Why I (at times) cuss at CloudFormation
1 min read

Why I (at times) cuss at CloudFormation

Tooling is great, but at times my pipeline doesn't really work well with the tool I am using. One such example is CloudFormation

On one of the projects I am involved in we are  running everything on/via Serverless and CloudFormation has given us a bunch of headaches during this project lifetime. Below is a non exhaustive list of what I have the biggest beef with:

  1. Sequential updates that roll back the whole stack when anything fails
  2. Versioned lambda updates (or the ones with provisioned concurrency) waiting for the previously deployed one to "die" before deploying a new one
  3. Add 1 to 2 and you have a production deployment pipeline that takes ~15 minutes (think about it if it errors on the last resource, you wait another 15 minutes for the rollback)
  4. Silly way of updating DynamoDB tables / indexes - a lot of atomicity is lost as some resources are updated on put.
  5. You can put the stack out of sync (deploy singular function) - this is especially weird when there are some stacks that it will work on vs those it wont ( versionned lambda / prov. conn.)
  6. You can't really do atomic updates to singular lambdas when you are using provisioned concurrency.
  7. References to resources - I would take any tools over CF references -  but that just shows which army I am siding with on the yml vs other configuration tools battleground!

I know my feelings towards CF are at times shared by members of my team, but there are also a bunch of episodes of the Unruly Software podcast where they go over some of the stuff that makes it an imperfect deployment management tool!

All things considered we still manage to deploy faster & have way less operation overhead using CF than not. There are also a couple of alternatives each addressing a bunch of the deficiencies I've listed above, but far as I know none of the, addresses all of them: AWS CDK, Pulumi, Terraform. I am personally biassed towards tech tools that have a mascot so for me a clear winner is Pulumi, after all if all of them have their own drawback what better option do I have to choose a Platypus as my service animal. You can't be mad at it for too long - and on that premise I base my future experiments with Pulumi as an alternative to CF!