This example shows how to update an RDS instance using CloudFormation and preview the steps first, allowing you to ensure resources aren't unexpectedly destroyed. This uses CloudFormation Change Sets
Change sets can be created anytime as they do not alter the environment. This also allows you to stage changes for execution at a later time. This can also aid a change-control process by submitting the running template and Change Set results for review.
This differs from the aws cloudformation update call, which does not show the changes ahead of time but executes as defined.
From: https://awscli.amazonaws.com/v2/documentation/api/latest/reference/cloudformation/create-stack.html
- RdsTest1.template is the example CFT, validate and make any changes.
- create_parameters.json are the initial settings to apply on launch, validate and make any changes. For this example I've kept the Engine below the latest and the InstanceType small, as those will be altered via a ChangeSet next
- Execute:
aws cloudformation create-stack --stack-name RdsTest2 --template-body file://RdsTest1.template --parameters file://create_parameters.json
- Check status with:
aws cloudformation describe-stacks --stack-name RdsTest2 | grep -i stackstatus
When you see CREATE_COMPLETE, test updating.
Use-cases tested:
- Resizing the running instance (altering InstanceType)
- Upgrading the engine version (moving to newer point release)
Expectation:
- Infrastructure is modified as defined
- Database isn't destroyed in the process
In this test, we're leaving the running stack itself alone and just changing the parameters previously used. The source template remains untouched.
- Compare create_parameters.json and update_parameters.json. Paramters we're leaving alone have the ParameterValue removed and replaced with UsePreviousValue. Parameters we're changing have updated values. Parameters we're changing have updated values.
- Create a change set:
aws cloudformation create-change-set --stack-name RdsTest2 --use-previous-template --parameters file://update_parameters.json --change-set-name ParamsUpdateTest
- Describe the change set with:
aws cloudformation describe-change-set --change-set-name ParamsUpdateTest --stack-name RdsTest2
- Verify that no recreations are needed (look for "Replacement" and "RequiresRecreation" entries other than False/Never)
- Execute the change set:
aws cloudformation execute-change-set --change-set-name ParamsUpdateTest --stack-name RdsTest2
- To see the operation in progress, use the describe-stacks command as per above. To see full output of the CloudFormation run, use the describe-stack-events call:
aws cloudformation describe-stack-events --stack-name RdsTest2
You could also use the deploy call instead, which creates and then executes a change set.
For this test, either change a value in the RdsTest1.template, or download the running template:
aws cloudformation get-template --stack-name RdsTest2 > running.template
- For this test, add the following to the MyRDSParamGroup,'s Parameters section:
"sql_mode": "IGNORE_SPACE",
"max_allowed_packet": 1024
i.e.:
"MyRDSParamGroup": {
"Type": "AWS::RDS::DBParameterGroup",
"Properties": {
"Family": "MySQL8.0",
"Description": "CloudFormation Sample Database Parameter Group",
"Parameters": {
"autocommit": "1",
"general_log": "1",
"sql_mode": "IGNORE_SPACE",
"max_allowed_packet": 16777216
}
}
}
},
The template "RdsTest1_updated.template" has the changes per above. If downloading the running template, you'll need to ensure only the contents of the "TemplateBody" block are in the file you're referencing in the below command.
- Create the change set, this time specifying the template and parameters:
aws cloudformation create-change-set --stack-name RdsTest2 --template-body file://RdsTest1_updated.template --parameters file://update_template_parameters.json --change-set-name EditedTemplateUpdateTest
- Describe the new change set:
aws cloudformation describe-change-set --change-set-name EditedTemplateUpdateTest --stack-name RdsTest2
- Deploy the changes:
aws cloudformation execute-change-set --change-set-name EditedTemplateUpdateTest --stack-name RdsTest2