i’m starting my AWS journey and today got a chance to Create cloudformation stack for creating a filesystem on the AWS, i was able to spun the filesystem, however I have few
doubts about some values and functions/attributes as those were given by someone in the team and he on long vacations so, asking here for help.
Below is cloudfoemation Stack which works Just fine.
Cloudformaton Stack:
---
Description: "Create FSxN filesystem"
Resources:
MytestCluster:
Type: "AWS::FSx::FileSystem"
Properties:
FileSystemType: "ONTAP"
StorageCapacity: "1024"
SubnetIds: ['subnet-0f349h6eee098b0pg']
OntapConfiguration:
DeploymentType: "SINGLE_AZ_1"
PreferredSubnetId: "subnet-0f349h6eee098b0pg"
ThroughputCapacity: "128"
FsxAdminPassword: '{{resolve:secretsmanager:fsx_admin_password}}'
SecurityGroupIds:
- !ImportValue 'KPCL-FSxforONTAPsgID'
Tags:
- Key: "Backup"
Value: "None"
MytestSVM:
Type: "AWS::FSx::StorageVirtualMachine"
Metadata:
cfn-lint:
config:
ignore_checks:
- E3001
Properties:
FileSystemId: !Ref MytestCluster
Name: svmdemo
RootVolumeSecurityStyle: "UNIX"
SvmAdminPassword: '{{resolve:secretsmanager:svm_admin_password}}'
Tags:
- Key: "Backup"
Value: "None"
fsxndemovolume:
Type: "AWS::FSx::Volume"
Metadata:
cfn-lint:
config:
ignore_checks:
- E3001
Properties:
Name: myTestVol001
OntapConfiguration:
JunctionPath: /myVolume001
SizeInMegabytes: 1536000
StorageEfficiencyEnabled: true
StorageVirtualMachineId: !Ref MytestSVM
VolumeType: "ONTAP"
Tags:
- Key: "Backup"
Value: "None"
Outputs:
FileSystemId:
Value: !Ref "MytestCluster"
SvmId:
Value: !Ref "MytestSVM"
...
I would like Understand:
I have few doubts to myself to clear which i tried to understand from document but couldn’t comprehend well, hence though taking expert suggestion..
First one: below under SecurityGroupIds what does - !ImportValue mean here.
SecurityGroupIds:
- !ImportValue 'KPCL-FSxforONTAPsgID'
Second one: What is outputs means here.
Outputs:
FileSystemId:
Value: !Ref "MytestCluster"
SvmId:
Value: !Ref "MytestSVM"
Last one: what is ignore_checks: and its value - E3001 here.
ignore_checks:
- E3001
Please help me to understand.
2
Answers
Outputs in stack creates exports in cloudformation which can be listed in AWS Console,
!Importdirective is used to reference to export from another stack.cfn-lintsection in metadata is used to silent errors in CloudFormation Linter tool and has no impact to the resource itself.The following:
means that in the current stack your are going to import security group ID which was exported by some other stack.
This export/import functionality allows you to decouple and reuse your infrastructure. Instead of having everything in one stack, you can make one stack with network resources (its a common setup), such as security groups, subnets, VPCs, and other stacks that actual use those resources.
Outputs allow you to return values from your stacks. You can think of them as a type of return values from functions in common programming languages.
Output values have lots of use-cases. Examples are: they can be exported, and imported in other stacks. They can also be queried programmatically, in case your stacks are part of some CI/CD pipelines or other application. They can be used as input parameters to other stacks, again as port of some CI/CD pipeline. This is alternative to export/import functionality.
This is some extra code not related to CloudFormation itself. It is actually a hint to Visual Studio Code
cfn-lint-visual-studio-code editor to ignore some auto checks it does.