Top / Amazon Web Service / AWS CloudFormation / Stack Set Instance

AWS CloudFormation Stack Set Instance

This page shows how to write Terraform and CloudFormation for CloudFormation Stack Set Instance and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_cloudformation_stack_set_instance (Terraform)

The Stack Set Instance in CloudFormation can be configured in Terraform with the resource name aws_cloudformation_stack_set_instance. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

positive.tf#L1
resource "aws_cloudformation_stack_set_instance" "positive1" {
  account_id     = "123456789012"
  region         = "us-east-1"
  stack_set_name = aws_cloudformation_stack_set.example.name
  retain_stack   = false
}
positive.tf#L1
resource "aws_cloudformation_stack_set_instance" "positive1" {
  account_id     = "123456789012"
  region         = "us-east-1"
  stack_set_name = aws_cloudformation_stack_set.example.name
  retain_stack   = false
}
main.tf#L7
resource "aws_cloudformation_stack_set_instance" "instances" {
  count          = length(var.regions)
  region         = var.regions[count.index]
  account_id     = data.aws_caller_identity.identity.account_id
  stack_set_name = var.stack_set_name
  depends_on     = [var.module_depends_on]
main.tf#L1
resource "aws_cloudformation_stack_set_instance" "stack_set_instance" {
  count          = length(var.stack_set_instance)
  stack_set_name = element(var.stack_set_name, lookup(var.stack_set_instance[count.index], "stack_set_id"))
  region         = lookup(var.stack_set_instance[count.index], "region")
  retain_stack   = lookup(var.stack_set_instance[count.index], "retain_stack")
negative.tf#L1
resource "aws_cloudformation_stack_set_instance" "negative1" {
  account_id     = "123456789012"
  region         = "us-east-1"
  stack_set_name = aws_cloudformation_stack_set.example.name
  retain_stack     = true

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Manages a CloudFormation StackSet Instance. Instances are managed in the account and region of the StackSet after the target account permissions have been configured. Additional information about StackSets can be found in the AWS CloudFormation User Guide.

NOTE: All target accounts must have an IAM Role created that matches the name of the execution role configured in the StackSet (the execution_role_name argument in the aws_cloudformation_stack_set resource) in a trust relationship with the administrative account or administration IAM Role. The execution role must have appropriate permissions to manage resources defined in the template along with those required for StackSets to operate. See the AWS CloudFormation User Guide for more details. NOTE: To retain the Stack during Terraform resource destroy, ensure retain_stack = true has been successfully applied into the Terraform state first. This must be completed before an apply that would destroy the resource.

>> from Terraform Registry

AWS::CloudFormation::StackSet StackInstances (CloudFormation)

The StackSet StackInstances in CloudFormation can be configured in CloudFormation with the resource name AWS::CloudFormation::StackSet StackInstances. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

DeploymentTargets The AWS OrganizationalUnitIds or Accounts for which to create stack instances in the specified Regions.
Required: Yes
Type: DeploymentTargets
Update requires: No interruption

ParameterOverrides A list of stack set parameters whose values you want to override in the selected stack instances.
Required: No
Type: List of Parameter
Update requires: No interruption

Regions The names of one or more Regions where you want to create stack instances using the specified AWS accounts.
Required: Yes
Type: List of String
Update requires: No interruption

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

Stack instances in some specific accounts and Regions.

>> from AWS CloudFormation Documentation

The Other Related AWS CloudFormation Resources

Frequently asked questions

What is AWS CloudFormation Stack Set Instance?

AWS CloudFormation Stack Set Instance is a resource for CloudFormation of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS CloudFormation Stack Set Instance?

For Terraform, the Checkmarx/kics, leonidweinbergcx/mykics and asannou/terraform-aws-cloudformation-stackset source code examples are useful. See the Terraform Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents