While doing my investigation into CloudFormation I ran into the problem of bootstrapping the environment versus upgrading it. My CloudFormation template had everything I needed to spin up the entire environment, a VPC, public and private subnets, bastion host, RDS instance in the private subnet, a DynamoDB instance, etc. While this would nicely spin up a brand new environment it didn’t address how to update an existing environment. My programmer’s mindset thought about conditional checks, but CloudFormation templates don’t have any such logic.
The approach I plan to investigate is to have a template that spins up the long-lived services like the RDS and DynamoDB instances into a VPC and then have another template that spins up a VPC for the data and event processing environment that will have continuous enhancements and fixes. The two VPCs can then communicate with VPC Peering. This setup allows for Blue/Green deployment and the ability to minimize downtime in the processing environment.
This is theoretical of course, but seems like a reasonable approach. Anybody have a similar challenge they solved in this way?