AWS Partner Network (APN) Blog

New AWS CloudFormation Stack Quick-Create Links Feature Simplifies Customer Onboarding

By Ian Scofield and Erin McGill, Partner Solutions Architects at AWS

AWS Cloud AutomationWe recently wrapped up a four-part series (read parts 1, 2, 3, and 4) on using AWS CloudFormation to ease the creation of cross-account roles during customer onboarding. It takes the reader through creating custom launch stack URLs for AWS CloudFormation, using an AWS Lambda function to generate a custom template with individualized parameters, and automatically sending the Amazon Resource Name (ARN) of the created cross-account role back to the SaaS owner.

The process removes many of the manual steps involved in the creation of a cross-account role and the associated policy documents, reducing the chances of failure.

Although this solution simplified the workflow and helped reduce failure rates during onboarding, there were still two areas open to improvement:

  • We required the SaaS owner to customize each customer’s template and hardcode values. These templates needed to be stored, shared publicly, and then promptly deleted.
  • The AWS CloudFormation wizard contained multiple pages, and partners told us they wanted to streamline this process.

At Amazon Web Services (AWS), we listen to our customers and partners to learn where we can improve, and our roadmap is almost exclusively driven by customer feedback. Based on the feedback we received on the customer onboarding process, we are pleased to announce that the AWS CloudFormation team has added the Stack Quick-Create Links feature which solves the issues we outlined above.

  • Embedding parameters in the launch stack URL – The AWS CloudFormation team has removed the need to store customized templates by adding the ability to embed parameter values directly in the launch stack URL.
  • Streamlined launch stack wizard – Users will now be directed to an AWS CloudFormation wizard that has been reduced to a single page.

Embedding Parameters in the Launch Stack URL

A launch stack URL makes it easy for customers to launch AWS CloudFormation templates by sending them straight to the AWS CloudFormation wizard with the template location and stack name pre-populated.

As a refresher, the URL looks like this:

https://console.aws.amazon.com/cloudformation/home?region=region#/stacks/new?
stackName=stack_name&templateURL=template_location

In the scenario we outlined in our series, we used a launch stack URL to help customers launch an AWS CloudFormation template and create a cross-account role in their AWS account. The template associated with the URL contained unique, customer-specific values for the trusted account ID and external ID, and needed to be generated for each customer. The template was then hosted in an S3 bucket until the customer launched it. We also required a cleanup method to ensure that templates didn’t remain accessible post-launch. However, this process was burdensome on the partner and required additional infrastructure, including multiple Lambda functions and an S3 bucket, to execute.

We discussed these challenges with the AWS CloudFormation service team, and they worked hard to resolve this problem and released a feature that lets you embed parameter values in the launch stack URL. This enables us to specify unique values for the trusted account ID and the external ID directly in the URL, which allows for the template to be generated on the fly. The partner no longer has to create, store, and ultimately delete the templates. In order to embed your parameters, just prepend the parameter name with param_ followed by your name=value pair.

The new syntax looks like this:

https://console.aws.amazon.com/cloudformation/home?region=region#/stacks/create/review?
stackName=stack_name&templateURL=template_location&param_name1=value1&param_name2=value2

Here’s an example URL that we can use in our Cross-Account Role scenario:

https://console.aws.amazon.com/cloudformation/home?region=region#/stacks/create/review?
stackName=stack_name&templateURL=template_location&param_ExternalId=abcd1234&param_TrustedAccount=123456789012

Streamlined Launch Stack Wizard

You may have noticed above that another part of the URL has changed. The /stacks/new part of the URL has changed to /stacks/create/review. This new feature streamlines the AWS CloudFormation wizard to remove additional pages for certain use cases. Every partner strives to make the onboarding experience as quick and smooth as possible to reduce the risk that the customer will abandon the onboarding process.

Our earlier process required the customer to navigate through four separate sections, like this:

Figure 1 – Traditional AWS CloudFormation launch stack wizard.

 

When you change /stacks/new part of the URL to /stacks/create/review in your launch URL, customers will be greeted by a single review screen that doesn’t require them to click Next on any pages. If there are any additional parameters that don’t need to be pre-populated, they will be present here as well for the user to fill out. All they need to do is click the Create button at the bottom of the screen.

Figure 2 – Streamlined AWS CloudFormation launch stack review page.

 

As you can see, this drastically streamlines the process and enables a much quicker and smoother workflow for onboarding customers.

Here’s an example URL that we can use in our cross-account role scenario to generate the screenshot in Figure 2:

https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3-us-west-2.amazonaws.com/isco/wizard.yml&stackName=CrossAccountRoleSetup&param_TrustedAccount=123456789012&param_ExternalId=abcd1234

Note: This feature doesn’t currently support NoEcho or password parameters for security reasons.

Try it Out

With the addition of embedding parameters in the URL and the streamlined wizard, customers have a faster, smoother onboarding experience, and partners need less infrastructure to manage custom workflows. To learn more about these features, check out the AWS CloudFormation documentation.

Feel free to try out these two new features and let us know your thoughts. If you have any ideas on how to make any of our services better or to improve the customer experience, please reach out and let us know!