Local Development

Run validations, previews, and deployments from your workstation with confidence.

Daily loop

  1. Pull the latest changes and install dependencies if anything changed.
  2. Modify or add templates under templates/ and update matching parameter files under the environment folder you are targeting.
  3. Run the validation script to execute Checkov (and any other scanners you enable) locally: 
    ./scripts/validate-templates.sh
    Need to tune the scanner? See the Checkov reference.
  4. Run cfn-lint if you want faster feedback than the full script: 
    cfn-lint templates/*.yml
    Want richer editor feedback while you work? Follow our tips on leveling up CloudFormation authoring in VS Code.
  5. Use Rain to preview changes before shipping. Run it directly so you can opt into change sets: 
    rain deploy templates/oidc-provider.yml --config parameters/test/oidc-provider.yml --changeset
    More tips are available in the Rain reference.
  6. Apply the change once you are comfortable: 
    ./scripts/deploy-templates.sh -e test
  7. Commit and push after local validation passes. The CI workflow mirrors the same checks, so green local runs usually mean green pipelines.

Switching environments

Because the deploy script requires an explicit -e flag, you can test multiple accounts in a single session:

./scripts/deploy-templates.sh -e staging
./scripts/deploy-templates.sh -e production

Each command reads from the matching parameters/<environment>/ folder, so keep those files up to date when you introduce new templates.

Testing template changes safely

When you are experimenting with large infrastructure changes, create a scratch parameter folder (for example parameters/lab/) and run Rain directly against it. Keep the folder out of version control by adding it to .gitignore.

Looking for automation details? The CI/CD Workflow guide breaks down what happens after you push.

GuidesCI/CD Workflow