How to Implement Infrastructure as Code with AWS CloudFormation: Complete Step by Step Guide
By Braincuber Team
Published on March 31, 2026
Infrastructure as Code (IaC) is the process of provisioning and managing your cloud resources by writing a template file that is both human-readable and machine consumable. For AWS cloud development, the built-in choice for IaC is AWS CloudFormation. Using IaC, developers can manage a project's infrastructure efficiently, allowing them to easily configure and maintain changes within a project's architecture and resources. This complete tutorial will demonstrate the difference between manually provisioning resources and deploying a CloudFormation script to create a serverless Lambda function and REST API on AWS.
What You'll Learn:
- What Infrastructure as Code is and why it matters for AWS development
- How to manually deploy Lambda functions and API Gateway using the AWS console
- How to automate the same deployment using CloudFormation and SAM templates
- Writing YAML template files for Lambda functions and REST APIs
- Deploying CloudFormation stacks using AWS CLI commands
- The benefits of IaC for speed, consistency, and team collaboration
Understanding Infrastructure as Code
There are numerous IaC tools available such as Ansible, Puppet, Chef, and Terraform. For this guide, we'll use CloudFormation, which was made specifically for AWS resources. Without IaC, the time and cost of manual deployment of various infrastructures can be much greater compared to maintaining infrastructure as software.
| AWS Service | Description |
|---|---|
| AWS API Gateway | Create, publish, and monitor secure REST and WebSocket APIs |
| AWS Lambda | Serverless compute service for running backend functions |
| IAM | Manage access to AWS services through roles and permissions |
| AWS CLI | Command line interface for working with AWS services and resources |
| AWS SAM | Abstraction of CloudFormation for developing serverless applications |
Prerequisites
You'll need an AWS account and AWS CLI installed on your machine. Some knowledge of AWS is helpful to understand the concepts. Create an account at aws.amazon.com/console and install the CLI from aws.amazon.com/cli.
Step 1: Deploy Resources Manually Using the AWS Console
In manual deployment, we work inside the AWS console. It can be hard to track changes while working outside the local IDE, especially for large-scale projects. However, understanding the manual process helps you appreciate what CloudFormation automates.
Create a Lambda Function
First, navigate to AWS Lambda in the console and create a new function. If you want your Lambda function to work with other services, you must give permissions for those services by creating a role with the appropriate permissions.
import json
def lambda_handler(event, context):
# TODO implement
return {
'statusCode': 200,
'body': json.dumps('Hello World!')
}
Create a REST API with API Gateway
Now that we have configured our Lambda function, the next step is to create a REST API to interact with it. Go to Amazon API Gateway, click Create API, and select REST API from the provided options.
Create REST API
Navigate to API Gateway, click Create API, and select REST API. Give your API a name and description.
Integrate with Lambda
Create a GET method from the Actions menu and point the REST API to your Lambda function using the Lambda integration option.
Deploy and Test
Deploy the API to a stage (e.g., "prod"). You'll receive a URL that triggers the Lambda function when accessed.
After deploying the API, you can see a URL on the "prod" stage. Hitting this URL will trigger the Lambda function. Since we returned "Hello World" from our Lambda function, you should see that result in your browser.
Step 2: Deploy with CloudFormation and SAM
Manual deployment usually takes a few minutes. But imagine having more than one API, method, and multiple developers working on them. In this scenario, tracking all the resources and changes would be challenging. CloudFormation gives developers flexibility to adjust their infrastructure with a simple script.
How Does CloudFormation Work?
We'll use a YAML file to provision and declare resources, then deploy them to AWS to create a CloudFormation stack. CloudFormation is a stack that contains all the resources required for the project. We'll use the SAM template — an abstraction of CloudFormation that allows building serverless applications with less YAML code.
YAML vs JSON
YAML is like JSON but more human-readable. CloudFormation supports both file formats. For this tutorial, we'll use YAML with SAM templates for cleaner, more concise infrastructure definitions.
Create the Lambda Function File
First, head to your local IDE and write the same Lambda function we created in the AWS console. Save this as helloworld.py.
import json
def lambda_handler(event, context):
# TODO implement
return {
'statusCode': 200,
'body': json.dumps('Hello World!')
}
Create the CloudFormation Template
Next, create a template.yaml file containing our infrastructure. We'll define our Lambda function and API Gateway in this file. Start with the common SAM template header:
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: First CloudFormation template
Now add Globals to the template. Globals are common configs for the resources you're deploying. They allow you to declare information globally for a specific resource type rather than specifying it again and again for different resources.
Globals:
# Common to all Lambda functions you create
Function:
MemorySize: 128
Runtime: python3.6
Timeout: 5
Finally, define the Resources tag in the template. The Lambda function and REST API come under this tag. The event configuration creates a REST API that triggers the Lambda function.
Resources:
# Lambda and API GW Integrated
helloworld:
Type: AWS::Serverless::Function
Properties:
# filename.functionname
Handler: helloworld.lambda_handler
# REST API created
Events:
PostAdd:
Type: Api
Properties:
Path: /helloworld
Method: get
Additional Parameters Available
There are many additional parameters like CodeURI and Description that you can specify for your serverless function. The best way to create a template file is to review the CloudFormation documentation and see all available parameters for your specified resource or service.
Step 3: Deploy the Template File Using AWS CLI
We can deploy our template.yaml file using two AWS CLI commands. The first command packages the template and uploads it to an S3 bucket. The second command deploys the packaged template as a CloudFormation stack.
# S3 bucket stores our SAM template which we need to deploy
aws cloudformation package --template-file template.yaml --output-template-file sam-template.yaml --s3-bucket helloworld-sam
After running this command, you'll see a SAM template file generated. We'll use this file in the second command. Make sure the S3 bucket (helloworld-sam) exists in your AWS account before running this command.
# Deploy stack
# Point to template file created by previous command
# Provide a stack name and your deployment region
aws cloudformation deploy --template-file /path/to/sam-template.yaml --stack-name test-stack --capabilities CAPABILITY_IAM --region us-east-1
After executing both commands, you'll see the stack created in the CLI. You can verify it using CloudFormation in the AWS console. There you'll see all the resources provisioned through the code created and deployed using the template.yaml file.
Speed & Efficiency
IaC dramatically reduces deployment time. What takes minutes manually can be automated and repeated consistently across environments.
Version Control
Infrastructure templates can be version controlled, reviewed, and collaborated on like any other code in your project.
Team Collaboration
Multiple developers can work on the same infrastructure with clear tracking of changes, reducing conflicts and errors.
Repeatability
Deploy identical infrastructure across development, staging, and production environments with a single template file.
You can click on the API in the CloudFormation console and access the URL to check the output, just as we did for the manual deployment. The result should be the same — "Hello World" returned from the Lambda function triggered by the API Gateway.
Frequently Asked Questions
What is Infrastructure as Code?
Infrastructure as Code (IaC) is the process of provisioning and managing cloud resources by writing template files that are both human-readable and machine consumable. It allows developers to manage infrastructure efficiently through code rather than manual console operations.
What is the difference between CloudFormation and SAM?
AWS SAM (Serverless Application Model) is an abstraction of CloudFormation designed specifically for serverless applications. It requires less YAML code and provides simplified syntax for defining Lambda functions, API Gateways, and other serverless resources.
Why use IaC instead of manual deployment?
IaC provides version control, repeatability, team collaboration, and faster deployment. Manual deployment becomes challenging to track with multiple APIs, methods, and developers. IaC allows adjusting infrastructure with simple script changes.
What file formats does CloudFormation support?
CloudFormation supports both YAML and JSON file formats. YAML is more human-readable and commonly used, especially with SAM templates. JSON is also valid but tends to be more verbose for complex infrastructure definitions.
What does CAPABILITY_IAM mean in the deploy command?
CAPABILITY_IAM acknowledges that your template may create IAM resources (roles, policies). This is a safety measure since IAM resources can grant powerful permissions. You must explicitly acknowledge this capability when deploying.
Need Help with AWS Infrastructure?
Our experts can help you design, implement, and optimize your AWS Infrastructure as Code pipelines using CloudFormation, SAM, and other IaC tools for maximum efficiency and reliability.