AWS CloudFormation

You can find more details in the subpages:

• Getting Started
• Reference
• Integrating with AWS Serverless Application Model (SAM)
• Integrating with the Serverless Framework

Why use CloudFormation?

CloudFormation is an excellent Infrastructure-as-Code tool that supports transactional deploys (automatically rolling back on failure), has a rich construct library, and does not require separate state management like Terraform or Pulumi.

Even if you don't want to write YAML/JSON files directly, there are multiple frameworks that let you write your CloudFormation config in more ergonomic, general-purpose languages.

Why use Spacelift with CloudFormation?

Spacelift helps you manage the complexities and compliance challenges of using CloudFormation. It brings with it a GitOps flow, so your infrastructure repository is synced with your CloudFormation Stacks, and pull requests show you a preview of what they're planning to change. It also has an extensive selection of policies, which lets you automate compliance checks and build complex multi-stack workflows.

You can also use Spacelift to mix and match Terraform, Pulumi, and CloudFormation Stacks and have them talk to one another. For example, you can set up Terraform Stacks to provision required infrastructure (like an ECS/EKS cluster with all its dependencies) and then connect that to a CloudFormation Stack which then transactionally deploys your services there using trigger policies and the Spacelift provider run resources for workflow orchestration and Contexts to export Terraform outputs as CloudFormation input parameters.

Does Spacelift support CloudFormation frameworks?

Yes! We support AWS CDK, AWS Serverless Application Model (SAM), and the Serverless Framework. You can read more about it in the relevant subpages of this document.

Template bucket limitations

Spacelift uses a user-provided S3 bucket to upload templates to as part of applying your changes. When creating this bucket, please make sure that the bucket name does not contain any periods (.). Using a bucket name containing periods will cause the template upload to fail.

Drift Detection limitations

Spacelift does not support true drift detection for CloudFormation stacks. Currently, Spacelift relies on AWS ChangeSets to preview potential updates. ChangeSets only indicate what would change if the current template were reapplied, but they do not detect whether resources have been modified outside of CloudFormation.

This means that if infrastructure changes are made manually (for example, directly in the AWS Console or via the CLI), those changes may not be flagged as drift in Spacelift.

In contrast, AWS provides a separate DetectStackDrift API which can detect out-of-band modifications, but this is not currently used by Spacelift.

Important: Customers should not rely on Spacelift’s CloudFormation integration for full drift detection. If you need guaranteed drift detection, you must run AWS’s native drift detection (DetectStackDrift) outside of Spacelift.