Comparison of Cloud Computing Service Vendors

The purpose of this analysis is to identify vendors who are offering IaaS public cloud computing services that could be used by New Zealand organizations.

The three vendors being compared are: IBM, Google Cloud Platform, and Amazon Web Services (AWS).

Comparing Technologies:

What are three technologies that these vendors offer?

1.) Storage:
Storage servers are designed to hold data volumes from a company, while keeping the data enabled to be transferred. Storage quality can be considered with five different factors; flexibility, scalability, reliability, availability, and data integrity.

Flexibility of storage is based upon whether the deployment is public, private, of hybrid, and whether the deployment solution is held within a region, or across many regions. [1]

Scalabiltiy of storage is the ability for the server or servers to handle large changes in data volume as the required by the organization.
This can be done by scaling out, which is the process of increasing server number in response to increased data volumes, or scaling out, which is the process of adding more to a single server in response to increased data volumes. [4]

Reliability is a percentage measurement based upon the cloud provider’s promised accuracy of data, and guarantee of transfer delivery of the data. [5]

Availability is a percentage measurement based upon the cloud provider’s promised up-time, with maintenance outages such as updates, and unplanned outages kept in mind. [6]

Data integrity is the ability on the provider to ensure that any data does not become corrupted, and if such a case occurs, the data is able to be fixed.

IBM offer storage services of object storage, file storage, block storage, and mass storage. [2]
Google Cloud Platform offers object storage, file storage, and big data storage. [9] 
AWS offers object storage, file storage, and block storage. However, it contains multiple services of object storage, each designed for different purposes. [10]

2.) Load Balancing
Load balancing is designed to assist with the uptime of a server and the response time of the traffic involved. This is done having the processing and communications of a system shared across multiple servers, thereby reducing the strain from any single server. This is effective in reducing latency, and easing the load on the servers.[7]

IBM offers local load balancing, local and global load balancing, and high availability dedicated load balancers. [7]
Google Cloud Platform offers global load balancing, regional internal load balancing, and regional network load balancing. [12]
 offers a ‘Classic Load Balancer’ which applies to application and network level information. It also offers an ‘Application Load Balancer’ which applies to application level information that is more advanced than what is required for the Classic Load Balancer. The Classic Load Balancer is able to route traffic across AWS’s ‘EC2 instances’, whereas the Application Load Balancer is able to route traffic and load balance on a single instance.[11]

3.) Containers
Containers are a form of virtualization technology that are able to run applications, and storage in an isolated environment. Containers store one application and its relevant data that is required for it to run. This form of application packaging is designed to increase infrastructure efficiency, with each container only using the least amount of required resources, and multiple containers able to be run upon a single instance. [13][14][15]

IBM provides a container service that utilizes the open-source ‘Kubernetes’, which assist in deployment, scaling, and management of the container. [16]
Google Cloud Platform provides cluster set-up and management for containers, which are built upon the Kubernetes system. [17]
AWS provides a container service for the management of Docker containers. The containers are designed to use a cluster of EC2 instances, and utilize many other AWS services. [18]


Comparing Technology Charges:

What are the charges involved for these technologies?

1.) Storage
Storage pricing is considered for regional storing.

IBM storage is located in the US, which would imply latency issues. The website currently provides pricing information for the US, but not for Australia or New Zealand. However, this doesn’t necessarily imply that Australia doesn’t have an IBM server centre, it simply requires further research and contact to find it.

Object Storage [19]  Per GB per Month
(US Pricing) Regional Resiliency
Storage  0-499.99TB $0.022
Storage  500TB+ $0.020
Data Retrieval No Charge
Class A Operations: PUT, COPY, POST, and LIST Requests ($ per 1,000 Requests) $0.006
Class B Operations: GET and all other Requests ($ per 10,000 Requests) $0.005
Delete Requests No Charge

Google Cloud Platform is set in Singapore, which is the closest location to New Zealand, as Google doesn’t have an Australian region yet. [20]

Object Storage [21] Per GB per Month
 (US Pricing) Regional
Storage $0.020
Data Transfer Free
Class A Operations (per 10,000 operations) $0.050
Class B Operations (per 10,000 operations) $0.004
Free Operations Free

AWS do have a region in Sydney, Australia, and as such, these prices are taken from that location. However, the pricing is still in USD.

Object Storage [22] Per GB per Month
 (US Pricing) Regional
Storage:First 50 TB 0.025
Storage: Next 450 TB 0.024
Storage: Over 500 TB 0.023
Data Transfer  FREE
Class A Operations (per 10,000 operations) $0.0055
Class B Operations (per 10,000 operations) $0.0044
Delete Requests FREE

In terms of regional storage pricing, Google Cloud Platform offer the lowest flat-rate pricing, but are more expensive for their combined costs class A and B operations than AWS. IBM offers the next lowest tiered-pricing for storage, but their class A operations cost almost ten times the amount of the AWS class A operations. In conclusion, I would consider AWS to offer the lowest price for storage overall.


2.) Load Balancing


Load Balancing [23]
Local Load Balancing (Per month) W SSL
250 Connections 49.99 99.99
500 Connections 99.99 199.99
1000 Connections 199.99 139.99
2500 Connections 499.99 999.99
5000 Connections 999.99 1999.99

Google Cloud Platform

Load Balancing [24]
Item Price per Unit (USD) Pricing Unit
First 5 forwarding rules $0.025 Per Hour
Per additional forwarding rule $0.010 Per Hour
Data processed $0.008 Per GB


Load Balancing [25]
0.0252 per Application Load Balancer-hour (or partial hour)
0.008 per LCU*-hour (or partial hour)
*LCU contains: [25]
25 new connections per second
3000 active connections per minute
2.22MBps (=1 GB per hour)
1000 rule evaluations per second

Comparing load balancing between the different providers is harder than comparing storage as each provider measures load balancing differently. In this instance, the specifications of an organization requiring load-balancing would hold more information in regards to which provider would be most suitable. For a smaller sized business, I would consider the AWS load balancing option to be the most suitable as it is cheaper than Google Cloud Platform’s service, and may not require the same amount of connections that is offered by IBM’s service.


3.) Containers

IBM utilizes the open-source Kubernetes and does not display a charge allocated with this service. [16]

Google Cloud Platform

Container [26]
Item Cost
First 120 build-minutes per day per billing account No charge *
Additional build minutes** $0.0034 / build-minute
* Promotional free tier of 120 free build-minutes per day is subject to change.

**The Google Cloud Platform defines build minute charges as such: “A build-minute is incurred for every minute that a build initiated by Container Builder is in process. Build-minutes are not incurred for the time that a build is queued. Charges are accrued to the billing account associated with the Google Cloud Platform Console project that initiated the build.” [26]

Amazon Web Services states the following in regards to container pricing: “There is no additional charge for Amazon EC2 Container Service. You pay for AWS resources (e.g. EC2 instances or EBS volumes) you create to store and run your application. You only pay for what you use, as you use it; there are no minimum fees and no upfront commitments.” [27]

In terms of container service options, IBM is an option but does require a separate site which creates more hassle then what is optimal. The Google Cloud Platform charges for the same type of storage offered free by IBM, and hence, would be my last choice. AWS only charges for the resources used by the container, which is something that neither other provider mentioned. However it uses a different form of container than what is offered by IBM and Google Cloud Platform, which may cause difficulties for a business, but that is something that would require further study.


Comparing Security Measures:

What security measures are used to ensure the safety of operations and client systems/data?

IBM’s security measures deal with security, privacy, and compliance. In regards to compliance, their website provides a compliance list with respect to their Bluemix products. [28] In terms of security and privacy from IBM’s position, they provide partnership options for ‘Intrusion Protection Systems’ and ‘Intrusion Detection and Prevention Systems’ with security software, scanning and logging capabilities, and regular updates.[29]  In terms of security and privacy from an organization’s position, security measures such as key generation, privileges and roles, passwords, and session inactivity lockout. [30]

Google Cloud Platform
Google Cloud Platform also has security measures that involve security, privacy, and compliance. Google Cloud Platform’s compliance list involves independent audits of infrastructure, services and operations. [31] In terms of security and privacy from Google Cloud Platform’s position, they hold security and privacy events for raising awareness, have a security team, a privacy team, an internal audit and compliance team. They also assist their customers in vulnerability management, malware prevention, as well as constantly monitoring network traffic for security issues, and processing any incident management. [32] In terms of security and privacy from an organization’s position, Google Cloud Platform provides key encryption and management, [33] Identity and Access Management (IAM) permissions, roles, requests, user management, network firewall maintenance, logging, and penetration testing. [34]

AWS also contain security measures for security, privacy, and compliance. In terms of AWS’s responsibility, they provide a whitepaper detailing compliance and risk management, [35] they provide detail and best practices for optimal cloud security such as data encryption, monitoring and logging, identity and access control, and available security partners. [36] In terms of an organization’s responsibility, the customer has complete control over their data so it lies within their responsibility to ensure its security and privacy. [37] This can be achieved through key management, roles, permissions, user management, logging, encryption, incident response protocols established, multi-factor authentication, and boundary protection for both network and host levels. [37]

Each provider is concerned about security, privacy, and compliance. The main difference in each provider, is the level of control and responsibility that customer obtains. Google Cloud Platform has most provider-based security measures, which involve task-specific teams and network monitoring, whereas AWS provides the customer with the security solutions but places the responsibility of best practices implementation upon the customer. IBM is a smaller provider and supplies basic security processes such as key management and user passwords, but supply optional delegation of the more complex security issues to security partners.


  1. (n.d.) IBM Cloud, IBM. (Last accessed: 31 May 2017)
  2. (n.d.) (July 2016) IBM Cloud Object Storage System features and benefits. (Last accessed: 31 May 2017)
  3. (n.d.)  Storage Insights: Slicestor Nodes, IBM: IBM Knowledge Center. (Last accessed: 31 May 2017)
  4.  Graf, Brian. (17 May 2013). Scalability : Scale-up or Scale-out, What it is and Why You Should Care. (Last accessed: 2 June 2017)
  5.  Hardiman, Nick. (2 April 2012). Service reliability: Understanding what it means and how to acheive it. (Last accessed 2 June 2017)
  6.  Carlson, Lauren. (7 June 2011). The Downtime Dilemma: Reliability in the Cloud. (Last accessed 2 June 2017)
  7. (n.d.) Load Balancing, IBM: IBM Cloud: Bluemix. (Last accessed: 1 June 2017)
  8. (n.d.) Internet of Things, IBM: IBM Cloud: Bluemix. (Last accessed: 2 June 2017)
  9. (n.d) Choosing a storage option, Google Cloud Platform. (Last accessed: 3 June 2017)
  10. (n.d.) Cloud Storage with AWS, Amazon Web Services. (Last accessed: 3 June 2017)
  11. (n.d.). Elastic Load Balancing, Amazon Web Services. (Last accessed: 3 June 2017)
  12. (n.d.) Load balancing, Google Cloud Platform: Compute Engine: Documentation. (Last accessed: 3 June 2017)
  13. (n.d.) What are Containers?, Amazon Web Services. (Last accessed: 3 June 2017)
  14. Shapland, Rob. (February 2016). Cloud Containers — What they are and how they work. (Last accessed: 3 June 2017)
  15. Perlow, Jason. (21 April 2015) Containers: Fundamental to the cloud’s evolution. (Last accessed: 3 June 2017)
  16. (n.d.) Kubernetes. (Last accessed: 3 June 2017)
  17. (n.d.) Container Engine, Google Cloud Platform. (Last accessed: 3 June 2017)
  18. (n.d.) Amazon EC2 Container Service, Amazon Web Services. (Last accessed: 3 June 2017)
  19. (n.d) IBM Cloud Object Storage: Public Services. IBM: Object Storage Public. (Last accessed: 3 June 2017)
  20. (n.d.) Cloud Location: Google Cloud Platform. (last accessed: 3 June 2017)
  21. (n.d.). Google Cloud Storage Pricing, Google Cloud Platform. (Last accessed: 4 June 2017)
  22. (n.d.) Amazon S3 Pricing, Amazon Web Services. (Last accessed: 4 June 2017)
  23. (n.d.) Load Balancing, IBM: Bluemix. (Last accessed: 4 June 2017)
  24. (n,d,) Load Balancing and protocol forwarding, Google Cloud Platform. (Last accessed: 4 June 2017)
  25. (n.d.) Classic Load Balancer Pricing, Amazon Web Services. (Last accessed: 4 June 2017)
  26. (n.d.) Pricing and Quota, Google Cloud Platform. (Last accessed: 4 June 2017)
  27. (n.d.) Amazon EC2 Container Service Pricing, Amazon Web Services. (Last accessed: 4 June 2017)
  28. (n.d.) Compliance without complication, IBM Cloud: Bluemix. (Last accessed: 4 June 2017)
  29. (n.d.) Secure your platform, IBM Cloud: Bluemix. (Last accessed: 4 June 2017)
  30. (n.d.) Data Security and Privacy Principles for IBM Cloud Services, IBM.$file/Z126-7745-WW-2_05-2017_en_US.pdf (Last accessed: 4 June 2017)
  31. (n.d.) Google Cloud Platform Security, Google Cloud Platform. (Last accessed: 4 June 2017)
  32. (n.d.) Google Security Whitepaper, Google Cloud Platform. (Last accessed: 4 June 2017)
  33. (n.d.) Cloud Key Management Service, Google Cloud Platform. (Last accessed: 4 June 2017)
  34. (n.d.) Google Cloud Platform Security, Google Cloud Platform. (Last accessed: 4 June 2017)
  35. (May 2017) Amazon Web Services: Risk and Compliance, Amazon Web Services. (Last accessed: 5 June 2017)
  36. (n.d.) AWS Cloud Security, Amazon Web Services. (Last accessed: 5 June 2017)
  37. (November 2016) AWS Well-Architected Framework, Amazon Web Services. (Last accessed: 5 June 2017)

Budget Update: 04/06/2017

As it is the start of a new month, there will be two different items discussed in this blog. The first is my AD-DS budget for last month, and the second is my non-credit billing from the month.

Active Directory Budget.

A few days ago, I received an email indicating that one of my AD-DS alarms had been triggered:

AD DS Alarm State

This alarm is for my 10% forecast alarm, which indicates that my anticipated cost for this project was larger than the current expenditure trend. Despite this, I still looked into my budgets and billing information to determine where the expenses have occurred.

The AD DS budget is as follows:

AD DS Budget

I have provided multiple filters for this budget, so the billing information is important in understanding which service has influenced the budget forecast.

The two services that are being used are the EC2 service and the KMS service.
The EC2 Billing information is as follows:
EC2 Billing

The KMS service is as follows:
KMS Billing

As the KMS service is only being used in the North Virginia region, this is not part of the AD DS budget expenses. (This is elaborated upon in previous budget reports.)

The EC2 billing information can be processed into a spreadsheet, which more succinctly displays the costs involved for this project, and can be displayed graphically.
AWS Budget SpreadsheetAWS Budget Graph

The large spike involving the EBS-SSD provisioned storage is likely due recent activity on the AD DS cloud template, in which I was periodically creating and destroying the stack.

As of current, I am satisfied with the project’s budget progress due to its low expense despite having originally required the higher-priced t2.large instance in the stack’s creation.


Monthly non-credit billing
Due to it being a new month, my AWS account has sent a billing invoice for the month prior.
Billing Statement_LI

In following the available hyperlink, my billing information is brought up. It shows that these charges are from my budgets and tax.
Billing Statement Reason

Although I am unhappy with being charged, rather than the fee being removed from my available credits, I consider it worthwhile to keep in consistent knowledge of the expenses involved from each project.

Running the CloudFormer Template

This blog post follows on from the previous post: Adjusting the CloudFormer Template

After the first stack creation of the CloudFormer template, the rollback errors provide information on what needs to be adjusted in the JSON script.

The following list contains the ‘CREATE_FAIL’ events, and my method in resolving these errors.

Adjustments to the CF Template

  • FAIL: dbsubnetdefaultvpc91a918f5; Some input subnets (subnet-1ab50b43, subnet-93532cf7) are invalid.
    • Attempting to remove from the JSON script:
      “SubnetIds”: [
    • The first attempt was unsuccessful, so attempting to delete the entire subnet:
      “dbsubnetdefaultvpc91a918f5”: {
      “Type”: “AWS::RDS::DBSubnetGroup”,
      “Properties”: {
      “SubnetIds”: [
      “DBSubnetGroupDescription”: “Created from the RDS Management Console”,
      } },
    • This was successful


  • FAIL: Route4, Route1; Exactly one of [GatewayId, NatGatewayId, InstanceId, VpcPeeringConnectionId, NetworkInterfaceId, EgressOnlyInternetGatewayId] must be specified and not empty.
    • Attempting to remove from the JSON script, routes 4 and 1:
      “route4”: {
      “Type”: “AWS::EC2::Route”,
      “Properties”: {
      “DestinationCidrBlock”: “”,
      “RouteTableId”: {
      “Ref”: “rtbdbb390bf”

      “route1”: {
      “Type”: “AWS::EC2::Route”,
      “Properties”: {
      “DestinationCidrBlock”: “”,
      “RouteTableId”: {
      “Ref”: “rtb40ad8e24”

    • This was successful


  • FAIL: Route 5, Route 2; Exactly one of DestinationCidrBlock and DestinationIpv6CidrBlock must be specified and not empty.
    • Inserting “DestinationCidrBlock”: “”, into Properties for Route2 in the JSON script.
    • Inserting “DestinationCidrBlock”: “”, into properties for Route 5 in the JSON script (This relates to subnet cidr 1A)
    • This was successful


  • FAIL: Route 5, Route 2; The Gateway ID (vpce-20e01049) does not exist.
    • Attempting to delete both routes from the JSON script:
      “route2”: {
      “Type”: “AWS::EC2::Route”,
      “Properties”: {
      “DestinationCidrBlock”: “”,
      “RouteTableId”: {
      “Ref”: “rtb40ad8e24”
      “GatewayId”: “vpce-20e01049”

      “route5”: {
      “Type”: “AWS::EC2::Route”,
      “Properties”: {
      “DestinationCidrBlock”: “”,
      “RouteTableId”: {
      “Ref”: “rtbdbb390bf”
      “GatewayId”: “vpce-20e01049”

    • This was successful


  • FAIL: lcADDSScenario3RDGWStack1USE0PZ69GKRQRDGWLaunchConfiguration1QJ9NVFDQSTXX;
    Invalid IamInstanceProfile: AD-DS-Scenario-3-RDGWStack-1USE0PZ69GKRQ-RDGWHostProfile-CLZHHC4VKEC1

    • Attempting to delete section from JSON script (line 269) … LaunchConfiguration… object:
      “IamInstanceProfile”: “AD-DS-Scenario-3-RDGWStack-1USE0PZ69GKRQ-RDGWHostProfile-CLZHHC4VKEC1”,
    • This was successful


After resolving all of these errors, my CloudFormer template was able to create a stack without any rollbacks.

037 CFTemplate Complete

Although I am pleased that I managed to enable the stack to reach the status of ‘CREATE_COMPLETE’, due to the large amount of script deleted, I am uncertain as to whether my script still runs as it was originally designed.

When I run my template though the AWS template designer, the following diagram is displayed.
038 CFTemplate DesignerTemplate

This diagram does not look the same as the sample diagram found in the Microsoft Quick Start guide for ‘Scenario 3’, shown below.
Figure for Scenario 3

My next step then, is to compare the two diagrams to determine the discrepancies between my stack template and the sample template.

Adjusting the CloudFormer Template

Once the AWS CloudFormer template has been created, it needs to be run through the AWS CloudFormation ‘Create Stack’ option. This has been done by copying the CloudFormer JSON script into the Notebook++ program, and then uploading the Notebook++ file during the ‘Select Template’ portion of the Stack creation settings.

000 Upload File

Once, the template has been chosen, it requires a name, and the option of a tag. For my stacks, they have been numbered in regards to how many iterations of the script I have run through ‘Create Stack’.

010 NewReview

During the creation process of the stack, the created events can be viewed.

005 Create_In_Progress

The initial template stack contains errors that cause the creation process to rollback, and fail to complete the stack’s creation.

006 Rollback Error

The method used in removing the errors, was to find the first ‘CREATE_FAILED’ event for the stack, and attempt to solve this event failure based upon the information provided in the right-hand column of the event.

For my first CloudFormer script, came across the following problems, which I attempted to solve.

Adjusting the CF Script

  • DestinationCidrBlock Empty
    • For each event fail that referenced this error, I sourced the IPs and their respective Cidr from the initial Microsoft ‘Scenario 3’ stack creation settings, and placed them into their corresponding Routes based upon the route description.
  • Missing NetworkInterfaceID
  • Unresolved Dependencies
    • The unresolved dependencies were specific to two different routes. As I couldn’t determine a resolution to this error, I saved a copy of each of the routes, then deleted them.

These errors comprised the bulk of my event failures, and throughout each iteration of the stack, more errors would evolve. Most of these errors were derived from the network interface JSON script that I had added to the CloudFormer script. I eventually came to conclusion, with the help of others, that I should re-attempt the Microsoft Quick-Start ‘Scenario 3’ template through CloudFormation and Cloudformer, which would provide me with a clean template to work upon again.

The persuasive reason behind this action was the knowledge that this project was not intended to focus on the intricacies of the JSON script, which I had been doing in my attempts to successfully fix my first CloudFormer script.

Budget Update: 28/05/2017

This past week has also been spent on adjusting a CloudFormer template. As such, my current expectation for my billing list is that it will be quite low. The only expenses that should have occurred, are the AD-DS CloudFormation template (description link here) that I ran again, and the charge from the successful build of the CloudFormer template’s stack.

When looking at my billing list for my account, only two services have been used; EC2, and KMS. Upon further inspection, I have determined that the KMS charge is from an encryption key set in US-East region, which is not related to the AD-DS build.

The EC2 billing report is as follows:


I input this data, as well as last weeks data, in order to grasp a greater understanding of what charges have been incurred.

AD DS Budget Sheet

It appears that this past week has been less expensive than the one prior. This reduced charge is found within the EBS service specifics, which still contains the carry-over charges from the DinoStore volumes that I recently deleted. Hence, my first EBS budget isn’t exclusive to the AD-DS project charges and needs to be adjusted.

The adjusted AD-DS Budget Sheet is below, where the fee discrepancy has been resolved using the information from the ‘Budget Update: 14/05/2017‘, which contains my last reference to the DinoStore EBS volumes.

Budget Sheet Adjusted

I am unsure of the $0.19 difference in the General Purpose SSD (gp2) provisioned storage expense for the two dates, but may be able to verify whether this expense difference could be considered outlying with my next budget report.


Microsoft Active Directory Quick Start: Scenario 3

In order to fully determine how the ‘Microsoft Active Directory Quick Start: AD DS with AWS Directory Service on the AWS Cloud’ template works, I implemented the template into AWS CloudFormation’s ‘Create Stack’ option.
001 New Stack_LI

The creation of this stack involved many specific details that I hadn’t previously considered would be of importance. However, as I went through the details, I recalled seeing them within the JSON scripts that I had been altering.
003 Specify Details NS AZ_Options004 Specify Details NS EC2_Config N_D005 Specify Details NS RDGW N_D

There were a few things that had me momentarily confused. One of these was with my availability zones, as I had not realized that my account region was set to Oregon. As I live in New Zealand, the Sydney region is the most optimal for reducing latency. To change this, I needed to quit this stack creation and start it again within the Sydney region. Also, because of initial lack of realization of setting up the template within a different region, I did not understand why I could access my key pair. The revelation of being in the wrong region helped my realize that key pairs are region specific, something which  I did not know earlier.

The next step in setting up the stack was the ‘Options’, in which I created a tag for the stack, but did not change any of the permission settings as I currently don’t want to create more potential complication than necessary. This is something that I could consider adjusting once I manage to successfully recreate the CloudFormer version of this stack.
006 Options NS

Upon reviewing the reviewing the stack template to be created, and pressing ‘create’, the site responded with the following error:
010 Error from CIDR

In my ignorance of what information was required for the stack creation, I had left the Remote Desktop Gateway (RDGW) CIDR blank in the ‘Network Configuration’ section. I had also left the ‘Microsoft Active Directory’ section blank, as I didn’t fully understand why it was needed, and so had left it clear.

My first attempt to solve to the RDGW CIDR was to input the VPC CIDR into it. However, this did not work. One of my classmates suggested using the CIDR from the first public subnet, which ended up working, as it appears that the gateway required a larger mask than the one that is supplied with the VPC.
012 RDGW IP config NS

I also filled in the Microsoft Active Directory section once I realized that it required input.
011 AD Config for NS


Once these problems were resolved, I was able to create the stack.
018 AD_DS Stacks
This particular template created four stacks; an AD stack, a VPC stack, an RDGW stack, and a general stack. Each of which, implemented certain AWS services.

The RDGW stack had the following outputs:
022 RDGW Stack Outputs


The AD stack had the following outputs:
023 AD Stack Overview


The VPC stack had the following outputs:
024 VPC Stack Outputs


The general stack had no outputs:
025 3S Stack Outputs


The outputs from the stacks are important to know as they can be selected in CloudFormer, but don’t necessarily have a tag attached, which can make them hard to distinguish from any other service objects that still exist within the AWS system. It is also important because not all of them exist on the free tier, which means that if the stacks are left running, a large fee can quickly accrue. The simplest way to stop the fees is to delete the stacks as that deletes all of the service objects involved. This is not always the optimal choice, but it is the best one for me once I’ve mapped the stacks through CloudFormer.

AD in CloudFormation: JSON files

When starting up scenario 3 (mentioned in my previous blog), the CloudFormation service offers the option of ‘View/Edit template in Designer’. This provides me the JSON script for the template, and a physical diagram.

CF JSON and PhysMod

My first attempt in understanding and manipulating the template was by playing with the JSON scripts. I was playing around with the template, which contained links between different stacks. This made it harder to adjust the code as I needed to constantly determine where the script was pointing.

In the end, I was unable to modify the code and keep it in working order. However, this endeavor did help me gain an understanding of the code, for its format, and what AWS services it contains.

This information should provide me greater understanding in how to adjust the template that I will gain through my next method of using CloudFormer.