Add stack instances to CloudFormation StackSets
When you create a stack set, you can create the stacks for that stack set. CloudFormation also enables you to add more stacks, for additional accounts and Regions, at any point after the stack set is created. You can add stack instances using either the CloudFormation console or the AWS CLI.
Add stack instances to a stack set (console)
Sign in to the AWS Management Console and open the AWS CloudFormation console at https://console.aws.amazon.com/cloudformation
. -
On the navigation bar at the top of the screen, choose the AWS Region you created the stack set in.
-
From the navigation pane, choose StackSets. On the StackSets page, select the stack set that you created.
-
With the stack set selected, choose Add stacks to StackSet from the Actions menu.
-
On the Set deployment options page, do the following:
-
For Add stacks to stack set, choose Deploy new stacks.
-
Next, do the following depending on your stack set's permissions configuration:
-
[Self-managed permissions] For Accounts, Deployment locations, choose Deploy stacks in accounts. Paste your target account numbers in the text box, separating multiple numbers with commas.
-
[Service-managed permissions] For Deployment targets, do one of the following:
-
Choose Deploy to organization to deploy to all accounts in your organization.
-
Choose Deploy to organizational units (OUs) to deploy to all accounts in specific OUs. Choose Add another OU, and then paste the target OU ID in the text box. Repeat for each new target OU. StackSets also targets any child OUs of your selected targets.
Note
If you add an OU that your stack set already targets, StackSets creates new stack instances in any accounts in the OU that don't already have stack instances from your stack set (for example, accounts that were added to the OU after your stack set was created and with automatic deployments disabled).
-
-
-
For Specify regions, specify which AWS Regions to deploy to in the target accounts you specified in the previous step. By default, CloudFormation will deploy stacks in the specified accounts within the first Region, then moves on to the next, and so on, as long as a Region's deployment failures don't exceed a specified failure tolerance.
-
For Deployment options:
-
For Maximum concurrent accounts, modify the maximum concurrent accounts as needed.
-
For Failure tolerance, modify the failure tolerance as needed.
-
For Region concurrency, modify the region concurrency as needed.
-
For Concurrency mode, modify the concurrency mode as needed.
-
-
Choose Next.
-
-
On the Specify Overrides page, leave the property values as specified. You won't be overriding any property values for the stacks you're going to create. Choose Next.
-
On the Review page, review your choices. To make changes, choose Edit on the related section.
-
When you're ready to proceed, choose Submit.
CloudFormation starts creating your stack instances. View the progress and status of the creation of the stack instances in your stack set in the stack set details page that opens when you choose Submit. When complete, your new stack instances should be listed on the Stack instances tab.
Add stack instances to a stack set (AWS CLI)
When acting as a delegated administrator, you must set the --call-as
option to DELEGATED_ADMIN
each time you run a StackSets
command.
--call-as
DELEGATED_ADMIN
-
Use the create-stack-instances CLI command.
[Self-managed permissions] For the
--accounts
option, provide the accounts IDs for which you want to create stack instances.aws cloudformation create-stack-instances --stack-set-name
my-awsconfig-stackset
\ --accounts'["account_id"]'
--regions'["eu-west-1", "us-west-2"]'
[Service-managed permissions] For the
--deployment-targets
option, provide the organization (root) ID or OU IDs for which you want to create stack instances.aws cloudformation create-stack-instances --stack-set-name
my-stackset
\ --deployment-targets OrganizationalUnitIds='["ou-rcuk-r1qi0wl7"]'
--regions'["eu-west-1", "us-west-2"]'
Note
If you add an OU that your stack set already targets, StackSets creates new stack instances in any accounts in the OU that don't already have stack instances from your stack set (for example, accounts that were added to the OU after your stack set was created and with automatic deployments disabled).