Members

Members

AutoUpdate

Type: boolean

Whether to automatically update the extension in this account and Region when a new minor version is published by the extension publisher. Major versions released by the publisher must be manually updated.

The default is true.

ExecutionRoleArn

Type: string

The name of the IAM execution role to use to activate the extension.

LoggingConfig

Type: LoggingConfig structure

Contains logging configuration information for an extension.

MajorVersion

Type: long (int|float)

The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available minor version of the major version selected.

You can specify MajorVersion or VersionBump, but not both.

PublicTypeArn

Type: string

The Amazon Resource Name (ARN) of the public extension.

Conditional: You must specify PublicTypeArn, or TypeName, Type, and PublisherId.

PublisherId

Type: string

The ID of the extension publisher.

Conditional: You must specify PublicTypeArn, or TypeName, Type, and PublisherId.

Type

Type: string

The extension type.

Conditional: You must specify PublicTypeArn, or TypeName, Type, and PublisherId.

TypeName

Type: string

The name of the extension.

Conditional: You must specify PublicTypeArn, or TypeName, Type, and PublisherId.

TypeNameAlias

Type: string

An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.

An extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.

VersionBump

Type: string

Manually updates a previously-activated type to a new major or minor version, if available. You can also use this parameter to update the value of AutoUpdate.

• MAJOR: CloudFormation updates the extension to the newest major version, if one is available.

• MINOR: CloudFormation updates the extension to the newest minor version, if one is available.

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the activated extension, in this account and Region.

Members

TypeConfigurationIdentifiers

Required: Yes

Type: Array of TypeConfigurationIdentifier structures

The list of identifiers for the desired extension configurations.

Members

Errors

Type: Array of BatchDescribeTypeConfigurationsError structures

A list of information concerning any errors generated during the setting of the specified configurations.

TypeConfigurations

Type: Array of TypeConfigurationDetails structures

A list of any of the specified extension configurations from the CloudFormation registry.

UnprocessedTypeConfigurations

Type: Array of TypeConfigurationIdentifier structures

A list of any of the specified extension configurations that CloudFormation could not process for any reason.

Members

ClientRequestToken

Type: string

A unique identifier for this CancelUpdateStack request. Specify this token if you plan to retry requests so that CloudFormation knows that you're not attempting to cancel an update on a stack with the same name. You might retry CancelUpdateStack requests to ensure that CloudFormation successfully received them.

StackName

Required: Yes

Type: string

If you don't pass a parameter to StackName, the API returns a response that describes all resources in the account.

The IAM policy below can be added to IAM policies when you want to limit resource-level permissions and avoid returning a response when no parameter is sent in the request:

{ "Version": "2012-10-17", "Statement": [{ "Effect": "Deny", "Action": "cloudformation:DescribeStacks", "NotResource": "arn:aws:cloudformation:*:*:stack/*/*" }] }

The name or the unique stack ID that's associated with the stack.

Members

ClientRequestToken

Type: string

A unique identifier for this ContinueUpdateRollback request. Specify this token if you plan to retry requests so that CloudFormation knows that you're not attempting to continue the rollback to a stack with the same name. You might retry ContinueUpdateRollback requests to ensure that CloudFormation successfully received them.

ResourcesToSkip

Type: Array of strings

A list of the logical IDs of the resources that CloudFormation skips during the continue update rollback operation. You can specify only resources that are in the UPDATE_FAILED state because a rollback failed. You can't specify resources that are in the UPDATE_FAILED state for other reasons, for example, because an update was canceled. To check why a resource update failed, use the DescribeStackResources action, and view the resource status reason.

Specify this property to skip rolling back resources that CloudFormation can't successfully roll back. We recommend that you troubleshoot resources before skipping them. CloudFormation sets the status of the specified resources to UPDATE_COMPLETE and continues to roll back the stack. After the rollback is complete, the state of the skipped resources will be inconsistent with the state of the resources in the stack template. Before performing another stack update, you must update the stack or resources to be consistent with each other. If you don't, subsequent stack updates might fail, and the stack will become unrecoverable.

Specify the minimum number of resources required to successfully roll back your stack. For example, a failed resource update might cause dependent resources to fail. In this case, it might not be necessary to skip the dependent resources.

To skip resources that are part of nested stacks, use the following format: NestedStackName.ResourceLogicalID. If you want to specify the logical ID of a stack resource (Type: AWS::CloudFormation::Stack) in the ResourcesToSkip list, then its corresponding embedded stack must be in one of the following states: DELETE_IN_PROGRESS, DELETE_COMPLETE, or DELETE_FAILED.

Don't confuse a child stack's name with its corresponding logical ID defined in the parent stack. For an example of a continue update rollback operation with nested stacks, see Continue rolling back from failed nested stack updates.

RoleARN

Type: string

The Amazon Resource Name (ARN) of an IAM role that CloudFormation assumes to roll back the stack. CloudFormation uses the role's credentials to make calls on your behalf. CloudFormation always uses this role for all future operations on the stack. Provided that users have permission to operate on the stack, CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least permission.

If you don't specify a value, CloudFormation uses the role that was previously associated with the stack. If no role is available, CloudFormation uses a temporary session that's generated from your user credentials.

StackName

Required: Yes

Type: string

The name or the unique ID of the stack that you want to continue rolling back.

Don't specify the name of a nested stack (a stack that was created by using the AWS::CloudFormation::Stack resource). Instead, use this operation on the parent stack (the stack that contains the AWS::CloudFormation::Stack resource).

Members

Capabilities

Type: Array of strings

In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for CloudFormation to create the stack.

• CAPABILITY_IAM and CAPABILITY_NAMED_IAM

  Some stack templates might include resources that can affect permissions in your Amazon Web Services account; for example, by creating new IAM users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.

  The following IAM resources require you to specify either the CAPABILITY_IAM or CAPABILITY_NAMED_IAM capability.

  • If you have IAM resources, you can specify either capability.

  • If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.

  • If you don't specify either of these capabilities, CloudFormation returns an InsufficientCapabilities error.

  If your stack template contains these resources, we suggest that you review all permissions associated with them and edit their permissions if necessary.

  • AWS::IAM::AccessKey

  • AWS::IAM::Group

  • AWS::IAM::InstanceProfile

  • AWS::IAM::ManagedPolicy

  • AWS::IAM::Policy

  • AWS::IAM::Role

  • AWS::IAM::User

  • AWS::IAM::UserToGroupAddition

  For more information, see Acknowledging IAM resources in CloudFormation templates.

• CAPABILITY_AUTO_EXPAND

  Some template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by CloudFormation.

  This capacity doesn't apply to creating change sets, and specifying it when creating change sets has no effect.

  If you want to create a stack from a stack template that contains macros and nested stacks, you must create or update the stack directly from the template using the CreateStack or UpdateStack action, and specifying this capability.

  For more information about macros, see Perform custom processing on CloudFormation templates with template macros.

Only one of the Capabilities and ResourceType parameters can be specified.

ChangeSetName

Required: Yes

Type: string

The name of the change set. The name must be unique among all change sets that are associated with the specified stack.

A change set name can contain only alphanumeric, case sensitive characters, and hyphens. It must start with an alphabetical character and can't exceed 128 characters.

ChangeSetType

Type: string

The type of change set operation. To create a change set for a new stack, specify CREATE. To create a change set for an existing stack, specify UPDATE. To create a change set for an import operation, specify IMPORT.

If you create a change set for a new stack, CloudFormation creates a stack with a unique stack ID, but no template or resources. The stack will be in the REVIEW_IN_PROGRESS state until you execute the change set.

By default, CloudFormation specifies UPDATE. You can't use the UPDATE type to create a change set for a new stack or the CREATE type to create a change set for an existing stack.

ClientToken

Type: string

A unique identifier for this CreateChangeSet request. Specify this token if you plan to retry requests so that CloudFormation knows that you're not attempting to create another change set with the same name. You might retry CreateChangeSet requests to ensure that CloudFormation successfully received them.

Description

Type: string

A description to help you identify this change set.

ImportExistingResources

Type: boolean

Indicates if the change set auto-imports resources that already exist. For more information, see Import Amazon Web Services resources into a CloudFormation stack automatically in the CloudFormation User Guide.

This parameter can only import resources that have custom names in templates. For more information, see name type in the CloudFormation User Guide. To import resources that do not accept custom names, such as EC2 instances, use the ResourcesToImport parameter instead.

IncludeNestedStacks

Type: boolean

Creates a change set for the all nested stacks specified in the template. The default behavior of this action is set to False. To include nested sets in a change set, specify True.

NotificationARNs

Type: Array of strings

The Amazon Resource Names (ARNs) of Amazon SNS topics that CloudFormation associates with the stack. To remove all associated notification topics, specify an empty list.

OnStackFailure

Type: string

Determines what action will be taken if stack creation fails. If this parameter is specified, the DisableRollback parameter to the ExecuteChangeSet API operation must not be specified. This must be one of these values:

• DELETE - Deletes the change set if the stack creation fails. This is only valid when the ChangeSetType parameter is set to CREATE. If the deletion of the stack fails, the status of the stack is DELETE_FAILED.

• DO_NOTHING - if the stack creation fails, do nothing. This is equivalent to specifying true for the DisableRollback parameter to the ExecuteChangeSet API operation.

• ROLLBACK - if the stack creation fails, roll back the stack. This is equivalent to specifying false for the DisableRollback parameter to the ExecuteChangeSet API operation.

For nested stacks, when the OnStackFailure parameter is set to DELETE for the change set for the parent stack, any failure in a child stack will cause the parent stack creation to fail and all stacks to be deleted.

Parameters

Type: Array of Parameter structures

A list of Parameter structures that specify input parameters for the change set. For more information, see the Parameter data type.

ResourceTypes

Type: Array of strings

The template resource types that you have permissions to work with if you execute this change set, such as AWS::EC2::Instance, AWS::EC2::*, or Custom::MyCustomInstance.

If the list of resource types doesn't include a resource type that you're updating, the stack update fails. By default, CloudFormation grants permissions to all resource types. IAM uses this parameter for condition keys in IAM policies for CloudFormation. For more information, see Control access with Identity and Access Management in the CloudFormation User Guide.

Only one of the Capabilities and ResourceType parameters can be specified.

ResourcesToImport

Type: Array of ResourceToImport structures

The resources to import into your stack.

RoleARN

Type: string

The Amazon Resource Name (ARN) of an IAM role that CloudFormation assumes when executing the change set. CloudFormation uses the role's credentials to make calls on your behalf. CloudFormation uses this role for all future operations on the stack. Provided that users have permission to operate on the stack, CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least permission.

If you don't specify a value, CloudFormation uses the role that was previously associated with the stack. If no role is available, CloudFormation uses a temporary session that is generated from your user credentials.

RollbackConfiguration

Type: RollbackConfiguration structure

The rollback triggers for CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

StackName

Required: Yes

Type: string

The name or the unique ID of the stack for which you are creating a change set. CloudFormation generates the change set by comparing this stack's information with the information that you submit, such as a modified template or different parameter input values.

Tags

Type: Array of Tag structures

Key-value pairs to associate with this stack. CloudFormation also propagates these tags to resources in the stack. You can specify a maximum of 50 tags.

TemplateBody

Type: string

A structure that contains the body of the revised template, with a minimum length of 1 byte and a maximum length of 51,200 bytes. CloudFormation generates the change set by comparing this template with the template of the stack that you specified.

Conditional: You must specify only TemplateBody or TemplateURL.

TemplateURL

Type: string

The URL of the file that contains the revised template. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. CloudFormation generates the change set by comparing this template with the stack that you specified. The location for an Amazon S3 bucket must start with https://. URLs from S3 static websites are not supported.

Conditional: You must specify only TemplateBody or TemplateURL.

UsePreviousTemplate

Type: boolean

Whether to reuse the template that's associated with the stack to create the change set.

Members

Id

Type: string

The Amazon Resource Name (ARN) of the change set.

StackId

Type: string

The unique ID of the stack.

Members

GeneratedTemplateName

Required: Yes

Type: string

The name assigned to the generated template.

Resources

Type: Array of ResourceDefinition structures

An optional list of resources to be included in the generated template.

If no resources are specified,the template will be created without any resources. Resources can be added to the template using the UpdateGeneratedTemplate API action.

StackName

Type: string

An optional name or ARN of a stack to use as the base stack for the generated template.

TemplateConfiguration

Type: TemplateConfiguration structure

The configuration details of the generated template, including the DeletionPolicy and UpdateReplacePolicy.

Members

GeneratedTemplateId

Type: string

The ID of the generated template.

Members

Capabilities

Type: Array of strings

In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for CloudFormation to create the stack.

• CAPABILITY_IAM and CAPABILITY_NAMED_IAM

  Some stack templates might include resources that can affect permissions in your Amazon Web Services account; for example, by creating new IAM users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.

  The following IAM resources require you to specify either the CAPABILITY_IAM or CAPABILITY_NAMED_IAM capability.

  • If you have IAM resources, you can specify either capability.

  • If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.

  • If you don't specify either of these capabilities, CloudFormation returns an InsufficientCapabilities error.

  If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.

  • AWS::IAM::AccessKey

  • AWS::IAM::Group

  • AWS::IAM::InstanceProfile

  • AWS::IAM::ManagedPolicy

  • AWS::IAM::Policy

  • AWS::IAM::Role

  • AWS::IAM::User

  • AWS::IAM::UserToGroupAddition

  For more information, see Acknowledging IAM resources in CloudFormation templates.

• CAPABILITY_AUTO_EXPAND

  Some template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by CloudFormation.

  If you want to create a stack from a stack template that contains macros and nested stacks, you must create the stack directly from the template using this capability.

  You should only create stacks directly from a stack template that contains macros if you know what processing the macro performs.

  Each macro relies on an underlying Lambda service function for processing stack templates. Be aware that the Lambda function owner can update the function operation without CloudFormation being notified.

  For more information, see Perform custom processing on CloudFormation templates with template macros.

Only one of the Capabilities and ResourceType parameters can be specified.

ClientRequestToken

Type: string

A unique identifier for this CreateStack request. Specify this token if you plan to retry requests so that CloudFormation knows that you're not attempting to create a stack with the same name. You might retry CreateStack requests to ensure that CloudFormation successfully received them.

All events initiated by a given stack operation are assigned the same client request token, which you can use to track operations. For example, if you execute a CreateStack operation with the token token1, then all the StackEvents generated by that operation will have ClientRequestToken set as token1.

In the console, stack operations display the client request token on the Events tab. Stack operations that are initiated from the console use the token format Console-StackOperation-ID, which helps you easily identify the stack operation . For example, if you create a stack using the console, each stack event would be assigned the same token in the following format: Console-CreateStack-7f59c3cf-00d2-40c7-b2ff-e75db0987002.

DisableRollback

Type: boolean

Set to true to disable rollback of the stack if stack creation failed. You can specify either DisableRollback or OnFailure, but not both.

Default: false

EnableTerminationProtection

Type: boolean

Whether to enable termination protection on the specified stack. If a user attempts to delete a stack with termination protection enabled, the operation fails and the stack remains unchanged. For more information, see Protect CloudFormation stacks from being deleted in the CloudFormation User Guide. Termination protection is deactivated on stacks by default.

For nested stacks, termination protection is set on the root stack and can't be changed directly on the nested stack.

NotificationARNs

Type: Array of strings

The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).

OnFailure

Type: string

Determines what action will be taken if stack creation fails. This must be one of: DO_NOTHING, ROLLBACK, or DELETE. You can specify either OnFailure or DisableRollback, but not both.

Default: ROLLBACK

Parameters

Type: Array of Parameter structures

A list of Parameter structures that specify input parameters for the stack. For more information, see the Parameter data type.

ResourceTypes

Type: Array of strings

The template resource types that you have permissions to work with for this create stack action, such as AWS::EC2::Instance, AWS::EC2::*, or Custom::MyCustomInstance. Use the following syntax to describe template resource types: AWS::* (for all Amazon Web Services resources), Custom::* (for all custom resources), Custom::logical_ID (for a specific custom resource), AWS::service_name::* (for all resources of a particular Amazon Web Services service), and AWS::service_name::resource_logical_ID (for a specific Amazon Web Services resource).

If the list of resource types doesn't include a resource that you're creating, the stack creation fails. By default, CloudFormation grants permissions to all resource types. IAM uses this parameter for CloudFormation-specific condition keys in IAM policies. For more information, see Control access with Identity and Access Management.

Only one of the Capabilities and ResourceType parameters can be specified.

RetainExceptOnCreate

Type: boolean

When set to true, newly created resources are deleted when the operation rolls back. This includes newly created resources marked with a deletion policy of Retain.

Default: false

RoleARN

Type: string

The Amazon Resource Name (ARN) of an IAM role that CloudFormation assumes to create the stack. CloudFormation uses the role's credentials to make calls on your behalf. CloudFormation always uses this role for all future operations on the stack. Provided that users have permission to operate on the stack, CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least privilege.

If you don't specify a value, CloudFormation uses the role that was previously associated with the stack. If no role is available, CloudFormation uses a temporary session that's generated from your user credentials.

RollbackConfiguration

Type: RollbackConfiguration structure

The rollback triggers for CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

StackName

Required: Yes

Type: string

The name that's associated with the stack. The name must be unique in the Region in which you are creating the stack.

A stack name can contain only alphanumeric characters (case sensitive) and hyphens. It must start with an alphabetical character and can't be longer than 128 characters.

StackPolicyBody

Type: string

Structure that contains the stack policy body. For more information, see Prevent updates to stack resources in the CloudFormation User Guide. You can specify either the StackPolicyBody or the StackPolicyURL parameter, but not both.

StackPolicyURL

Type: string

Location of a file that contains the stack policy. The URL must point to a policy (maximum size: 16 KB) located in an S3 bucket in the same Region as the stack. The location for an Amazon S3 bucket must start with https://. URLs from S3 static websites are not supported.

You can specify either the StackPolicyBody or the StackPolicyURL parameter, but not both.

Tags

Type: Array of Tag structures

Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.

TemplateBody

Type: string

Structure that contains the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.

Conditional: You must specify either TemplateBody or TemplateURL, but not both.

TemplateURL

Type: string

The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with https://. URLs from S3 static websites are not supported.

Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but not both.

TimeoutInMinutes

Type: int

The amount of time that can pass before the stack status becomes CREATE_FAILED; if DisableRollback is not set or is set to false, the stack will be rolled back.

Members

StackId

Type: string

Unique identifier of the stack.

Members

Accounts

Type: Array of strings

[Self-managed permissions] The account IDs of one or more Amazon Web Services accounts that you want to create stack instances in the specified Region(s) for.

You can specify Accounts or DeploymentTargets, but not both.

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• If you are signed in to the management account, specify SELF.

• If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

  Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

DeploymentTargets

Type: DeploymentTargets structure

[Service-managed permissions] The Organizations accounts for which to create stack instances in the specified Amazon Web Services Regions.

You can specify Accounts or DeploymentTargets, but not both.

OperationId

Type: string

The unique identifier for this stack set operation.

The operation ID also functions as an idempotency token, to ensure that CloudFormation performs the stack set operation only once, even if you retry the request multiple times. You might retry stack set operation requests to ensure that CloudFormation successfully received them.

If you don't specify an operation ID, the SDK generates one automatically.

Repeating this stack set operation with a new operation ID retries all stack instances whose status is OUTDATED.

OperationPreferences

Type: StackSetOperationPreferences structure

Preferences for how CloudFormation performs this stack set operation.

ParameterOverrides

Type: Array of Parameter structures

A list of stack set parameters whose values you want to override in the selected stack instances.

Any overridden parameter values will be applied to all stack instances in the specified accounts and Amazon Web Services Regions. When specifying parameters and their values, be aware of how CloudFormation sets parameter values during stack instance operations:

• To override the current value for a parameter, include the parameter and specify its value.

• To leave an overridden parameter set to its present value, include the parameter and specify UsePreviousValue as true. (You can't specify both a value and set UsePreviousValue to true.)

• To set an overridden parameter back to the value specified in the stack set, specify a parameter list but don't include the parameter in the list.

• To leave all parameters set to their present values, don't specify this property at all.

During stack set updates, any parameter values overridden for a stack instance aren't updated, but retain their overridden value.

You can only override the parameter values that are specified in the stack set; to add or delete a parameter itself, use UpdateStackSet to update the stack set template.

Regions

Required: Yes

Type: Array of strings

The names of one or more Amazon Web Services Regions where you want to create stack instances using the specified Amazon Web Services accounts.

StackSetName

Required: Yes

Type: string

The name or unique ID of the stack set that you want to create stack instances from.

Members

OperationId

Type: string

The unique identifier for this stack set operation.

Members

Description

Type: string

A description to help you identify the stack refactor.

EnableStackCreation

Type: boolean

Determines if a new stack is created with the refactor.

ResourceMappings

Type: Array of ResourceMapping structures

The mappings for the stack resource Source and stack resource Destination.

StackDefinitions

Required: Yes

Type: Array of StackDefinition structures

The stacks being refactored.

Members

StackRefactorId

Required: Yes

Type: string

The ID associated with the stack refactor created from the CreateStackRefactor action.

Members

AdministrationRoleARN

Type: string

The Amazon Resource Name (ARN) of the IAM role to use to create this stack set.

Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Grant self-managed permissions in the CloudFormation User Guide.

Valid only if the permissions model is SELF_MANAGED.

AutoDeployment

Type: AutoDeployment structure

Describes whether StackSets automatically deploys to Organizations accounts that are added to the target organization or organizational unit (OU). For more information, see Manage automatic deployments for CloudFormation StackSets that use service-managed permissions in the CloudFormation User Guide.

Required if the permissions model is SERVICE_MANAGED. (Not used with self-managed permissions.)

CallAs

Type: string

Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• To create a stack set with service-managed permissions while signed in to the management account, specify SELF.

• To create a stack set with service-managed permissions while signed in to a delegated administrator account, specify DELEGATED_ADMIN.

  Your Amazon Web Services account must be registered as a delegated admin in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

Stack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.

Valid only if the permissions model is SERVICE_MANAGED.

Capabilities

Type: Array of strings

In some cases, you must explicitly acknowledge that your stack set template contains certain capabilities in order for CloudFormation to create the stack set and related stack instances.

• CAPABILITY_IAM and CAPABILITY_NAMED_IAM

  Some stack templates might include resources that can affect permissions in your Amazon Web Services account; for example, by creating new IAM users. For those stack sets, you must explicitly acknowledge this by specifying one of these capabilities.

  The following IAM resources require you to specify either the CAPABILITY_IAM or CAPABILITY_NAMED_IAM capability.

  • If you have IAM resources, you can specify either capability.

  • If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.

  • If you don't specify either of these capabilities, CloudFormation returns an InsufficientCapabilities error.

  If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.

  • AWS::IAM::AccessKey

  • AWS::IAM::Group

  • AWS::IAM::InstanceProfile

  • AWS::IAM::Policy

  • AWS::IAM::Role

  • AWS::IAM::User

  • AWS::IAM::UserToGroupAddition

  For more information, see Acknowledging IAM resources in CloudFormation templates.

• CAPABILITY_AUTO_EXPAND

  Some templates reference macros. If your stack set template references one or more macros, you must create the stack set directly from the processed template, without first reviewing the resulting changes in a change set. To create the stack set directly, you must acknowledge this capability. For more information, see Perform custom processing on CloudFormation templates with template macros.

  Stack sets with service-managed permissions don't currently support the use of macros in templates. (This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by CloudFormation.) Even if you specify this capability for a stack set with service-managed permissions, if you reference a macro in your template the stack set operation will fail.

ClientRequestToken

Type: string

A unique identifier for this CreateStackSet request. Specify this token if you plan to retry requests so that CloudFormation knows that you're not attempting to create another stack set with the same name. You might retry CreateStackSet requests to ensure that CloudFormation successfully received them.

If you don't specify an operation ID, the SDK generates one automatically.

Description

Type: string

A description of the stack set. You can use the description to identify the stack set's purpose or other important information.

ExecutionRoleName

Type: string

The name of the IAM execution role to use to create the stack set. If you do not specify an execution role, CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation.

Specify an IAM role only if you are using customized execution roles to control which stack resources users and groups can include in their stack sets.

Valid only if the permissions model is SELF_MANAGED.

ManagedExecution

Type: ManagedExecution structure

Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.

Parameters

Type: Array of Parameter structures

The input parameters for the stack set template.

PermissionModel

Type: string

Describes how the IAM roles required for stack set operations are created. By default, SELF-MANAGED is specified.

• With self-managed permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see Grant self-managed permissions.

• With service-managed permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by Organizations. For more information, see Activate trusted access for stack sets with Organizations.

StackId

Type: string

The stack ID you are importing into a new stack set. Specify the Amazon Resource Name (ARN) of the stack.

StackSetName

Required: Yes

Type: string

The name to associate with the stack set. The name must be unique in the Region where you create your stack set.

A stack name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and can't be longer than 128 characters.

Tags

Type: Array of Tag structures

The key-value pairs to associate with this stack set and the stacks created from it. CloudFormation also propagates these tags to supported resources that are created in the stacks. A maximum number of 50 tags can be specified.

If you specify tags as part of a CreateStackSet action, CloudFormation checks to see if you have the required IAM permission to tag resources. If you don't, the entire CreateStackSet action fails with an access denied error, and the stack set is not created.

TemplateBody

Type: string

The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.

Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but not both.

TemplateURL

Type: string

The URL of a file that contains the template body. The URL must point to a template (maximum size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with https://. S3 static website URLs are not supported.

Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but not both.

Members

StackSetId

Type: string

The ID of the stack set that you're creating.

Members

Members

Arn

Type: string

The Amazon Resource Name (ARN) for the extension, in this account and Region.

Conditional: You must specify either Arn, or TypeName and Type.

Type

Type: string

The extension type.

Conditional: You must specify either Arn, or TypeName and Type.

TypeName

Type: string

The type name of the extension, in this account and Region. If you specified a type name alias when enabling the extension, use the type name alias.

Conditional: You must specify either Arn, or TypeName and Type.

Members

ChangeSetName

Required: Yes

Type: string

The name or Amazon Resource Name (ARN) of the change set that you want to delete.

StackName

Type: string

If you specified the name of a change set to delete, specify the stack name or Amazon Resource Name (ARN) that's associated with it.

Members

GeneratedTemplateName

Required: Yes

Type: string

The name or Amazon Resource Name (ARN) of a generated template.

Members

ClientRequestToken

Type: string

A unique identifier for this DeleteStack request. Specify this token if you plan to retry requests so that CloudFormation knows that you're not attempting to delete a stack with the same name. You might retry DeleteStack requests to ensure that CloudFormation successfully received them.

All events initiated by a given stack operation are assigned the same client request token, which you can use to track operations. For example, if you execute a CreateStack operation with the token token1, then all the StackEvents generated by that operation will have ClientRequestToken set as token1.

In the console, stack operations display the client request token on the Events tab. Stack operations that are initiated from the console use the token format Console-StackOperation-ID, which helps you easily identify the stack operation . For example, if you create a stack using the console, each stack event would be assigned the same token in the following format: Console-CreateStack-7f59c3cf-00d2-40c7-b2ff-e75db0987002.

DeletionMode

Type: string

Specifies the deletion mode for the stack. Possible values are:

• STANDARD - Use the standard behavior. Specifying this value is the same as not specifying this parameter.

• FORCE_DELETE_STACK - Delete the stack if it's stuck in a DELETE_FAILED state due to resource deletion failure.

RetainResources

Type: Array of strings

For stacks in the DELETE_FAILED state, a list of resource logical IDs that are associated with the resources you want to retain. During deletion, CloudFormation deletes the stack but doesn't delete the retained resources.

Retaining resources is useful when you can't delete a resource, such as a non-empty S3 bucket, but you want to delete the stack.

RoleARN

Type: string

The Amazon Resource Name (ARN) of an IAM role that CloudFormation assumes to delete the stack. CloudFormation uses the role's credentials to make calls on your behalf.

If you don't specify a value, CloudFormation uses the role that was previously associated with the stack. If no role is available, CloudFormation uses a temporary session that's generated from your user credentials.

StackName

Required: Yes

Type: string

The name or the unique stack ID that's associated with the stack.

Members

Accounts

Type: Array of strings

[Self-managed permissions] The account IDs of the Amazon Web Services accounts that you want to delete stack instances for.

You can specify Accounts or DeploymentTargets, but not both.

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• If you are signed in to the management account, specify SELF.

• If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

  Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

DeploymentTargets

Type: DeploymentTargets structure

[Service-managed permissions] The Organizations accounts from which to delete stack instances.

You can specify Accounts or DeploymentTargets, but not both.

OperationId

Type: string

The unique identifier for this stack set operation.

If you don't specify an operation ID, the SDK generates one automatically.

The operation ID also functions as an idempotency token, to ensure that CloudFormation performs the stack set operation only once, even if you retry the request multiple times. You can retry stack set operation requests to ensure that CloudFormation successfully received them.

Repeating this stack set operation with a new operation ID retries all stack instances whose status is OUTDATED.

OperationPreferences

Type: StackSetOperationPreferences structure

Preferences for how CloudFormation performs this stack set operation.

Regions

Required: Yes

Type: Array of strings

The Amazon Web Services Regions where you want to delete stack set instances.

RetainStacks

Required: Yes

Type: boolean

Removes the stack instances from the specified stack set, but doesn't delete the stacks. You can't reassociate a retained stack or add an existing, saved stack to a new stack set.

For more information, see Stack set operation options.

StackSetName

Required: Yes

Type: string

The name or unique ID of the stack set that you want to delete stack instances for.

Members

OperationId

Type: string

The unique identifier for this stack set operation.

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• If you are signed in to the management account, specify SELF.

• If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

  Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

StackSetName

Required: Yes

Type: string

The name or unique ID of the stack set that you're deleting. You can obtain this value by running ListStackSets.

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

Type

Type: string

The kind of extension.

Conditional: You must specify either TypeName and Type, or Arn.

TypeName

Type: string

The name of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

VersionId

Type: string

The ID of a specific version of the extension. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the extension version when it is registered.

Members

NextToken

Type: string

A string that identifies the next page of limits that you want to retrieve.

Members

AccountLimits

Type: Array of AccountLimit structures

An account limit structure that contain a list of CloudFormation account limits and their values.

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of limits. If no additional page exists, this value is null.

Members

ChangeSetName

Required: Yes

Type: string

The name or Amazon Resource Name (ARN) of the change set that you want to describe.

IncludePropertyValues

Type: boolean

If true, the returned changes include detailed changes in the property values.

NextToken

Type: string

A string (provided by the DescribeChangeSet response output) that identifies the next page of information that you want to retrieve.

StackName

Type: string

If you specified the name of a change set, specify the stack name or ID (ARN) of the change set you want to describe.

Members

Capabilities

Type: Array of strings

If you execute the change set, the list of capabilities that were explicitly acknowledged when the change set was created.

ChangeSetId

Type: string

The Amazon Resource Name (ARN) of the change set.

ChangeSetName

Type: string

The name of the change set.

Changes

Type: Array of Change structures

A list of Change structures that describes the resources CloudFormation changes if you execute the change set.

CreationTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The start time when the change set was created, in UTC.

Description

Type: string

Information about the change set.

ExecutionStatus

Type: string

If the change set execution status is AVAILABLE, you can execute the change set. If you can't execute the change set, the status indicates why. For example, a change set might be in an UNAVAILABLE state because CloudFormation is still creating it or in an OBSOLETE state because the stack was already updated.

ImportExistingResources

Type: boolean

Indicates if the change set imports resources that already exist.

This parameter can only import resources that have custom names in templates. To import resources that do not accept custom names, such as EC2 instances, use the resource import feature instead.

IncludeNestedStacks

Type: boolean

Verifies if IncludeNestedStacks is set to True.

NextToken

Type: string

If the output exceeds 1 MB, a string that identifies the next page of changes. If there is no additional page, this value is null.

NotificationARNs

Type: Array of strings

The ARNs of the Amazon SNS topics that will be associated with the stack if you execute the change set.

OnStackFailure

Type: string

Determines what action will be taken if stack creation fails. When this parameter is specified, the DisableRollback parameter to the ExecuteChangeSet API operation must not be specified. This must be one of these values:

• DELETE - Deletes the change set if the stack creation fails. This is only valid when the ChangeSetType parameter is set to CREATE. If the deletion of the stack fails, the status of the stack is DELETE_FAILED.

• DO_NOTHING - if the stack creation fails, do nothing. This is equivalent to specifying true for the DisableRollback parameter to the ExecuteChangeSet API operation.

• ROLLBACK - if the stack creation fails, roll back the stack. This is equivalent to specifying false for the DisableRollback parameter to the ExecuteChangeSet API operation.

Parameters

Type: Array of Parameter structures

A list of Parameter structures that describes the input parameters and their values used to create the change set. For more information, see the Parameter data type.

ParentChangeSetId

Type: string

Specifies the change set ID of the parent change set in the current nested change set hierarchy.

RollbackConfiguration

Type: RollbackConfiguration structure

The rollback triggers for CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

RootChangeSetId

Type: string

Specifies the change set ID of the root change set in the current nested change set hierarchy.

StackId

Type: string

The Amazon Resource Name (ARN) of the stack that's associated with the change set.

StackName

Type: string

The name of the stack that's associated with the change set.

Status

Type: string

The current status of the change set, such as CREATE_PENDING, CREATE_COMPLETE, or FAILED.

StatusReason

Type: string

A description of the change set's status. For example, if your attempt to create a change set failed, CloudFormation shows the error message.

Tags

Type: Array of Tag structures

If you execute the change set, the tags that will be associated with the stack.

Members

ChangeSetName

Required: Yes

Type: string

The name or Amazon Resource Name (ARN) of the change set that you want to describe.

LogicalResourceId

Type: string

If specified, lists only the Hooks related to the specified LogicalResourceId.

NextToken

Type: string

A string, provided by the DescribeChangeSetHooks response output, that identifies the next page of information that you want to retrieve.

StackName

Type: string

If you specified the name of a change set, specify the stack name or stack ID (ARN) of the change set you want to describe.

Members

ChangeSetId

Type: string

The change set identifier (stack ID).

ChangeSetName

Type: string

The change set name.

Hooks

Type: Array of ChangeSetHook structures

List of hook objects.

NextToken

Type: string

Pagination token, null or empty if no more results.

StackId

Type: string

The stack identifier (stack ID).

StackName

Type: string

The stack name.

Status

Type: string

Provides the status of the change set hook.

Members

GeneratedTemplateName

Required: Yes

Type: string

The name or Amazon Resource Name (ARN) of a generated template.

Members

CreationTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The time the generated template was created.

GeneratedTemplateId

Type: string

The Amazon Resource Name (ARN) of the generated template. The format is arn:${Partition}:cloudformation:${Region}:${Account}:generatedtemplate/${Id}. For example, arn:aws:cloudformation:us-east-1:123456789012:generatedtemplate/2e8465c1-9a80-43ea-a3a3-4f2d692fe6dc .

GeneratedTemplateName

Type: string

The name of the generated template.

LastUpdatedTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The time the generated template was last updated.

Progress

Type: TemplateProgress structure

An object describing the progress of the template generation.

Resources

Type: Array of ResourceDetail structures

A list of objects describing the details of the resources in the template generation.

StackId

Type: string

The stack ARN of the base stack if a base stack was provided when generating the template.

Status

Type: string

The status of the template generation. Supported values are:

• CreatePending - the creation of the template is pending.

• CreateInProgress - the creation of the template is in progress.

• DeletePending - the deletion of the template is pending.

• DeleteInProgress - the deletion of the template is in progress.

• UpdatePending - the update of the template is pending.

• UpdateInProgress - the update of the template is in progress.

• Failed - the template operation failed.

• Complete - the template operation is complete.

StatusReason

Type: string

The reason for the current template generation status. This will provide more details if a failure happened.

TemplateConfiguration

Type: TemplateConfiguration structure

The configuration details of the generated template, including the DeletionPolicy and UpdateReplacePolicy.

TotalWarnings

Type: int

The number of warnings generated for this template. The warnings are found in the details of each of the resources in the template.

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified.

• If you are signed in to the management account, specify SELF.

• If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

  Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

Members

Status

Type: string

Presents the status of the OrganizationAccess.

Members

PublisherId

Type: string

The ID of the extension publisher.

If you don't supply a PublisherId, and you have registered as an extension publisher, DescribePublisher returns information about your own publisher account.

Members

IdentityProvider

Type: string

The type of account used as the identity provider when registering this publisher with CloudFormation.

PublisherId

Type: string

The ID of the extension publisher.

PublisherProfile

Type: string

The URL to the publisher's profile with the identity provider.

PublisherStatus

Type: string

Whether the publisher is verified. Currently, all registered publishers are verified.

Members

ResourceScanId

Required: Yes

Type: string

The Amazon Resource Name (ARN) of the resource scan.

Members

EndTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The time that the resource scan was finished.

PercentageCompleted

Type: double

The percentage of the resource scan that has been completed.

ResourceScanId

Type: string

The Amazon Resource Name (ARN) of the resource scan. The format is arn:${Partition}:cloudformation:${Region}:${Account}:resourceScan/${Id}. An example is arn:aws:cloudformation:us-east-1:123456789012:resourceScan/f5b490f7-7ed4-428a-aa06-31ff25db0772 .

ResourceTypes

Type: Array of strings

The list of resource types for the specified scan. Resource types are only available for scans with a Status set to COMPLETE or FAILED .

ResourcesRead

Type: int

The number of resources that were read. This is only available for scans with a Status set to COMPLETE, EXPIRED, or FAILED.

This field may be 0 if the resource scan failed with a ResourceScanLimitExceededException.

ResourcesScanned

Type: int

The number of resources that were listed. This is only available for scans with a Status set to COMPLETE, EXPIRED, or FAILED .

ScanFilters

Type: Array of ScanFilter structures

The scan filters that were used.

StartTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The time that the resource scan was started.

Status

Type: string

Status of the resource scan.

IN_PROGRESS

The resource scan is still in progress.

COMPLETE

The resource scan is complete.

EXPIRED

The resource scan has expired.

FAILED

The resource scan has failed.

StatusReason

Type: string

The reason for the resource scan status, providing more information if a failure happened.

Members

StackDriftDetectionId

Required: Yes

Type: string

The ID of the drift detection results of this operation.

CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of drift results CloudFormation retains for any given stack, and for how long, may vary.

Members

DetectionStatus

Required: Yes

Type: string

The status of the stack drift detection operation.

• DETECTION_COMPLETE: The stack drift detection operation has successfully completed for all resources in the stack that support drift detection. (Resources that don't currently support stack detection remain unchecked.)

  If you specified logical resource IDs for CloudFormation to use as a filter for the stack drift detection operation, only the resources with those logical IDs are checked for drift.

• DETECTION_FAILED: The stack drift detection operation has failed for at least one resource in the stack. Results will be available for resources on which CloudFormation successfully completed drift detection.

• DETECTION_IN_PROGRESS: The stack drift detection operation is currently in progress.

DetectionStatusReason

Type: string

The reason the stack drift detection operation has its current status.

DriftedStackResourceCount

Type: int

Total number of stack resources that have drifted. This is NULL until the drift detection operation reaches a status of DETECTION_COMPLETE. This value will be 0 for stacks whose drift status is IN_SYNC.

StackDriftDetectionId

Required: Yes

Type: string

The ID of the drift detection results of this operation.

CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of reports CloudFormation retains for any given stack, and for how long, may vary.

StackDriftStatus

Type: string

Status of the stack's actual configuration compared to its expected configuration.

• DRIFTED: The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.

• NOT_CHECKED: CloudFormation hasn't checked if the stack differs from its expected template configuration.

• IN_SYNC: The stack's actual configuration matches its expected template configuration.

• UNKNOWN: CloudFormation could not run drift detection for a resource in the stack. See the DetectionStatusReason for details.

StackId

Required: Yes

Type: string

The ID of the stack.

Timestamp

Required: Yes

Type: timestamp (string|DateTime or anything parsable by strtotime)

Time at which the stack drift detection operation was initiated.

Members

NextToken

Type: string

A string that identifies the next page of events that you want to retrieve.

StackName

Type: string

The name or the unique stack ID that's associated with the stack, which aren't always interchangeable:

• Running stacks: You can specify either the stack's name or its unique stack ID.

• Deleted stacks: You must specify the unique stack ID.

Members

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of events. If no additional page exists, this value is null.

StackEvents

Type: Array of StackEvent structures

A list of StackEvents structures.

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• If you are signed in to the management account, specify SELF.

• If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

  Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

StackInstanceAccount

Required: Yes

Type: string

The ID of an Amazon Web Services account that's associated with this stack instance.

StackInstanceRegion

Required: Yes

Type: string

The name of a Region that's associated with this stack instance.

StackSetName

Required: Yes

Type: string

The name or the unique stack ID of the stack set that you want to get stack instance information for.

Members

StackInstance

Type: StackInstance structure

The stack instance that matches the specified request parameters.

Members

StackRefactorId

Required: Yes

Type: string

The ID associated with the stack refactor created from the CreateStackRefactor action.

Members

Description

Type: string

A description to help you identify the refactor.

ExecutionStatus

Type: string

The stack refactor execution operation status that's provided after calling the ExecuteStackRefactor action.

ExecutionStatusReason

Type: string

A detailed explanation for the stack refactor ExecutionStatus.

StackIds

Type: Array of strings

The unique ID for each stack.

StackRefactorId

Type: string

The ID associated with the stack refactor created from the CreateStackRefactor action.

Status

Type: string

The stack refactor operation status that's provided after calling the CreateStackRefactor action.

StatusReason

Type: string

A detailed explanation for the stack refactor operation Status.

Members

LogicalResourceId

Required: Yes

Type: string

The logical name of the resource as specified in the template.

StackName

Required: Yes

Type: string

The name or the unique stack ID that's associated with the stack, which aren't always interchangeable:

• Running stacks: You can specify either the stack's name or its unique stack ID.

• Deleted stacks: You must specify the unique stack ID.

Members

StackResourceDetail

Type: StackResourceDetail structure

A StackResourceDetail structure that contains the description of the specified resource in the specified stack.

Members

MaxResults

Type: int

The maximum number of results to be returned with a single call. If the number of available results exceeds this maximum, the response includes a NextToken value that you can assign to the NextToken request parameter to get the next set of results.

NextToken

Type: string

A string that identifies the next page of stack resource drift results.

StackName

Required: Yes

Type: string

The name of the stack for which you want drift information.

StackResourceDriftStatusFilters

Type: Array of strings

The resource drift status values to use as filters for the resource drift results returned.

• DELETED: The resource differs from its expected template configuration in that the resource has been deleted.

• MODIFIED: One or more resource properties differ from their expected template values.

• IN_SYNC: The resource's actual configuration matches its expected template configuration.

• NOT_CHECKED: CloudFormation doesn't currently return this value.

• UNKNOWN: CloudFormation could not run drift detection for the resource.

Members

NextToken

Type: string

If the request doesn't return all the remaining results, NextToken is set to a token. To retrieve the next set of results, call DescribeStackResourceDrifts again and assign that token to the request object's NextToken parameter. If the request returns all results, NextToken is set to null.

StackResourceDrifts

Required: Yes

Type: Array of StackResourceDrift structures

Drift information for the resources that have been checked for drift in the specified stack. This includes actual and expected configuration values for resources where CloudFormation detects drift.

For a given stack, there will be one StackResourceDrift for each stack resource that has been checked for drift. Resources that haven't yet been checked for drift aren't included. Resources that do not currently support drift detection aren't checked, and so not included. For a list of resources that support drift detection, see Resource type support for imports and drift detection.

Members

LogicalResourceId

Type: string

The logical name of the resource as specified in the template.

PhysicalResourceId

Type: string

The name or unique identifier that corresponds to a physical instance ID of a resource supported by CloudFormation.

For example, for an Amazon Elastic Compute Cloud (EC2) instance, PhysicalResourceId corresponds to the InstanceId. You can pass the EC2 InstanceId to DescribeStackResources to find which stack the instance belongs to and what other resources are part of the stack.

Required: Conditional. If you don't specify PhysicalResourceId, you must specify StackName.

StackName

Type: string

The name or the unique stack ID that is associated with the stack, which aren't always interchangeable:

• Running stacks: You can specify either the stack's name or its unique stack ID.

• Deleted stacks: You must specify the unique stack ID.

Required: Conditional. If you don't specify StackName, you must specify PhysicalResourceId.

Members

StackResources

Type: Array of StackResource structures

A list of StackResource structures.

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• If you are signed in to the management account, specify SELF.

• If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

  Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

StackSetName

Required: Yes

Type: string

The name or unique ID of the stack set whose description you want.

Members

StackSet

Type: StackSet structure

The specified stack set.

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• If you are signed in to the management account, specify SELF.

• If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

  Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

OperationId

Required: Yes

Type: string

The unique ID of the stack set operation.

StackSetName

Required: Yes

Type: string

The name or the unique stack ID of the stack set for the stack operation.

Members

StackSetOperation

Type: StackSetOperation structure

The specified stack set operation.

Members

NextToken

Type: string

A string that identifies the next page of stacks that you want to retrieve.

StackName

Type: string

If you don't pass a parameter to StackName, the API returns a response that describes all resources in the account, which can impact performance. This requires ListStacks and DescribeStacks permissions.

Consider using the ListStacks API if you're not passing a parameter to StackName.

The IAM policy below can be added to IAM policies when you want to limit resource-level permissions and avoid returning a response when no parameter is sent in the request:

{ "Version": "2012-10-17", "Statement": [{ "Effect": "Deny", "Action": "cloudformation:DescribeStacks", "NotResource": "arn:aws:cloudformation:*:*:stack/*/*" }] }

The name or the unique stack ID that's associated with the stack, which aren't always interchangeable:

• Running stacks: You can specify either the stack's name or its unique stack ID.

• Deleted stacks: You must specify the unique stack ID.

Members

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of stacks. If no additional page exists, this value is null.

Stacks

Type: Array of Stack structures

A list of stack structures.

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

PublicVersionNumber

Type: string

The version number of a public third-party extension.

PublisherId

Type: string

The publisher ID of the extension publisher.

Extensions provided by Amazon Web Services are not assigned a publisher ID.

Type

Type: string

The kind of extension.

Conditional: You must specify either TypeName and Type, or Arn.

TypeName

Type: string

The name of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

VersionId

Type: string

The ID of a specific version of the extension. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the extension version when it is registered.

If you specify a VersionId, DescribeType returns information about that specific extension version. Otherwise, it returns information about the default extension version.

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the extension.

AutoUpdate

Type: boolean

Whether CloudFormation automatically updates the extension in this account and Region when a new minor version is published by the extension publisher. Major versions released by the publisher must be manually updated. For more information, see Automatically use new versions of extensions in the CloudFormation User Guide.

ConfigurationSchema

Type: string

A JSON string that represent the current configuration data for the extension in this account and Region.

To set the configuration data for an extension, use SetTypeConfiguration. For more information, see Edit configuration data for extensions in your account in the CloudFormation User Guide.

DefaultVersionId

Type: string

The ID of the default version of the extension. The default version is used when the extension version isn't specified.

This applies only to private extensions you have registered in your account. For public extensions, both those provided by Amazon Web Services and published by third parties, CloudFormation returns null. For more information, see RegisterType.

To set the default version of an extension, use SetTypeDefaultVersion.

DeprecatedStatus

Type: string

The deprecation status of the extension version.

Valid values include:

• LIVE: The extension is activated or registered and can be used in CloudFormation operations, dependent on its provisioning behavior and visibility scope.

• DEPRECATED: The extension has been deactivated or deregistered and can no longer be used in CloudFormation operations.

For public third-party extensions, CloudFormation returns null.

Description

Type: string

The description of the extension.

DocumentationUrl

Type: string

The URL of a page providing detailed documentation for this extension.

ExecutionRoleArn

Type: string

The Amazon Resource Name (ARN) of the IAM execution role used to register the extension. This applies only to private extensions you have registered in your account. For more information, see RegisterType.

If the registered extension calls any Amazon Web Services APIs, you must create an IAM execution role that includes the necessary permissions to call those Amazon Web Services APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your extension with the appropriate credentials.

IsActivated

Type: boolean

Whether the extension is activated in the account and Region.

This only applies to public third-party extensions. For all other extensions, CloudFormation returns null.

IsDefaultVersion

Type: boolean

Whether the specified extension version is set as the default version.

This applies only to private extensions you have registered in your account, and extensions published by Amazon Web Services. For public third-party extensions, whether they are activated in your account, CloudFormation returns null.

LastUpdated

Type: timestamp (string|DateTime or anything parsable by strtotime)

When the specified extension version was registered. This applies only to:

• Private extensions you have registered in your account. For more information, see RegisterType.

• Public extensions you have activated in your account with auto-update specified. For more information, see ActivateType.

LatestPublicVersion

Type: string

The latest version of a public extension that is available for use.

This only applies if you specify a public extension, and you don't specify a version. For all other requests, CloudFormation returns null.

LoggingConfig

Type: LoggingConfig structure

Contains logging configuration information for private extensions. This applies only to private extensions you have registered in your account. For public extensions, both those provided by Amazon Web Services and published by third parties, CloudFormation returns null. For more information, see RegisterType.

OriginalTypeArn

Type: string

For public extensions that have been activated for this account and Region, the Amazon Resource Name (ARN) of the public extension.

OriginalTypeName

Type: string

For public extensions that have been activated for this account and Region, the type name of the public extension.

If you specified a TypeNameAlias when enabling the extension in this account and Region, CloudFormation treats that alias as the extension's type name within the account and Region, not the type name of the public extension. For more information, see Use aliases to refer to extensions in the CloudFormation User Guide.

ProvisioningType

Type: string

For resource type extensions, the provisioning behavior of the resource type. CloudFormation determines the provisioning type during registration, based on the types of handlers in the schema handler package submitted.

Valid values include:

• FULLY_MUTABLE: The resource type includes an update handler to process updates to the type during stack update operations.

• IMMUTABLE: The resource type doesn't include an update handler, so the type can't be updated and must instead be replaced during stack update operations.

• NON_PROVISIONABLE: The resource type doesn't include all the following handlers, and therefore can't actually be provisioned.

  • create

  • read

  • delete

PublicVersionNumber

Type: string

The version number of a public third-party extension.

This applies only if you specify a public extension you have activated in your account, or specify a public extension without specifying a version. For all other extensions, CloudFormation returns null.

PublisherId

Type: string

The publisher ID of the extension publisher.

This applies only to public third-party extensions. For private registered extensions, and extensions provided by Amazon Web Services, CloudFormation returns null.

RequiredActivatedTypes

Type: Array of RequiredActivatedType structures

For extensions that are modules, the public third-party extensions that must be activated in your account in order for the module itself to be activated.

Schema

Type: string

The schema that defines the extension.

For more information about extension schemas, see Resource type schema in the CloudFormation Command Line Interface (CLI) User Guide.

SourceUrl

Type: string

The URL of the source code for the extension.

TimeCreated

Type: timestamp (string|DateTime or anything parsable by strtotime)

When the specified private extension version was registered or activated in your account.

Type

Type: string

The kind of extension.

TypeName

Type: string

The name of the extension.

If the extension is a public third-party type you have activated with a type name alias, CloudFormation returns the type name alias. For more information, see ActivateType.

TypeTestsStatus

Type: string

The contract test status of the registered extension version. To return the extension test status of a specific extension version, you must specify VersionId.

This applies only to registered private extension versions. CloudFormation doesn't return this information for public extensions, whether they are activated in your account.

• PASSED: The extension has passed all its contract tests.

  An extension must have a test status of PASSED before it can be published. For more information, see Publishing extensions to make them available for public use in the CloudFormation Command Line Interface (CLI) User Guide.

• FAILED: The extension has failed one or more contract tests.

• IN_PROGRESS: Contract tests are currently being performed on the extension.

• NOT_TESTED: Contract tests haven't been performed on the extension.

TypeTestsStatusDescription

Type: string

The description of the test status. To return the extension test status of a specific extension version, you must specify VersionId.

This applies only to registered private extension versions. CloudFormation doesn't return this information for public extensions, whether they are activated in your account.

Visibility

Type: string

The scope at which the extension is visible and usable in CloudFormation operations.

Valid values include:

• PRIVATE: The extension is only visible and usable within the account in which it is registered. CloudFormation marks any extensions you register as PRIVATE.

• PUBLIC: The extension is publicly visible and usable within any Amazon Web Services account.

Members

RegistrationToken

Required: Yes

Type: string

The identifier for this registration request.

This registration token is generated by CloudFormation when you initiate a registration request using RegisterType.

Members

Description

Type: string

The description of the extension registration request.

ProgressStatus

Type: string

The current status of the extension registration request.

TypeArn

Type: string

The Amazon Resource Name (ARN) of the extension being registered.

For registration requests with a ProgressStatus of other than COMPLETE, this will be null.

TypeVersionArn

Type: string

The Amazon Resource Name (ARN) of this specific version of the extension being registered.

For registration requests with a ProgressStatus of other than COMPLETE, this will be null.

Members

LogicalResourceIds

Type: Array of strings

The logical names of any resources you want to use as filters.

StackName

Required: Yes

Type: string

The name of the stack for which you want to detect drift.

Members

StackDriftDetectionId

Required: Yes

Type: string

The ID of the drift detection results of this operation.

CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of drift results CloudFormation retains for any given stack, and for how long, may vary.

Members

LogicalResourceId

Required: Yes

Type: string

The logical name of the resource for which to return drift information.

StackName

Required: Yes

Type: string

The name of the stack to which the resource belongs.

Members

StackResourceDrift

Required: Yes

Type: StackResourceDrift structure

Information about whether the resource's actual configuration has drifted from its expected template configuration, including actual and expected property values and any differences detected.

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• If you are signed in to the management account, specify SELF.

• If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

  Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

OperationId

Type: string

The ID of the stack set operation.

OperationPreferences

Type: StackSetOperationPreferences structure

The user-specified preferences for how CloudFormation performs a stack set operation.

For more information about maximum concurrent accounts and failure tolerance, see Stack set operation options.

StackSetName

Required: Yes

Type: string

The name of the stack set on which to perform the drift detection operation.

Members

OperationId

Type: string

The ID of the drift detection stack set operation.

You can use this operation ID with DescribeStackSetOperation to monitor the progress of the drift detection operation.

Members

Parameters

Type: Array of Parameter structures

A list of Parameter structures that specify input parameters.

TemplateBody

Type: string

Structure that contains the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.

Conditional: You must pass TemplateBody or TemplateURL. If both are passed, only TemplateBody is used.

TemplateURL

Type: string

The URL of a file that contains the template body. The URL must point to a template that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with https://. URLs from S3 static websites are not supported.

Conditional: You must pass TemplateURL or TemplateBody. If both are passed, only TemplateBody is used.

Members

Url

Type: string

An Amazon Web Services Simple Monthly Calculator URL with a query string that describes the resources required to run the template.

Members

ChangeSetName

Required: Yes

Type: string

The name or Amazon Resource Name (ARN) of the change set that you want use to update the specified stack.

ClientRequestToken

Type: string

A unique identifier for this ExecuteChangeSet request. Specify this token if you plan to retry requests so that CloudFormation knows that you're not attempting to execute a change set to update a stack with the same name. You might retry ExecuteChangeSet requests to ensure that CloudFormation successfully received them.

DisableRollback

Type: boolean

Preserves the state of previously provisioned resources when an operation fails. This parameter can't be specified when the OnStackFailure parameter to the CreateChangeSet API operation was specified.

• True - if the stack creation fails, do nothing. This is equivalent to specifying DO_NOTHING for the OnStackFailure parameter to the CreateChangeSet API operation.

• False - if the stack creation fails, roll back the stack. This is equivalent to specifying ROLLBACK for the OnStackFailure parameter to the CreateChangeSet API operation.

Default: True

RetainExceptOnCreate

Type: boolean

When set to true, newly created resources are deleted when the operation rolls back. This includes newly created resources marked with a deletion policy of Retain.

Default: false

StackName

Type: string

If you specified the name of a change set, specify the stack name or Amazon Resource Name (ARN) that's associated with the change set you want to execute.

Members

StackRefactorId

Required: Yes

Type: string

The ID associated with the stack refactor created from the CreateStackRefactor action.

Members

Format

Type: string

The language to use to retrieve for the generated template. Supported values are:

• JSON

• YAML

GeneratedTemplateName

Required: Yes

Type: string

The name or Amazon Resource Name (ARN) of the generated template. The format is arn:${Partition}:cloudformation:${Region}:${Account}:generatedtemplate/${Id}. For example, arn:aws:cloudformation:us-east-1:123456789012:generatedtemplate/2e8465c1-9a80-43ea-a3a3-4f2d692fe6dc .

Members

Status

Type: string

The status of the template generation. Supported values are:

• CreatePending - the creation of the template is pending.

• CreateInProgress - the creation of the template is in progress.

• DeletePending - the deletion of the template is pending.

• DeleteInProgress - the deletion of the template is in progress.

• UpdatePending - the update of the template is pending.

• UpdateInProgress - the update of the template is in progress.

• Failed - the template operation failed.

• Complete - the template operation is complete.

TemplateBody

Type: string

The template body of the generated template, in the language specified by the Language parameter.

Members

StackName

Required: Yes

Type: string

The name or unique stack ID that's associated with the stack whose policy you want to get.

Members

StackPolicyBody

Type: string

Structure that contains the stack policy body. (For more information, see Prevent updates to stack resources in the CloudFormation User Guide.)

Members

ChangeSetName

Type: string

The name or Amazon Resource Name (ARN) of a change set for which CloudFormation returns the associated template. If you specify a name, you must also specify the StackName.

StackName

Type: string

The name or the unique stack ID that's associated with the stack, which aren't always interchangeable:

• Running stacks: You can specify either the stack's name or its unique stack ID.

• Deleted stacks: You must specify the unique stack ID.

TemplateStage

Type: string

For templates that include transforms, the stage of the template that CloudFormation returns. To get the user-submitted template, specify Original. To get the template after CloudFormation has processed all transforms, specify Processed.

If the template doesn't include transforms, Original and Processed return the same template. By default, CloudFormation specifies Processed.

Members

StagesAvailable

Type: Array of strings

The stage of the template that you can retrieve. For stacks, the Original and Processed templates are always available. For change sets, the Original template is always available. After CloudFormation finishes creating the change set, the Processed template becomes available.

TemplateBody

Type: string

Structure that contains the template body.

CloudFormation returns the same template that was used when the stack was created.

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• If you are signed in to the management account, specify SELF.

• If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

  Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

StackName

Type: string

The name or the stack ID that's associated with the stack, which aren't always interchangeable. For running stacks, you can specify either the stack's name or its unique stack ID. For deleted stack, you must specify the unique stack ID.

Conditional: You must specify only one of the following parameters: StackName, StackSetName, TemplateBody, or TemplateURL.

StackSetName

Type: string

The name or unique ID of the stack set from which the stack was created.

Conditional: You must specify only one of the following parameters: StackName, StackSetName, TemplateBody, or TemplateURL.

TemplateBody

Type: string

Structure that contains the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.

Conditional: You must specify only one of the following parameters: StackName, StackSetName, TemplateBody, or TemplateURL.

TemplateSummaryConfig

Type: TemplateSummaryConfig structure

Specifies options for the GetTemplateSummary API action.

TemplateURL

Type: string

The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with https://.

Conditional: You must specify only one of the following parameters: StackName, StackSetName, TemplateBody, or TemplateURL.

Members

Capabilities

Type: Array of strings

The capabilities found within the template. If your template contains IAM resources, you must specify the CAPABILITY_IAM or CAPABILITY_NAMED_IAM value for this parameter when you use the CreateStack or UpdateStack actions with your template; otherwise, those actions return an InsufficientCapabilities error.

For more information, see Acknowledging IAM resources in CloudFormation templates.

CapabilitiesReason

Type: string

The list of resources that generated the values in the Capabilities response element.

DeclaredTransforms

Type: Array of strings

A list of the transforms that are declared in the template.

Description

Type: string

The value that's defined in the Description property of the template.

Metadata

Type: string

The value that's defined for the Metadata property of the template.

Parameters

Type: Array of ParameterDeclaration structures

A list of parameter declarations that describe various properties for each parameter.

ResourceIdentifierSummaries

Type: Array of ResourceIdentifierSummary structures

A list of resource identifier summaries that describe the target resources of an import operation and the properties you can provide during the import to identify the target resources. For example, BucketName is a possible identifier property for an AWS::S3::Bucket resource.

ResourceTypes

Type: Array of strings

A list of all the template resource types that are defined in the template, such as AWS::EC2::Instance, AWS::Dynamo::Table, and Custom::MyCustomInstance.

Version

Type: string

The Amazon Web Services template format version, which identifies the capabilities of the template.

Warnings

Type: Warnings structure

An object that contains any warnings returned.

Members

CallAs

Type: string

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• If you are signed in to the management account, specify SELF.

• For service managed stack sets, specify DELEGATED_ADMIN.

OperationId

Type: string

A unique, user defined, identifier for the stack set operation.

OperationPreferences

Type: StackSetOperationPreferences structure

The user-specified preferences for how CloudFormation performs a stack set operation.

For more information about maximum concurrent accounts and failure tolerance, see Stack set operation options.

OrganizationalUnitIds

Type: Array of strings

The list of OU ID's to which the stacks being imported has to be mapped as deployment target.

StackIds

Type: Array of strings

The IDs of the stacks you are importing into a stack set. You import up to 10 stacks per stack set at a time.

Specify either StackIds or StackIdsUrl.

StackIdsUrl

Type: string

The Amazon S3 URL which contains list of stack ids to be inputted.

Specify either StackIds or StackIdsUrl.

StackSetName

Required: Yes

Type: string

The name of the stack set. The name must be unique in the Region where you create your stack set.

Members

OperationId

Type: string

The unique identifier for the stack set operation.

Members

NextToken

Type: string

A string (provided by the ListChangeSets response output) that identifies the next page of change sets that you want to retrieve.

StackName

Required: Yes

Type: string

The name or the Amazon Resource Name (ARN) of the stack for which you want to list change sets.

Members

NextToken

Type: string

If the output exceeds 1 MB, a string that identifies the next page of change sets. If there is no additional page, this value is null.

Summaries

Type: Array of ChangeSetSummary structures

A list of ChangeSetSummary structures that provides the ID and status of each change set for the specified stack.

Members

NextToken

Type: string

A string (provided by the ListExports response output) that identifies the next page of exported output values that you asked to retrieve.

Members

Exports

Type: Array of Export structures

The output for the ListExports action.

NextToken

Type: string

If the output exceeds 100 exported output values, a string that identifies the next page of exports. If there is no additional page, this value is null.

Members

MaxResults

Type: int

If the number of available results exceeds this maximum, the response includes a NextToken value that you can use for the NextToken parameter to get the next set of results. By default the ListGeneratedTemplates API action will return at most 50 results in each response. The maximum value is 100.

NextToken

Type: string

A string that identifies the next page of resource scan results.

Members

NextToken

Type: string

If the request doesn't return all the remaining results, NextToken is set to a token. To retrieve the next set of results, call ListGeneratedTemplates again and use that value for the NextToken parameter. If the request returns all results, NextToken is set to an empty string.

Summaries

Type: Array of TemplateSummary structures

A list of summaries of the generated templates.

Members

NextToken

Type: string

A string that identifies the next page of events that you want to retrieve.

TargetId

Required: Yes

Type: string

The logical ID of the target the operation is acting on by the Hook. If the target is a change set, it's the ARN of the change set.

If the target is a Cloud Control API operation, this will be the HookRequestToken returned by the Cloud Control API operation request. For more information on the HookRequestToken, see ProgressEvent.

TargetType

Required: Yes

Type: string

The type of operation being targeted by the Hook.

Members

HookResults

Type: Array of HookResultSummary structures

A list of HookResultSummary structures that provides the status and Hook status reason for each Hook invocation for the specified target.

NextToken

Type: string

Pagination token, null or empty if no more results.

TargetId

Type: string

The logical ID of the target the operation is acting on by the Hook. If the target is a change set, it's the ARN of the change set.

If the target is a Cloud Control API operation, this will be the HooksRequestToken returned by the Cloud Control API operation request. For more information on the HooksRequestToken, see ProgressEvent.

TargetType

Type: string

The type of operation being targeted by the Hook.

Members

ExportName

Required: Yes

Type: string

The name of the exported output value. CloudFormation returns the stack names that are importing this value.

NextToken

Type: string

A string (provided by the ListImports response output) that identifies the next page of stacks that are importing the specified exported output value.

Members

Imports

Type: Array of strings

A list of stack names that are importing the specified exported output value.

NextToken

Type: string

A string that identifies the next page of exports. If there is no additional page, this value is null.

Members

MaxResults

Type: int

If the number of available results exceeds this maximum, the response includes a NextToken value that you can use for the NextToken parameter to get the next set of results. By default the ListResourceScanRelatedResources API action will return up to 100 results in each response. The maximum value is 100.

NextToken

Type: string

A string that identifies the next page of resource scan results.

ResourceScanId

Required: Yes

Type: string

The Amazon Resource Name (ARN) of the resource scan.

Resources

Required: Yes

Type: Array of ScannedResourceIdentifier structures

The list of resources for which you want to get the related resources. Up to 100 resources can be provided.