There are a few best practices that you can follow while creating and storing your templates:
- Never embed credentials into the template; use input parameters to pass sensitive information to your environment.
- Be specific when providing access to any user to CloudFormation because modifying/deleting a CloudFormation stack can lead to unexpected disasters.
- Use the service role's policy to make calls instead of the user's policy.
- You can also store templates in a source repository such as GitHub or SVN and use the same template to replicate the environment in other regions.
- Make sure the resources you specify in the template don't hit the resource limit, otherwise your stack creation will fail.
- Always validate the template before ...