Need advice about which tool to choose?Ask the StackShare community!
AWS CloudFormation vs AWS Service Catalog: What are the differences?
Introduction
In this article, we will discuss the key differences between AWS CloudFormation and AWS Service Catalog. Both services are offered by Amazon Web Services (AWS) and are used to manage and deploy resources in the cloud. However, they serve different purposes and have distinct features and capabilities.
CloudFormation Templates vs. Service Catalog Portfolios: AWS CloudFormation allows you to create and manage a collection of AWS resources using templates written in JSON or YAML. These templates provide a declarative language to define the infrastructure and its dependencies. On the other hand, AWS Service Catalog allows you to create and manage catalogs of approved IT services that can be shared and used within your organization. Service Catalog uses portfolios to group related products and services together, enabling easy provisioning and management.
Infrastructure Provisioning vs. Service Management: While AWS CloudFormation focuses on infrastructure provisioning by creating and managing stacks of AWS resources, AWS Service Catalog focuses on service management by providing a self-service portal for users to deploy pre-approved services. With CloudFormation, you can define the desired state of the infrastructure and let the service handle the provisioning and configuration of resources. Service Catalog, however, focuses on providing a catalog of curated services that can be easily deployed by end-users.
Stack-based vs. Product-based Deployments: AWS CloudFormation organizes resources into stacks, where each stack represents a collection of related resources that are created and managed as a single unit. Stack-based deployments allow you to create, update, or delete an entire stack of resources consistently. In contrast, AWS Service Catalog manages products that can be deployed independently of each other. This product-based approach allows for more granular control over the individual services being deployed, updated, or deleted.
Declarative vs. Business Approval Process: CloudFormation templates are declarative, which means you specify the desired configuration and AWS handles the provisioning and ongoing management of the resources. Service Catalog, on the other hand, introduces a business approval process. This process allows administrators to control the availability and access to products in the catalog, ensuring that only approved services are made available to end-users. This additional layer of governance allows for better control over service deployment within organizations.
Resource-Centric vs. Service-Centric: CloudFormation is primarily resource-centric, allowing you to define and manage AWS resources such as EC2 instances, S3 buckets, and RDS databases. It focuses on the low-level infrastructure components required for your application or solution. AWS Service Catalog, being service-centric, is designed to manage the entire lifecycle of services and applications. It allows you to define and provision higher-level services, such as databases, email services, and monitoring tools, making it more suitable for managing complete solutions.
Developer vs. End-User Focus: AWS CloudFormation is primarily developer-focused, enabling DevOps teams to define and manage infrastructure as code. It provides the necessary tools and automation to provision resources consistently and repeatably. On the other hand, AWS Service Catalog is end-user focused, providing a self-service portal where users can discover, browse, and deploy services from a curated catalog. It enables business users to easily access and deploy pre-approved services without needing to know the underlying infrastructure details.
In summary, AWS CloudFormation is a resource-centric service that focuses on infrastructure provisioning and management using templates, while AWS Service Catalog is a service-focused solution that allows for the creation and management of curated catalogs of pre-approved services. While CloudFormation is developer-centric and manages resources in a stack-based approach, Service Catalog is end-user focused and provides an interface for self-service deployments with a product-based approach.
Because Pulumi uses real programming languages, you can actually write abstractions for your infrastructure code, which is incredibly empowering. You still 'describe' your desired state, but by having a programming language at your fingers, you can factor out patterns, and package it up for easier consumption.
We use Terraform to manage AWS cloud environment for the project. It is pretty complex, largely static, security-focused, and constantly evolving.
Terraform provides descriptive (declarative) way of defining the target configuration, where it can work out the dependencies between configuration elements and apply differences without re-provisioning the entire cloud stack.
AdvantagesTerraform is vendor-neutral in a way that it is using a common configuration language (HCL) with plugins (providers) for multiple cloud and service providers.
Terraform keeps track of the previous state of the deployment and applies incremental changes, resulting in faster deployment times.
Terraform allows us to share reusable modules between projects. We have built an impressive library of modules internally, which makes it very easy to assemble a new project from pre-fabricated building blocks.
DisadvantagesSoftware is imperfect, and Terraform is no exception. Occasionally we hit annoying bugs that we have to work around. The interaction with any underlying APIs is encapsulated inside 3rd party Terraform providers, and any bug fixes or new features require a provider release. Some providers have very poor coverage of the underlying APIs.
Terraform is not great for managing highly dynamic parts of cloud environments. That part is better delegated to other tools or scripts.
Terraform state may go out of sync with the target environment or with the source configuration, which often results in painful reconciliation.
I personally am not a huge fan of vendor lock in for multiple reasons:
- I've seen cost saving moves to the cloud end up costing a fortune and trapping companies due to over utilization of cloud specific features.
- I've seen S3 failures nearly take down half the internet.
- I've seen companies get stuck in the cloud because they aren't built cloud agnostic.
I choose to use terraform for my cloud provisioning for these reasons:
- It's cloud agnostic so I can use it no matter where I am.
- It isn't difficult to use and uses a relatively easy to read language.
- It tests infrastructure before running it, and enables me to see and keep changes up to date.
- It runs from the same CLI I do most of my CM work from.
Pros of AWS CloudFormation
- Automates infrastructure deployments43
- Declarative infrastructure and deployment21
- No more clicking around13
- Any Operative System you want3
- Atomic3
- Infrastructure as code3
- CDK makes it truly infrastructure-as-code1
- Automates Infrastructure Deployment1
- K8s0
Pros of AWS Service Catalog
Sign up to add or upvote prosMake informed product decisions
Cons of AWS CloudFormation
- Brittle4
- No RBAC and policies in templates2
Cons of AWS Service Catalog
Sign up to add or upvote consMake informed product decisions
What is AWS CloudFormation?
What is AWS Service Catalog?
Need advice about which tool to choose?Ask the StackShare community!
What companies use AWS CloudFormation?
What companies use AWS Service Catalog?
Sign up to get full access to all the companiesMake informed product decisions
What tools integrate with AWS CloudFormation?
What tools integrate with AWS Service Catalog?
Sign up to get full access to all the tool integrationsMake informed product decisions
Blog Posts
+29
+42+47
+26
+23
+39
+35