AWS Resource Creation and Naming Conventions
AWS Resource Association with CloudFormation Stacks
Nucleator uses AWS CloudFormation extensively to create, manage and update AWS Resources within Nucleator Core Stacksets. Each Stackset invokes a top-level CloudFormation stack that hierarchically invokes child CloudFormation stacks. The top-level CloudFormation stack is named based on the Stackset name, Customer name and Account friendly name so that it can be easily identified. Related child stacks are all prefixed with the name of their parent stack.
This approach associates all AWS resources that are provisioned within a Nucleator Stackset to the created CloudFormation template(s), and provides a strong mechanism that signals the purpose, intent and lifecyle requirements for each of the Resources that comprise the CloudFormation stack.
CloudFormation templates can be tricky to maintain and edit by hand. The CloudFormation template that underlies each of these stacks is generated dynamically from templates and config/variables files that are maintained within Nucleator. Common settings that change within the template are in many cases exernalized into YAML config files that make it easy for administrators to reflect their intent for common use cases (e.g. changing network ACL ingress/egress rules). The approach also makes it possible to use CloudFormation's extensive capabilities to update stacks in place in running environments.
The association of resources with CloudFormation stacks also makes it straightforward to delete and re-create environments. The Nucleator CLI exposes the ability to delete the top-level CloudFormation stack for each Stackset, which in turn propagates to deletion of child stacks. The CloudFormation service manages the orchestration of resource deletion and considers ordering and dependencies among resources within each stack.
AWS Resource Naming
Associating Nucleator-provisioned resources with CloudFormation stacks provides one way to reliably identify sets of related resources over the lifecycle of your AWS Account.
Nucleator also names resources consistently, across multiple AWS Services. Nucleator also propagates names that are persisted in tags to related downstream resources (e.g. name propagation from ec2 resources to EBS volumes and snapshots).
Nucleator names resources in such a way that they will not conflict with resources created for other Stacksets, Cutomers, Cages or Accounts. This means that the names of resources include lots of business-meets-operations information that can also be used in the filtering and search functions of the AWS management console to help Ops and Business contributors to find resources.
Sometimes names assigned in one context create conflicts with underlying limitations associated with various AWS services. In some cases Nucleator will transform provided underlying name fragments to ensure that names are appropriately unique, remove precluded characters, transform characters (e.g. "." to "-" in S3 names) and/or shorten names through the use of reproducible hashes.
Key Benefits