🚀 Launch Special: $29/mo for life --d --h --m --s Claim Your Price →
Infrastructure as Code Free

CloudFormation Fundamentals

The CloudFormation Fundamentals course teaches AWS practitioners how to design, author, and manage CloudFormation templates, covering structure, parameters, mappings, conditions, intrinsic functions, outputs, and stack lifecycle.

Who Should Take This

It is ideal for cloud engineers, DevOps specialists, and solutions architects who have basic AWS experience but are new to infrastructure-as-code. Learners aim to master template authoring, leverage intrinsic functions, and confidently operate stack lifecycles to automate and standardize deployments.

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats

Course Outline

51 learning goals
1 Template Structure and Anatomy
2 topics

Template Sections

  • Identify the seven sections of a CloudFormation template (AWSTemplateFormatVersion, Description, Metadata, Parameters, Mappings, Conditions, Resources, Outputs) and describe which are required versus optional
  • Describe the difference between JSON and YAML template formats and explain how YAML's support for comments, multi-line strings, and compact syntax affects template readability
  • Implement a complete CloudFormation template with all major sections demonstrating proper section ordering and syntax for a simple multi-resource deployment
  • Analyze the template size and resource count limitations of CloudFormation and evaluate strategies for working within the 51,200 byte template body limit and 500 resource maximum

Resource Definitions

  • Describe the resource block syntax including the logical ID, Type property using the AWS::Service::Resource format, and the Properties section for configuring resource attributes
  • Implement resource definitions for common AWS services including EC2 instances, security groups, S3 buckets, and IAM roles with required and optional properties
  • Implement the DependsOn attribute to establish explicit resource creation ordering when implicit dependencies through Ref and Fn::GetAtt are insufficient
  • Analyze how CloudFormation determines resource creation, update, and deletion ordering and evaluate how implicit versus explicit dependencies affect stack operation parallelism
  • Implement resource tags using the Tags property with consistent key-value pairs for cost allocation, environment identification, and ownership tracking across all taggable resources
2 Parameters, Mappings, and Conditions
3 topics

Parameters

  • Describe parameter properties including Type, Default, AllowedValues, AllowedPattern, MinLength, MaxLength, MinValue, MaxValue, ConstraintDescription, and NoEcho for input validation
  • Implement parameters with AWS-specific parameter types including AWS::EC2::KeyPair::KeyName, AWS::EC2::VPC::Id, AWS::EC2::Subnet::Id, and List for type-safe AWS resource references
  • Implement SSM Parameter Store references in CloudFormation parameters using AWS::SSM::Parameter::Value to dynamically resolve parameter values at stack creation time
  • Analyze the parameter limit of 200 per template and evaluate strategies for reducing parameter count using Mappings, SSM references, and default values for environment-specific configuration

Mappings

  • Describe the Mappings section structure as a two-level key-value lookup table and explain how it enables region-specific or environment-specific static configuration values
  • Implement Fn::FindInMap to look up values from Mappings using parameter values and pseudo parameters such as AWS::Region for region-specific AMI IDs or instance types
  • Implement nested Fn::FindInMap calls combined with Fn::If conditions to select environment-specific and region-specific configuration values from multi-dimensional mapping tables

Conditions

  • Describe the Conditions section and explain how condition functions (Fn::Equals, Fn::And, Fn::Or, Fn::Not, Fn::If) enable conditional resource creation and property assignment
  • Implement conditions that control whether resources are created based on parameter values such as deploying production-only monitoring resources or environment-specific security configurations
  • Implement Fn::If in resource properties and outputs to assign different values based on conditions such as selecting instance types or storage sizes by environment tier
  • Analyze the limitations of CloudFormation conditions compared to general-purpose programming conditionals and evaluate workarounds for complex branching logic within templates
3 Intrinsic Functions
2 topics

Reference and Attribute Functions

  • Describe the Ref function and explain how it returns different values depending on whether it references a parameter (parameter value), a resource (physical ID), or a pseudo parameter
  • Implement Fn::GetAtt to retrieve specific attributes from resources such as an EC2 instance's public IP, an S3 bucket's ARN, or a security group's group ID
  • Implement all six pseudo parameters (AWS::AccountId, AWS::Region, AWS::StackName, AWS::StackId, AWS::URLSuffix, AWS::NoValue) to construct dynamic ARNs, endpoints, and conditional values
  • Implement Fn::GetAZs to retrieve availability zone lists for the current region and combine with Fn::Select for distributing resources across zones in a region-agnostic manner

String and List Functions

  • Implement Fn::Sub for string substitution using both variable references in ${} syntax and custom variable mappings for constructing complex resource names, ARNs, and user data scripts
  • Implement Fn::Join to concatenate string values with a specified delimiter for constructing compound resource names, paths, and configuration strings from multiple sources
  • Implement Fn::Select and Fn::Split to extract elements from lists and split delimited strings for use cases such as selecting subnets from availability zone lists
  • Implement Fn::Base64 for encoding user data scripts and Fn::Cidr for generating CIDR address blocks from a VPC CIDR range for subnet allocation
  • Analyze when to use Fn::Sub versus Fn::Join for string construction and evaluate the readability and maintainability trade-offs of each approach for complex interpolation scenarios
4 Outputs and Cross-Stack Values
1 topic

Stack Outputs

  • Describe the Outputs section including Value, Description, Export, and Condition properties and explain how outputs expose stack information to users and other stacks
  • Implement output values that expose resource attributes such as endpoint URLs, resource ARNs, and security group IDs using Ref and Fn::GetAtt for post-deployment reference
  • Implement conditional outputs using the Condition property to only export values when certain conditions are met such as production-only monitoring endpoints
  • Implement the Export property on outputs and Fn::ImportValue to share values between stacks and describe the update restrictions on exported values that are consumed by other stacks
5 Stack Operations and Lifecycle
3 topics

Stack Create, Update, and Delete

  • Describe the stack creation process including template validation, resource dependency resolution, parallel resource creation, and rollback behavior on creation failure
  • Describe the three update behaviors for resource properties (no interruption, some interruption, replacement) and explain how CloudFormation determines which behavior applies
  • Implement stack creation and updates using the AWS CLI (aws cloudformation create-stack, update-stack) and the AWS Console with parameter overrides and notification configuration
  • Analyze stack deletion behavior including dependency-ordered resource deletion, resources that fail to delete, and the RETAIN DeletionPolicy for stateful resources like databases

Change Sets

  • Describe the change set workflow for previewing stack updates including how change sets show resource additions, modifications, removals, and replacement operations before execution
  • Implement change set creation and execution using the AWS CLI to safely preview and apply template modifications with the ability to abandon changes before execution
  • Analyze the limitations of change sets including cases where CloudFormation cannot determine the impact of changes and evaluate supplementary validation strategies

Drift Detection

  • Describe configuration drift in CloudFormation stacks and explain how drift detection identifies resources that have been modified outside of CloudFormation management
  • Implement drift detection on individual resources and entire stacks using the AWS CLI and Console and interpret the drift status results (IN_SYNC, MODIFIED, DELETED)
  • Analyze the remediation options for drifted resources including updating the template to match actual state, reverting manual changes, or using resource import to adopt the current configuration
  • Evaluate organizational strategies for detecting and preventing configuration drift including scheduled drift detection, AWS Config rules, and CloudFormation hooks
6 Template Validation and Troubleshooting
2 topics

Template Validation

  • Implement template validation using aws cloudformation validate-template and cfn-lint to catch syntax errors, invalid resource types, and best practice violations before deployment
  • Implement the Metadata section with AWS::CloudFormation::Interface to organize parameters into groups and provide user-friendly labels in the AWS Console parameter input form
  • Analyze common CloudFormation template errors including circular dependencies, invalid Ref targets, unsupported Fn::GetAtt attributes, and missing required properties and describe resolution strategies

Stack Events and Troubleshooting

  • Describe stack event types and status codes including CREATE_IN_PROGRESS, CREATE_COMPLETE, CREATE_FAILED, ROLLBACK_IN_PROGRESS, and UPDATE_ROLLBACK_COMPLETE and explain the event timeline
  • Implement stack event monitoring using aws cloudformation describe-stack-events and CloudWatch to track resource creation progress and identify failure root causes
  • Analyze common stack failure scenarios including insufficient IAM permissions, resource limit exceeded, dependency timeout, and UPDATE_ROLLBACK_FAILED states and implement recovery procedures
  • Evaluate the rollback behavior of CloudFormation during failed creates and updates and analyze when to disable rollback (--disable-rollback) for debugging versus when rollback is essential for safety

Scope

Included Topics

  • CloudFormation template anatomy (AWSTemplateFormatVersion, Description, Metadata, Parameters, Mappings, Conditions, Resources, Outputs), resource type syntax and property specification, intrinsic functions (Ref, Fn::GetAtt, Fn::Join, Fn::Sub, Fn::Select, Fn::If, Fn::Split, Fn::Base64, Fn::FindInMap, Fn::GetAZs, Fn::ImportValue, Fn::Cidr), pseudo parameters (AWS::AccountId, AWS::Region, AWS::StackName, AWS::StackId, AWS::URLSuffix, AWS::NoValue), stack operations (create, update, delete), change sets for safe updates, drift detection and remediation, template validation, stack events and troubleshooting, DependsOn attribute, Condition functions (Fn::And, Fn::Or, Fn::Not, Fn::Equals)

Not Covered

  • Nested stacks and cross-stack references
  • Custom resources (Lambda-backed or SNS-backed)
  • CloudFormation macros and transforms (except AWS::Serverless)
  • StackSets for multi-account/multi-region deployment
  • AWS CDK (Cloud Development Kit)
  • Third-party resource providers and CloudFormation Registry extensions
  • Resource import and deletion policies
  • CreationPolicy and UpdatePolicy for Auto Scaling Groups

Ready to master CloudFormation Fundamentals?

Adaptive learning that maps your knowledge and closes your gaps.

Subscribe to Access