of
rules
that
tells
you
how
to
automate
the
infrastructure,
how
to
automate
the
infrastructure,
referring
it
to
the
factory.
It
tells
us
what
parts
parts
to
provide
and
how
to
provide
them.
A
One
of
the
main
objective,
of
course,
is
all
is
to
handle
the
infrastructure
deployment
in
a
similar
similar
fashion.
We
used
to
automate
application
deployment
okay
before
we
actually
move
to
infrastructure
as
a
code
in
practice
practice.
Let's
recall
how
our
infrastructure
setup
looked
in
pre-automation
era,
so
this
is
most
probably
how
your
life
looks
like
now,
you
usually
open
aws
console
you
create
some
dpcs
vms.
A
You
forgot
to
create
a
security
group,
so
you
do
that
you
create
another
great
base,
etc,
etc.
Lots
of
clicking
so
and-
and
this
is
how
your
life
will
look
like
after
this
presentation-
we're
gonna
use,
aws
cli,
along
with
cloud
formation
and
with
a
simple
command,
we'll
create
something
that
is
called
stack
which
I'll
describe
describe
later.
A
We're
gonna
use
a
single
amplifier
file
and
we're
gonna
name
the
stack
infrastructure
and
launch
it
in
one
of
the
eu
aws
region.
In
this
particular
case,
it's
it's
going
to
be
a
frankfurt
region
and
when
I
click
enter,
our
infrastructure
will
appear
and
after
our
work
is
done,
and
we
don't
need
our
infra
anymore,
we'll
use
a
single
delete,
stack
command
so
that
we
can
easily
delete
all
of
the
infrastructure
we
created
beforehand.
A
These.
Basically,
these
commands
are
the
crooks
of
this
presentation
and
we'll
use
them
later
on.
Okay.
So
how
do
I
do
that
and
how
it
actually
works-
and
I'd
like
to
explain
this
with
a
metaphor
and
a
metaphor-
will
of
course
be
a
cooking
process
today,
we'll
cook
a
dish,
that's
called
polish
calamaris
and
the
question
is
what
it
takes
to
prepare
such
a
sophisticated
dish.
A
A
We
also
need
to
have
a
method
which
is
like
an
algorithm
and
last
but
not
least,
we
have
the
cook
that
the
cook
that
who
will
use
the
method
to
turn
the
ingredients
into
into
an
actual
dish-
and
why
am
I
talking
about
this?
Well
because
this
is
exactly
the
way
the
infrastructure,
as
a
code
works,
to
have
the
automated
infrastructure
which
follows
the
the
iac
guidelines.
We
need
these
three
elements,
the
ingredients.
A
So
in
our
case,
this
is
going
to
be
the
description
of
our
of
our
cloud
resources
in
a
text,
format,
the
method,
so
the
algorithm
that
tells
us
how
to
run
these
and
a
cook.
So
the
software
that
will
take
the
resources
description
that
will
take
the
resources,
description,
an
algorithm
and
turn
them
into
an
actual
cloud
resources
happy.
Happily,
these
two
elements
are
handled
for
us
by
aws,
and
the
only
thing
that's
left
is
to
prepare
the
ingredients
and
that's
what
we're
gonna
do
in
a
while.
A
Okay
enough,
let's
start
leaning
towards
the
practical
use
case
and
as
aforementioned
as
for
mentioned,
ingredients
are
in
fact
description
of
cloud
resources
we
need
to
use
and
when
I
say
descriptions,
I
really
mean
descriptions
in
a
text.
Format
same
like
application
code
is
written
in
some
programming
languages
like
java
or
c
plus,
plus
to
implement
our
infrastructure.
So
virtual
machines
network
databases,
we
can
either
use
json
or
jam
format.
A
A
A
So
what
are
the
building
blocks
of
cloud
script
where
well,
first
and
foremost,
and
the
outermost
element?
Is
the
concept
called
template
and
in
a
simple
works?
It's
just
a
yammer
file
jam
or
json
file
that
serves
as
a
bucket
for
the
rest
of
the
cloud
formation
elements,
and
it
looks
like
pretty
much
looks
like
this.
A
Let
me
know
if
the
font
size
is
is
pro
is
well.
Can.
A
So
yeah
it
looks
like
looks
like
this
note
that,
of
course,
beside
the
file.
We
also
have
some
preamble
inside
these
are
really
negligible
at
this
point,
but
we
have
the
template
version
and
the
description
of
what's
going
to
be
inside
the
template
and
the
next
element.
A
A
The
key
will
be
our
internal
name
of
the
resource
and
the
value
will
be
the
actual
resource
definition.
For
starters,
let's
put
a
vpc
in
there
vpc,
so
the
isolated
virtual
network,
okay,
first
off,
we
of
course
have
to
start
with
putting
a
resources
section
right
there.
So
here
we
are,
as
I
said,
we
start
with
the
with
the
name
of
the
resource.
A
Next,
we
have
to
pinpoint
that
the
resource
we
want
is
actually
vpc
to
do
it.
We
have
to
define
type,
which
is
mandatory
element
of
each
cloud
formation
resource.
A
So,
let's
do
it
type
and
the
type
is
going
to
be
aws,
ec2,
vpc,
of
course,
okay.
The
next
mandatory
element
is,
is
properties
section.
Each
resource,
of
course,
will
have
its
own
set
of
fixed
properties.
A
A
A
We
can
see
that
we
have
one
stack
in
place:
it's
called
infrastructure,
as
I
said
beforehand,
and
it's
already
it's
already
already
already
created.
We
can
see
that
there
is
the
description
we
put
in
the
cloud
formation
script
and
the
stack
identifier
and
in
the
resources
tab.
We
can
see
that
rvpc
is
in
here.
A
A
A
Let's
put
a
cider
block
there,
we
have
to
remember
that
that
the
cider
block
of
the
pc
vpc
have
to
be
inside
the
the
of
the
subnet
has
to
be
inside
the
vpc
cider
block.
So
let's
define
it
with
a
mask
of
24
and
the
next
required
property
is,
of
course,
as
I
said,
vpc
id,
and
this
one
is
interesting
because
to
define
it
we're
going
to
use
something-
that's
called
intrinsic
function.
A
Of
course
the
value
should
be
the
identifier
of
the
vpc
that
we
just
created
above
okay,
so
we
so
we
need
to
have
some
kind
of
function
that
will
reference
the
id
of
the
vpc
and,
of
course,
to
do
that.
We're
gonna
use
a
reference
function
and
the
syntax
goes
like
this
exclamation
mark
ref
and
our
internal
internal
name
of
the
vpc
and
again,
at
this
point
we
should
be
ready
to
create.
It
should
be
good
to
create
to
update
the
stack
so
I'll,
just
type
update.
A
A
A
First
required
property
of
the
ec2
instance.
The
first
required
property
will
be
the
instance
type,
so
we
will
use
the
dual
core
one
gigabyte
from
machine
which
in
aws
nomenclature
is
called
t3
micro.
A
Next,
we
have
to
pinpoint
the
operating
system
image.
Then
the
name
of
the
property
is
image
id
and
the
value
is,
of
course,
the
identifier
of
the
image.
Now
we
have
to
find
find
out.
What's
the
identifier
of
the
operating
system,
image
that
we're
going
to
use,
so,
let's
see
if
we
can
find
it
in
aws
console.
A
I
can
open
the
ec2
dashboard
click
launch
instance,
and
in
here
we
can
see
the
list
of
available,
let's
say
operating
system
images.
This
is
called
in
amazon.
This
is
called
ami,
so
amazon
machine
image,
and
we
can
see
that
in
each
row
there
is
an
identifier
in
here.
So
let's
say
I'm
going
to
use
the
first
one,
so
amazon,
linux,
2
image.
So
let's
put
it
here.
A
Okay
and
of
course,
since
we
would
like
to
run
our
ec2
machine
inside
our
subnet,
we
just
created,
we
need
to
use
an
optional
property
called
subnet
id.
A
A
Okay,
this
was
the
last
research
resource
that
I
wanted
to
to
create.
Now,
if,
in
future,
you'll
need
a
comprehensive
documentation
about
specific
aws
resource
and
its
mandatory
properties,
you
can
just
google
the
resource
name
of
a
cloud
formation
suffix,
just
like
this.
A
A
Of
course,
each
script
might
might
be
parameterized
and
we
can
use
such
parameters
to,
for
example,
create
a
copy
of
our
infrastructure
with
some
customized
setting
just
for
a
testing
purposes,
for
example,
let's
let's
parametrize
the
cider
block
to
do
it.
First,
we
have
to
define
the
parameter
sections.
A
So
in
our
case
we're
going
to
parameterize
a
vpc
cider
block,
so
let's
put
them
vpc,
filer
block,
variable
name
and
inside
we
have
the
definition,
and
one
property
of
the
definition
is,
of
course,
the
type.
So
in
our
case,
this
is
going
to
be
a
string
and
also
we
can
define
default
value,
and
this
is
going
to
be
the
value
that
we
used
until
now.
A
Also,
I've
changed
the
names
to
the
infrastructure
version
two
so
that
we
have
a
copy
of
our
structure,
not
to
avoid
replacing
the
actual
infrastructure
but
to
have
a
copy
of
the
infrastructure.
Instead.
Okay,
let's
paste
it
here
into
the
terminal:
okay,
and
we
see
the
typo
I've
put
a
default
with
a
lowercase.
It
should
be
uppercase.
A
A
A
A
Okay,
going
back
to
the
presentation
of
course,
of
course
there
are.
These
are
not
the
only
aw
cloud
formations
elements
sections
available,
because
besides
these,
we
also
have
a
metadata
section
rules,
section
conditions,
sections
mapping,
etc,
etc.
A
A
Okay,
so
here
we
are.
This
is
the
full
picture
of
the
cloud
formation
elements
that
I
wanted
you
to
that.
I
wanted
you
to
show
you
today
and
I
would
like
to
add
one
more
thing.
You
should
remember
that
what
I've
shown
you
today
is
just
the
tip
of
the
iceberg.
A
The
cloud
formation
is
much
more
than
what
I've
shown
today
and
if
you
would
like
to
just
take
a
little
bit
deeper
dive
into
cloud
formation.
Together
with
we
have
cappuccinski
my
colleague
from
grape
up,
we
prepared
a
series
of
articles
about
the
enterprise,
great
enterprise-grade
infrastructure
setup.
The
the
articles
guides
you
through
both
manual
and
automated
setup,
based
on
cloud
formation.
A
A
So,
if
you're
interested,
the
link
will
be
available
on
the
last
slide,
and
I
know
that
all
of
this
might
look
complex
at
this
point,
but
believe
me
once
you
delve
into
infrastructure
as
a
code,
you'll
feel
like
a
fred
flintstone
who
changed
his
vehicles
to
the
newest,
mercedes
g-class
and,
as
we
approach
the
end
of
this
presentation,
I'd
like
to
to
quickly
quickly
sum
up
the
benefits
that
infrastructure,
as
our
code
gives
us
so
first
element,
is
the
disaster
recovery
as
you've
already
seen
today,
where
we
were
able
to
spin
up
between
infrastructure
in
just
a
few
seconds.
A
A
Okay.
The
next
point
is
that
it
input
infrastructure.
This
is
actually
a
nice
feature
that
most
of
the
infrastructural
code
tools
offer.
The
basically
idempotency
means
that
no
matter
how
many
times
you
run
your
script
infrastructure
as
a
code,
script.
A
No
matter
how
many
times
you
run
it
and
what
is
your
start
starting
state?
You
will
always
end
up
with
the
the
same
end
state,
so
this
simplifies
the
provisioning
provisioning
of
the
infrastructure
and
reduces
the
chances
of
the
inconsistent
results
and,
last
but
not
least,
of
course,
versioning
audit.
A
So
since
guiding
principle
of
infrastructure
as
a
code
is
to
keep
your
scripts
in
a
version
control
system
like
a
git,
you
get
versioning
and
add
it
out
of
the
box.
A
Okay,
that's
all
I've
prepared
for
today.
Thank
you
very
much
for
your
attention.
I'm
leaving
you
with
another
smart
code,
and
I
think
we
can.
I
think
we
can
move
now
to.