I’ve been using CloudFormation a lot recently to manage AWS resources. I’m impressed with a lot of the functionality it provides and it has allowed us to delete a lot of code on my current project which was needed to handle edge cases in provisioning AWS resources (eventual consistency issues, for example).
After a couple of months using it seriously, I only have four complaints about CloudFormation:
- Stack lifecycle operations (create/update and delete) are not idempotent.
- Notification topics can only be set up at stack-creation time, so if the topic gets accidentally deleted there is no way to get notifications from the stack.
- Creation and modification of resources in the stack is serialized, which makes operations on large stacks very slow.
- The template syntax is horrible: hard to write and even harder to read.