AWS Classic

Pulumi Official
Package maintained by Pulumi
v5.10.0 published on Monday, Jul 11, 2022 by Pulumi

StackSetInstance

Manages a CloudFormation StackSet Instance. Instances are managed in the account and region of the StackSet after the target account permissions have been configured. Additional information about StackSets can be found in the AWS CloudFormation User Guide.

NOTE: All target accounts must have an IAM Role created that matches the name of the execution role configured in the StackSet (the execution_role_name argument in the aws.cloudformation.StackSet resource) in a trust relationship with the administrative account or administration IAM Role. The execution role must have appropriate permissions to manage resources defined in the template along with those required for StackSets to operate. See the AWS CloudFormation User Guide for more details.

NOTE: To retain the Stack during resource destroy, ensure retain_stack has been set to true in the state first. This must be completed before a deployment that would destroy the resource.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var example = new Aws.CloudFormation.StackSetInstance("example", new Aws.CloudFormation.StackSetInstanceArgs
        {
            AccountId = "123456789012",
            Region = "us-east-1",
            StackSetName = aws_cloudformation_stack_set.Example.Name,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudformation"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudformation.NewStackSetInstance(ctx, "example", &cloudformation.StackSetInstanceArgs{
			AccountId:    pulumi.String("123456789012"),
			Region:       pulumi.String("us-east-1"),
			StackSetName: pulumi.Any(aws_cloudformation_stack_set.Example.Name),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new StackSetInstance("example", StackSetInstanceArgs.builder()        
            .accountId("123456789012")
            .region("us-east-1")
            .stackSetName(aws_cloudformation_stack_set.example().name())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

example = aws.cloudformation.StackSetInstance("example",
    account_id="123456789012",
    region="us-east-1",
    stack_set_name=aws_cloudformation_stack_set["example"]["name"])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.cloudformation.StackSetInstance("example", {
    accountId: "123456789012",
    region: "us-east-1",
    stackSetName: aws_cloudformation_stack_set.example.name,
});
resources:
  example:
    type: aws:cloudformation:StackSetInstance
    properties:
      accountId: 123456789012
      region: us-east-1
      stackSetName: ${aws_cloudformation_stack_set.example.name}

Example IAM Setup in Target Account

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
        {
            Statements = 
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
                {
                    Actions = 
                    {
                        "sts:AssumeRole",
                    },
                    Effect = "Allow",
                    Principals = 
                    {
                        new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs
                        {
                            Identifiers = 
                            {
                                aws_iam_role.AWSCloudFormationStackSetAdministrationRole.Arn,
                            },
                            Type = "AWS",
                        },
                    },
                },
            },
        }));
        var aWSCloudFormationStackSetExecutionRole = new Aws.Iam.Role("aWSCloudFormationStackSetExecutionRole", new Aws.Iam.RoleArgs
        {
            AssumeRolePolicy = aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.Apply(aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy => aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.Json),
        });
        var aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
        {
            Statements = 
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
                {
                    Actions = 
                    {
                        "cloudformation:*",
                        "s3:*",
                        "sns:*",
                    },
                    Effect = "Allow",
                    Resources = 
                    {
                        "*",
                    },
                },
            },
        }));
        var aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy = new Aws.Iam.RolePolicy("aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy", new Aws.Iam.RolePolicyArgs
        {
            Policy = aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument.Apply(aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument => aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument.Json),
            Role = aWSCloudFormationStackSetExecutionRole.Name,
        });
    }

}

Coming soon!

package generated_program;

import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy = Output.of(IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .actions("sts:AssumeRole")
                .effect("Allow")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .identifiers(aws_iam_role.AWSCloudFormationStackSetAdministrationRole().arn())
                    .type("AWS")
                    .build())
                .build())
            .build()));

        var aWSCloudFormationStackSetExecutionRole = new Role("aWSCloudFormationStackSetExecutionRole", RoleArgs.builder()        
            .assumeRolePolicy(aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.apply(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());

        final var aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument = Output.of(IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .actions(                
                    "cloudformation:*",
                    "s3:*",
                    "sns:*")
                .effect("Allow")
                .resources("*")
                .build())
            .build()));

        var aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy = new RolePolicy("aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy", RolePolicyArgs.builder()        
            .policy(aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument.apply(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .role(aWSCloudFormationStackSetExecutionRole.name())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

a_ws_cloud_formation_stack_set_execution_role_assume_role_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    actions=["sts:AssumeRole"],
    effect="Allow",
    principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
        identifiers=[aws_iam_role["AWSCloudFormationStackSetAdministrationRole"]["arn"]],
        type="AWS",
    )],
)])
a_ws_cloud_formation_stack_set_execution_role = aws.iam.Role("aWSCloudFormationStackSetExecutionRole", assume_role_policy=a_ws_cloud_formation_stack_set_execution_role_assume_role_policy.json)
a_ws_cloud_formation_stack_set_execution_role_minimum_execution_policy_policy_document = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    actions=[
        "cloudformation:*",
        "s3:*",
        "sns:*",
    ],
    effect="Allow",
    resources=["*"],
)])
a_ws_cloud_formation_stack_set_execution_role_minimum_execution_policy_role_policy = aws.iam.RolePolicy("aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy",
    policy=a_ws_cloud_formation_stack_set_execution_role_minimum_execution_policy_policy_document.json,
    role=a_ws_cloud_formation_stack_set_execution_role.name)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy = aws.iam.getPolicyDocument({
    statements: [{
        actions: ["sts:AssumeRole"],
        effect: "Allow",
        principals: [{
            identifiers: [aws_iam_role.AWSCloudFormationStackSetAdministrationRole.arn],
            type: "AWS",
        }],
    }],
});
const aWSCloudFormationStackSetExecutionRole = new aws.iam.Role("aWSCloudFormationStackSetExecutionRole", {assumeRolePolicy: aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.then(aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy => aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.json)});
const aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument = aws.iam.getPolicyDocument({
    statements: [{
        actions: [
            "cloudformation:*",
            "s3:*",
            "sns:*",
        ],
        effect: "Allow",
        resources: ["*"],
    }],
});
const aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy = new aws.iam.RolePolicy("aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy", {
    policy: aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument.then(aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument => aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument.json),
    role: aWSCloudFormationStackSetExecutionRole.name,
});
resources:
  aWSCloudFormationStackSetExecutionRole:
    type: aws:iam:Role
    properties:
      assumeRolePolicy: ${aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.json}
  aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy:
    type: aws:iam:RolePolicy
    properties:
      policy: ${aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument.json}
      role: ${aWSCloudFormationStackSetExecutionRole.name}
variables:
  aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy:
    Fn::Invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - actions:
              - sts:AssumeRole
            effect: Allow
            principals:
              - identifiers:
                  - ${aws_iam_role.AWSCloudFormationStackSetAdministrationRole.arn}
                type: AWS
  aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument:
    Fn::Invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - actions:
              - cloudformation:*
              - s3:*
              - sns:*
            effect: Allow
            resources:
              - '*'

Example Deployment across Organizations account

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var example = new Aws.CloudFormation.StackSetInstance("example", new Aws.CloudFormation.StackSetInstanceArgs
        {
            DeploymentTargets = new Aws.CloudFormation.Inputs.StackSetInstanceDeploymentTargetsArgs
            {
                OrganizationalUnitIds = 
                {
                    aws_organizations_organization.Example.Roots[0].Id,
                },
            },
            Region = "us-east-1",
            StackSetName = aws_cloudformation_stack_set.Example.Name,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudformation"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudformation.NewStackSetInstance(ctx, "example", &cloudformation.StackSetInstanceArgs{
			DeploymentTargets: &cloudformation.StackSetInstanceDeploymentTargetsArgs{
				OrganizationalUnitIds: pulumi.StringArray{
					pulumi.Any(aws_organizations_organization.Example.Roots[0].Id),
				},
			},
			Region:       pulumi.String("us-east-1"),
			StackSetName: pulumi.Any(aws_cloudformation_stack_set.Example.Name),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new StackSetInstance("example", StackSetInstanceArgs.builder()        
            .deploymentTargets(StackSetInstanceDeploymentTargetsArgs.builder()
                .organizationalUnitIds(aws_organizations_organization.example().roots()[0].id())
                .build())
            .region("us-east-1")
            .stackSetName(aws_cloudformation_stack_set.example().name())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

example = aws.cloudformation.StackSetInstance("example",
    deployment_targets=aws.cloudformation.StackSetInstanceDeploymentTargetsArgs(
        organizational_unit_ids=[aws_organizations_organization["example"]["roots"][0]["id"]],
    ),
    region="us-east-1",
    stack_set_name=aws_cloudformation_stack_set["example"]["name"])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.cloudformation.StackSetInstance("example", {
    deploymentTargets: {
        organizationalUnitIds: [aws_organizations_organization.example.roots[0].id],
    },
    region: "us-east-1",
    stackSetName: aws_cloudformation_stack_set.example.name,
});
resources:
  example:
    type: aws:cloudformation:StackSetInstance
    properties:
      deploymentTargets:
        organizationalUnitIds:
          - ${aws_organizations_organization.example.roots[0].id}
      region: us-east-1
      stackSetName: ${aws_cloudformation_stack_set.example.name}

Create a StackSetInstance Resource

new StackSetInstance(name: string, args: StackSetInstanceArgs, opts?: CustomResourceOptions);
@overload
def StackSetInstance(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     account_id: Optional[str] = None,
                     call_as: Optional[str] = None,
                     deployment_targets: Optional[StackSetInstanceDeploymentTargetsArgs] = None,
                     operation_preferences: Optional[StackSetInstanceOperationPreferencesArgs] = None,
                     parameter_overrides: Optional[Mapping[str, str]] = None,
                     region: Optional[str] = None,
                     retain_stack: Optional[bool] = None,
                     stack_set_name: Optional[str] = None)
@overload
def StackSetInstance(resource_name: str,
                     args: StackSetInstanceArgs,
                     opts: Optional[ResourceOptions] = None)
func NewStackSetInstance(ctx *Context, name string, args StackSetInstanceArgs, opts ...ResourceOption) (*StackSetInstance, error)
public StackSetInstance(string name, StackSetInstanceArgs args, CustomResourceOptions? opts = null)
public StackSetInstance(String name, StackSetInstanceArgs args)
public StackSetInstance(String name, StackSetInstanceArgs args, CustomResourceOptions options)
type: aws:cloudformation:StackSetInstance
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args StackSetInstanceArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args StackSetInstanceArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args StackSetInstanceArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args StackSetInstanceArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args StackSetInstanceArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

StackSetInstance Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The StackSetInstance resource accepts the following input properties:

StackSetName string

Name of the StackSet.

AccountId string

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

CallAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

DeploymentTargets StackSetInstanceDeploymentTargetsArgs

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

OperationPreferences StackSetInstanceOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set operation.

ParameterOverrides Dictionary<string, string>

Key-value map of input parameters to override from the StackSet for this Instance.

Region string

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

RetainStack bool

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

StackSetName string

Name of the StackSet.

AccountId string

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

CallAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

DeploymentTargets StackSetInstanceDeploymentTargetsArgs

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

OperationPreferences StackSetInstanceOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set operation.

ParameterOverrides map[string]string

Key-value map of input parameters to override from the StackSet for this Instance.

Region string

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

RetainStack bool

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

stackSetName String

Name of the StackSet.

accountId String

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

callAs String

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

deploymentTargets StackSetInstanceDeploymentTargetsArgs

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

operationPreferences StackSetInstanceOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set operation.

parameterOverrides Map<String,String>

Key-value map of input parameters to override from the StackSet for this Instance.

region String

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

retainStack Boolean

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

stackSetName string

Name of the StackSet.

accountId string

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

callAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

deploymentTargets StackSetInstanceDeploymentTargetsArgs

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

operationPreferences StackSetInstanceOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set operation.

parameterOverrides {[key: string]: string}

Key-value map of input parameters to override from the StackSet for this Instance.

region string

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

retainStack boolean

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

stack_set_name str

Name of the StackSet.

account_id str

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

call_as str

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

deployment_targets StackSetInstanceDeploymentTargetsArgs

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

operation_preferences StackSetInstanceOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set operation.

parameter_overrides Mapping[str, str]

Key-value map of input parameters to override from the StackSet for this Instance.

region str

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

retain_stack bool

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

stackSetName String

Name of the StackSet.

accountId String

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

callAs String

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

deploymentTargets Property Map

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

operationPreferences Property Map

Preferences for how AWS CloudFormation performs a stack set operation.

parameterOverrides Map<String>

Key-value map of input parameters to override from the StackSet for this Instance.

region String

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

retainStack Boolean

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

Outputs

All input properties are implicitly available as output properties. Additionally, the StackSetInstance resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

OrganizationalUnitId string

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

StackId string

Stack identifier

Id string

The provider-assigned unique ID for this managed resource.

OrganizationalUnitId string

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

StackId string

Stack identifier

id String

The provider-assigned unique ID for this managed resource.

organizationalUnitId String

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

stackId String

Stack identifier

id string

The provider-assigned unique ID for this managed resource.

organizationalUnitId string

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

stackId string

Stack identifier

id str

The provider-assigned unique ID for this managed resource.

organizational_unit_id str

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

stack_id str

Stack identifier

id String

The provider-assigned unique ID for this managed resource.

organizationalUnitId String

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

stackId String

Stack identifier

Look up an Existing StackSetInstance Resource

Get an existing StackSetInstance resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: StackSetInstanceState, opts?: CustomResourceOptions): StackSetInstance
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_id: Optional[str] = None,
        call_as: Optional[str] = None,
        deployment_targets: Optional[StackSetInstanceDeploymentTargetsArgs] = None,
        operation_preferences: Optional[StackSetInstanceOperationPreferencesArgs] = None,
        organizational_unit_id: Optional[str] = None,
        parameter_overrides: Optional[Mapping[str, str]] = None,
        region: Optional[str] = None,
        retain_stack: Optional[bool] = None,
        stack_id: Optional[str] = None,
        stack_set_name: Optional[str] = None) -> StackSetInstance
func GetStackSetInstance(ctx *Context, name string, id IDInput, state *StackSetInstanceState, opts ...ResourceOption) (*StackSetInstance, error)
public static StackSetInstance Get(string name, Input<string> id, StackSetInstanceState? state, CustomResourceOptions? opts = null)
public static StackSetInstance get(String name, Output<String> id, StackSetInstanceState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccountId string

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

CallAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

DeploymentTargets StackSetInstanceDeploymentTargetsArgs

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

OperationPreferences StackSetInstanceOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set operation.

OrganizationalUnitId string

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

ParameterOverrides Dictionary<string, string>

Key-value map of input parameters to override from the StackSet for this Instance.

Region string

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

RetainStack bool

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

StackId string

Stack identifier

StackSetName string

Name of the StackSet.

AccountId string

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

CallAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

DeploymentTargets StackSetInstanceDeploymentTargetsArgs

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

OperationPreferences StackSetInstanceOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set operation.

OrganizationalUnitId string

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

ParameterOverrides map[string]string

Key-value map of input parameters to override from the StackSet for this Instance.

Region string

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

RetainStack bool

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

StackId string

Stack identifier

StackSetName string

Name of the StackSet.

accountId String

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

callAs String

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

deploymentTargets StackSetInstanceDeploymentTargetsArgs

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

operationPreferences StackSetInstanceOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set operation.

organizationalUnitId String

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

parameterOverrides Map<String,String>

Key-value map of input parameters to override from the StackSet for this Instance.

region String

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

retainStack Boolean

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

stackId String

Stack identifier

stackSetName String

Name of the StackSet.

accountId string

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

callAs string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

deploymentTargets StackSetInstanceDeploymentTargetsArgs

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

operationPreferences StackSetInstanceOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set operation.

organizationalUnitId string

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

parameterOverrides {[key: string]: string}

Key-value map of input parameters to override from the StackSet for this Instance.

region string

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

retainStack boolean

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

stackId string

Stack identifier

stackSetName string

Name of the StackSet.

account_id str

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

call_as str

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

deployment_targets StackSetInstanceDeploymentTargetsArgs

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

operation_preferences StackSetInstanceOperationPreferencesArgs

Preferences for how AWS CloudFormation performs a stack set operation.

organizational_unit_id str

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

parameter_overrides Mapping[str, str]

Key-value map of input parameters to override from the StackSet for this Instance.

region str

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

retain_stack bool

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

stack_id str

Stack identifier

stack_set_name str

Name of the StackSet.

accountId String

Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.

callAs String

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.

deploymentTargets Property Map

The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.

operationPreferences Property Map

Preferences for how AWS CloudFormation performs a stack set operation.

organizationalUnitId String

The organization root ID or organizational unit (OU) IDs specified for deployment_targets.

parameterOverrides Map<String>

Key-value map of input parameters to override from the StackSet for this Instance.

region String

Target AWS Region to create a Stack based on the StackSet. Defaults to current region.

retainStack Boolean

During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state before destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to false.

stackId String

Stack identifier

stackSetName String

Name of the StackSet.

Supporting Types

StackSetInstanceDeploymentTargets

StackSetInstanceOperationPreferences

Import

CloudFormation StackSet Instances that target an AWS Account ID can be imported using the StackSet name, target AWS account ID, and target AWS region separated by commas (,) e.g.

 $ pulumi import aws:cloudformation/stackSetInstance:StackSetInstance example example,123456789012,us-east-1

CloudFormation StackSet Instances that target AWS Organizational Units can be imported using the StackSet name, a slash (/) separated list of organizational unit IDs, and target AWS region separated by commas (,) e.g.

 $ pulumi import aws:cloudformation/stackSetInstance:StackSetInstance example example,ou-sdas-123123123/ou-sdas-789789789,us-east-1

Package Details

Repository
https://github.com/pulumi/pulumi-aws
License
Apache-2.0
Notes

This Pulumi package is based on the aws Terraform Provider.