AwsCftTools
CloudFormation and related services provide a way to manage infrastructure state in "the cloud." This
gem and its included command (aws-cft
) build on top of this state management system to create an
infrastructure management solution native to the AWS environment.
Installation
Add this line to your application's Gemfile:
gem 'aws-cft-tools'
And then execute:
$ bundle
Or install it yourself as:
$ gem install aws-cft-tools
Usage
The aws-cft
command provides access to a number of run books that manage different tasks.
aws-cft deploy
to deploy CloudFormation templatesaws-cft diff
to see differences between local and deployed CloudFormation templatesaws-cft hosts
to list running EC2 instancesaws-cft images
to list available AMIsaws-cft init
to initialize a new infrastructure projectaws-cft retract
to remove deployed CloudFormation templatesaws-cft stacks
to list CloudFormation stacks
See USAGE.adoc
for more details.
Template organization
CloudFormation templates are managed in any number of directories that correspond to infrastructure
layers. For example, vpcs
, networks
, security
, and applications
. The layers are completely
arbitrary.
Templates also belong to a "role" based on their participation in the infrastructure. The role is defined with metadata in the template:
Metadata:
Role: foo
Templates are deployed or retracted based on their dependency order. The scripts try to discover this
by examining the values exported by one template and imported by another. When this fails to describe
the proper dependencies of a template, you can add an explicit dependency in the template's Metadata
:
Metadata:
DependsOn:
Templates:
- relative_path_to/template.yaml
This follows the pattern for listing explicit dependencies between resources in a template.
Development
After checking out the repo, run bin/setup
to install dependencies. Then, run rake spec
to run the
tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version,
update the version number in version.rb
, and then run bundle exec rake release
, which will create a git
tag for the version, push git commits and tags, and push the .gem
file to
rubygems.org.
Building Gem for Local Use
bundle install --deployment --without development test
gem build ./aws-cft-tools.gemspec
Minimum IAM Policy to run initial script
{
"Sid": "aws-cft",
"Effect": "Allow",
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeTags",
"ec2:DescribeImages",
"ec2:DescribeImageAttribute"
],
"Resource": [ "*" ]
}
Security Policy
Please do not submit an issue on GitHub for a security vulnerability. Please contact the development team through the Certify Help Desk at [email protected].
Be sure to include all the pertinent information.
License
Aws-cft-tools is licensed permissively under the Apache License v2.0. A copy of that license is distributed with this software.
Contributing
We welcome contributions. Please read CONTRIBUTING.md
for how to contribute.
We strive for a welcoming and inclusive environment for the aws-cft-tools project.
Please follow this guidelines in all interactions:
- Be Respectful: use welcoming and inclusive language.
- Assume best intentions: seek to understand others' opinions.