As stacks grow, it is not always advisable to have all resources managed in one single stack. So to split up resources by their usage leads to the question on how can CloudFormation reference data from a different stack.
AWS has a simple answer for that, “use import/export”. The drawback of this approach is, the exports are globally visible. So If you only want to share data between nested stacks you can use normal output values.
In my case, I had a root stack which holds 2 nested stacks. Those two nested stack had some shared dependencies, so there is the need for exchanging data. Here a short architectural overview.
So the root stack only contains of two separate sub-stacks with no information on its own.
The first stack (stack A) defines a S3 bucket. The second stack (stack B) defines a lambda which will do some operations on the objects of this bucket.
Here is the definition of stack A.
Here the definition of stack B, with the lambda and a parameter definition for the required bucket name.
Now, the wiring is pretty straight forward. I had to connect the output of the first stack into the parameters section of the second stack. All this has to be done on the root level stack.
This way I could share private information within my CloudFormation templates without the need to expose them publicly.
- Implementing DynamoDB triggers (streams) using CloudFormation
- Integrate API Gateway with SNS using CloudFormation
- Integrate API Gateway with Kinesis Firehose using CloudFormation
- visualizing a cloudformation template
- extending cloudformation with custom resources
- hosting a Cloudfront site with S3 and API Gateway
- a serverless cron in AWS CloudFormation
- Publish an S3 Event to Lambda through SNS