SAM模板与CloudFormation模板的差异及SAM的应用价值疑问
Great question—let’s unpack this clearly, since it’s a common point of confusion for folks getting started with AWS serverless.
1. Core Relationship: SAM is a Superset of CloudFormation
First things first: AWS Serverless Application Model (SAM) isn’t a replacement for CloudFormation—it’s an extension built specifically for serverless workloads. When you deploy a SAM template, AWS converts it behind the scenes into a standard CloudFormation template before deploying your resources. So SAM inherits all of CloudFormation’s capabilities, plus adds serverless-specific shortcuts and features.
2. Syntax Differences: Simplified for Serverless
The biggest visible difference is how you define serverless resources like Lambda functions, API Gateways, or Step Functions. SAM uses dedicated resource types (like AWS::Serverless::Function) that wrap the verbose CloudFormation equivalents, cutting down on boilerplate code.
Example: Defining a Lambda Function
CloudFormation (Verbose)
You have to explicitly define the Lambda function and its associated IAM role (even for basic execution permissions):
Resources: MyLambda: Type: AWS::Lambda::Function Properties: Handler: index.handler Runtime: nodejs18.x Code: S3Bucket: my-code-bucket S3Key: lambda-package.zip Role: !GetAtt MyLambdaRole.Arn MyLambdaRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: lambda.amazonaws.com Action: sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
SAM (Simplified)
SAM rolls the role definition into the function itself using the Policies property, eliminating the need for a separate IAM resource:
Resources: MyLambda: Type: AWS::Serverless::Function Properties: Handler: index.handler Runtime: nodejs18.x CodeUri: s3://my-code-bucket/lambda-package.zip Policies: AWSLambdaBasicExecutionRole
Example: Adding an API Gateway Trigger
CloudFormation (Complex)
You’d need to define the RestApi, Resource, Method, and Integration separately—easily 10+ lines of code for a single endpoint.
SAM (One Block)
Just add an Events section directly to your Lambda function:
Resources: MyLambda: Type: AWS::Serverless::Function Properties: Handler: index.handler Runtime: nodejs18.x CodeUri: s3://my-code-bucket/lambda-package.zip Policies: AWSLambdaBasicExecutionRole Events: HelloApi: Type: Api Properties: Path: /hello Method: get
3. Why Bother with SAM? It’s All About Efficiency
Sure, you can define Lambda functions in plain CloudFormation—but SAM solves real pain points for serverless developers:
- Less boilerplate: Cut down on repetitive resource definitions (like IAM roles) that are standard for serverless workloads.
- Built-in best practices: SAM automatically applies AWS-recommended configurations (e.g., secure Lambda execution roles, optimized API Gateway settings).
- Local development & testing: The SAM CLI lets you run Lambda functions, API Gateways, and even DynamoDB locally, so you can test without deploying to AWS every time.
- Automated packaging: SAM CLI handles bundling your code (including dependencies like Python
pippackages or Node.jsnpmmodules) and uploading it to S3—no manual zip files required. - Serverless-specific patterns: SAM includes pre-built patterns for common use cases (e.g., HTTP APIs, event-driven workflows, Lambda layers) that would take hours to build in plain CloudFormation.
4. Is Plain CloudFormation "Enough"?
Technically, yes—you can build any serverless application with CloudFormation alone. But it’s like using a hammer to assemble an IKEA bookshelf: it works, but you’ll spend way more time and effort than necessary.
If you’re only working with simple, one-off Lambda functions, CloudFormation might suffice. But for any non-trivial serverless app (multiple functions, event sources, databases, etc.), SAM will save you hours of writing repetitive code and troubleshooting configuration issues. Plus, SAM is fully compatible with CloudFormation—you can mix SAM resources with standard CloudFormation resources (like AWS::DynamoDB::Table) in the same template if you need to.
内容的提问来源于stack exchange,提问作者Schleir
