cloudformation-best-practices
CloudFormation template optimization, nested stacks, drift detection, and production-ready patterns. Use when writing or reviewing CF templates.
About this skill
Leverage the `cloudformation-best-practices` skill to transform your AWS CloudFormation templates into robust, optimized, and production-ready infrastructure-as-code. This skill embodies an expert persona in AWS CloudFormation, focusing on advanced template optimization techniques, designing efficient nested and cross-stack architectures, and implementing effective drift detection strategies. It serves as an invaluable resource for both authoring new CloudFormation templates and meticulously reviewing existing ones, ensuring adherence to best practices for maintainability, cost-efficiency, and operational excellence in AWS environments.
Best use case
Optimizing AWS CloudFormation templates; designing robust, scalable, and maintainable AWS infrastructure using CloudFormation; troubleshooting deployment issues; ensuring CloudFormation templates adhere to best practices for production environments.
CloudFormation template optimization, nested stacks, drift detection, and production-ready patterns. Use when writing or reviewing CF templates.
Users can expect CloudFormation templates that are optimized for performance, cost, and maintainability; well-structured infrastructure designs leveraging nested stacks; proactive identification and resolution of configuration drift; and enhanced confidence in their AWS infrastructure deployments.
Practical example
Example input
Review this CloudFormation template (YAML provided) and suggest optimizations for cost, security, and maintainability. ```yaml # Your CloudFormation template here ```
Example output
Template Review & Optimization Suggestions: 1. **Cost Optimization**: Consider using `DeletionPolicy: Retain` for S3 buckets if data persistence is critical, but `Delete` for temporary resources. For EC2 instances, explore reserved instances or spot instances for cost savings where applicable. 2. **Security**: Ensure IAM roles and policies follow the principle of least privilege. Avoid hardcoding sensitive values; use AWS Secrets Manager or Parameter Store. 3. **Maintainability**: Break down large templates using nested stacks for better modularity. Use `Description` fields for resources and outputs. *Code Example for S3 bucket optimization (if applicable to the provided template)*
When to use this skill
- Writing or reviewing CloudFormation templates (YAML/JSON)
- Optimizing existing templates for maintainability and cost
- Designing nested or cross-stack architectures
- Troubleshooting stack creation/update failures and drift
When not to use this skill
- The user prefers CDK or Terraform over raw CloudFormation
- The task is application code, not infrastruct
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/cloudformation-best-practices/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How cloudformation-best-practices Compares
| Feature / Agent | cloudformation-best-practices | Standard Approach |
|---|---|---|
| Platform Support | Claude | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | easy | N/A |
Frequently Asked Questions
What does this skill do?
CloudFormation template optimization, nested stacks, drift detection, and production-ready patterns. Use when writing or reviewing CF templates.
Which AI agents support this skill?
This skill is designed for Claude.
How difficult is it to install?
The installation complexity is rated as easy. You can find the installation instructions above.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
SKILL.md Source
You are an expert in AWS CloudFormation specializing in template optimization, stack architecture, and production-grade infrastructure deployment.
## Use this skill when
- Writing or reviewing CloudFormation templates (YAML/JSON)
- Optimizing existing templates for maintainability and cost
- Designing nested or cross-stack architectures
- Troubleshooting stack creation/update failures and drift
## Do not use this skill when
- The user prefers CDK or Terraform over raw CloudFormation
- The task is application code, not infrastructure
## Instructions
1. Use YAML over JSON for readability.
2. Parameterize environment-specific values; use `Mappings` for static lookups.
3. Apply `DeletionPolicy: Retain` on stateful resources (RDS, S3, DynamoDB).
4. Use `Conditions` to support multi-environment templates.
5. Validate templates with `aws cloudformation validate-template` before deployment.
6. Prefer `!Sub` over `!Join` for string interpolation.
## Examples
### Example 1: Parameterized VPC Template
```yaml
AWSTemplateFormatVersion: "2010-09-09"
Description: Production VPC with public and private subnets
Parameters:
Environment:
Type: String
AllowedValues: [dev, staging, prod]
VpcCidr:
Type: String
Default: "10.0.0.0/16"
Conditions:
IsProd: !Equals [!Ref Environment, prod]
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VpcCidr
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
- Key: Name
Value: !Sub "${Environment}-vpc"
Outputs:
VpcId:
Value: !Ref VPC
Export:
Name: !Sub "${Environment}-VpcId"
```
## Best Practices
- ✅ **Do:** Use `Outputs` with `Export` for cross-stack references
- ✅ **Do:** Add `DeletionPolicy` and `UpdateReplacePolicy` on stateful resources
- ✅ **Do:** Use `cfn-lint` and `cfn-nag` in CI pipelines
- ❌ **Don't:** Hardcode ARNs or account IDs — use `!Sub` with pseudo parameters
- ❌ **Don't:** Put all resources in a single monolithic template
## Troubleshooting
**Problem:** Stack stuck in `UPDATE_ROLLBACK_FAILED`
**Solution:** Use `continue-update-rollback` with `--resources-to-skip` for the failing resource, then fix the root cause.Related Skills
nft-standards
Master ERC-721 and ERC-1155 NFT standards, metadata best practices, and advanced NFT features.
nextjs-app-router-patterns
Comprehensive patterns for Next.js 14+ App Router architecture, Server Components, and modern full-stack React development.
new-rails-project
Create a new Rails project
networkx
NetworkX is a Python package for creating, manipulating, and analyzing complex networks and graphs.
network-engineer
Expert network engineer specializing in modern cloud networking, security architectures, and performance optimization.
nestjs-expert
You are an expert in Nest.js with deep knowledge of enterprise-grade Node.js application architecture, dependency injection patterns, decorators, middleware, guards, interceptors, pipes, testing strategies, database integration, and authentication systems.
nerdzao-elite
Senior Elite Software Engineer (15+) and Senior Product Designer. Full workflow with planning, architecture, TDD, clean code, and pixel-perfect UX validation.
nerdzao-elite-gemini-high
Modo Elite Coder + UX Pixel-Perfect otimizado especificamente para Gemini 3.1 Pro High. Workflow completo com foco em qualidade máxima e eficiência de tokens.
native-data-fetching
Use when implementing or debugging ANY network request, API call, or data fetching. Covers fetch API, React Query, SWR, error handling, caching, offline support, and Expo Router data loaders (useLoaderData).
n8n-workflow-patterns
Proven architectural patterns for building n8n workflows.
n8n-validation-expert
Expert guide for interpreting and fixing n8n validation errors.
n8n-node-configuration
Operation-aware node configuration guidance. Use when configuring nodes, understanding property dependencies, determining required fields, choosing between get_node detail levels, or learning common configuration patterns by node type.