Scenario
- Creation of a repeatable, reusable and less time consuming option to deploy a service into AWS
- AWS ElastiCache (which is fully managed Redis and Memcache) as an example taken for this post
- Automated creation of Security Groups during deployment to keep it all simple, tight and clean
- Output of a connection string after successful deployment for next level usage
Benefits
- While the Security Group gets created as part of the AWS CloudFormation based deployment the regional dependency becomes agnostic since no Security Group Id would have to be given to the AWS CloudFormation (nor in template, nor as parameter during execution).
- During the stack deployment CF (= CloudFormation) will create a Security Group. The Security Group Id becomes an parameter which can be referenced within the CloudFormation stack during the existence of the stack deployment for later usage – i.e. to get it assigned to the ElastiCache’s configuration
- No need to maintain extra (such like homegrown) tools on top of native cloud services and tools
- Deployments can be done outside a production AWS account where the exact same template may be used for production level workloads. Core teams who maintain the AWS account then may act as a gatekeeper where burden to deploy would be less dependent to a single team – workloads actually would be distributed while costs and compliance still can be maintained closely
- Teams would be able to own their stack deployments which not just only increases decoupled processing but also allows to help teams to identify themselves better with what they ‘own’.
Solutions Architecture and Design 