J Cole Morrison
J Cole Morrison

J Cole Morrison

DevOps Specialist, Software Engineer, former Techstars Hackstar, and Founder / Instructor at AwsDevops.io!



Complete Guides:

CloudFormation Complete Guide

The Complete CloudFormation Guide: Functions, Pseudo Parameters, & Conditions Part 2

Posted by J Cole Morrison on .

The Complete CloudFormation Guide: Functions, Pseudo Parameters, & Conditions Part 2

Posted by J Cole Morrison on .

The Complete CloudFormation Guide Functions Pseudo Parameters Conditions part 2

Table of Contents

  1. Introduction
  2. What Are We Doing?
  3. The Video: Functions, Pseudo Parameters, & Conditions Part 2
  4. The Template So Far
  5. Next Steps
  6. The Complete CloudFormation Guide Index

Introduction

In the last post, we discussed our three big topics for this two-parter: Functions, Pseudo Parameters, and Conditions. We learned about a new intrinsic function (GetAtt) and how each of them works. So now, we're going to take this new knowledge and put it into practice.

This time around we're going to practice by adding the option of SSH access on our Security Group, starting with making a new Parameter. We'll also discuss two new condition functions - Fn::Equals and Fn::If.

In the end, our template will be set up to conditionally allow SSH access based on user input through our parameters. Next, we'll be moving onto a new topic: Mappings!

What Are We Doing?

In the part 2 video, we will seek to put our new knowledge of functions, pseudo parameters, and conditions (from the last post) into practice by modifying our AWS CloudFormation template to conditionally allow SSH access to our Security Group. We'll also add two new condition functions to our tool kit: Fn::Equals and Fn::If.

The Video: Functions, Pseudo Parameters, & Conditions Part 2

The Template So Far

{
  "AWSTemplateFormatVersion" : "2010-09-09",
  "Description": "A CFN template for learning",
  "Metadata": {
    "Author": { "Ref": "ParamAuthorName" }
  },
  "Parameters": {
    "ParamAuthorName": {
      "Type": "String",
      "Description": "Owner of the CFN Template."
    },
    "ParamAllowSSHFromRange": {
      "Type": "String",
      "Description": "IP CidrBlock to allow SSH access. i.e. 100.100.100.100/32",
      "Default": "0.0.0.0/0"
    },
    "ParamAllowSSHAccess": {
      "Type": "String",
      "Default": "true",
      "AllowedValues": ["true", "false"],
      "ConstraintDescription":"Whether to allow SSH access into the EC2 server"
    }
  },
  "Conditions": {
    "AllowSSHAccess": {
      "Fn::Equals": [{ "Ref": "ParamAllowSSHAccess" }, "true"]
    }
  },
  "Resources": {
    "SecurityGroup": {
      "Type": "AWS::EC2::SecurityGroup",
      "Properties": {
        "GroupDescription": "Security group for SSH and HTTP access",
        "SecurityGroupIngress": [
          {
            "IpProtocol":"tcp",
            "FromPort":"80",
            "ToPort":"80",
            "CidrIp": "0.0.0.0/0"
          },
          {
            "Fn::If": [
              "AllowSSHAccess",
              {
                "IpProtocol":"tcp",
                "FromPort":"22",
                "ToPort":"22",
                "CidrIp": { "Ref": "ParamAllowSSHFromRange" }
              },
              {
                "Ref": "AWS::NoValue"
              }
            ]
          }
        ]
      }
    }
  }
}

Next Steps

The Next Post - Mappings

The Previous Post - Functions, Pseudo Parameters, and Conditions Part 1

The Complete CloudFormation Guide Index

If you're enjoying this series and finding it useful, be sure to check out the rest of the blog posts in it! The links below will take you to the other posts in The Complete CloudFormation Guide here on Tech Guides and Thoughts so you can continue building your CloudFormation template along with me.

  1. The Complete CloudFormation Guide
  2. An Introduction to and History of CloudFormation
  3. The Main Concepts of CloudFormation
  4. How CloudFormation Does Updates and Deletes
  5. Our Project Setup
  6. Resources
  7. Parameters and Refs
  8. Our First Time Launch
  9. Functions, Pseudo Parameters, and Conditions Part 1
  10. Functions, Pseudo Parameters, and Conditions Part 2
  11. Mappings
  12. Transforms
  13. Outputs
  14. Relaunch!
  15. The Best Next Steps to Take from Here

Enjoy Posts Like These? Sign up to my mailing list!

My Tech Guides and Thoughts Mailing List

J Cole Morrison

J Cole Morrison

http://start.jcolemorrison.com

DevOps Specialist, Software Engineer, former Techstars Hackstar, and Founder / Instructor at AwsDevops.io!

View Comments...
J Cole Morrison

J Cole Morrison

DevOps Specialist, Software Engineer, former Techstars Hackstar, and Founder / Instructor at AwsDevops.io!



Complete Guides: