Skip to main content

The CloudFormation Grain

caution

Note that the Torque CloudFormation grain is currently in Beta. We will be happy to get your feedback using the Torque community

The CloudFormation grain is Torque's native support for AWS CloudFormation templates. Torque allows designers to use CloudFormation features to easily orchestrate self-developer and community CloudFormation modules in a standard way and share them with others as building blocks. For the full blueprint yaml example, see Example 2: Webgame on S3 (using CloudFormation and Terraform).

sourceโ€‹

Please see the grain source for more details.

agentโ€‹

agent is not required or supported by CloudFormation Grain. Instead, this grain uses direct authentication to the AWS cloud account, as explained below.

authenticationโ€‹

To enable Torque to connect to the AWS account and deploy the CloudFormation template, you must supply the Role Arn and external ID in the CloudFormation grain's authentication section. This is done by referencing a credential that contains these authentication details. There are two ways to specify the credential, literally by name or using an input:

grains:
  database:
    kind: cloudformation
    spec:
      source:
        path: github.com/org/repo.git//cloudformation/rds
        ...
      authentication:
        - credential_name or {{.inputs.credentials_input_name}}

inputsโ€‹โ€‹

Similar to blueprint inputs, CloudFormation grain inputs allow you to reuse the same CloudFormation module in different ways. Inputs provided to the CloudFormation grain are used when launching the CloudFormation module.

tagsโ€‹โ€‹

Whenever a CloudFormation grain is launched, all resources created during the deployment process are automatically tagged with Torque's system tags, built-in tags and custom tags.

tip

The CloudFormmation template must have at least one tag.

outputsโ€‹โ€‹

Outputs are strings generated by CloudFormation during the deployment process.

grains:
  database:
    kind: cloudformation
    spec:
      source:
        path: github.com/org/repo.git//cloudformation/rds
        ...
      authentication:
        ...
      outputs:
        - agent_name
        - connection_string

Exampleโ€‹

grains:
  CFN-S3-Bucket:
    kind: cloudformation
    spec: 
      source:
        # store: autogen_repo_sandbox_4235f76y
        path: https://.../AWSS3Bucket.yaml
      region: '{{ .inputs.["AWS Region"] }}'
      authentication:
        - aws-auth
      inputs:
        - AccessControl: '{{ .inputs.["Access Control"] }}'
        - BucketName: '{{ .inputs.["Bucket Name"] }}-{{ sandboxid | downcase }}'
      outputs:
         - Arn
         - DomainName