I am missing aws cloudformation ensure-stack --stack-name my-stack --local-template-file my-file.yaml to just make the infrastructure as I described it. Current aws cli requires awkward handling like this (pseudocode): aws cloudformation list-stacks if stack exists try aws cloudformation update-stack catch "nothing changed in your stack" ignore end else aws cloudformation create-stack end I hope, AWS will extend awscli some day! In the mean time, to work around the pain of aws cli, since we are using ansible for orchestration anyway, I just reference the cloudformation template from an ansible playbook.

For some tasks, you want to run them only once on server creating. For example create an empty database on server creating, or you can even restore the last known backup on creating a new database VM. Surely you do not want to run it on subsequent ansible runs to not to overwrite the latest changes to the database. There are many ways in ansible to achieve this: create a custom fact on the first run touch some file to signal to the subsequent runs, that one run already happened But I prefer behaviour-based checks, the same way I used to do it in JavaScript - never check for the browser agent-string, check for the desired behaviour.

Here are the slides from my last talk at AWS Tech Community Days: You can also download via SlideShare for e.g. copy & paste from code snippets: Terraform, Ansible or pure CloudFormation