AWS Classic

Pulumi Official
Package maintained by Pulumi
v5.10.0 published on Monday, Jul 11, 2022 by Pulumi

StackSet

Manages a CloudFormation StackSet. StackSets allow CloudFormation templates to be easily deployed across multiple accounts and regions via StackSet Instances (aws.cloudformation.StackSetInstance resource). Additional information about StackSets can be found in the AWS CloudFormation User Guide.

NOTE: All template parameters, including those with a Default, must be configured or ignored with the lifecycle configuration block ignore_changes argument.

NOTE: All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
        {
            Statements = 
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
                {
                    Actions = 
                    {
                        "sts:AssumeRole",
                    },
                    Effect = "Allow",
                    Principals = 
                    {
                        new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs
                        {
                            Identifiers = 
                            {
                                "cloudformation.amazonaws.com",
                            },
                            Type = "Service",
                        },
                    },
                },
            },
        }));
        var aWSCloudFormationStackSetAdministrationRole = new Aws.Iam.Role("aWSCloudFormationStackSetAdministrationRole", new Aws.Iam.RoleArgs
        {
            AssumeRolePolicy = aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Apply(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy => aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Json),
        });
        var example = new Aws.CloudFormation.StackSet("example", new Aws.CloudFormation.StackSetArgs
        {
            AdministrationRoleArn = aWSCloudFormationStackSetAdministrationRole.Arn,
            Parameters = 
            {
                { "VPCCidr", "10.0.0.0/16" },
            },
            TemplateBody = @"{
  ""Parameters"" : {
    ""VPCCidr"" : {
      ""Type"" : ""String"",
      ""Default"" : ""10.0.0.0/16"",
      ""Description"" : ""Enter the CIDR block for the VPC. Default is 10.0.0.0/16.""
    }
  },
  ""Resources"" : {
    ""myVpc"": {
      ""Type"" : ""AWS::EC2::VPC"",
      ""Properties"" : {
        ""CidrBlock"" : { ""Ref"" : ""VPCCidr"" },
        ""Tags"" : [
          {""Key"": ""Name"", ""Value"": ""Primary_CF_VPC""}
        ]
      }
    }
  }
}
",
        });
        var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new Aws.Iam.GetPolicyDocumentInvokeArgs
        {
            Statements = 
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Actions = 
                    {
                        "sts:AssumeRole",
                    },
                    Effect = "Allow",
                    Resources = 
                    {
                        example.ExecutionRoleName.Apply(executionRoleName => $"arn:aws:iam::*:role/{executionRoleName}"),
                    },
                },
            },
        });
        var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new Aws.Iam.RolePolicy("aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy", new Aws.Iam.RolePolicyArgs
        {
            Policy = aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.Apply(aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument => aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.Json),
            Role = aWSCloudFormationStackSetAdministrationRole.Name,
        });
    }

}
package main

import (
	"fmt"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudformation"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"sts:AssumeRole",
					},
					Effect: pulumi.StringRef("Allow"),
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						iam.GetPolicyDocumentStatementPrincipal{
							Identifiers: []string{
								"cloudformation.amazonaws.com",
							},
							Type: "Service",
						},
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		aWSCloudFormationStackSetAdministrationRole, err := iam.NewRole(ctx, "aWSCloudFormationStackSetAdministrationRole", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.String(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Json),
		})
		if err != nil {
			return err
		}
		example, err := cloudformation.NewStackSet(ctx, "example", &cloudformation.StackSetArgs{
			AdministrationRoleArn: aWSCloudFormationStackSetAdministrationRole.Arn,
			Parameters: pulumi.StringMap{
				"VPCCidr": pulumi.String("10.0.0.0/16"),
			},
			TemplateBody: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Parameters\" : {\n", "    \"VPCCidr\" : {\n", "      \"Type\" : \"String\",\n", "      \"Default\" : \"10.0.0.0/16\",\n", "      \"Description\" : \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\"\n", "    }\n", "  },\n", "  \"Resources\" : {\n", "    \"myVpc\": {\n", "      \"Type\" : \"AWS::EC2::VPC\",\n", "      \"Properties\" : {\n", "        \"CidrBlock\" : { \"Ref\" : \"VPCCidr\" },\n", "        \"Tags\" : [\n", "          {\"Key\": \"Name\", \"Value\": \"Primary_CF_VPC\"}\n", "        ]\n", "      }\n", "    }\n", "  }\n", "}\n")),
		})
		if err != nil {
			return err
		}
		aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
			Statements: iam.GetPolicyDocumentStatementArray{
				&iam.GetPolicyDocumentStatementArgs{
					Actions: pulumi.StringArray{
						pulumi.String("sts:AssumeRole"),
					},
					Effect: pulumi.String("Allow"),
					Resources: pulumi.StringArray{
						example.ExecutionRoleName.ApplyT(func(executionRoleName string) (string, error) {
							return fmt.Sprintf("%v%v", "arn:aws:iam::*:role/", executionRoleName), nil
						}).(pulumi.StringOutput),
					},
				},
			},
		}, nil)
		_, err = iam.NewRolePolicy(ctx, "aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy", &iam.RolePolicyArgs{
			Policy: aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.ApplyT(func(aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument iam.GetPolicyDocumentResult) (string, error) {
				return aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.Json, nil
			}).(pulumi.StringOutput),
			Role: aWSCloudFormationStackSetAdministrationRole.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = Output.of(IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .actions("sts:AssumeRole")
                .effect("Allow")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .identifiers("cloudformation.amazonaws.com")
                    .type("Service")
                    .build())
                .build())
            .build()));

        var aWSCloudFormationStackSetAdministrationRole = new Role("aWSCloudFormationStackSetAdministrationRole", RoleArgs.builder()        
            .assumeRolePolicy(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.apply(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());

        var example = new StackSet("example", StackSetArgs.builder()        
            .administrationRoleArn(aWSCloudFormationStackSetAdministrationRole.arn())
            .parameters(Map.of("VPCCidr", "10.0.0.0/16"))
            .templateBody("""
{
  "Parameters" : {
    "VPCCidr" : {
      "Type" : "String",
      "Default" : "10.0.0.0/16",
      "Description" : "Enter the CIDR block for the VPC. Default is 10.0.0.0/16."
    }
  },
  "Resources" : {
    "myVpc": {
      "Type" : "AWS::EC2::VPC",
      "Properties" : {
        "CidrBlock" : { "Ref" : "VPCCidr" },
        "Tags" : [
          {"Key": "Name", "Value": "Primary_CF_VPC"}
        ]
      }
    }
  }
}
            """)
            .build());

        final var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .actions("sts:AssumeRole")
                .effect("Allow")
                .resources(example.executionRoleName().apply(executionRoleName -> String.format("arn:aws:iam::*:role/%s", executionRoleName)))
                .build())
            .build());

        var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new RolePolicy("aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy", RolePolicyArgs.builder()        
            .policy(aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.apply(getPolicyDocumentResult -> getPolicyDocumentResult).apply(aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument -> aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.apply(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
            .role(aWSCloudFormationStackSetAdministrationRole.name())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

a_ws_cloud_formation_stack_set_administration_role_assume_role_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    actions=["sts:AssumeRole"],
    effect="Allow",
    principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
        identifiers=["cloudformation.amazonaws.com"],
        type="Service",
    )],
)])
a_ws_cloud_formation_stack_set_administration_role = aws.iam.Role("aWSCloudFormationStackSetAdministrationRole", assume_role_policy=a_ws_cloud_formation_stack_set_administration_role_assume_role_policy.json)
example = aws.cloudformation.StackSet("example",
    administration_role_arn=a_ws_cloud_formation_stack_set_administration_role.arn,
    parameters={
        "VPCCidr": "10.0.0.0/16",
    },
    template_body="""{
  "Parameters" : {
    "VPCCidr" : {
      "Type" : "String",
      "Default" : "10.0.0.0/16",
      "Description" : "Enter the CIDR block for the VPC. Default is 10.0.0.0/16."
    }
  },
  "Resources" : {
    "myVpc": {
      "Type" : "AWS::EC2::VPC",
      "Properties" : {
        "CidrBlock" : { "Ref" : "VPCCidr" },
        "Tags" : [
          {"Key": "Name", "Value": "Primary_CF_VPC"}
        ]
      }
    }
  }
}
""")
a_ws_cloud_formation_stack_set_administration_role_execution_policy_policy_document = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    actions=["sts:AssumeRole"],
    effect="Allow",
    resources=[example.execution_role_name.apply(lambda execution_role_name: f"arn:aws:iam::*:role/{execution_role_name}")],
)])
a_ws_cloud_formation_stack_set_administration_role_execution_policy_role_policy = aws.iam.RolePolicy("aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy",
    policy=a_ws_cloud_formation_stack_set_administration_role_execution_policy_policy_document.json,
    role=a_ws_cloud_formation_stack_set_administration_role.name)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = aws.iam.getPolicyDocument({
    statements: [{
        actions: ["sts:AssumeRole"],
        effect: "Allow",
        principals: [{
            identifiers: ["cloudformation.amazonaws.com"],
            type: "Service",
        }],
    }],
});
const aWSCloudFormationStackSetAdministrationRole = new aws.iam.Role("aWSCloudFormationStackSetAdministrationRole", {assumeRolePolicy: aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.then(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy => aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json)});
const example = new aws.cloudformation.StackSet("example", {
    administrationRoleArn: aWSCloudFormationStackSetAdministrationRole.arn,
    parameters: {
        VPCCidr: "10.0.0.0/16",
    },
    templateBody: `{
  "Parameters" : {
    "VPCCidr" : {
      "Type" : "String",
      "Default" : "10.0.0.0/16",
      "Description" : "Enter the CIDR block for the VPC. Default is 10.0.0.0/16."
    }
  },
  "Resources" : {
    "myVpc": {
      "Type" : "AWS::EC2::VPC",
      "Properties" : {
        "CidrBlock" : { "Ref" : "VPCCidr" },
        "Tags" : [
          {"Key": "Name", "Value": "Primary_CF_VPC"}
        ]
      }
    }
  }
}
`,
});
const aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument = aws.iam.getPolicyDocumentOutput({
    statements: [{
        actions: ["sts:AssumeRole"],
        effect: "Allow",
        resources: [pulumi.interpolate`arn:aws:iam::*:role/${example.executionRoleName}`],
    }],
});
const aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new aws.iam.RolePolicy("aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy", {
    policy: aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.apply(aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument => aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.json),
    role: aWSCloudFormationStackSetAdministrationRole.name,
});
resources:
  aWSCloudFormationStackSetAdministrationRole:
    type: aws:iam:Role
    properties:
      assumeRolePolicy: ${aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json}
  example:
    type: aws:cloudformation:StackSet
    properties:
      administrationRoleArn: ${aWSCloudFormationStackSetAdministrationRole.arn}
      parameters:
        VPCCidr: 10.0.0.0/16
      templateBody: |
        {
          "Parameters" : {
            "VPCCidr" : {
              "Type" : "String",
              "Default" : "10.0.0.0/16",
              "Description" : "Enter the CIDR block for the VPC. Default is 10.0.0.0/16."
            }
          },
          "Resources" : {
            "myVpc": {
              "Type" : "AWS::EC2::VPC",
              "Properties" : {
                "CidrBlock" : { "Ref" : "VPCCidr" },
                "Tags" : [
                  {"Key": "Name", "Value": "Primary_CF_VPC"}
                ]
              }
            }
          }
        }        
  aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy:
    type: aws:iam:RolePolicy
    properties:
      policy: ${aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.json}
      role: ${aWSCloudFormationStackSetAdministrationRole.name}
variables:
  aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy:
    Fn::Invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - actions:
              - sts:AssumeRole
            effect: Allow
            principals:
              - identifiers:
                  - cloudformation.amazonaws.com
                type: Service
  aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument:
    Fn::Invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - actions:
              - sts:AssumeRole
            effect: Allow
            resources:
              - arn:aws:iam::*:role/${example.executionRoleName}

Create a StackSet Resource

new StackSet(name: string, args?: StackSetArgs, opts?: CustomResourceOptions);
@overload
def StackSet(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             administration_role_arn: Optional[str] = None,
             auto_deployment: Optional[StackSetAutoDeploymentArgs] = None,
             call_as: Optional[str] = None,
             capabilities: Optional[Sequence[str]] = None,
             description: Optional[str] = None,
             execution_role_name: Optional[str] = None,
             name: Optional[str] = None,
             operation_preferences: Optional[StackSetOperationPreferencesArgs] = None,
             parameters: Optional[Mapping[str, str]] = None,
             permission_model: Optional[str] = None,
             tags: Optional[Mapping[str, str]] = None,
             template_body: Optional[str] = None,
             template_url: Optional[str] = None)
@overload
def StackSet(resource_name: str,
             args: Optional[StackSetArgs] = None,
             opts: Optional[ResourceOptions] = None)
func NewStackSet(ctx *Context, name string, args *StackSetArgs, opts ...ResourceOption) (*StackSet, error)
public StackSet(string name, StackSetArgs? args = null, CustomResourceOptions? opts = null)
public StackSet(String name, StackSetArgs args)
public StackSet(String name, StackSetArgs args, CustomResourceOptions options)
type: aws:cloudformation:StackSet
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args StackSetArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args StackSetArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args StackSetArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args StackSetArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args StackSetArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

StackSet Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The StackSet resource accepts the following input properties:

AdministrationRoleArn string

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

AutoDeployment StackSetAutoDeploymentArgs

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

CallAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

Capabilities List<string>

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

Description string

Description of the StackSet.

ExecutionRoleName string

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

Name string

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

OperationPreferences StackSetOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set update.

Parameters Dictionary<string, string>

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

PermissionModel string

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

Tags Dictionary<string, string>

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TemplateBody string

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

TemplateUrl string

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

AdministrationRoleArn string

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

AutoDeployment StackSetAutoDeploymentArgs

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

CallAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

Capabilities []string

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

Description string

Description of the StackSet.

ExecutionRoleName string

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

Name string

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

OperationPreferences StackSetOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set update.

Parameters map[string]string

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

PermissionModel string

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

Tags map[string]string

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TemplateBody string

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

TemplateUrl string

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

administrationRoleArn String

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

autoDeployment StackSetAutoDeploymentArgs

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

callAs String

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

capabilities List<String>

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

description String

Description of the StackSet.

executionRoleName String

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

name String

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

operationPreferences StackSetOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set update.

parameters Map<String,String>

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

permissionModel String

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

tags Map<String,String>

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

templateBody String

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

templateUrl String

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

administrationRoleArn string

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

autoDeployment StackSetAutoDeploymentArgs

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

callAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

capabilities string[]

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

description string

Description of the StackSet.

executionRoleName string

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

name string

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

operationPreferences StackSetOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set update.

parameters {[key: string]: string}

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

permissionModel string

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

tags {[key: string]: string}

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

templateBody string

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

templateUrl string

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

administration_role_arn str

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

auto_deployment StackSetAutoDeploymentArgs

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

call_as str

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

capabilities Sequence[str]

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

description str

Description of the StackSet.

execution_role_name str

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

name str

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

operation_preferences StackSetOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set update.

parameters Mapping[str, str]

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

permission_model str

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

tags Mapping[str, str]

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

template_body str

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

template_url str

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

administrationRoleArn String

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

autoDeployment Property Map

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

callAs String

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

capabilities List<String>

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

description String

Description of the StackSet.

executionRoleName String

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

name String

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

operationPreferences Property Map

Preferences for how AWS CloudFormation performs a stack set update.

parameters Map<String>

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

permissionModel String

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

tags Map<String>

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

templateBody String

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

templateUrl String

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

Outputs

All input properties are implicitly available as output properties. Additionally, the StackSet resource produces the following output properties:

Arn string

Amazon Resource Name (ARN) of the StackSet.

Id string

The provider-assigned unique ID for this managed resource.

StackSetId string

Unique identifier of the StackSet.

TagsAll Dictionary<string, string>

A map of tags assigned to the resource, including those inherited from the provider .

Arn string

Amazon Resource Name (ARN) of the StackSet.

Id string

The provider-assigned unique ID for this managed resource.

StackSetId string

Unique identifier of the StackSet.

TagsAll map[string]string

A map of tags assigned to the resource, including those inherited from the provider .

arn String

Amazon Resource Name (ARN) of the StackSet.

id String

The provider-assigned unique ID for this managed resource.

stackSetId String

Unique identifier of the StackSet.

tagsAll Map<String,String>

A map of tags assigned to the resource, including those inherited from the provider .

arn string

Amazon Resource Name (ARN) of the StackSet.

id string

The provider-assigned unique ID for this managed resource.

stackSetId string

Unique identifier of the StackSet.

tagsAll {[key: string]: string}

A map of tags assigned to the resource, including those inherited from the provider .

arn str

Amazon Resource Name (ARN) of the StackSet.

id str

The provider-assigned unique ID for this managed resource.

stack_set_id str

Unique identifier of the StackSet.

tags_all Mapping[str, str]

A map of tags assigned to the resource, including those inherited from the provider .

arn String

Amazon Resource Name (ARN) of the StackSet.

id String

The provider-assigned unique ID for this managed resource.

stackSetId String

Unique identifier of the StackSet.

tagsAll Map<String>

A map of tags assigned to the resource, including those inherited from the provider .

Look up an Existing StackSet Resource

Get an existing StackSet resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: StackSetState, opts?: CustomResourceOptions): StackSet
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        administration_role_arn: Optional[str] = None,
        arn: Optional[str] = None,
        auto_deployment: Optional[StackSetAutoDeploymentArgs] = None,
        call_as: Optional[str] = None,
        capabilities: Optional[Sequence[str]] = None,
        description: Optional[str] = None,
        execution_role_name: Optional[str] = None,
        name: Optional[str] = None,
        operation_preferences: Optional[StackSetOperationPreferencesArgs] = None,
        parameters: Optional[Mapping[str, str]] = None,
        permission_model: Optional[str] = None,
        stack_set_id: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None,
        template_body: Optional[str] = None,
        template_url: Optional[str] = None) -> StackSet
func GetStackSet(ctx *Context, name string, id IDInput, state *StackSetState, opts ...ResourceOption) (*StackSet, error)
public static StackSet Get(string name, Input<string> id, StackSetState? state, CustomResourceOptions? opts = null)
public static StackSet get(String name, Output<String> id, StackSetState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AdministrationRoleArn string

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

Arn string

Amazon Resource Name (ARN) of the StackSet.

AutoDeployment StackSetAutoDeploymentArgs

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

CallAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

Capabilities List<string>

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

Description string

Description of the StackSet.

ExecutionRoleName string

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

Name string

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

OperationPreferences StackSetOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set update.

Parameters Dictionary<string, string>

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

PermissionModel string

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

StackSetId string

Unique identifier of the StackSet.

Tags Dictionary<string, string>

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll Dictionary<string, string>

A map of tags assigned to the resource, including those inherited from the provider .

TemplateBody string

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

TemplateUrl string

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

AdministrationRoleArn string

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

Arn string

Amazon Resource Name (ARN) of the StackSet.

AutoDeployment StackSetAutoDeploymentArgs

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

CallAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

Capabilities []string

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

Description string

Description of the StackSet.

ExecutionRoleName string

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

Name string

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

OperationPreferences StackSetOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set update.

Parameters map[string]string

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

PermissionModel string

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

StackSetId string

Unique identifier of the StackSet.

Tags map[string]string

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll map[string]string

A map of tags assigned to the resource, including those inherited from the provider .

TemplateBody string

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

TemplateUrl string

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

administrationRoleArn String

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

arn String

Amazon Resource Name (ARN) of the StackSet.

autoDeployment StackSetAutoDeploymentArgs

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

callAs String

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

capabilities List<String>

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

description String

Description of the StackSet.

executionRoleName String

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

name String

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

operationPreferences StackSetOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set update.

parameters Map<String,String>

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

permissionModel String

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

stackSetId String

Unique identifier of the StackSet.

tags Map<String,String>

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String,String>

A map of tags assigned to the resource, including those inherited from the provider .

templateBody String

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

templateUrl String

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

administrationRoleArn string

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

arn string

Amazon Resource Name (ARN) of the StackSet.

autoDeployment StackSetAutoDeploymentArgs

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

callAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

capabilities string[]

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

description string

Description of the StackSet.

executionRoleName string

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

name string

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

operationPreferences StackSetOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set update.

parameters {[key: string]: string}

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

permissionModel string

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

stackSetId string

Unique identifier of the StackSet.

tags {[key: string]: string}

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll {[key: string]: string}

A map of tags assigned to the resource, including those inherited from the provider .

templateBody string

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

templateUrl string

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

administration_role_arn str

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

arn str

Amazon Resource Name (ARN) of the StackSet.

auto_deployment StackSetAutoDeploymentArgs

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

call_as str

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

capabilities Sequence[str]

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

description str

Description of the StackSet.

execution_role_name str

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

name str

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

operation_preferences StackSetOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set update.

parameters Mapping[str, str]

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

permission_model str

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

stack_set_id str

Unique identifier of the StackSet.

tags Mapping[str, str]

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tags_all Mapping[str, str]

A map of tags assigned to the resource, including those inherited from the provider .

template_body str

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

template_url str

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

administrationRoleArn String

Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.

arn String

Amazon Resource Name (ARN) of the StackSet.

autoDeployment Property Map

Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.

callAs String

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

capabilities List<String>

A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.

description String

Description of the StackSet.

executionRoleName String

Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.

name String

Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

operationPreferences Property Map

Preferences for how AWS CloudFormation performs a stack set update.

parameters Map<String>

Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

permissionModel String

Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.

stackSetId String

Unique identifier of the StackSet.

tags Map<String>

Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String>

A map of tags assigned to the resource, including those inherited from the provider .

templateBody String

String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.

templateUrl String

String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

Supporting Types

StackSetAutoDeployment

Enabled bool

Whether or not auto-deployment is enabled.

RetainStacksOnAccountRemoval bool

Whether or not to retain stacks when the account is removed.

Enabled bool

Whether or not auto-deployment is enabled.

RetainStacksOnAccountRemoval bool

Whether or not to retain stacks when the account is removed.

enabled Boolean

Whether or not auto-deployment is enabled.

retainStacksOnAccountRemoval Boolean

Whether or not to retain stacks when the account is removed.

enabled boolean

Whether or not auto-deployment is enabled.

retainStacksOnAccountRemoval boolean

Whether or not to retain stacks when the account is removed.

enabled bool

Whether or not auto-deployment is enabled.

retain_stacks_on_account_removal bool

Whether or not to retain stacks when the account is removed.

enabled Boolean

Whether or not auto-deployment is enabled.

retainStacksOnAccountRemoval Boolean

Whether or not to retain stacks when the account is removed.

StackSetOperationPreferences

FailureToleranceCount int

The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.

FailureTolerancePercentage int

The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.

MaxConcurrentCount int

The maximum number of accounts in which to perform this operation at one time.

MaxConcurrentPercentage int

The maximum percentage of accounts in which to perform this operation at one time.

RegionConcurrencyType string

The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.

RegionOrders List<string>

The order of the Regions in where you want to perform the stack operation.

FailureToleranceCount int

The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.

FailureTolerancePercentage int

The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.

MaxConcurrentCount int

The maximum number of accounts in which to perform this operation at one time.

MaxConcurrentPercentage int

The maximum percentage of accounts in which to perform this operation at one time.

RegionConcurrencyType string

The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.

RegionOrders []string

The order of the Regions in where you want to perform the stack operation.

failureToleranceCount Integer

The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.

failureTolerancePercentage Integer

The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.

maxConcurrentCount Integer

The maximum number of accounts in which to perform this operation at one time.

maxConcurrentPercentage Integer

The maximum percentage of accounts in which to perform this operation at one time.

regionConcurrencyType String

The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.

regionOrders List<String>

The order of the Regions in where you want to perform the stack operation.

failureToleranceCount number

The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.

failureTolerancePercentage number

The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.

maxConcurrentCount number

The maximum number of accounts in which to perform this operation at one time.

maxConcurrentPercentage number

The maximum percentage of accounts in which to perform this operation at one time.

regionConcurrencyType string

The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.

regionOrders string[]

The order of the Regions in where you want to perform the stack operation.

failure_tolerance_count int

The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.

failure_tolerance_percentage int

The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.

max_concurrent_count int

The maximum number of accounts in which to perform this operation at one time.

max_concurrent_percentage int

The maximum percentage of accounts in which to perform this operation at one time.

region_concurrency_type str

The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.

region_orders Sequence[str]

The order of the Regions in where you want to perform the stack operation.

failureToleranceCount Number

The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.

failureTolerancePercentage Number

The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.

maxConcurrentCount Number

The maximum number of accounts in which to perform this operation at one time.

maxConcurrentPercentage Number

The maximum percentage of accounts in which to perform this operation at one time.

regionConcurrencyType String

The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.

regionOrders List<String>

The order of the Regions in where you want to perform the stack operation.

Import

CloudFormation StackSets can be imported using the name, e.g.,

 $ pulumi import aws:cloudformation/stackSet:StackSet example example

Package Details

Repository
https://github.com/pulumi/pulumi-aws
License
Apache-2.0
Notes

This Pulumi package is based on the aws Terraform Provider.