# Why AWS CloudFormation May Not Be Ready for Production Use
Written on
Chapter 1: Understanding AWS CloudFormation's Limitations
Have you ever questioned why AWS CloudFormation might not be the best choice for production environments?
AWS CloudFormation is a tool created by the AWS team to facilitate Infrastructure as Code in cloud computing. However, many users find that competing tools like Terraform and Pulumi offer greater capabilities, making them preferable options. If you’re considering diving into the AWS CloudFormation ecosystem—perhaps due to a commitment to AWS—this article will help you assess whether it’s the right choice for you.
In software development, there's a key principle known as DRY—Don’t Repeat Yourself. The typical approach involves packaging your software into external libraries that can be hosted internally, making them accessible to various microservices without the need for repetitive code.
Section 1.1: The Challenge of Modules and Packages
For instance, Terraform allows you to create reusable modules that can be shared across your organization, promoting best practices and ensuring everyone adheres to standards. This also allows for swift responses to any security concerns that may arise.
In contrast, CloudFormation modules don’t function in the same way. While you can create resources as templates, the versioning across different AWS accounts can lead to inconsistencies. Before you can utilize a CloudFormation module, you must register it in the specific account and region. Imagine needing to register a module in ten different AWS accounts across two regions!
Moreover, each account manages its own version of the module, which can lead to different versions being present in separate accounts, even if they should theoretically refer to the same version.
Section 1.2: Creating Multiple Similar Resources
Consider a scenario where you want to create an Amazon Elastic Container Registry (ECR) configuration multiple times. If you need to set this up 50 times with varying repository names, how would that look in Terraform?
variable "ecr_repository_names" {
description = "List of names for ECR repositories"
type = list(string)
default = ["repo1", "repo2", "repo3"]
}
resource "aws_ecr_repository" "ecr_repositories" {
count = length(var.ecr_repository_names)
name = var.ecr_repository_names[count.index]
}
Now, compare that with CloudFormation's approach:
AWSTemplateFormatVersion: 2010-09-09
Resources:
ecrRepository1:
Type: AWS::ECR::Repository
Properties:
RepositoryName: repo-oneecrRepository2:
Type: AWS::ECR::Repository
Properties:
RepositoryName: repo-twoecrRepository3:
Type: AWS::ECR::Repository
Properties:
RepositoryName: repo-three
...
In CloudFormation, you would have to replicate your code 50 times. This raises the question: how would you efficiently implement a change across all instances?
The only workaround is to use a count macro, which may work in simple scenarios but can fail in more complex situations.
Chapter 2: Embracing the AWS Cloud Development Kit
Fortunately, the emergence of the Cloud Development Kit (CDK) provides a significant advantage for those looking to integrate programming languages with CloudFormation.
Now, instead of manually creating multiple repositories, you can write a simple loop in your preferred programming language to generate them. This also resolves the issues related to modules, as you can share code snippets within a library (like JavaScript or Python) and leverage the full capabilities of the programming language.
Creating Simple AWS CloudFormation Stack and Change Set
This video demonstrates how to easily create a CloudFormation stack and manage change sets effectively.
CloudFormation IaC Generator - Ready to Use?
Explore the functionalities and readiness of the CloudFormation Infrastructure as Code generator in this insightful video.
Conclusion
This article aims to clarify your understanding of Infrastructure as Code tools. Always strive for the most effective solutions rather than just the easiest or quickest. If you find yourself choosing between CloudFormation and CDK, I highly recommend exploring CDK. In the long run, it will greatly benefit your development practices!