AgentSkillsCN

cloud-formation

在编写或管理 AWS CloudFormation 模板时使用。涵盖堆栈资源、参数、输出、内置函数、嵌套堆栈以及更改集。 适用场景:AWS 堆栈预配、CloudFormation YAML/JSON 模板、内置函数、嵌套堆栈、更改集 不适用场景:Azure 基础设施(应使用 Bicep 或 ARM)、多云基础设施(应使用 Terraform 或 Pulumi)、Kubernetes 资源(应使用 Kubernetes)

SKILL.md
--- frontmatter
name: cloud-formation
description: |
  Use when writing or managing AWS CloudFormation templates. Covers stack resources, parameters, outputs, intrinsic functions, nested stacks, and change sets.
  USE FOR: AWS stack provisioning, CloudFormation YAML/JSON templates, intrinsic functions, nested stacks, change sets
  DO NOT USE FOR: Azure infrastructure (use bicep or arm), multi-cloud infrastructure (use terraform or pulumi), Kubernetes resources (use kubernetes)
license: MIT
metadata:
  displayName: "AWS CloudFormation"
  author: "Tyler-R-Kendrick"
compatibility: claude, copilot, cursor

AWS CloudFormation

Overview

CloudFormation is AWS's native IaC service for provisioning and managing AWS resources declaratively using JSON or YAML templates. Stacks are the unit of deployment — create, update, or delete all resources as a single unit.

Template Structure

yaml
AWSTemplateFormatVersion: "2010-09-09"
Description: "My application stack"

Parameters:
  Environment:
    Type: String
    Default: dev
    AllowedValues: [dev, staging, prod]

  InstanceType:
    Type: String
    Default: t3.micro

Resources:
  WebServer:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: !Ref InstanceType
      ImageId: ami-0abcdef1234567890
      Tags:
        - Key: Environment
          Value: !Ref Environment

  WebBucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: !Sub "${AWS::StackName}-assets-${Environment}"

Outputs:
  InstanceId:
    Value: !Ref WebServer
    Export:
      Name: !Sub "${AWS::StackName}-InstanceId"

  BucketArn:
    Value: !GetAtt WebBucket.Arn

Key Intrinsic Functions

FunctionUsage
!RefReference a parameter or resource
!SubString substitution with variables
!GetAttGet an attribute of a resource
!JoinJoin strings with a delimiter
!SelectSelect from a list by index
!IfConditional value
!ImportValueImport from another stack's outputs

Stack Operations

bash
# Create a stack
aws cloudformation create-stack \
  --stack-name my-app \
  --template-body file://template.yaml \
  --parameters ParameterKey=Environment,ParameterValue=prod

# Preview changes
aws cloudformation create-change-set \
  --stack-name my-app \
  --change-set-name my-changes \
  --template-body file://template.yaml

# Update a stack
aws cloudformation update-stack \
  --stack-name my-app \
  --template-body file://template.yaml

# Delete a stack
aws cloudformation delete-stack --stack-name my-app

Nested Stacks

Break large templates into reusable components:

yaml
Resources:
  NetworkStack:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: https://s3.amazonaws.com/my-bucket/network.yaml
      Parameters:
        VpcCidr: "10.0.0.0/16"

  AppStack:
    Type: AWS::CloudFormation::Stack
    DependsOn: NetworkStack
    Properties:
      TemplateURL: https://s3.amazonaws.com/my-bucket/app.yaml
      Parameters:
        VpcId: !GetAtt NetworkStack.Outputs.VpcId

Best Practices

  • Always use change sets to preview updates before applying.
  • Use parameters and conditions to make templates reusable across environments.
  • Enable termination protection on production stacks.
  • Use DependsOn only when CloudFormation can't infer dependencies automatically.
  • Export outputs for cross-stack references instead of hardcoding values.
  • Use DeletionPolicy: Retain on stateful resources (databases, S3 buckets).
  • Validate templates before deploying: aws cloudformation validate-template.