AWS-SysOps: AWS Certified SysOps Administrator (SOA-C01) Certification Video Training Course

AWS-SysOps: AWS Certified SysOps Administrator (SOA-C01) certification video training course by prepaway along with practice test questions and answers, study guide and exam dumps provides the ultimate training package to help you pass.

CloudFormation for SysOps

3. CloudFormation Create Stack Hands On

Let's go and create our first Cloud Formation template. And this template will create a simple ECQ instance in our infrastructure. So we will then go and add an elastic IP to it, and then we're going to add two security groups to it. but not in this lecture.

For now, let's just forget about the code syntax for confirmation. We'll look at the structure of the files later on and understand exactly how they work. So we'll see how quickly we can get started with cloud formation and EC2 instances. So let's go to the console. OK, so let's get started with cloud formation. So I'm going to go into the console of cloud formation, and in here I see three stacks: one for the code star and two for the elastic beanstalk.

So we already had a glimpse of beanstalk, code, and cloud formation before. As can be seen, this is my product environment stack as well as my environment stack. So I'm going to prod one of them. And here in the resources, we can see what was created by Ben Stalls. So we can see that 16 resources were created. That includes the auto-scaling group, the launch configuration, and so on. We've done this before, and we caught a glimpse of cloud formation while in the beam stock console. But now let's go to templates and see something really cool.

So this is the template, and this is Jason's. This is actually horrible to read, but something we can do is click on "View and Designer," which will take us to the cloud formation designer, where the UI is also atrocious. But here we go. In this Ur, we are able to view everything in our cloud formation templates and how they relate to one another. So we can see your scaling policy and auto-scaling group, your launch configuration, your alarm, and your load balancer. And if I look at the load balancer, for example, I can see the configuration of that load balancer in JSON or by converting it into YAML, and of course it is lost. I can see here the load balancer security group as an example. And this is the entire configuration here.

Okay, so this is just an introduction to confirmation. But for now, I'm going to close this designer and get back to cloud formation, and we are all pleased if you want to do this hands-on with me. We want to change the region and go to us east 1, northern Virginia. The reason is that all the confirmation templates that we're going to use in this section are meant to work in North Virginia. They could work somewhere else. However, to ensure that we are all on the same page, please select the region US-East 1. Okay, so now let's go through the creation of our first confirmation stack. This is great. We have no stacks. We're going to create a stack and add new resources, which is standard, but we could also import resources, so we could have existing resources in our cloud formation templates.

This is out of scope for the exam, so the only way we're going to do it right now is with the new resources, which is the same as clicking on the Create stack in the middle. So now we can either use an existing template, the Template Settling Template, or design one in the designer. But right now, all our templates are ready. So we're going to click on "Template is ready," and then we have two ways of doing it. Either we upload a template file or we go to Amazon and specify an Amazon Straight URL. So in our case, we're going to upload a template file, choose a file, and choose a file called Zero, just EC Two. And for now, we're not looking at the code inside that file. And then we'll click on "Next" to enter a stack name. So I'll call it, for example, the first stack. And this is just our first stack. And then there are no parameters, so we can just click on Next here. There are no tags, so that's fine. We don't have any specific permissions.

Stack policy rollback, configuration notification options, and stack creation options are all advanced options out of scope for the exam. So I'm just going to go and click on Next. Okay, so here we go. We have our template URL right here that has been uploaded to Amazon S3, and then there are no parameters and no stack options, so we can just scroll all the way down and click on Create Stack. This will now proceed to create our first confirmation stack for us. And so what we can see is that we are in a different view, under the Events tab. So under the Events tab, what we can see is that right now we are in "Create in Progress." So whenever we create a confirmation stack, this is going to be the first state. If I refresh this, you'll notice two new events, one called "My instance" and one called "Create," which is currently in progress.

And then there was a new event: resource creation was initiated. So that means that my Eco instance is actually being created. So, if I want to do a sneak peek, I'll go to the EC Two console now for us East One. So this is perfect. Go to Instances, and in here I can see my easy-to-instance already running, and if I look at the tags, it's very cool. We can see that from the tags of that EC2 instance. We are getting some cloud formation information, including the logical ID.

So my instance, the stack name that it belongs to, the first tag, and the stacked, which is the full ARN to my confirmation stack in here, So this is ideal in my case. Now it has been created. And if I just refresh, we are now in the "create complete" state. So that means my confirmation stack has successfully created my EC2 instance. Pretty neat, right? Then we can go to Resources, and this shows everything that was created by our cloud formation stack.

So we have a direct link into the EC2 console for our EC2 instance. It is very handy to have shortcuts like this outputs. As of now, we have no parameters. The templates that we created and use are referred to as templates. So this is a very simple template, and we'll be able to understand it very soon. And then, finally, we can go into the designer to look at our cloud formation template and see what I was creating. As we can see, and I'm going to zoom out to find where it is, Here's my instance.

As we can see, we have created an easy instance. Here is the corresponding YAML file, and this is a very simple template in the cloud formation designer. So that's it for this introduction lecture to go. We have created our first Cloud Formation stack, and it has created an easy instance for us. And we begin to recognize the power of infrastructure as code. That's it for me. I will see you at the next lecture.

4. CloudFormation Update and Delete Stack

So if we look at the first template we've been using, called zero, which is just EC Two dot YML, we've been saying it's a very simple template, and we'll look at its structure in detail in the future lectures. But just from reading it, I think it's quite clear. We are creating resources called my instance of type EC-2 instance.

And in terms of properties, we specify the availability zone, the image ID, or the AMI ID, and this is why we have to use east and west because we also specify the availability zone specifically, and finally, the instance type T-2 micro. Now what we want to do is update the stack. And so I've created a second stack called EC Two with the security group EIP. So that means that here we're going to have a lot more complicated templates. I won't go over it too much, but we're adding a parameter; we're changing a little bit.

That's easy. For instance, we're adding an elastic IP, a security group, and a second security group. So we can expect a lot of updates. So let's see how we can go forward with conformation and apply these updates. So we enter here and then select Updates. And then you have to choose how you want to update. You're going to use the current template, replace it, or edit it. I'm going to replace the template, upload a new file, and upload the file one easy two with SG IP this time. So the file is being loaded, it's being uploaded to Amazon for free, and then I can click on Next. Now I get prompted to enter the value of a parameter.

That's because we have designed a new section in our template. And so we'll say this is a cool security group, and this is intended to become my security group description. So I click on Next, and then in terms of tag options, we'll leave the tags, permissions, and so on. We're not showing anything right now, and we're going over everything. So the template, the parameters, and the value are great; we scroll down, and at the bottom we have something called a change set preview. This is therefore confirmation from the original template. Okay, so from this template right here to this new template right here, what is the difference and what needs to change?

So as we can see here, an elastic IP needs to be added, the EC2 instance needs to be modified, and there is a replacement true. So that means that the previous EC2 instance will be terminated and a new one will be created. That's because replacement is true. If replacement was false, that means the E2 instance will stay in place. So as we can see, we have three new things: a domestic IP and two security groups. And we have the EC-2 instance being modified and even replaced. So if we're happy with this change set with these changes in advance, then we can click on "Update Stack" and we're good to go.

So we go back into the events, and as we can see now, this stack is an update in progress to the status, and we need to just wait and see what happens. So I'm going to refresh this page, and as you can see now, two security groups have been created for me. So the creation is complete. And then, if I keep on refreshing, my instance will be updated. As we can see, a new physical EC-2 instance was created because replacement was true. So we need to wait for this. So if I go back to my EC2 instance page and refresh, I should see that yes, my second instance is being created right now due to this update.

The most intriguing aspect is that the EIP has not yet been created. The reason is cloud formation. Even though we haven't specified an order in which resources should be created, the stack template knows what to create first. As a result, it knew to first create security groups, then update the EC2 instance, and finally add an elastic IP. So Climate does this for you and determines the best order for your template creation. That is insanely cool. Now I need to wait for everything to be created. So my instance is now created, and now we're getting into the elastic IP creation process. So the creation is in progress, and we should be done very, very soon. As a result, we expect the replacement to be finished as soon as we finish well. So we expect our previous ECTwo instance to be terminated.

So let's just refresh again to see how we are. Yes, the ESP has been created, and now the first tag is undergoing a complete cleanup in progress. And during this clean up, my previous EC Two instance is being deleted. So that means that my previous EC2 instance here should be shutting down and then being terminated. So it's really cool. This confirmation template did a lot of things for us based on just a few lines of YAML description code. Okay? So if you go into resources now, you can see we have a lot more things. We have a link to the Elastic IP, the EC2 instance, and the two security groups. And so if we check it out, let's just click on the EC2 instance right now. So I'm taken directly to the EC2 instance, where I can see that, yes, an elastic IP is attached.

So if I click on the elastic IP, I can see it is right here. And if I look at this elastic IP and look at the tags, for example, we can see it is again tagged by cloud formation. So just like my two EC2 instances, this one is tagged, and we can also have a look at our security groups. So here we have two security groups. So I'm going to go into my security groups and just search for the word stack. Here we go. We have two security groups created for me. So we have our SSH security group, which contains an inbound rule for SSH, and we also have a server security group, which contains a rule for port 80.

Okay? And then finally, if we look at the description of this security group, it says this is a cool security group. So that means that the parameter that we somehow defined here and gave a value to was applied to the value of the description of that security group. And we'll see how that works as well later on in this section. That is so cool. We have created our cloud formation template and are updating it. So now what we can do is look at deletion. So if we go into our cloud formation stack and we're happy where we are, one way we could do things is go into your instances, right-click here, and then terminate it. But the problem with this is that as soon as you do this, all the other things that were created by cloud formations still remain. That includes your security groups as well as your elastic IP address.

So what we can do instead is take this confirmation stack, and then we can click on delete, and by doing so, it will delete everything in our cloud formation stack. So just click on the "delete" stack, and then confirmation will go to "delete in progress." And again, if we look at the event list, it knows what to delete first. So it is going to delete the elastic IP first, then it will go ahead and delete the EC2 instance, and finally it will go ahead and delete the security groups. And that's the whole power of cloud formation. It is very easy to create resources, update them, and delete them without trying to figure out in what order to do things. So as soon as you go and do infrastructure as code, it is extremely important for you to understand that every resource creation, update, and deletion has to happen through cloud formation. And when you get the hang of it, it becomes really, really handy and something you will not be able to go back to. So I'll just wait for this tag to be removed, but it should work on my end, and I will see you in the next episode.

5. YAML Crash Course

So YAML is what we use all across AWS for many types, including confirmation. And so cloud formation supports YAML and Jason. And these are basically some scripting languages or data languages that you can use for confirmation. And to be honest, I'll be very honest with you: Jason is absolutely horrible at cloud formation. It is unreadable. It is unprintable.

And YAML is great in so many ways. And this is what language will be used at the exam to show you some cloud formation templates. And this is what I've been using so far. So let's learn a little bit about it. Even though we've been touched with it so many times, now is the time, I think, to formalize how YAML works. And so this is a YAML file. As a result, the YAML file contains a large number of key-value pairs, also known as key-value pairs. And to me, they're very readable objects. Okay? On the left, we can simply look at it and understand it. If I ask you, what's the invoice number? You don't need to be a genius to tell me that the invoice number is 34843. And so this is great. If I tell you the date, you can also tell me the dates.

If I ask you, "Hey, what are the quantities of the product we've ordered?" You can look at the product, and then you can look within the product. There's a list of quantities, and we have four and one. So you get the idea, right? With YAML, we can have key-value pairs at the top level as well as nested objects. It has support for arrays. So, if we look at product, we can see that there is a minus sign here, which means array. So the product is an array of SKUs, quantities, descriptions, etc. And then we can look at, for example, building two. It contains a nested object named Given Chris Family DeMars. And then your dress also has a nested object within it, which is called line, city, post, state, and postal. Looking at the lines, we can see that there is multi-line string support.

So we have a small vertical bar right here. And this is called a multiline string. So we can easily add multiline strings through YAML. And we can also include comments, although they're not shown on this page. So YAML is a great way for me to read and write. Obviously, some YAML files can be quite complicated, but overall, we get the idea. Let's take a look at the simplest of the confirmations we've received. We can see this one from the YAML file. The first top-level key was resources. Then there is a second nested object within it called My Instance, which has more nested stuff within it, such as type and properties. And properties were again nested as key-value pairs. If we look at the other one, we can see we have the parameters, the top level, the resource, and more nested stuff.

And if you look at security groups, because there's a little minus sign right here, it's a list. So we have a list of security groups that we've defined right here. The first security group and the second security group So you can navigate through this and really understand that, you know, it looks like we can read this YAML template just using the small concepts we've learned from before. I encourage you to go online and learn a little bit more about YAML and even practise converting JSON documents to YAML. But overall, it is something that I think is quite easy to read. What you should really understand is that you can nest objects separately by column, key in value. And using the minus sign, you get to assign a list. So that's it for gambling. I hope this makes more sense to you now, and I will see you in the next lecture.

6. CloudFormation Parameters

Now that we've seen resources, the second-most-important one is going to be parameters. And parameters are a way to provide inputs to your average confirmation template.

They are super important to know about if you want to reuse your templates across the company or, you know, other accounts or regions. And some inputs cannot be determined ahead of time. For example, the key pair you're going to link to each of the two instances Parameters are extremely powerful; they can be controlled, and thanks to types, they can prevent errors from occurring in your templates later on. So we've used parameters before in the first hands-on, in which we basically had to specify the security group description. So it was a string, and we were asked for the security group description, which was used in the security group itself.

So you should use a parameter when basically asking yourself, "Is this cloud formation resource configuration likely to change in the future?" If so, you can make it a parameter, and by doing it as a parameter, you don't have to reapply a template to change its contents. It's a bit more stable and a bit modularized. If you do programming, and I hope you do, you know the advantages of parameters. Now, parameters can have different settings and be controlled in many different ways. I don't think the exam requires you to know all of these, but for me, and for your interest, I'm just going to name them.

You can have a type be a string number, comma-delimited list of a type, or an AWS parameter. As far as description, you can have constraints, a constraint description, a minimum and a maximum length for strings, and a minimum and a maximum value for numbers. You can have default allowed values when you want to restrict the number of values. A user can pick an allowed pattern when you want to verify the inputs of a user using a regular expression and echo if you want to pass in the secrets, basically.

So there are numerous optimizations and parameters available. For now, the only thing we've done is use a simple string parameter in our thing, and that's all you should know, I think, for the exam. So how do you reference a parameter? Well, like this, you have to use the function called ref, and so this is the first time we encounter ref and functions. But basically, interesting functions in your templates allow you to supercharge it and link things up. The ref function is one of the most used, so you use it to reference parameters, and this way you can use your parameters anywhere in your templates, so in your resources, for any type of inputs, parameters, or configurations. So the shorthand for a reference function in the game is "little exclamation point ref," and this is why it's like just a way for us to have a much nicer syntax that's easier to recognize.

You can use the FN command colon ref as well; it's whatever you want, but most likely it's going to be this exclamation point ref for shorthand. And the function can also be used to reference other elements within the templates. So in the template we've been using in the parameter section, we defined a parameter named "security group description." It turns out that if we look all the way down, the security group description was used in this security group description key, so we used the ref function to reference it. So this ref function basically says whatever the user will put as a parameter value for this parameter key, you want to use this and reference it into the group description. So it's very simple to think about; it's just a reference.

But this reference function can also be used somewhere else. It was used right here, for example, for security groups. So you can see that this reference function also references the SSH security group that was created under resources. So the ref function can be used both to reference parameters like the one before or to reference resources. So here we reference the two security groups, and within the EIP we reference my instance. So you can see that the name of the reference is the exact same name as the logical value under resources. Finally, you have a concept of sudo parameters, which are AWS-offered parameters that we can use at any time because they're enabled by default. And we only get a list of values that we might want to retrieve.

So we can get an account ID, and you can just give it the value "no value." If we don't want to return a value, we can also ask for the region in which our Avias Cloud Formation template is being run at. With USDS 2, for example, we may receive an unexpected parameter for the stack ID or stack name. Basically, you don't need to know about this too much; maybe the first one, account ID, is very important to get the value of the account ID. If you're, we'll try to construct some complicated ARN value in your confirmation template, but overall, you should just know that there is this concept of pseudo parameters, and again, you can use them at any time. Just use ARF, and you're all set. I hope that was helpful. I hope you know how they work now in your cloud formation templates, and I will see you in the next lecture.

Prepaway's AWS-SysOps: AWS Certified SysOps Administrator (SOA-C01) video training course for passing certification exams is the only solution which you need.