Menu
I´m using AWS CLI and CloudFormation, and I could not find any reference in the documentation.
Does anybody know if it´s possible to create a CloudFormation template from a current configuration.
Let´s say that I want to get a CloudFormation template from my current security group configuration.
Any idea if it´s possible to export that configuration as a template using CLI?
541
To export client configuration (console)Open the Amazon VPC console at https://console.aws.amazon.com/vpc/ . In the navigation pane, choose Client VPN Endpoints. Select the Client VPN endpoint for which to download the client configuration and choose Download Client Configuration.
Create a stack from existing resources using the AWS Management Console. Sign in to the AWS Management Console and open the AWS CloudFormation console at https://console.aws.amazon.com/cloudformation . On the Stacks page, choose Create stack, and then choose With existing resources (import resources).
To export a stack's output value, use the Export field in the Output section of the stack's template. To import those values, use the Fn::ImportValue function in the template for the other stacks. For a walkthrough and sample templates, see Walkthrough: Refer to resource outputs in another AWS CloudFormation stack.
Based on our experience we found 3 possible ways to translate existing manually deployed (from Web Console UI) AWS infra to Cloudformation (CF).
Using a new CloudFormation native introduced feature (since Nov 2019) that allows you to Import existing resources into a CloudFormation stack
Using aws cli execute $aws service_name_here describe for each element that make up your stack eg for RDS Database Stack:
Type: AWS::RDS::DBInstance,Type: AWS::EC2::SecurityGroup,Type: AWS::RDS::DBSubnetGroup andType: AWS::RDS::DBParameterGroup And manually translate to CF based on the outputs obtained from the aws cli for each of the components. This approach usually requires more experience in both AWS and CF but the templates that you are creating can be structured and designed under good practices, fully parameterized (Sub, Ref, Join, Fn::GetAtt:, Fn::ImportValue), modular, applying conditions and in a 1st iteration the result would probably be close to the final state of the templates (interesting reference examples: https://github.com/widdix/aws-cf-templates/).
Extra points! :)
Using Terraforming (https://github.com/dtan4/terraforming). Considering the new version of Terraform 0.12.0-beta2 (already supported in stable release by terraform-provider-aws 2.7.0), with new features and its more friendly syntax, and without ignoring that it is an open source tool and cloud-provider agnostic, I would no dismiss the possibility of generating Terraform code based on existing AWS infra, if possible under the form of modules and sub-modules having as reference -> https://registry.terraform.io/ as an alternative to AWS CF.
Some other new alternatives to export your current deployed AWS infra to Cloudformation / Terraform code:
Related Article: https://medium.com/@exequiel.barrirero/aws-export-configuration-as-code-cloudformation-terraform-b1bca8949bca
132
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
