Skip to main content

stack_sets

Creates, updates, deletes or gets a stack_set resource or lists stack_sets in a region

Overview

Namestack_sets
TypeResource
DescriptionStackSet as a resource provides one-click experience for provisioning a StackSet and StackInstances
Idawscc.cloudformation.stack_sets

Fields

NameDatatypeDescription
stack_set_namestringThe name to associate with the stack set. The name must be unique in the Region where you create your stack set.
stack_set_idstringThe ID of the stack set that you're creating.
administration_role_arnstringThe Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.
auto_deploymentobjectDescribes whether StackSets automatically deploys to AWS Organizations accounts that are added to the target organization or organizational unit (OU). Specify only if PermissionModel is SERVICE_MANAGED.
capabilitiesarrayIn some cases, you must explicitly acknowledge that your stack set template contains certain capabilities in order for AWS CloudFormation to create the stack set and related stack instances.
descriptionstringA description of the stack set. You can use the description to identify the stack set's purpose or other important information.
execution_role_namestringThe name of the IAM execution role to use to create the stack set. If you do not specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation.
operation_preferencesobjectThe user-specified preferences for how AWS CloudFormation performs a stack set operation.
stack_instances_grouparrayA group of stack instances with parameters in some specific accounts and regions.
parametersarrayThe input parameters for the stack set template.
permission_modelstringDescribes how the IAM roles required for stack set operations are created. By default, SELF-MANAGED is specified.
tagsarrayThe key-value pairs to associate with this stack set and the stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the stacks. A maximum number of 50 tags can be specified.
template_bodystringThe structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.
template_urlstringLocation of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that is located in an Amazon S3 bucket.
call_asstringSpecifies the AWS account that you are acting from. By default, SELF is specified. For self-managed permissions, specify SELF; for service-managed permissions, if you are signed in to the organization's management account, specify SELF. If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
managed_executionobjectDescribes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
regionstringAWS region.

For more information, see AWS::CloudFormation::StackSet.

Methods

NameResourceAccessible byRequired Params
create_resourcestack_setsINSERTStackSetName, PermissionModel, region
delete_resourcestack_setsDELETEIdentifier, region
update_resourcestack_setsUPDATEIdentifier, PatchDocument, region
list_resourcesstack_sets_list_onlySELECTregion
get_resourcestack_setsSELECTIdentifier, region

SELECT examples

Gets all properties from an individual stack_set.

SELECT
  region,
  stack_set_name,
  stack_set_id,
  administration_role_arn,
  auto_deployment,
  capabilities,
  description,
  execution_role_name,
  operation_preferences,
  stack_instances_group,
  parameters,
  permission_model,
  tags,
  template_body,
  template_url,
  call_as,
  managed_execution
FROM awscc.cloudformation.stack_sets
WHERE
  region = 'us-east-1' AND
  Identifier = '{{ stack_set_id }}';

INSERT example

Use the following StackQL query and manifest file to create a new stack_set resource, using stack-deploy.

/*+ create */
INSERT INTO awscc.cloudformation.stack_sets (
  StackSetName,
  PermissionModel,
  region
)
SELECT
  '{{ stack_set_name }}',
  '{{ permission_model }}',
  '{{ region }}';

UPDATE example

Use the following StackQL query and manifest file to update a stack_set resource, using stack-deploy.

/*+ update */
UPDATE awscc.cloudformation.stack_sets
SET PatchDocument = string('{{ {
    "AdministrationRoleARN": administration_role_arn,
    "AutoDeployment": auto_deployment,
    "Capabilities": capabilities,
    "Description": description,
    "ExecutionRoleName": execution_role_name,
    "OperationPreferences": operation_preferences,
    "StackInstancesGroup": stack_instances_group,
    "Parameters": parameters,
    "Tags": tags,
    "TemplateBody": template_body,
    "TemplateURL": template_url,
    "CallAs": call_as,
    "ManagedExecution": managed_execution
} | generate_patch_document }}')
WHERE
  region = '{{ region }}' AND
  Identifier = '{{ stack_set_id }}';

DELETE example

/*+ delete */
DELETE FROM awscc.cloudformation.stack_sets
WHERE
  Identifier = '{{ stack_set_id }}' AND
  region = 'us-east-1';

Permissions

To operate on the stack_sets resource, the following permissions are required:

cloudformation:GetTemplateSummary,
cloudformation:CreateStackSet,
cloudformation:CreateStackInstances,
cloudformation:DescribeStackSetOperation,
cloudformation:ListStackSetOperationResults,
cloudformation:TagResource,
iam:PassRole