By Jonathan Lackey, Field CTO @ ThunderCat Technology

Managing infrastructure as code just got a whole lot easier with AWS CloudFormation GitSync. This walkthrough will show you how to:

  • Set up a GitHub repository
  • Upload a CloudFormation template
  • Link your GitHub repo to the AWS CloudFormation Console
  • Automatically deploy changes on every Git push

This setup creates a powerful, automated pipeline for infrastructure deployment. With GitSync, your CloudFormation stack stays synchronized with your source code—just push to deploy.

Step 1: Create Your GitHub Repo

You’ll need a GitHub account for this. Here’s how to get started:

  1. Go to github.com
  2. Click the “+” in the upper right corner → New repository
  3. Name your repo (e.g., AWSGitSyncDemo)
  4. Set it to private (recommended), then click Create repository

Now, clone the new repo and create a CloudFormation template:

git clone https://github.com/YOUR_USERNAME/AWSGitSyncDemo.git
cd AWSGitSyncDemo

Create a file named GitSyncDemo.yaml with this template:

AWSTemplateFormatVersion: '2010-09-09'
Description: 'Template to create an S3 bucket with a parameterized name'

Parameters:
  BucketName:
    Type: String
    Description: 'Name for the S3 bucket'
    AllowedPattern: '^[a-z0-9][a-z0-9.-]*[a-z0-9]$'
    ConstraintDescription: 'Bucket name must contain only lowercase letters, numbers, dots (.), and hyphens (-).'

Resources:
  S3Bucket:
    Type: 'AWS::S3::Bucket'
    DeletionPolicy: Delete
    Properties:
      BucketName: !Ref BucketName
      VersioningConfiguration:
        Status: Suspended
      BucketEncryption:
        ServerSideEncryptionConfiguration:
          - ServerSideEncryptionByDefault:
              SSEAlgorithm: AES256

Outputs:
  BucketName:
    Description: 'Name of the created bucket'
    Value: !Ref S3Bucket
  BucketARN:
    Description: 'ARN of the created bucket'
    Value: !GetAtt S3Bucket.Arn

Commit and push it:

git add GitSyncDemo.yaml
git commit -m "Initial commit with CloudFormation template"
git push origin main

Step 2: Set Up GitSync in the AWS CloudFormation Console

  1. Head to the AWS Console > CloudFormation
  2. Click Create stack
  3. Under “Specify template,” select Sync from Git

Choose:

  • Create the file using the following parameters and place in my repository
  • Link a Git repository
  • Git provider: GitHub
  • Click Add a new connection

Step 3: Authorize GitHub

  1. You’ll be redirected to the Developer Tools > Connections in AWS
  2. Choose GitHub, name your connection, and click Connect to GitHub
  3. Authorize the AWS Connector for GitHub when redirected
  4. Choose Only select repositories, pick AWSGitSyncDemo, then install and authorize
  5. Back in AWS, complete the connection by clicking Connect

Step 4: Configure Repository & Template Settings

  1. In CloudFormation:
    • Connection: your GitHub connection
    • Repository: YOUR_USERNAME/AWSGitSyncDemo
    • Branch: main
    • Deployment file path: GitSyncDemo-Deploy.yaml
    • IAM Role: let AWS create a new one for you
  2. AWS will now generate the GitSyncDemo-Deploy.yaml file via a pull request.
  3. Accept the pull request in GitHub to enable GitSync.

Step 5: Configure Parameters and Stack Options

Set deployment parameters:

  • Deployment file path: GitSyncDemo.yaml
  • BucketName parameter: thundercatgitsyncdemo

Optionally set tags or advanced options. Use a least-privilege IAM role for deployments. Review and submit the stack.

Step 6: Review and Sync

After submitting:

  • The stack may initially show a failed state—this is expected.
  • Go to GitHub and merge the pull request AWS created
  • Once merged, AWS will pick it up and deploy the stack

You’ve now successfully set up your GitSync pipeline!

Step 7: Make Changes and Auto-Deploy

Let’s test the automation:

  1. Pull the latest changes:
git pull origin
  1. Add a tag to your S3 bucket in GitSyncDemo.yaml:
Tags:
  - Key: GitTest
    Value: ItWorks
  1. Push your changes:
git add GitSyncDemo.yaml
git commit -m "Added GitTest Tags"
git push origin main

CloudFormation will detect the update and redeploy automatically.

IAM Permissions Required for GitSync

Ensure your IAM role has the following permissions:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "cloudformation:*",
        "codestar-connections:*",
        "iam:PassRole",
        "iam:CreateRole",
        "iam:GetRole",
        "iam:AttachRolePolicy",
        "codepipeline:*",
        "codebuild:*"
      ],
      "Resource": "*"
    }
  ]
}

Final Thoughts

AWS CloudFormation GitSync bridges the gap between code and infrastructure by enabling automated deployments directly from your GitHub repository. It simplifies change management, encourages best practices like version control, and reduces the potential for manual errors.

Whether you’re a solo developer or part of a larger DevOps team, GitSync helps ensure that infrastructure changes are traceable, repeatable, and seamlessly integrated into your development workflow.

Now that you’ve seen how easy it is to set up, give it a try—and watch your infrastructure evolve with every commit.

Jonathan Lackey
Field CTO, ThunderCat Technology