avatarTeri Radichel

Summary

Teri Radichel discusses the benefits of using consistent naming conventions for resources deployed with AWS CloudFormation to simplify the retrieval of ARNs or IDs, and how this approach has improved her codebase and deployment process.

Abstract

In a recent update to her codebase, Teri Radichel has implemented a more efficient method for managing AWS resources by leveraging consistent naming conventions. This method involves using a single parameter, NameParam, across CloudFormation templates to facilitate the retrieval of ARNs (Amazon Resource Names) or IDs for deployed resources. By standardizing output names to match resource names and return the appropriate ID or ARN, Radichel has streamlined the process of looking up resource information. She has also introduced a common function, get_stack_export, which can be used to fetch the ARN or ID of any resource deployed by CloudFormation, eliminating the need for resource-specific functions. This change is part of Radichel's broader efforts to create consistent environments for application deployment and reflects her commitment to improving cybersecurity practices.

Opinions

  • Radichel values the use of consistent naming conventions for simplifying resource management and enhancing the efficiency of her deployment templates.
  • She emphasizes the importance of having an output for every resource that directly corresponds to the resource name, which returns the relevant ID or ARN.
  • Radichel advocates for the use of a shared function to retrieve resource information, highlighting the practicality and reusability of common utility functions in CloudFormation scripts.
  • She believes that these improvements to her codebase will have a significant positive impact on her work and potentially on the broader cybersecurity community.

Getting the ARN or ID for A Resource Deployed With CloudFormation

ACM.361 Consistent naming conventions makes life easier again

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics | Code.

🔒 Related Stories: AWS Security | Secure Code | Cybersecurity | IAM

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In the last post, as part of my code revamp, I fixed an issue that has been bugging me for a while. I used the role name that deployed a resource instead of the profile name and I explained why.

As part of my revamp to create environments for deploying applications in a consistent way, I want to call out another change I’m making to all my templates as I re-deploy them.

In almost every template I pass in a parameter called NameParam.

In almost every template I have outputs that provide the ARN or ID (depending on the resource). At first I was appending Export or something like that to the end of the outputs.

But what I decided later is that it’s just easier to have an output for every resource that is the resource name and it returns the ID or ARN, whichever is appropriate for that resource.

For example I changed my user template outputs to this:

I have functions that look up IDs by names using CloudFormation stacks such as AccountID that look like this:

Now if you think about it, I can look up the ARN or ID for any resource using the resource name if it was deployed by CloudFormation like this:

The get_stack_export function looks like this:

Instead of writing a function for every single resource to get the ID or ARN from an export, I can use my common function for all of them in my shared_functions.sh file.

Follow for updates.

Teri Radichel | © 2nd Sight Lab 2023

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab
Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation
Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
AWS
Cloudformation
Output
Export
Arn
Recommended from ReadMedium
avatarAbhay Parashar
17 Mindblowing Python Automation Scripts I Use Everyday

Scripts That Increased My Productivity and Performance

14 min read
avatarAlexander Nguyen
The resume that got a software engineer a $300,000 job at Google.

1-page. Well-formatted.

4 min read
avatarEkant Mate (AWS APN Ambassador)
Connecting to Your AWS EKS Cluster: A Step-by-Step Guide🚀🌟

How to manage access to AWS EKS clusters and nodes. From self-user configuration to granting access to other users, learn the commands and…

10 min read
avatarSakthi
Document Management API using AWS S3 and Spring Boot

In this article we are going to see practical details of Java Spring Boot Integration with S3 Bucket — Design, Flexible Configuration…

9 min read
avatarAxeMind
Automating Notifications with AWS Lambda: A Practical Guide

In the world of serverless computing, AWS Lambda stands out as a powerful tool for automating tasks and managing backend processes…

3 min read
avatarMahira Technology- Innovate. Transform. Thrive.
Automate Your Way to Success: Streamlining AWS AMI Creation with Packer and Terraform

Introduction :-

3 min read