Understanding AWS Cloudformation StackSets
Chinonso Amadi
Posted on December 25, 2022
AWS CloudFormation StackSets enable you to create and manage CloudFormation stacks in multiple accounts and regions from a single CloudFormation template. This can be useful for deploying infrastructure and applications to multiple accounts or regions in a standardized and automated way.
In order to use StackSets, you need to have the necessary permissions in all of the target accounts and regions. You also need to create a CloudFormation template that defines the resources that you want to create in each target account and region.
Here is an example CloudFormation template that creates an Amazon S3 bucket in each target account and region:
AWSTemplateFormatVersion: '2010-09-09'
Description: Create an S3 bucket in each target account and region
Resources:
S3Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: my-bucket
VersioningConfiguration:
Status: Enabled
To create a StackSet, you can use the AWS Management Console, the AWS CLI, or the CloudFormation API. Here is an example of how to create a StackSet using the AWS CLI:
aws cloudformation create-stack-set \
--stack-set-name my-stack-set \
--template-body file://template.yaml \
--administration-role-arn arn:aws:iam::123456789012:role/AWSCloudFormationStackSetAdministrationRole \
--execution-role-name AWSCloudFormationStackSetExecutionRole
This command creates a StackSet with the name "my-stack-set" using the template in the file "template.yaml". The "administration role" is used to manage the StackSet, and the "execution role" is used to create and manage the stacks in the target accounts and regions.
To deploy a stack from the StackSet to a target account and region, you can use the "create-stack-instances" command:
aws cloudformation create-stack-instances \
--stack-set-name my-stack-set \
--accounts 123456789012 345678901234 \
--regions us-east-1 us-west-2 \
--operation-preferences FailureToleranceCount=1 MaxConcurrentCount=2
This command creates stack instances of the StackSet in the specified accounts and regions, using the specified failure tolerance and concurrency settings.
You can also use CloudFormation StackSets to update or delete stacks in multiple accounts and regions. For example, you can use the "update-stack-set" command to update the CloudFormation template or parameters of the StackSet, and the "update-stack-instances" command to update the stacks in the target accounts and regions.
In summary, AWS CloudFormation StackSets provide a convenient way to deploy infrastructure and applications to multiple accounts and regions in a standardized and automated way. They can be managed using the AWS Management Console, the AWS CLI, or the CloudFormation API.
Posted on December 25, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.