Add CloudFormation Templates
This topic describes how to set up a Harness Infrastructure Provisioner for CloudFormation.
Once the Harness Infrastructure Provisioner is set up, you can use it to define a deployment target in a Harness Infrastructure Definition.
Once you add the Infrastructure Definition to a Workflow, you add a CloudFormation Create Stack step to the Workflow. The CloudFormation Create Stack step uses the same Harness Infrastructure Provisioner to run your templates and build the target infrastructure, and then deploy to it.
This topic walks you through a detailed setup of a Harness CloudFormation Provisioner.
In this topic:
- Before You Begin
- Limitations
- Visual Summary
- Step 1: Add a CloudFormation Provisioner
- Step 2: Add Your CloudFormation Template
- Step 3: Add Input Variables
- Step 4: Complete the CloudFormation Provisioner
- Next Steps
Before You Begin
Limitations
Harness supports first class CloudFormation provisioning for AWS-based infrastructures:
- SSH
- AMI/Auto Scaling Group
- ECS
- Lambda
AWS CloudFormation has its own template limits. See Limits and Restrictions from AWS.
Visual Summary
This topic describes step 1 in the Harness CloudFormation Provisioning implementation process:

Once you have completed this topic, you can move onto the next step: Map CloudFormation Infrastructure.
Step 1: Add a CloudFormation Provisioner
Setting up the CloudFormation Provisioner involves the following steps:
- Add your CloudFormation template via its S3 bucket, Git repo, or simply paste it into Harness.
- Import any input variables.
Let's get started.
To set up a CloudFormation Infrastructure Provisioner, do the following:
- In your Harness Application, click Infrastructure Provisioners.
- Click Add Infrastructure Provisioner, and then click CloudFormation. The Add CloudFormation Provisioner dialog appears.
- In Display Name, enter the name for this provisioner. You will use this name to select this provisioner in Harness Infrastructure Definition and the CloudFormation Create Stack Workflow step.
Step 2: Add Your CloudFormation Template
Your CloudFormation template can be added in one of three ways:
- AWS S3 bucket.
- Git repo.
- Paste in the template.
For S3 and the Git repo, you must have an AWS Cloud Provider or Source Repro Provider set up in Harness. See Set Up Your Harness Account for CloudFormation.
Let's walk through these options.
Template Body
- If you select Template Body, then paste in the CloudFormation template JSON or YAML.

Git Repository
For Git Repository, ensure that you have added a SourceRepo Provider in Harness that connects to your Git repo. For more information, see Add SourceRepo Providers.
If you select Git Repository, do the following:
- In Source Repository, select a SourceRepo Provider for the Git repo you added to your Harness account.
- In Commit ID, select Latest from Branch or Specific Commit ID.
- In Branch/Commit ID, enter the branch or commit ID for the remote repo.
- In File Path, enter the repo file and folder path.
For example, if the full path to your script is http://github.com/johnsmith/harness/branch1/scripts/foo.yaml, and you selected Branch and entered branch1, in File Path you can enter scripts/foo.yaml or even ./scripts/foo.yaml.
Using the same example, if you selected Specific Commit ID and enter a commit ID, in File Path you can enter scripts/foo.yaml or even ./scripts/foo.yaml.
Amazon S3
For Amazon S3, ensure you have added an AWS Cloud Provider to connect Harness to your AWS account, as described in Set Up Your Harness Account for CloudFormation.
If you select Amazon S3, in Template File Path, enter the URL for the template in its S3 bucket.

Ensure that the AWS Cloud Provider has permissions to read the bucket contents. The required policies is AmazonS3ReadOnlyAccess
and you need another policy with the action cloudformation:GetTemplateSummary
. See Set Up Your Harness Account for CloudFormation.
Step 3: Add Input Variables
Likely, your template contains input parameters that require specific values be passed in when Harness creates a stack from the template. For example, here is an input parameter for a key pair named KeyName:
Parameters:
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
Type: 'AWS::EC2::KeyPair::KeyName'
ConstraintDescription: must be the name of an existing EC2 KeyPair.
You can add these input parameters to your Harness CloudFormation Provisioner and specify the values for the inputs when you use this provisioner in a Workflow.
In Variables, click Add to add your inputs manually.
You can use Populate Variables if you added a URL to your template in an S3 bucket or Git repo.
We will cover the Populate Variables scenario.
- Click Populate Variables. The Populate from Example assistant appears.
- If you are using an AWS S3 source:
- In AWS Cloud Provider, select the AWS Cloud Provider you added that has permission to access the template in the S3 bucket.
- In Region, select the AWS region where the AWS Cloud Provider should connect. AWS S3 is global, but AWS connections require a region.
- If you are using a Git Repository source, you do not need to enter anything.
- Click Submit. The input parameters from your template are added automatically:
- For each input, select the type of value required: Text or Encrypted Text. When this provisioner is added to a Workflow, the user will have to provide a value for the input that matches the type. Encrypted Text values use secrets you set up in Harness Secrets Management.
Here is what the input variables look like in a Workflow CloudFormation Create Stack step:

Step 4: Complete the CloudFormation Provisioner
Once you have completed your setup, click Submit. The CloudFormation Provisioner is created.

Next you will map template outputs to the Harness Infrastructure Definition settings Harness requires for provisioning.