Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News CloudFormation IaC Generator Scans and Imports Existing AWS Resources

CloudFormation IaC Generator Scans and Imports Existing AWS Resources

Amazon Web Services (AWS) has introduced new tools to simplify infrastructure management for its customers, announcing the "IaC Generator" and "CDK Migrate" tools.

"CDK Migrate" has been recently covered at InfoQ, whilst the IaC Generator allows engineers to create CloudFormation templates based on pre-existing resources and their relationships. By scanning an AWS account and using the CloudFormation resource type schema, the IaC generator identifies resources and the relationships between those resources. Cloud Engineers can use this configuration to import resources into an existing stack or create a new one from scratch. This streamlined approach allows them to bring entire applications into a managed CloudFormation stack without the need to recreate any resources.

In AWS, users can declare their infrastructure as code using YAML or JSON through CloudFormation, utilize programming languages with the AWS Cloud Development Kit (CDK), or visually design their infrastructure using Application Composer. These configurations can be audited and version-controlled, ensuring reliability and safety in deployments.

However, not all resources start in IaC. Many customers create non-IaC resources due to a lack of knowledge or having a preference for traditional methods like the command-line interface (CLI) or management console. Explaining the need for such a tool in an AWS community post, Patrick Kramer states:

I almost always create resources by hand before I start trying to automate, particularly if the service I'm working with is new to me. You need to fully understand what you're building before you try to automate it.

AWS introduced the ability to import existing resources into CloudFormation in 2019. While this feature facilitated the individual transition to IaC, the manual process of creating templates to match resources was inefficient.

In the launch blog post, AWS explains a frequent use case for the IaC generator in managing existing network architectures created outside of any IaC tool. For example, a scenario continuing the development of an organization's Amazon Virtual Private Cloud (VPC) resources, where those resources were created without any form of IaC, and with insufficient documentation. The post explains how the IaC generator can scan the account, create an inventory of resources, and leverage the resource type schema to find relationships between resources. This allows for the creation of templates and stacks from existing configurations.

Screenshot showing adding related resources to those found in a scan

This example focuses on using the IaC Generator for CloudFormation. Engineers can now use the "CDK Migrate" tool to import existing applications into CDK similarly. Community reaction has been positive, though some community responses point out that in many cases, the resultant templates can't be used verbatim but are useful as a starting point.

In summary, AWS's introduction of the IaC generator and CDK Migrate represents a significant advancement in infrastructure management and further acknowledgement that tooling needs to cover use cases where engineers have created infrastructure manually, a scenario that traditionally causes problems for IaC tools. A full user guide is also available.

About the Author

Rate this Article