What is our primary use case?
We use it for deploying all the Infrastructure: VPCs, EC2 instances, storage solutions, most managed services. Providing IAM configuration, providing group account configurations, role management within IAM.
CloudFormation is THE Infrastructure as Code (IaC) solution AWS recommends.
Almost everything should, according to AWS, be automated and managed using CloudFormation - whenever possible.
Within our organization, mostly the DevOps engineers use AWS CloudFormation — around 42 of them.
How has it helped my organization?
I don't really care how my organisation is functioning; I care about the way that my client's organisation functions. That's what I'm after. We host workshops teaching people the DevOps transformation process, how to do infrastructure automation — almost everything.
Of course we do the same internally, but our internal needs and use-cases don't, even, come close to our Clients'.
What is most valuable?
First off, It's fairly easy to work with, although a bit verbose. It is legible. You can understand what you're doing. The introduction of "nested stacks" allows a modular design and repeatable structures. The nested stacks would be one of the more valuable features. I am waiting for them to become much better with parameters as this is not quite up there.
What needs improvement?
The one bit of a drawback is that CloudFormation is, only, available in AWS.
When I have to work on other clouds or somebody has a configuration to be done on-prem Data Center, there's no way for me to use it.
It is what it is, AWS does not apparently intend to make this available all over.
The three big players in this area are Ansible, Terraform, and CloudFormation — except CloudFormation can only be used on AWS !
I would like to see less verbosity and better isolation.
One area that may be improved would be using variables as parameters in templates. This would make it a lot more flexible.
I don't know how soon that's going to happen because I'm trying to think from a developer's point of view - the guys that actually have to write and support all these features that I dream about.
Frankly, to evolve it but also maintain compatibility with what's in place now, may be a serious challenge.
For how long have I used the solution?
I have been using AWS CloudFormation for just over one year.
What do I think about the stability of the solution?
It's definitely stable. If it's not a long-running service, and this one's not, it's very easy to verify that you've got it where you want it.
Just run a deployment, then it's very easy to look at the configuration and see exactly what came out. The easiest verification is the intuitive visual check-out.
There are ways to test around in the sense that you're not forced to use CloudFormation to see that it's correct. You can literally, visually inspect the configurations with the console and other means not using CloudFormation. There's always a way to verify, and the fact that you have a verification method available is convenient.
What do I think about the scalability of the solution?
If you want to deploy thousands of components - not only virtual machines, but, also, users, roles and services, in any of the AWS regions — it's not a problem.
How are customer service and technical support?
Frankly, I never had a problem, with AWS CloudFormation, per se.
Something advertised that doesn't work and to require support, that actually has never happened.
Which solution did I use previously and why did I switch?
I did use another solution, which is Ansible, but I didn't switch. I'm still using Ansible as a backup for those cases where CloudFormation does not cover. Also, outside AWS, where CloudFormation is not available.
How was the initial setup?
CloudFormation is setup by AWS by default. It's easy and it doesn't require you to do anything.
When you create your infrastructure, there is no need for you to deploy anything like agents; everything is already in there.
It's very convenient in the sense that you don't need to worry about updating, upgrading, patching or monitoring for liabilities. AWS takes care of all of that.
What other advice do I have?
There's probably a lot of people that are trying to work around it. Or, to avoid it. My advice would be: use it when Amazon says so because it's probably the most straightforward approach to your problem. Afterwards, then you can become creative, for it's worth putting in the effort.
On a scale from one to ten, I would give this solution a rating of seven.
That rating would, definitely, be higher if CloudFormation would be made available on other platforms, outside Amazon.
Which deployment model are you using for this solution?