Cloudformation is an infrastructure as code (iac) tool that gives us the super powers to easily replicate infrastructures on AWS platform and also gives the users the ability to easily control and track changes to the infrastructure.
Cloudformation helps set up AWS resources using templates written in json or yaml format which reduces the time spent on managing the resources and gives us more time to focus on the application running in AWS. To read more on the super powers of cloudformation, please find the documentation here.
This article comprises on how to use cloudformation to spin up ecr repo on AWS. Should in case you're interested on how to use terraform to spin up ecr repo, please find my article on how to do that here.
Prerequisite:
Download and install AWS CLI so you can interact with AWS services from your command line interface
Configure your AWS credentials via your cli using AWS configure command. To do that, you need to create a user using IAM on AWS.
Project Structure
For this project, we need three files as seen and explained below:
ecr.yml: This is the cloudformation template used in creating the ecr repo resource on AWS.
ecr.json: This is the cloudformation parameters that allows us to dynamically input values whenever a stack is created or updated. Cloudformation parameters are written in json format.
create.sh: This is mainly a file that contains the command that creates the cloudformation stack instead of typing the command repeatedly.
Ecr_cloudformation
- ecr.yml
- ecr.json
- create.sh
Project configuration
Step 1: Open up the ecr.json file, paste the following code in it and save. This is our parameter template.
[
{
"ParameterKey": "repoName",
"ParameterValue": "ecr"
}
]
Step 2: Open up the ecr.yml file, paste the following lines of code in it and save. This is our resource template written in yaml format and the indentation is very important.
AWSTemplateFormatVersion: 2010-09-09
Description: Elastic Container Registory Repository using Cloudformation
#------------------------
# PARAMETERS
#------------------------
Parameters:
repoName:
Description: Name for ecr repo
Type: String
#------------------------
# RESOURCES
#------------------------
Resources:
ecrRepo:
Type: AWS::ECR::Repository
Properties:
RepositoryName: !Sub ${repoName}-repo
ImageScanningConfiguration:
ScanOnPush: true
line 1: This identifies the capabilities of the template and the only valid version value is 2010-09-09. The value must be a literal string and this section is optional.
line 2: This section enables you to add comment about the template and it is optional.
line 7 - 10: This is the parameter section and the parameter declared here is repoName with its default value declared in the ecr.json file.
line 15 - 21: This is the resource section that declares the AWS resources you want to include in the stack. The resource declared here is ecrRepo. Under the properties, the repositoryName made use of the parameter by substituting it with additional extension -repo.
Step 3: To spin up the resources, we will be using cloudformation create-stack command but we will be including it in the create.sh file we created so it can be easily accessed and used.
Open up the create.sh file and add the following command to it:
aws cloudformation create-stack --stack-name $1 --template-body file://$2 --parameter file://$3 --region=us-east-1
Before you can execute that command, you need to move into the project directory and give the create.sh file execute access by using the command below:
chmod +x create.sh
After the file has been given execute access, you can then safely create the cloudformation stack that will spin up the ecr repo using the command below:
./create.sh ecr-repo ecr.yml ecr.json
The response above shows that the cloudformation stack has been created successfully.
Note the following in the create.sh file:
$1 = ecr-repo
$2 = ecr.yml
$3 = ecr.json
Completely created cloudformation stack
You have successfully created an elastic container registry repository using cloudformation and you can safely publish your container images to it.
Thank you for reading to the end. Kindly reach out to me in the comment section if you have any questions or on LinkedIn and Twitter on ways to improve or to say hi.
Till next time, cheers.
Top comments (0)