I'm making a move from using Terraform and Terragrunt for infrastructure setup to CloudFormation, as my new job requires it for compliance and audit needs. I'm struggling with this transition because I've heard a lot of negative feedback about CloudFormation, and I'm not sure how to effectively set everything up from scratch. I've encountered it before, but only in a casual AWS environment—not in a production setting. I'm considering using the Cloud Development Kit (CDK) instead of the Serverless Application Model (SAM) to make things easier. Any tips or advice would be greatly appreciated!
3 Answers
I'd recommend using the CDK and then synthesizing the CloudFormation templates from your code for audit purposes. The CDK is definitely more user-friendly than raw CloudFormation!
The CDK is a great choice because it allows you to use programming languages like Python, Java, or TypeScript to generate CloudFormation templates. That being said, keep in mind that there are still significant differences from Terraform. You might want to clarify with your company why they need to use CloudFormation directly and if the audit requirements are strict on that.
Yeah, I get that. It sounds like they just want to stick to all AWS-native tools to avoid any external dependencies.
Right, plus using native tools might help with drift detection and overall management since AWS handles the state.
Honestly, I find Terragrunt doesn't enforce DRY principles as effectively as Sceptre does for CloudFormation. While Terragrunt has a larger community, I've run into 'spaghetti code' issues. With CloudFormation, I tend to manage with minimalist YAML files per environment, which keeps things clean.
Interesting! I hadn't come across Sceptre during my research. I've mostly seen discussions about CDK. I'll have to look into it more, thanks!
That's what I've heard! It's definitely a top suggestion. Also, it wouldn’t hurt to ask if they really find CloudFormation necessary.