AWS SDK for PHP 3.x

Client: Aws\CloudFormation\CloudFormationClient

Service ID: cloudformation

Version: 2010-05-15

This page describes the parameters and results for the operations of the AWS CloudFormation (2010-05-15), and shows how to use the Aws\CloudFormation\CloudFormationClient object to call the described operations. This documentation is specific to the 2010-05-15 API version of the service.

Operation Summary

Each of the following operations can be created from a client using $client->getCommand('CommandName'), where "CommandName" is the name of one of the following operations. Note: a command is a value that encapsulates an operation and the parameters used to create an HTTP request.

You can also create and send a command immediately using the magic methods available on a client object: $client->commandName(/* parameters */). You can send the command asynchronously (returning a promise) by appending the word "Async" to the operation name: $client->commandNameAsync(/* parameters */).

CancelUpdateStack ( array $params = [] )
Cancels an update on the specified stack.
ContinueUpdateRollback ( array $params = [] )
For a specified stack that is in the UPDATE_ROLLBACK_FAILED state, continues rolling it back to the UPDATE_ROLLBACK_COMPLETE state.
CreateChangeSet ( array $params = [] )
Creates a list of changes that will be applied to a stack so that you can review the changes before executing them.
CreateStack ( array $params = [] )
Creates a stack as specified in the template.
CreateStackInstances ( array $params = [] )
Creates stack instances for the specified accounts, within the specified Regions.
CreateStackSet ( array $params = [] )
Creates a stack set.
DeleteChangeSet ( array $params = [] )
Deletes the specified change set.
DeleteStack ( array $params = [] )
Deletes a specified stack.
DeleteStackInstances ( array $params = [] )
Deletes stack instances for the specified accounts, in the specified Regions.
DeleteStackSet ( array $params = [] )
Deletes a stack set.
DeregisterType ( array $params = [] )
Marks an extension or extension version as DEPRECATED in the CloudFormation registry, removing it from active use.
DescribeAccountLimits ( array $params = [] )
Retrieves your account's AWS CloudFormation limits, such as the maximum number of stacks that you can create in your account.
DescribeChangeSet ( array $params = [] )
Returns the inputs for the change set and a list of changes that AWS CloudFormation will make if you execute the change set.
DescribeStackDriftDetectionStatus ( array $params = [] )
Returns information about a stack drift detection operation.
DescribeStackEvents ( array $params = [] )
Returns all stack related events for a specified stack in reverse chronological order.
DescribeStackInstance ( array $params = [] )
Returns the stack instance that's associated with the specified stack set, AWS account, and Region.
DescribeStackResource ( array $params = [] )
Returns a description of the specified resource in the specified stack.
DescribeStackResourceDrifts ( array $params = [] )
Returns drift information for the resources that have been checked for drift in the specified stack.
DescribeStackResources ( array $params = [] )
Returns AWS resource descriptions for running and deleted stacks.
DescribeStackSet ( array $params = [] )
Returns the description of the specified stack set.
DescribeStackSetOperation ( array $params = [] )
Returns the description of the specified stack set operation.
DescribeStacks ( array $params = [] )
Returns the description for the specified stack; if no stack name was specified, then it returns the description for all the stacks created.
DescribeType ( array $params = [] )
Returns detailed information about an extension that has been registered.
DescribeTypeRegistration ( array $params = [] )
Returns information about an extension's registration, including its current status and type and version identifiers.
DetectStackDrift ( array $params = [] )
Detects whether a stack's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters.
DetectStackResourceDrift ( array $params = [] )
Returns information about whether a resource's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters.
DetectStackSetDrift ( array $params = [] )
Detect drift on a stack set.
EstimateTemplateCost ( array $params = [] )
Returns the estimated monthly cost of a template.
ExecuteChangeSet ( array $params = [] )
Updates a stack using the input information that was provided when the specified change set was created.
GetStackPolicy ( array $params = [] )
Returns the stack policy for a specified stack.
GetTemplate ( array $params = [] )
Returns the template body for a specified stack.
GetTemplateSummary ( array $params = [] )
Returns information about a new or existing template.
ListChangeSets ( array $params = [] )
Returns the ID and status of each active change set for a stack.
ListExports ( array $params = [] )
Lists all exported output values in the account and Region in which you call this action.
ListImports ( array $params = [] )
Lists all stacks that are importing an exported output value.
ListStackInstances ( array $params = [] )
Returns summary information about stack instances that are associated with the specified stack set.
ListStackResources ( array $params = [] )
Returns descriptions of all resources of the specified stack.
ListStackSetOperationResults ( array $params = [] )
Returns summary information about the results of a stack set operation.
ListStackSetOperations ( array $params = [] )
Returns summary information about operations performed on a stack set.
ListStackSets ( array $params = [] )
Returns summary information about stack sets that are associated with the user.
ListStacks ( array $params = [] )
Returns the summary information for stacks whose status matches the specified StackStatusFilter.
ListTypeRegistrations ( array $params = [] )
Returns a list of registration tokens for the specified extension(s).
ListTypeVersions ( array $params = [] )
Returns summary information about the versions of an extension.
ListTypes ( array $params = [] )
Returns summary information about extension that have been registered with CloudFormation.
RecordHandlerProgress ( array $params = [] )
Reports progress of a resource handler to CloudFormation.
RegisterType ( array $params = [] )
Registers an extension with the CloudFormation service.
SetStackPolicy ( array $params = [] )
Sets a stack policy for a specified stack.
SetTypeDefaultVersion ( array $params = [] )
Specify the default version of an extension.
SignalResource ( array $params = [] )
Sends a signal to the specified resource with a success or failure status.
StopStackSetOperation ( array $params = [] )
Stops an in-progress operation on a stack set and its associated stack instances.
UpdateStack ( array $params = [] )
Updates a stack as specified in the template.
UpdateStackInstances ( array $params = [] )
Updates the parameter values for stack instances for the specified accounts, within the specified Regions.
UpdateStackSet ( array $params = [] )
Updates the stack set, and associated stack instances in the specified accounts and Regions.
UpdateTerminationProtection ( array $params = [] )
Updates termination protection for the specified stack.
ValidateTemplate ( array $params = [] )
Validates a specified template.

Paginators

Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:

DescribeAccountLimits
DescribeStackEvents
DescribeStackResourceDrifts
DescribeStackResources
DescribeStacks
ListChangeSets
ListExports
ListImports
ListStackInstances
ListStackResources
ListStackSetOperationResults
ListStackSetOperations
ListStackSets
ListStacks
ListTypeRegistrations
ListTypeVersions
ListTypes

Waiters

Waiters allow you to poll a resource until it enters into a desired state. A waiter has a name used to describe what it does, and is associated with an API operation. When creating a waiter, you can provide the API operation parameters associated with the corresponding operation. Waiters can be accessed using the getWaiter($waiterName, $operationParameters) method of a client object. This client supports the following waiters:

Waiter name	API Operation	Delay	Max Attempts
StackExists	DescribeStacks	5	20
StackCreateComplete	DescribeStacks	30	120
StackDeleteComplete	DescribeStacks	30	120
StackUpdateComplete	DescribeStacks	30	120
StackImportComplete	DescribeStacks	30	120
StackRollbackComplete	DescribeStacks	30	120
ChangeSetCreateComplete	DescribeChangeSet	30	120
TypeRegistrationComplete	DescribeTypeRegistration	30	120

Operations

CancelUpdateStack

$result = $client->cancelUpdateStack([/* ... */]);
$promise = $client->cancelUpdateStackAsync([/* ... */]);

Cancels an update on the specified stack. If the call completes successfully, the stack rolls back the update and reverts to the previous stack configuration.

You can cancel only stacks that are in the UPDATE_IN_PROGRESS state.

Parameter Syntax

$result = $client->cancelUpdateStack([
    'ClientRequestToken' => '<string>',
    'StackName' => '<string>', // REQUIRED
]);

Parameter Details

Members

ClientRequestToken

Type: string

A unique identifier for this CancelUpdateStack request. Specify this token if you plan to retry requests so that AWS CloudFormation knows that you're not attempting to cancel an update on a stack with the same name. You might retry CancelUpdateStack requests to ensure that AWS CloudFormation successfully received them.

StackName

Required: Yes
Type: string

The name or the unique stack ID that is associated with the stack.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

TokenAlreadyExistsException:
A client request token already exists.

ContinueUpdateRollback

$result = $client->continueUpdateRollback([/* ... */]);
$promise = $client->continueUpdateRollbackAsync([/* ... */]);

For a specified stack that is in the UPDATE_ROLLBACK_FAILED state, continues rolling it back to the UPDATE_ROLLBACK_COMPLETE state. Depending on the cause of the failure, you can manually fix the error and continue the rollback. By continuing the rollback, you can return your stack to a working state (the UPDATE_ROLLBACK_COMPLETE state), and then try to update the stack again.

A stack goes into the UPDATE_ROLLBACK_FAILED state when AWS CloudFormation cannot roll back all changes after a failed stack update. For example, you might have a stack that is rolling back to an old database instance that was deleted outside of AWS CloudFormation. Because AWS CloudFormation doesn't know the database was deleted, it assumes that the database instance still exists and attempts to roll back to it, causing the update rollback to fail.

Parameter Syntax

$result = $client->continueUpdateRollback([
    'ClientRequestToken' => '<string>',
    'ResourcesToSkip' => ['<string>', ...],
    'RoleARN' => '<string>',
    'StackName' => '<string>', // REQUIRED
]);

Parameter Details

Members

ClientRequestToken

Type: string

A unique identifier for this ContinueUpdateRollback request. Specify this token if you plan to retry requests so that AWS CloudFormation knows that you're not attempting to continue the rollback to a stack with the same name. You might retry ContinueUpdateRollback requests to ensure that AWS CloudFormation successfully received them.

ResourcesToSkip

Type: Array of strings

A list of the logical IDs of the resources that AWS CloudFormation skips during the continue update rollback operation. You can specify only resources that are in the UPDATE_FAILED state because a rollback failed. You can't specify resources that are in the UPDATE_FAILED state for other reasons, for example, because an update was cancelled. To check why a resource update failed, use the DescribeStackResources action, and view the resource status reason.

Specify this property to skip rolling back resources that AWS CloudFormation can't successfully roll back. We recommend that you troubleshoot resources before skipping them. AWS CloudFormation sets the status of the specified resources to UPDATE_COMPLETE and continues to roll back the stack. After the rollback is complete, the state of the skipped resources will be inconsistent with the state of the resources in the stack template. Before performing another stack update, you must update the stack or resources to be consistent with each other. If you don't, subsequent stack updates might fail, and the stack will become unrecoverable.

Specify the minimum number of resources required to successfully roll back your stack. For example, a failed resource update might cause dependent resources to fail. In this case, it might not be necessary to skip the dependent resources.

To skip resources that are part of nested stacks, use the following format: NestedStackName.ResourceLogicalID. If you want to specify the logical ID of a stack resource (Type: AWS::CloudFormation::Stack) in the ResourcesToSkip list, then its corresponding embedded stack must be in one of the following states: DELETE_IN_PROGRESS, DELETE_COMPLETE, or DELETE_FAILED.

Don't confuse a child stack's name with its corresponding logical ID defined in the parent stack. For an example of a continue update rollback operation with nested stacks, see Using ResourcesToSkip to recover a nested stacks hierarchy.

RoleARN

Type: string

The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that AWS CloudFormation assumes to roll back the stack. AWS CloudFormation uses the role's credentials to make calls on your behalf. AWS CloudFormation always uses this role for all future operations on the stack. As long as users have permission to operate on the stack, AWS CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least privilege.

If you don't specify a value, AWS CloudFormation uses the role that was previously associated with the stack. If no role is available, AWS CloudFormation uses a temporary session that is generated from your user credentials.

StackName

Required: Yes
Type: string

The name or the unique ID of the stack that you want to continue rolling back.

Don't specify the name of a nested stack (a stack that was created by using the AWS::CloudFormation::Stack resource). Instead, use this operation on the parent stack (the stack that contains the AWS::CloudFormation::Stack resource).

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

TokenAlreadyExistsException:
A client request token already exists.

CreateChangeSet

$result = $client->createChangeSet([/* ... */]);
$promise = $client->createChangeSetAsync([/* ... */]);

Creates a list of changes that will be applied to a stack so that you can review the changes before executing them. You can create a change set for a stack that doesn't exist or an existing stack. If you create a change set for a stack that doesn't exist, the change set shows all of the resources that AWS CloudFormation will create. If you create a change set for an existing stack, AWS CloudFormation compares the stack's information with the information that you submit in the change set and lists the differences. Use change sets to understand which resources AWS CloudFormation will create or change, and how it will change resources in an existing stack, before you create or update a stack.

To create a change set for a stack that doesn't exist, for the ChangeSetType parameter, specify CREATE. To create a change set for an existing stack, specify UPDATE for the ChangeSetType parameter. To create a change set for an import operation, specify IMPORT for the ChangeSetType parameter. After the CreateChangeSet call successfully completes, AWS CloudFormation starts creating the change set. To check the status of the change set or to review it, use the DescribeChangeSet action.

When you are satisfied with the changes the change set will make, execute the change set by using the ExecuteChangeSet action. AWS CloudFormation doesn't make changes until you execute the change set.

To create a change set for the entire stack hierachy, set IncludeNestedStacks to True.

Parameter Syntax

$result = $client->createChangeSet([
    'Capabilities' => ['<string>', ...],
    'ChangeSetName' => '<string>', // REQUIRED
    'ChangeSetType' => 'CREATE|UPDATE|IMPORT',
    'ClientToken' => '<string>',
    'Description' => '<string>',
    'IncludeNestedStacks' => true || false,
    'NotificationARNs' => ['<string>', ...],
    'Parameters' => [
        [
            'ParameterKey' => '<string>',
            'ParameterValue' => '<string>',
            'ResolvedValue' => '<string>',
            'UsePreviousValue' => true || false,
        ],
        // ...
    ],
    'ResourceTypes' => ['<string>', ...],
    'ResourcesToImport' => [
        [
            'LogicalResourceId' => '<string>', // REQUIRED
            'ResourceIdentifier' => ['<string>', ...], // REQUIRED
            'ResourceType' => '<string>', // REQUIRED
        ],
        // ...
    ],
    'RoleARN' => '<string>',
    'RollbackConfiguration' => [
        'MonitoringTimeInMinutes' => <integer>,
        'RollbackTriggers' => [
            [
                'Arn' => '<string>', // REQUIRED
                'Type' => '<string>', // REQUIRED
            ],
            // ...
        ],
    ],
    'StackName' => '<string>', // REQUIRED
    'Tags' => [
        [
            'Key' => '<string>', // REQUIRED
            'Value' => '<string>', // REQUIRED
        ],
        // ...
    ],
    'TemplateBody' => '<string>',
    'TemplateURL' => '<string>',
    'UsePreviousTemplate' => true || false,
]);

Parameter Details

Members

Capabilities

Type: Array of strings

In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for AWS CloudFormation to create the stack.

CAPABILITY_IAM and CAPABILITY_NAMED_IAM

Some stack templates might include resources that can affect permissions in your AWS account; for example, by creating new AWS Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.

The following IAM resources require you to specify either the CAPABILITY_IAM or CAPABILITY_NAMED_IAM capability.
- If you have IAM resources, you can specify either capability.
- If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.
- If you don't specify either of these capabilities, AWS CloudFormation returns an InsufficientCapabilities error.
If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.
For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.
CAPABILITY_AUTO_EXPAND

Some template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by AWS CloudFormation.

This capacity does not apply to creating change sets, and specifying it when creating change sets has no effect.

If you want to create a stack from a stack template that contains macros and nested stacks, you must create or update the stack directly from the template using the CreateStack or UpdateStack action, and specifying this capability.

For more information on macros, see Using AWS CloudFormation Macros to Perform Custom Processing on Templates.

ChangeSetName

Required: Yes
Type: string

The name of the change set. The name must be unique among all change sets that are associated with the specified stack.

A change set name can contain only alphanumeric, case sensitive characters and hyphens. It must start with an alphabetic character and cannot exceed 128 characters.

ChangeSetType

Type: string

The type of change set operation. To create a change set for a new stack, specify CREATE. To create a change set for an existing stack, specify UPDATE. To create a change set for an import operation, specify IMPORT.

If you create a change set for a new stack, AWS Cloudformation creates a stack with a unique stack ID, but no template or resources. The stack will be in the REVIEW_IN_PROGRESS state until you execute the change set.

By default, AWS CloudFormation specifies UPDATE. You can't use the UPDATE type to create a change set for a new stack or the CREATE type to create a change set for an existing stack.

ClientToken

Type: string

A unique identifier for this CreateChangeSet request. Specify this token if you plan to retry requests so that AWS CloudFormation knows that you're not attempting to create another change set with the same name. You might retry CreateChangeSet requests to ensure that AWS CloudFormation successfully received them.

Description

Type: string

A description to help you identify this change set.

IncludeNestedStacks

Type: boolean

Creates a change set for the all nested stacks specified in the template. The default behavior of this action is set to False. To include nested sets in a change set, specify True.

NotificationARNs

Type: Array of strings

The Amazon Resource Names (ARNs) of Amazon Simple Notification Service (Amazon SNS) topics that AWS CloudFormation associates with the stack. To remove all associated notification topics, specify an empty list.

Parameters

Type: Array of Parameter structures

A list of Parameter structures that specify input parameters for the change set. For more information, see the Parameter data type.

ResourceTypes

Type: Array of strings

The template resource types that you have permissions to work with if you execute this change set, such as AWS::EC2::Instance, AWS::EC2::*, or Custom::MyCustomInstance.

If the list of resource types doesn't include a resource type that you're updating, the stack update fails. By default, AWS CloudFormation grants permissions to all resource types. AWS Identity and Access Management (IAM) uses this parameter for condition keys in IAM policies for AWS CloudFormation. For more information, see Controlling Access with AWS Identity and Access Management in the AWS CloudFormation User Guide.

ResourcesToImport

Type: Array of ResourceToImport structures

The resources to import into your stack.

RoleARN

Type: string

The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that AWS CloudFormation assumes when executing the change set. AWS CloudFormation uses the role's credentials to make calls on your behalf. AWS CloudFormation uses this role for all future operations on the stack. As long as users have permission to operate on the stack, AWS CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least privilege.

RollbackConfiguration

Type: RollbackConfiguration structure

The rollback triggers for AWS CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

StackName

Required: Yes
Type: string

The name or the unique ID of the stack for which you are creating a change set. AWS CloudFormation generates the change set by comparing this stack's information with the information that you submit, such as a modified template or different parameter input values.

Tags

Type: Array of Tag structures

Key-value pairs to associate with this stack. AWS CloudFormation also propagates these tags to resources in the stack. You can specify a maximum of 50 tags.

TemplateBody

Type: string

A structure that contains the body of the revised template, with a minimum length of 1 byte and a maximum length of 51,200 bytes. AWS CloudFormation generates the change set by comparing this template with the template of the stack that you specified.

Conditional: You must specify only TemplateBody or TemplateURL.

TemplateURL

Type: string

The location of the file that contains the revised template. The URL must point to a template (max size: 460,800 bytes) that is located in an S3 bucket or a Systems Manager document. AWS CloudFormation generates the change set by comparing this template with the stack that you specified.

Conditional: You must specify only TemplateBody or TemplateURL.

UsePreviousTemplate

Type: boolean

Whether to reuse the template that is associated with the stack to create the change set.

Result Syntax

[
    'Id' => '<string>',
    'StackId' => '<string>',
]

Result Details

Members

Id

Type: string

The Amazon Resource Name (ARN) of the change set.

StackId

Type: string

The unique ID of the stack.

Errors

AlreadyExistsException:
The resource with the name requested already exists.
InsufficientCapabilitiesException:
The template contains resources with capabilities that weren't specified in the Capabilities parameter.
LimitExceededException:
The quota for the resource has already been reached.

For information on resource and stack limitations, see Limits in the AWS CloudFormation User Guide.

CreateStack

$result = $client->createStack([/* ... */]);
$promise = $client->createStackAsync([/* ... */]);

Creates a stack as specified in the template. After the call completes successfully, the stack creation starts. You can check the status of the stack via the DescribeStacks API.

Parameter Syntax

$result = $client->createStack([
    'Capabilities' => ['<string>', ...],
    'ClientRequestToken' => '<string>',
    'DisableRollback' => true || false,
    'EnableTerminationProtection' => true || false,
    'NotificationARNs' => ['<string>', ...],
    'OnFailure' => 'DO_NOTHING|ROLLBACK|DELETE',
    'Parameters' => [
        [
            'ParameterKey' => '<string>',
            'ParameterValue' => '<string>',
            'ResolvedValue' => '<string>',
            'UsePreviousValue' => true || false,
        ],
        // ...
    ],
    'ResourceTypes' => ['<string>', ...],
    'RoleARN' => '<string>',
    'RollbackConfiguration' => [
        'MonitoringTimeInMinutes' => <integer>,
        'RollbackTriggers' => [
            [
                'Arn' => '<string>', // REQUIRED
                'Type' => '<string>', // REQUIRED
            ],
            // ...
        ],
    ],
    'StackName' => '<string>', // REQUIRED
    'StackPolicyBody' => '<string>',
    'StackPolicyURL' => '<string>',
    'Tags' => [
        [
            'Key' => '<string>', // REQUIRED
            'Value' => '<string>', // REQUIRED
        ],
        // ...
    ],
    'TemplateBody' => '<string>',
    'TemplateURL' => '<string>',
    'TimeoutInMinutes' => <integer>,
]);

Parameter Details

Members

Capabilities

Type: Array of strings

In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for AWS CloudFormation to create the stack.

CAPABILITY_IAM and CAPABILITY_NAMED_IAM

Some stack templates might include resources that can affect permissions in your AWS account; for example, by creating new AWS Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.

The following IAM resources require you to specify either the CAPABILITY_IAM or CAPABILITY_NAMED_IAM capability.
- If you have IAM resources, you can specify either capability.
- If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.
- If you don't specify either of these capabilities, AWS CloudFormation returns an InsufficientCapabilities error.
If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.
For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.
CAPABILITY_AUTO_EXPAND

Some template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by AWS CloudFormation.

If you want to create a stack from a stack template that contains macros and nested stacks, you must create the stack directly from the template using this capability.

You should only create stacks directly from a stack template that contains macros if you know what processing the macro performs.

Each macro relies on an underlying Lambda service function for processing stack templates. Be aware that the Lambda function owner can update the function operation without AWS CloudFormation being notified.

For more information, see Using AWS CloudFormation Macros to Perform Custom Processing on Templates.

ClientRequestToken

Type: string

A unique identifier for this CreateStack request. Specify this token if you plan to retry requests so that AWS CloudFormation knows that you're not attempting to create a stack with the same name. You might retry CreateStack requests to ensure that AWS CloudFormation successfully received them.

All events triggered by a given stack operation are assigned the same client request token, which you can use to track operations. For example, if you execute a CreateStack operation with the token token1, then all the StackEvents generated by that operation will have ClientRequestToken set as token1.

In the console, stack operations display the client request token on the Events tab. Stack operations that are initiated from the console use the token format Console-StackOperation-ID, which helps you easily identify the stack operation . For example, if you create a stack using the console, each stack event would be assigned the same token in the following format: Console-CreateStack-7f59c3cf-00d2-40c7-b2ff-e75db0987002.

DisableRollback

Type: boolean

Set to true to disable rollback of the stack if stack creation failed. You can specify either DisableRollback or OnFailure, but not both.

Default: false

EnableTerminationProtection

Type: boolean

Whether to enable termination protection on the specified stack. If a user attempts to delete a stack with termination protection enabled, the operation fails and the stack remains unchanged. For more information, see Protecting a Stack From Being Deleted in the AWS CloudFormation User Guide. Termination protection is disabled on stacks by default.

For nested stacks, termination protection is set on the root stack and cannot be changed directly on the nested stack.

NotificationARNs

Type: Array of strings

The Simple Notification Service (SNS) topic ARNs to publish stack related events. You can find your SNS topic ARNs using the SNS console or your Command Line Interface (CLI).

OnFailure

Type: string

Determines what action will be taken if stack creation fails. This must be one of: DO_NOTHING, ROLLBACK, or DELETE. You can specify either OnFailure or DisableRollback, but not both.

Default: ROLLBACK

Parameters

Type: Array of Parameter structures

A list of Parameter structures that specify input parameters for the stack. For more information, see the Parameter data type.

ResourceTypes

Type: Array of strings

The template resource types that you have permissions to work with for this create stack action, such as AWS::EC2::Instance, AWS::EC2::*, or Custom::MyCustomInstance. Use the following syntax to describe template resource types: AWS::* (for all AWS resource), Custom::* (for all custom resources), Custom::logical_ID (for a specific custom resource), AWS::service_name::* (for all resources of a particular AWS service), and AWS::service_name::resource_logical_ID (for a specific AWS resource).

If the list of resource types doesn't include a resource that you're creating, the stack creation fails. By default, AWS CloudFormation grants permissions to all resource types. AWS Identity and Access Management (IAM) uses this parameter for AWS CloudFormation-specific condition keys in IAM policies. For more information, see Controlling Access with AWS Identity and Access Management.

RoleARN

Type: string

The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that AWS CloudFormation assumes to create the stack. AWS CloudFormation uses the role's credentials to make calls on your behalf. AWS CloudFormation always uses this role for all future operations on the stack. As long as users have permission to operate on the stack, AWS CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least privilege.

RollbackConfiguration

Type: RollbackConfiguration structure

The rollback triggers for AWS CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

StackName

Required: Yes
Type: string

The name that is associated with the stack. The name must be unique in the Region in which you are creating the stack.

A stack name can contain only alphanumeric characters (case sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.

StackPolicyBody

Type: string

Structure containing the stack policy body. For more information, go to Prevent Updates to Stack Resources in the AWS CloudFormation User Guide. You can specify either the StackPolicyBody or the StackPolicyURL parameter, but not both.

StackPolicyURL

Type: string

Location of a file containing the stack policy. The URL must point to a policy (maximum size: 16 KB) located in an S3 bucket in the same Region as the stack. You can specify either the StackPolicyBody or the StackPolicyURL parameter, but not both.

Tags

Type: Array of Tag structures

Key-value pairs to associate with this stack. AWS CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.

TemplateBody

Type: string

Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information, go to Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but not both.

TemplateURL

Type: string

Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that is located in an Amazon S3 bucket or a Systems Manager document. For more information, go to the Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but not both.

TimeoutInMinutes

Type: int

The amount of time that can pass before the stack status becomes CREATE_FAILED; if DisableRollback is not set or is set to false, the stack will be rolled back.

Result Syntax

[
    'StackId' => '<string>',
]

Result Details

Members

StackId

Type: string

Unique identifier of the stack.

Errors

LimitExceededException:
The quota for the resource has already been reached.

For information on resource and stack limitations, see Limits in the AWS CloudFormation User Guide.
AlreadyExistsException:
The resource with the name requested already exists.
TokenAlreadyExistsException:
A client request token already exists.
InsufficientCapabilitiesException:
The template contains resources with capabilities that weren't specified in the Capabilities parameter.

CreateStackInstances

$result = $client->createStackInstances([/* ... */]);
$promise = $client->createStackInstancesAsync([/* ... */]);

Creates stack instances for the specified accounts, within the specified Regions. A stack instance refers to a stack in a specific account and Region. You must specify at least one value for either Accounts or DeploymentTargets, and you must specify at least one value for Regions.

Parameter Syntax

$result = $client->createStackInstances([
    'Accounts' => ['<string>', ...],
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'DeploymentTargets' => [
        'Accounts' => ['<string>', ...],
        'AccountsUrl' => '<string>',
        'OrganizationalUnitIds' => ['<string>', ...],
    ],
    'OperationId' => '<string>',
    'OperationPreferences' => [
        'FailureToleranceCount' => <integer>,
        'FailureTolerancePercentage' => <integer>,
        'MaxConcurrentCount' => <integer>,
        'MaxConcurrentPercentage' => <integer>,
        'RegionConcurrencyType' => 'SEQUENTIAL|PARALLEL',
        'RegionOrder' => ['<string>', ...],
    ],
    'ParameterOverrides' => [
        [
            'ParameterKey' => '<string>',
            'ParameterValue' => '<string>',
            'ResolvedValue' => '<string>',
            'UsePreviousValue' => true || false,
        ],
        // ...
    ],
    'Regions' => ['<string>', ...], // REQUIRED
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

Accounts

Type: Array of strings

[Self-managed permissions] The names of one or more AWS accounts that you want to create stack instances in the specified Region(s) for.

You can specify Accounts or DeploymentTargets, but not both.

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

DeploymentTargets

Type: DeploymentTargets structure

[Service-managed permissions] The AWS Organizations accounts for which to create stack instances in the specified Regions.

You can specify Accounts or DeploymentTargets, but not both.

OperationId

Type: string

The unique identifier for this stack set operation.

The operation ID also functions as an idempotency token, to ensure that AWS CloudFormation performs the stack set operation only once, even if you retry the request multiple times. You might retry stack set operation requests to ensure that AWS CloudFormation successfully received them.

If you don't specify an operation ID, the SDK generates one automatically.

Repeating this stack set operation with a new operation ID retries all stack instances whose status is OUTDATED.

OperationPreferences

Type: StackSetOperationPreferences structure

Preferences for how AWS CloudFormation performs this stack set operation.

ParameterOverrides

Type: Array of Parameter structures

A list of stack set parameters whose values you want to override in the selected stack instances.

Any overridden parameter values will be applied to all stack instances in the specified accounts and Regions. When specifying parameters and their values, be aware of how AWS CloudFormation sets parameter values during stack instance operations:

To override the current value for a parameter, include the parameter and specify its value.
To leave a parameter set to its present value, you can do one of the following:
- Do not include the parameter in the list.
- Include the parameter and specify UsePreviousValue as true. (You cannot specify both a value and set UsePreviousValue to true.)
To set all overridden parameter back to the values specified in the stack set, specify a parameter list but do not include any parameters.
To leave all parameters set to their present values, do not specify this property at all.

During stack set updates, any parameter values overridden for a stack instance are not updated, but retain their overridden value.

You can only override the parameter values that are specified in the stack set; to add or delete a parameter itself, use UpdateStackSet to update the stack set template.

Regions

Required: Yes
Type: Array of strings

The names of one or more Regions where you want to create stack instances using the specified AWS account(s).

StackSetName

Required: Yes
Type: string

The name or unique ID of the stack set that you want to create stack instances from.

Result Syntax

[
    'OperationId' => '<string>',
]

Result Details

Members

OperationId

Type: string

The unique identifier for this stack set operation.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.
OperationInProgressException:
Another operation is currently in progress for this stack set. Only one operation can be performed for a stack set at a given time.
OperationIdAlreadyExistsException:
The specified operation ID already exists.
StaleRequestException:
Another operation has been performed on this stack set since the specified operation was performed.
InvalidOperationException:
The specified operation isn't valid.
LimitExceededException:
The quota for the resource has already been reached.

For information on resource and stack limitations, see Limits in the AWS CloudFormation User Guide.

CreateStackSet

$result = $client->createStackSet([/* ... */]);
$promise = $client->createStackSetAsync([/* ... */]);

Creates a stack set.

Parameter Syntax

$result = $client->createStackSet([
    'AdministrationRoleARN' => '<string>',
    'AutoDeployment' => [
        'Enabled' => true || false,
        'RetainStacksOnAccountRemoval' => true || false,
    ],
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'Capabilities' => ['<string>', ...],
    'ClientRequestToken' => '<string>',
    'Description' => '<string>',
    'ExecutionRoleName' => '<string>',
    'Parameters' => [
        [
            'ParameterKey' => '<string>',
            'ParameterValue' => '<string>',
            'ResolvedValue' => '<string>',
            'UsePreviousValue' => true || false,
        ],
        // ...
    ],
    'PermissionModel' => 'SERVICE_MANAGED|SELF_MANAGED',
    'StackSetName' => '<string>', // REQUIRED
    'Tags' => [
        [
            'Key' => '<string>', // REQUIRED
            'Value' => '<string>', // REQUIRED
        ],
        // ...
    ],
    'TemplateBody' => '<string>',
    'TemplateURL' => '<string>',
]);

Parameter Details

Members

AdministrationRoleARN

Type: string

The Amazon Resource Number (ARN) of the IAM role to use to create this stack set.

Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Prerequisites: Granting Permissions for Stack Set Operations in the AWS CloudFormation User Guide.

AutoDeployment

Type: AutoDeployment structure

Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to the target organization or organizational unit (OU). Specify only if PermissionModel is SERVICE_MANAGED.

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

To create a stack set with service-managed permissions while signed in to the management account, specify SELF.
To create a stack set with service-managed permissions while signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated admin in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

Stack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.

Capabilities

Type: Array of strings

In some cases, you must explicitly acknowledge that your stack set template contains certain capabilities in order for AWS CloudFormation to create the stack set and related stack instances.

CAPABILITY_IAM and CAPABILITY_NAMED_IAM

Some stack templates might include resources that can affect permissions in your AWS account; for example, by creating new AWS Identity and Access Management (IAM) users. For those stack sets, you must explicitly acknowledge this by specifying one of these capabilities.

The following IAM resources require you to specify either the CAPABILITY_IAM or CAPABILITY_NAMED_IAM capability.
- If you have IAM resources, you can specify either capability.
- If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.
- If you don't specify either of these capabilities, AWS CloudFormation returns an InsufficientCapabilities error.
If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.
For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.
CAPABILITY_AUTO_EXPAND

Some templates reference macros. If your stack set template references one or more macros, you must create the stack set directly from the processed template, without first reviewing the resulting changes in a change set. To create the stack set directly, you must acknowledge this capability. For more information, see Using AWS CloudFormation Macros to Perform Custom Processing on Templates.

Stack sets with service-managed permissions do not currently support the use of macros in templates. (This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by AWS CloudFormation.) Even if you specify this capability for a stack set with service-managed permissions, if you reference a macro in your template the stack set operation will fail.

ClientRequestToken

Type: string

A unique identifier for this CreateStackSet request. Specify this token if you plan to retry requests so that AWS CloudFormation knows that you're not attempting to create another stack set with the same name. You might retry CreateStackSet requests to ensure that AWS CloudFormation successfully received them.

If you don't specify an operation ID, the SDK generates one automatically.

Description

Type: string

A description of the stack set. You can use the description to identify the stack set's purpose or other important information.

ExecutionRoleName

Type: string

The name of the IAM execution role to use to create the stack set. If you do not specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation.

Specify an IAM role only if you are using customized execution roles to control which stack resources users and groups can include in their stack sets.

Parameters

Type: Array of Parameter structures

The input parameters for the stack set template.

PermissionModel

Type: string

Describes how the IAM roles required for stack set operations are created. By default, SELF-MANAGED is specified.

With self-managed permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see Grant Self-Managed Stack Set Permissions.
With service-managed permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations. For more information, see Grant Service-Managed Stack Set Permissions.

StackSetName

Required: Yes
Type: string

The name to associate with the stack set. The name must be unique in the Region where you create your stack set.

A stack name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and can't be longer than 128 characters.

Tags

Type: Array of Tag structures

The key-value pairs to associate with this stack set and the stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the stacks. A maximum number of 50 tags can be specified.

If you specify tags as part of a CreateStackSet action, AWS CloudFormation checks to see if you have the required IAM permission to tag resources. If you don't, the entire CreateStackSet action fails with an access denied error, and the stack set is not created.

TemplateBody

Type: string

The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information, see Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but not both.

TemplateURL

Type: string

The location of the file that contains the template body. The URL must point to a template (maximum size: 460,800 bytes) that's located in an Amazon S3 bucket or a Systems Manager document. For more information, see Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but not both.

Result Syntax

[
    'StackSetId' => '<string>',
]

Result Details

Members

StackSetId

Type: string

The ID of the stack set that you're creating.

Errors

NameAlreadyExistsException:
The specified name is already in use.
CreatedButModifiedException:
The specified resource exists, but has been changed.
LimitExceededException:
The quota for the resource has already been reached.

For information on resource and stack limitations, see Limits in the AWS CloudFormation User Guide.

DeleteChangeSet

$result = $client->deleteChangeSet([/* ... */]);
$promise = $client->deleteChangeSetAsync([/* ... */]);

Deletes the specified change set. Deleting change sets ensures that no one executes the wrong change set.

If the call successfully completes, AWS CloudFormation successfully deleted the change set.

If IncludeNestedStacks specifies True during the creation of the nested change set, then DeleteChangeSet will delete all change sets that belong to the stacks hierarchy and will also delete all change sets for nested stacks with the status of REVIEW_IN_PROGRESS.

Parameter Syntax

$result = $client->deleteChangeSet([
    'ChangeSetName' => '<string>', // REQUIRED
    'StackName' => '<string>',
]);

Parameter Details

Members

ChangeSetName

Required: Yes
Type: string

The name or Amazon Resource Name (ARN) of the change set that you want to delete.

StackName

Type: string

If you specified the name of a change set to delete, specify the stack name or ID (ARN) that is associated with it.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

InvalidChangeSetStatusException:
The specified change set can't be used to update the stack. For example, the change set status might be CREATE_IN_PROGRESS, or the stack status might be UPDATE_IN_PROGRESS.

DeleteStack

$result = $client->deleteStack([/* ... */]);
$promise = $client->deleteStackAsync([/* ... */]);

Deletes a specified stack. Once the call completes successfully, stack deletion starts. Deleted stacks do not show up in the DescribeStacks API if the deletion has been completed successfully.

Parameter Syntax

$result = $client->deleteStack([
    'ClientRequestToken' => '<string>',
    'RetainResources' => ['<string>', ...],
    'RoleARN' => '<string>',
    'StackName' => '<string>', // REQUIRED
]);

Parameter Details

Members

ClientRequestToken

Type: string

A unique identifier for this DeleteStack request. Specify this token if you plan to retry requests so that AWS CloudFormation knows that you're not attempting to delete a stack with the same name. You might retry DeleteStack requests to ensure that AWS CloudFormation successfully received them.

RetainResources

Type: Array of strings

For stacks in the DELETE_FAILED state, a list of resource logical IDs that are associated with the resources you want to retain. During deletion, AWS CloudFormation deletes the stack but does not delete the retained resources.

Retaining resources is useful when you cannot delete a resource, such as a non-empty S3 bucket, but you want to delete the stack.

RoleARN

Type: string

The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that AWS CloudFormation assumes to delete the stack. AWS CloudFormation uses the role's credentials to make calls on your behalf.

StackName

Required: Yes
Type: string

The name or the unique stack ID that is associated with the stack.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

TokenAlreadyExistsException:
A client request token already exists.

DeleteStackInstances

$result = $client->deleteStackInstances([/* ... */]);
$promise = $client->deleteStackInstancesAsync([/* ... */]);

Deletes stack instances for the specified accounts, in the specified Regions.

Parameter Syntax

$result = $client->deleteStackInstances([
    'Accounts' => ['<string>', ...],
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'DeploymentTargets' => [
        'Accounts' => ['<string>', ...],
        'AccountsUrl' => '<string>',
        'OrganizationalUnitIds' => ['<string>', ...],
    ],
    'OperationId' => '<string>',
    'OperationPreferences' => [
        'FailureToleranceCount' => <integer>,
        'FailureTolerancePercentage' => <integer>,
        'MaxConcurrentCount' => <integer>,
        'MaxConcurrentPercentage' => <integer>,
        'RegionConcurrencyType' => 'SEQUENTIAL|PARALLEL',
        'RegionOrder' => ['<string>', ...],
    ],
    'Regions' => ['<string>', ...], // REQUIRED
    'RetainStacks' => true || false, // REQUIRED
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

Accounts

Type: Array of strings

[Self-managed permissions] The names of the AWS accounts that you want to delete stack instances for.

You can specify Accounts or DeploymentTargets, but not both.

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

DeploymentTargets

Type: DeploymentTargets structure

[Service-managed permissions] The AWS Organizations accounts from which to delete stack instances.

You can specify Accounts or DeploymentTargets, but not both.

OperationId

Type: string

The unique identifier for this stack set operation.

If you don't specify an operation ID, the SDK generates one automatically.

The operation ID also functions as an idempotency token, to ensure that AWS CloudFormation performs the stack set operation only once, even if you retry the request multiple times. You can retry stack set operation requests to ensure that AWS CloudFormation successfully received them.

Repeating this stack set operation with a new operation ID retries all stack instances whose status is OUTDATED.

OperationPreferences

Type: StackSetOperationPreferences structure

Preferences for how AWS CloudFormation performs this stack set operation.

Regions

Required: Yes
Type: Array of strings

The Regions where you want to delete stack set instances.

RetainStacks

Required: Yes
Type: boolean

Removes the stack instances from the specified stack set, but doesn't delete the stacks. You can't reassociate a retained stack or add an existing, saved stack to a new stack set.

For more information, see Stack set operation options.

StackSetName

Required: Yes
Type: string

The name or unique ID of the stack set that you want to delete stack instances for.

Result Syntax

[
    'OperationId' => '<string>',
]

Result Details

Members

OperationId

Type: string

The unique identifier for this stack set operation.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.
OperationInProgressException:
Another operation is currently in progress for this stack set. Only one operation can be performed for a stack set at a given time.
OperationIdAlreadyExistsException:
The specified operation ID already exists.
StaleRequestException:
Another operation has been performed on this stack set since the specified operation was performed.
InvalidOperationException:
The specified operation isn't valid.

DeleteStackSet

$result = $client->deleteStackSet([/* ... */]);
$promise = $client->deleteStackSetAsync([/* ... */]);

Deletes a stack set. Before you can delete a stack set, all of its member stack instances must be deleted. For more information about how to do this, see DeleteStackInstances.

Parameter Syntax

$result = $client->deleteStackSet([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

StackSetName

Required: Yes
Type: string

The name or unique ID of the stack set that you're deleting. You can obtain this value by running ListStackSets.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

StackSetNotEmptyException:
You can't yet delete this stack set, because it still contains one or more stack instances. Delete all stack instances from the stack set before deleting the stack set.
OperationInProgressException:
Another operation is currently in progress for this stack set. Only one operation can be performed for a stack set at a given time.

DeregisterType

$result = $client->deregisterType([/* ... */]);
$promise = $client->deregisterTypeAsync([/* ... */]);

Marks an extension or extension version as DEPRECATED in the CloudFormation registry, removing it from active use. Deprecated extensions or extension versions cannot be used in CloudFormation operations.

To deregister an entire extension, you must individually deregister all active versions of that extension. If an extension has only a single active version, deregistering that version results in the extension itself being deregistered and marked as deprecated in the registry.

You cannot deregister the default version of an extension if there are other active version of that extension. If you do deregister the default version of an extension, the textensionype itself is deregistered as well and marked as deprecated.

To view the deprecation status of an extension or extension version, use DescribeType.

Parameter Syntax

$result = $client->deregisterType([
    'Arn' => '<string>',
    'Type' => 'RESOURCE|MODULE',
    'TypeName' => '<string>',
    'VersionId' => '<string>',
]);

Parameter Details

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

Type

Type: string

The kind of extension.

Conditional: You must specify either TypeName and Type, or Arn.

TypeName

Type: string

The name of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

VersionId

Type: string

The ID of a specific version of the extension. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the extension version when it is registered.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

CFNRegistryException:
An error occurred during a CloudFormation registry operation.
TypeNotFoundException:
The specified type does not exist in the CloudFormation registry.

DescribeAccountLimits

$result = $client->describeAccountLimits([/* ... */]);
$promise = $client->describeAccountLimitsAsync([/* ... */]);

Retrieves your account's AWS CloudFormation limits, such as the maximum number of stacks that you can create in your account. For more information about account limits, see AWS CloudFormation Limits in the AWS CloudFormation User Guide.

Parameter Syntax

$result = $client->describeAccountLimits([
    'NextToken' => '<string>',
]);

Parameter Details

Members

NextToken

Type: string

A string that identifies the next page of limits that you want to retrieve.

Result Syntax

[
    'AccountLimits' => [
        [
            'Name' => '<string>',
            'Value' => <integer>,
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members

AccountLimits

Type: Array of AccountLimit structures

An account limit structure that contain a list of AWS CloudFormation account limits and their values.

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of limits. If no additional page exists, this value is null.

Errors

There are no errors described for this operation.

DescribeChangeSet

$result = $client->describeChangeSet([/* ... */]);
$promise = $client->describeChangeSetAsync([/* ... */]);

Returns the inputs for the change set and a list of changes that AWS CloudFormation will make if you execute the change set. For more information, see Updating Stacks Using Change Sets in the AWS CloudFormation User Guide.

Parameter Syntax

$result = $client->describeChangeSet([
    'ChangeSetName' => '<string>', // REQUIRED
    'NextToken' => '<string>',
    'StackName' => '<string>',
]);

Parameter Details

Members

ChangeSetName

Required: Yes
Type: string

The name or Amazon Resource Name (ARN) of the change set that you want to describe.

NextToken

Type: string

A string (provided by the DescribeChangeSet response output) that identifies the next page of information that you want to retrieve.

StackName

Type: string

If you specified the name of a change set, specify the stack name or ID (ARN) of the change set you want to describe.

Result Syntax

[
    'Capabilities' => ['<string>', ...],
    'ChangeSetId' => '<string>',
    'ChangeSetName' => '<string>',
    'Changes' => [
        [
            'ResourceChange' => [
                'Action' => 'Add|Modify|Remove|Import|Dynamic',
                'ChangeSetId' => '<string>',
                'Details' => [
                    [
                        'CausingEntity' => '<string>',
                        'ChangeSource' => 'ResourceReference|ParameterReference|ResourceAttribute|DirectModification|Automatic',
                        'Evaluation' => 'Static|Dynamic',
                        'Target' => [
                            'Attribute' => 'Properties|Metadata|CreationPolicy|UpdatePolicy|DeletionPolicy|Tags',
                            'Name' => '<string>',
                            'RequiresRecreation' => 'Never|Conditionally|Always',
                        ],
                    ],
                    // ...
                ],
                'LogicalResourceId' => '<string>',
                'ModuleInfo' => [
                    'LogicalIdHierarchy' => '<string>',
                    'TypeHierarchy' => '<string>',
                ],
                'PhysicalResourceId' => '<string>',
                'Replacement' => 'True|False|Conditional',
                'ResourceType' => '<string>',
                'Scope' => ['<string>', ...],
            ],
            'Type' => 'Resource',
        ],
        // ...
    ],
    'CreationTime' => <DateTime>,
    'Description' => '<string>',
    'ExecutionStatus' => 'UNAVAILABLE|AVAILABLE|EXECUTE_IN_PROGRESS|EXECUTE_COMPLETE|EXECUTE_FAILED|OBSOLETE',
    'IncludeNestedStacks' => true || false,
    'NextToken' => '<string>',
    'NotificationARNs' => ['<string>', ...],
    'Parameters' => [
        [
            'ParameterKey' => '<string>',
            'ParameterValue' => '<string>',
            'ResolvedValue' => '<string>',
            'UsePreviousValue' => true || false,
        ],
        // ...
    ],
    'ParentChangeSetId' => '<string>',
    'RollbackConfiguration' => [
        'MonitoringTimeInMinutes' => <integer>,
        'RollbackTriggers' => [
            [
                'Arn' => '<string>',
                'Type' => '<string>',
            ],
            // ...
        ],
    ],
    'RootChangeSetId' => '<string>',
    'StackId' => '<string>',
    'StackName' => '<string>',
    'Status' => 'CREATE_PENDING|CREATE_IN_PROGRESS|CREATE_COMPLETE|DELETE_PENDING|DELETE_IN_PROGRESS|DELETE_COMPLETE|DELETE_FAILED|FAILED',
    'StatusReason' => '<string>',
    'Tags' => [
        [
            'Key' => '<string>',
            'Value' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members

Capabilities

Type: Array of strings

If you execute the change set, the list of capabilities that were explicitly acknowledged when the change set was created.

ChangeSetId

Type: string

The ARN of the change set.

ChangeSetName

Type: string

The name of the change set.

Changes

Type: Array of Change structures

A list of Change structures that describes the resources AWS CloudFormation changes if you execute the change set.

CreationTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The start time when the change set was created, in UTC.

Description

Type: string

Information about the change set.

ExecutionStatus

Type: string

If the change set execution status is AVAILABLE, you can execute the change set. If you can’t execute the change set, the status indicates why. For example, a change set might be in an UNAVAILABLE state because AWS CloudFormation is still creating it or in an OBSOLETE state because the stack was already updated.

IncludeNestedStacks

Type: boolean

Verifies if IncludeNestedStacks is set to True.

NextToken

Type: string

If the output exceeds 1 MB, a string that identifies the next page of changes. If there is no additional page, this value is null.

NotificationARNs

Type: Array of strings

The ARNs of the Amazon Simple Notification Service (Amazon SNS) topics that will be associated with the stack if you execute the change set.

Parameters

Type: Array of Parameter structures

A list of Parameter structures that describes the input parameters and their values used to create the change set. For more information, see the Parameter data type.

ParentChangeSetId

Type: string

Specifies the change set ID of the parent change set in the current nested change set hierarchy.

RollbackConfiguration

Type: RollbackConfiguration structure

The rollback triggers for AWS CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

RootChangeSetId

Type: string

Specifies the change set ID of the root change set in the current nested change set hierarchy.

StackId

Type: string

The ARN of the stack that is associated with the change set.

StackName

Type: string

The name of the stack that is associated with the change set.

Status

Type: string

The current status of the change set, such as CREATE_IN_PROGRESS, CREATE_COMPLETE, or FAILED.

StatusReason

Type: string

A description of the change set's status. For example, if your attempt to create a change set failed, AWS CloudFormation shows the error message.

Tags

Type: Array of Tag structures

If you execute the change set, the tags that will be associated with the stack.

Errors

ChangeSetNotFoundException:
The specified change set name or ID doesn't exit. To view valid change sets for a stack, use the ListChangeSets action.

DescribeStackDriftDetectionStatus

$result = $client->describeStackDriftDetectionStatus([/* ... */]);
$promise = $client->describeStackDriftDetectionStatusAsync([/* ... */]);

Returns information about a stack drift detection operation. A stack drift detection operation detects whether a stack's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters. A stack is considered to have drifted if one or more of its resources have drifted. For more information on stack and resource drift, see Detecting Unregulated Configuration Changes to Stacks and Resources.

Use DetectStackDrift to initiate a stack drift detection operation. DetectStackDrift returns a StackDriftDetectionId you can use to monitor the progress of the operation using DescribeStackDriftDetectionStatus. Once the drift detection operation has completed, use DescribeStackResourceDrifts to return drift information about the stack and its resources.

Parameter Syntax

$result = $client->describeStackDriftDetectionStatus([
    'StackDriftDetectionId' => '<string>', // REQUIRED
]);

Parameter Details

Members

StackDriftDetectionId

Required: Yes
Type: string

The ID of the drift detection results of this operation.

AWS CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of drift results AWS CloudFormation retains for any given stack, and for how long, may vary.

Result Syntax

[
    'DetectionStatus' => 'DETECTION_IN_PROGRESS|DETECTION_FAILED|DETECTION_COMPLETE',
    'DetectionStatusReason' => '<string>',
    'DriftedStackResourceCount' => <integer>,
    'StackDriftDetectionId' => '<string>',
    'StackDriftStatus' => 'DRIFTED|IN_SYNC|UNKNOWN|NOT_CHECKED',
    'StackId' => '<string>',
    'Timestamp' => <DateTime>,
]

Result Details

Members

DetectionStatus

Required: Yes
Type: string

The status of the stack drift detection operation.

DETECTION_COMPLETE: The stack drift detection operation has successfully completed for all resources in the stack that support drift detection. (Resources that do not currently support stack detection remain unchecked.)

If you specified logical resource IDs for AWS CloudFormation to use as a filter for the stack drift detection operation, only the resources with those logical IDs are checked for drift.
DETECTION_FAILED: The stack drift detection operation has failed for at least one resource in the stack. Results will be available for resources on which AWS CloudFormation successfully completed drift detection.
DETECTION_IN_PROGRESS: The stack drift detection operation is currently in progress.

DetectionStatusReason

Type: string

The reason the stack drift detection operation has its current status.

DriftedStackResourceCount

Type: int

Total number of stack resources that have drifted. This is NULL until the drift detection operation reaches a status of DETECTION_COMPLETE. This value will be 0 for stacks whose drift status is IN_SYNC.

StackDriftDetectionId

Required: Yes
Type: string

The ID of the drift detection results of this operation.

AWS CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of reports AWS CloudFormation retains for any given stack, and for how long, may vary.

StackDriftStatus

Type: string

Status of the stack's actual configuration compared to its expected configuration.

DRIFTED: The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.
NOT_CHECKED: AWS CloudFormation has not checked if the stack differs from its expected template configuration.
IN_SYNC: The stack's actual configuration matches its expected template configuration.
UNKNOWN: This value is reserved for future use.

StackId

Required: Yes
Type: string

The ID of the stack.

Timestamp

Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

Time at which the stack drift detection operation was initiated.

Errors

There are no errors described for this operation.

DescribeStackEvents

$result = $client->describeStackEvents([/* ... */]);
$promise = $client->describeStackEventsAsync([/* ... */]);

Returns all stack related events for a specified stack in reverse chronological order. For more information about a stack's event history, go to Stacks in the AWS CloudFormation User Guide.

You can list events for stacks that have failed to create or have been deleted by specifying the unique stack identifier (stack ID).

Parameter Syntax

$result = $client->describeStackEvents([
    'NextToken' => '<string>',
    'StackName' => '<string>',
]);

Parameter Details

Members

NextToken

Type: string

A string that identifies the next page of events that you want to retrieve.

StackName

Type: string

The name or the unique stack ID that is associated with the stack, which are not always interchangeable:

Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.

Default: There is no default value.

Result Syntax

[
    'NextToken' => '<string>',
    'StackEvents' => [
        [
            'ClientRequestToken' => '<string>',
            'EventId' => '<string>',
            'LogicalResourceId' => '<string>',
            'PhysicalResourceId' => '<string>',
            'ResourceProperties' => '<string>',
            'ResourceStatus' => 'CREATE_IN_PROGRESS|CREATE_FAILED|CREATE_COMPLETE|DELETE_IN_PROGRESS|DELETE_FAILED|DELETE_COMPLETE|DELETE_SKIPPED|UPDATE_IN_PROGRESS|UPDATE_FAILED|UPDATE_COMPLETE|IMPORT_FAILED|IMPORT_COMPLETE|IMPORT_IN_PROGRESS|IMPORT_ROLLBACK_IN_PROGRESS|IMPORT_ROLLBACK_FAILED|IMPORT_ROLLBACK_COMPLETE',
            'ResourceStatusReason' => '<string>',
            'ResourceType' => '<string>',
            'StackId' => '<string>',
            'StackName' => '<string>',
            'Timestamp' => <DateTime>,
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of events. If no additional page exists, this value is null.

StackEvents

Type: Array of StackEvent structures

A list of StackEvents structures.

Errors

There are no errors described for this operation.

DescribeStackInstance

$result = $client->describeStackInstance([/* ... */]);
$promise = $client->describeStackInstanceAsync([/* ... */]);

Returns the stack instance that's associated with the specified stack set, AWS account, and Region.

For a list of stack instances that are associated with a specific stack set, use ListStackInstances.

Parameter Syntax

$result = $client->describeStackInstance([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'StackInstanceAccount' => '<string>', // REQUIRED
    'StackInstanceRegion' => '<string>', // REQUIRED
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

StackInstanceAccount

Required: Yes
Type: string

The ID of an AWS account that's associated with this stack instance.

StackInstanceRegion

Required: Yes
Type: string

The name of a Region that's associated with this stack instance.

StackSetName

Required: Yes
Type: string

The name or the unique stack ID of the stack set that you want to get stack instance information for.

Result Syntax

[
    'StackInstance' => [
        'Account' => '<string>',
        'DriftStatus' => 'DRIFTED|IN_SYNC|UNKNOWN|NOT_CHECKED',
        'LastDriftCheckTimestamp' => <DateTime>,
        'OrganizationalUnitId' => '<string>',
        'ParameterOverrides' => [
            [
                'ParameterKey' => '<string>',
                'ParameterValue' => '<string>',
                'ResolvedValue' => '<string>',
                'UsePreviousValue' => true || false,
            ],
            // ...
        ],
        'Region' => '<string>',
        'StackId' => '<string>',
        'StackInstanceStatus' => [
            'DetailedStatus' => 'PENDING|RUNNING|SUCCEEDED|FAILED|CANCELLED|INOPERABLE',
        ],
        'StackSetId' => '<string>',
        'Status' => 'CURRENT|OUTDATED|INOPERABLE',
        'StatusReason' => '<string>',
    ],
]

Result Details

Members

StackInstance

Type: StackInstance structure

The stack instance that matches the specified request parameters.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.
StackInstanceNotFoundException:
The specified stack instance doesn't exist.

DescribeStackResource

$result = $client->describeStackResource([/* ... */]);
$promise = $client->describeStackResourceAsync([/* ... */]);

Returns a description of the specified resource in the specified stack.

For deleted stacks, DescribeStackResource returns resource information for up to 90 days after the stack has been deleted.

Parameter Syntax

$result = $client->describeStackResource([
    'LogicalResourceId' => '<string>', // REQUIRED
    'StackName' => '<string>', // REQUIRED
]);

Parameter Details

Members

LogicalResourceId

Required: Yes
Type: string

The logical name of the resource as specified in the template.

Default: There is no default value.

StackName

Required: Yes
Type: string

The name or the unique stack ID that is associated with the stack, which are not always interchangeable:

Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.

Default: There is no default value.

Result Syntax

[
    'StackResourceDetail' => [
        'Description' => '<string>',
        'DriftInformation' => [
            'LastCheckTimestamp' => <DateTime>,
            'StackResourceDriftStatus' => 'IN_SYNC|MODIFIED|DELETED|NOT_CHECKED',
        ],
        'LastUpdatedTimestamp' => <DateTime>,
        'LogicalResourceId' => '<string>',
        'Metadata' => '<string>',
        'ModuleInfo' => [
            'LogicalIdHierarchy' => '<string>',
            'TypeHierarchy' => '<string>',
        ],
        'PhysicalResourceId' => '<string>',
        'ResourceStatus' => 'CREATE_IN_PROGRESS|CREATE_FAILED|CREATE_COMPLETE|DELETE_IN_PROGRESS|DELETE_FAILED|DELETE_COMPLETE|DELETE_SKIPPED|UPDATE_IN_PROGRESS|UPDATE_FAILED|UPDATE_COMPLETE|IMPORT_FAILED|IMPORT_COMPLETE|IMPORT_IN_PROGRESS|IMPORT_ROLLBACK_IN_PROGRESS|IMPORT_ROLLBACK_FAILED|IMPORT_ROLLBACK_COMPLETE',
        'ResourceStatusReason' => '<string>',
        'ResourceType' => '<string>',
        'StackId' => '<string>',
        'StackName' => '<string>',
    ],
]

Result Details

Members

StackResourceDetail

Type: StackResourceDetail structure

A StackResourceDetail structure containing the description of the specified resource in the specified stack.

Errors

There are no errors described for this operation.

DescribeStackResourceDrifts

$result = $client->describeStackResourceDrifts([/* ... */]);
$promise = $client->describeStackResourceDriftsAsync([/* ... */]);

Returns drift information for the resources that have been checked for drift in the specified stack. This includes actual and expected configuration values for resources where AWS CloudFormation detects configuration drift.

For a given stack, there will be one StackResourceDrift for each stack resource that has been checked for drift. Resources that have not yet been checked for drift are not included. Resources that do not currently support drift detection are not checked, and so not included. For a list of resources that support drift detection, see Resources that Support Drift Detection.

Use DetectStackResourceDrift to detect drift on individual resources, or DetectStackDrift to detect drift on all supported resources for a given stack.

Parameter Syntax

$result = $client->describeStackResourceDrifts([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'StackName' => '<string>', // REQUIRED
    'StackResourceDriftStatusFilters' => ['<string>', ...],
]);

Parameter Details

Members

MaxResults

Type: int

The maximum number of results to be returned with a single call. If the number of available results exceeds this maximum, the response includes a NextToken value that you can assign to the NextToken request parameter to get the next set of results.

NextToken

Type: string

A string that identifies the next page of stack resource drift results.

StackName

Required: Yes
Type: string

The name of the stack for which you want drift information.

StackResourceDriftStatusFilters

Type: Array of strings

The resource drift status values to use as filters for the resource drift results returned.

DELETED: The resource differs from its expected template configuration in that the resource has been deleted.
MODIFIED: One or more resource properties differ from their expected template values.
IN_SYNC: The resources's actual configuration matches its expected template configuration.
NOT_CHECKED: AWS CloudFormation does not currently return this value.

Result Syntax

[
    'NextToken' => '<string>',
    'StackResourceDrifts' => [
        [
            'ActualProperties' => '<string>',
            'ExpectedProperties' => '<string>',
            'LogicalResourceId' => '<string>',
            'ModuleInfo' => [
                'LogicalIdHierarchy' => '<string>',
                'TypeHierarchy' => '<string>',
            ],
            'PhysicalResourceId' => '<string>',
            'PhysicalResourceIdContext' => [
                [
                    'Key' => '<string>',
                    'Value' => '<string>',
                ],
                // ...
            ],
            'PropertyDifferences' => [
                [
                    'ActualValue' => '<string>',
                    'DifferenceType' => 'ADD|REMOVE|NOT_EQUAL',
                    'ExpectedValue' => '<string>',
                    'PropertyPath' => '<string>',
                ],
                // ...
            ],
            'ResourceType' => '<string>',
            'StackId' => '<string>',
            'StackResourceDriftStatus' => 'IN_SYNC|MODIFIED|DELETED|NOT_CHECKED',
            'Timestamp' => <DateTime>,
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

If the request doesn't return all of the remaining results, NextToken is set to a token. To retrieve the next set of results, call DescribeStackResourceDrifts again and assign that token to the request object's NextToken parameter. If the request returns all results, NextToken is set to null.

StackResourceDrifts

Required: Yes
Type: Array of StackResourceDrift structures

Drift information for the resources that have been checked for drift in the specified stack. This includes actual and expected configuration values for resources where AWS CloudFormation detects drift.

Errors

There are no errors described for this operation.

DescribeStackResources

$result = $client->describeStackResources([/* ... */]);
$promise = $client->describeStackResourcesAsync([/* ... */]);

Returns AWS resource descriptions for running and deleted stacks. If StackName is specified, all the associated resources that are part of the stack are returned. If PhysicalResourceId is specified, the associated resources of the stack that the resource belongs to are returned.

Only the first 100 resources will be returned. If your stack has more resources than this, you should use ListStackResources instead.

For deleted stacks, DescribeStackResources returns resource information for up to 90 days after the stack has been deleted.

You must specify either StackName or PhysicalResourceId, but not both. In addition, you can specify LogicalResourceId to filter the returned result. For more information about resources, the LogicalResourceId and PhysicalResourceId, go to the AWS CloudFormation User Guide.

A ValidationError is returned if you specify both StackName and PhysicalResourceId in the same request.

Parameter Syntax

$result = $client->describeStackResources([
    'LogicalResourceId' => '<string>',
    'PhysicalResourceId' => '<string>',
    'StackName' => '<string>',
]);

Parameter Details

Members

LogicalResourceId

Type: string

The logical name of the resource as specified in the template.

Default: There is no default value.

PhysicalResourceId

Type: string

The name or unique identifier that corresponds to a physical instance ID of a resource supported by AWS CloudFormation.

For example, for an Amazon Elastic Compute Cloud (EC2) instance, PhysicalResourceId corresponds to the InstanceId. You can pass the EC2 InstanceId to DescribeStackResources to find which stack the instance belongs to and what other resources are part of the stack.

Required: Conditional. If you do not specify PhysicalResourceId, you must specify StackName.

Default: There is no default value.

StackName

Type: string

The name or the unique stack ID that is associated with the stack, which are not always interchangeable:

Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.

Default: There is no default value.

Required: Conditional. If you do not specify StackName, you must specify PhysicalResourceId.

Result Syntax

[
    'StackResources' => [
        [
            'Description' => '<string>',
            'DriftInformation' => [
                'LastCheckTimestamp' => <DateTime>,
                'StackResourceDriftStatus' => 'IN_SYNC|MODIFIED|DELETED|NOT_CHECKED',
            ],
            'LogicalResourceId' => '<string>',
            'ModuleInfo' => [
                'LogicalIdHierarchy' => '<string>',
                'TypeHierarchy' => '<string>',
            ],
            'PhysicalResourceId' => '<string>',
            'ResourceStatus' => 'CREATE_IN_PROGRESS|CREATE_FAILED|CREATE_COMPLETE|DELETE_IN_PROGRESS|DELETE_FAILED|DELETE_COMPLETE|DELETE_SKIPPED|UPDATE_IN_PROGRESS|UPDATE_FAILED|UPDATE_COMPLETE|IMPORT_FAILED|IMPORT_COMPLETE|IMPORT_IN_PROGRESS|IMPORT_ROLLBACK_IN_PROGRESS|IMPORT_ROLLBACK_FAILED|IMPORT_ROLLBACK_COMPLETE',
            'ResourceStatusReason' => '<string>',
            'ResourceType' => '<string>',
            'StackId' => '<string>',
            'StackName' => '<string>',
            'Timestamp' => <DateTime>,
        ],
        // ...
    ],
]

Result Details

Members

StackResources

Type: Array of StackResource structures

A list of StackResource structures.

Errors

There are no errors described for this operation.

DescribeStackSet

$result = $client->describeStackSet([/* ... */]);
$promise = $client->describeStackSetAsync([/* ... */]);

Returns the description of the specified stack set.

Parameter Syntax

$result = $client->describeStackSet([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

StackSetName

Required: Yes
Type: string

The name or unique ID of the stack set whose description you want.

Result Syntax

[
    'StackSet' => [
        'AdministrationRoleARN' => '<string>',
        'AutoDeployment' => [
            'Enabled' => true || false,
            'RetainStacksOnAccountRemoval' => true || false,
        ],
        'Capabilities' => ['<string>', ...],
        'Description' => '<string>',
        'ExecutionRoleName' => '<string>',
        'OrganizationalUnitIds' => ['<string>', ...],
        'Parameters' => [
            [
                'ParameterKey' => '<string>',
                'ParameterValue' => '<string>',
                'ResolvedValue' => '<string>',
                'UsePreviousValue' => true || false,
            ],
            // ...
        ],
        'PermissionModel' => 'SERVICE_MANAGED|SELF_MANAGED',
        'StackSetARN' => '<string>',
        'StackSetDriftDetectionDetails' => [
            'DriftDetectionStatus' => 'COMPLETED|FAILED|PARTIAL_SUCCESS|IN_PROGRESS|STOPPED',
            'DriftStatus' => 'DRIFTED|IN_SYNC|NOT_CHECKED',
            'DriftedStackInstancesCount' => <integer>,
            'FailedStackInstancesCount' => <integer>,
            'InProgressStackInstancesCount' => <integer>,
            'InSyncStackInstancesCount' => <integer>,
            'LastDriftCheckTimestamp' => <DateTime>,
            'TotalStackInstancesCount' => <integer>,
        ],
        'StackSetId' => '<string>',
        'StackSetName' => '<string>',
        'Status' => 'ACTIVE|DELETED',
        'Tags' => [
            [
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'TemplateBody' => '<string>',
    ],
]

Result Details

Members

StackSet

Type: StackSet structure

The specified stack set.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.

DescribeStackSetOperation

$result = $client->describeStackSetOperation([/* ... */]);
$promise = $client->describeStackSetOperationAsync([/* ... */]);

Returns the description of the specified stack set operation.

Parameter Syntax

$result = $client->describeStackSetOperation([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'OperationId' => '<string>', // REQUIRED
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

OperationId

Required: Yes
Type: string

The unique ID of the stack set operation.

StackSetName

Required: Yes
Type: string

The name or the unique stack ID of the stack set for the stack operation.

Result Syntax

[
    'StackSetOperation' => [
        'Action' => 'CREATE|UPDATE|DELETE|DETECT_DRIFT',
        'AdministrationRoleARN' => '<string>',
        'CreationTimestamp' => <DateTime>,
        'DeploymentTargets' => [
            'Accounts' => ['<string>', ...],
            'AccountsUrl' => '<string>',
            'OrganizationalUnitIds' => ['<string>', ...],
        ],
        'EndTimestamp' => <DateTime>,
        'ExecutionRoleName' => '<string>',
        'OperationId' => '<string>',
        'OperationPreferences' => [
            'FailureToleranceCount' => <integer>,
            'FailureTolerancePercentage' => <integer>,
            'MaxConcurrentCount' => <integer>,
            'MaxConcurrentPercentage' => <integer>,
            'RegionConcurrencyType' => 'SEQUENTIAL|PARALLEL',
            'RegionOrder' => ['<string>', ...],
        ],
        'RetainStacks' => true || false,
        'StackSetDriftDetectionDetails' => [
            'DriftDetectionStatus' => 'COMPLETED|FAILED|PARTIAL_SUCCESS|IN_PROGRESS|STOPPED',
            'DriftStatus' => 'DRIFTED|IN_SYNC|NOT_CHECKED',
            'DriftedStackInstancesCount' => <integer>,
            'FailedStackInstancesCount' => <integer>,
            'InProgressStackInstancesCount' => <integer>,
            'InSyncStackInstancesCount' => <integer>,
            'LastDriftCheckTimestamp' => <DateTime>,
            'TotalStackInstancesCount' => <integer>,
        ],
        'StackSetId' => '<string>',
        'Status' => 'RUNNING|SUCCEEDED|FAILED|STOPPING|STOPPED|QUEUED',
    ],
]

Result Details

Members

StackSetOperation

Type: StackSetOperation structure

The specified stack set operation.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.
OperationNotFoundException:
The specified ID refers to an operation that doesn't exist.

DescribeStacks

$result = $client->describeStacks([/* ... */]);
$promise = $client->describeStacksAsync([/* ... */]);

Returns the description for the specified stack; if no stack name was specified, then it returns the description for all the stacks created.

If the stack does not exist, an AmazonCloudFormationException is returned.

Parameter Syntax

$result = $client->describeStacks([
    'NextToken' => '<string>',
    'StackName' => '<string>',
]);

Parameter Details

Members

NextToken

Type: string

A string that identifies the next page of stacks that you want to retrieve.

StackName

Type: string

The name or the unique stack ID that is associated with the stack, which are not always interchangeable:

Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.

Default: There is no default value.

Result Syntax

[
    'NextToken' => '<string>',
    'Stacks' => [
        [
            'Capabilities' => ['<string>', ...],
            'ChangeSetId' => '<string>',
            'CreationTime' => <DateTime>,
            'DeletionTime' => <DateTime>,
            'Description' => '<string>',
            'DisableRollback' => true || false,
            'DriftInformation' => [
                'LastCheckTimestamp' => <DateTime>,
                'StackDriftStatus' => 'DRIFTED|IN_SYNC|UNKNOWN|NOT_CHECKED',
            ],
            'EnableTerminationProtection' => true || false,
            'LastUpdatedTime' => <DateTime>,
            'NotificationARNs' => ['<string>', ...],
            'Outputs' => [
                [
                    'Description' => '<string>',
                    'ExportName' => '<string>',
                    'OutputKey' => '<string>',
                    'OutputValue' => '<string>',
                ],
                // ...
            ],
            'Parameters' => [
                [
                    'ParameterKey' => '<string>',
                    'ParameterValue' => '<string>',
                    'ResolvedValue' => '<string>',
                    'UsePreviousValue' => true || false,
                ],
                // ...
            ],
            'ParentId' => '<string>',
            'RoleARN' => '<string>',
            'RollbackConfiguration' => [
                'MonitoringTimeInMinutes' => <integer>,
                'RollbackTriggers' => [
                    [
                        'Arn' => '<string>',
                        'Type' => '<string>',
                    ],
                    // ...
                ],
            ],
            'RootId' => '<string>',
            'StackId' => '<string>',
            'StackName' => '<string>',
            'StackStatus' => 'CREATE_IN_PROGRESS|CREATE_FAILED|CREATE_COMPLETE|ROLLBACK_IN_PROGRESS|ROLLBACK_FAILED|ROLLBACK_COMPLETE|DELETE_IN_PROGRESS|DELETE_FAILED|DELETE_COMPLETE|UPDATE_IN_PROGRESS|UPDATE_COMPLETE_CLEANUP_IN_PROGRESS|UPDATE_COMPLETE|UPDATE_ROLLBACK_IN_PROGRESS|UPDATE_ROLLBACK_FAILED|UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS|UPDATE_ROLLBACK_COMPLETE|REVIEW_IN_PROGRESS|IMPORT_IN_PROGRESS|IMPORT_COMPLETE|IMPORT_ROLLBACK_IN_PROGRESS|IMPORT_ROLLBACK_FAILED|IMPORT_ROLLBACK_COMPLETE',
            'StackStatusReason' => '<string>',
            'Tags' => [
                [
                    'Key' => '<string>',
                    'Value' => '<string>',
                ],
                // ...
            ],
            'TimeoutInMinutes' => <integer>,
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of stacks. If no additional page exists, this value is null.

Stacks

Type: Array of Stack structures

A list of stack structures.

Errors

There are no errors described for this operation.

DescribeType

$result = $client->describeType([/* ... */]);
$promise = $client->describeTypeAsync([/* ... */]);

Returns detailed information about an extension that has been registered.

If you specify a VersionId, DescribeType returns information about that specific extension version. Otherwise, it returns information about the default extension version.

Parameter Syntax

$result = $client->describeType([
    'Arn' => '<string>',
    'Type' => 'RESOURCE|MODULE',
    'TypeName' => '<string>',
    'VersionId' => '<string>',
]);

Parameter Details

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

Type

Type: string

The kind of extension.

Conditional: You must specify either TypeName and Type, or Arn.

TypeName

Type: string

The name of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

VersionId

Type: string

The ID of a specific version of the extension. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the extension version when it is registered.

If you specify a VersionId, DescribeType returns information about that specific extension version. Otherwise, it returns information about the default extension version.

Result Syntax

[
    'Arn' => '<string>',
    'DefaultVersionId' => '<string>',
    'DeprecatedStatus' => 'LIVE|DEPRECATED',
    'Description' => '<string>',
    'DocumentationUrl' => '<string>',
    'ExecutionRoleArn' => '<string>',
    'IsDefaultVersion' => true || false,
    'LastUpdated' => <DateTime>,
    'LoggingConfig' => [
        'LogGroupName' => '<string>',
        'LogRoleArn' => '<string>',
    ],
    'ProvisioningType' => 'NON_PROVISIONABLE|IMMUTABLE|FULLY_MUTABLE',
    'Schema' => '<string>',
    'SourceUrl' => '<string>',
    'TimeCreated' => <DateTime>,
    'Type' => 'RESOURCE|MODULE',
    'TypeName' => '<string>',
    'Visibility' => 'PUBLIC|PRIVATE',
]

Result Details

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the extension.

DefaultVersionId

Type: string

The ID of the default version of the extension. The default version is used when the extension version is not specified.

To set the default version of an extension, use SetTypeDefaultVersion .

DeprecatedStatus

Type: string

The deprecation status of the extension version.

Valid values include:

LIVE: The extension is registered and can be used in CloudFormation operations, dependent on its provisioning behavior and visibility scope.
DEPRECATED: The extension has been deregistered and can no longer be used in CloudFormation operations.

Description

Type: string

The description of the registered extension.

DocumentationUrl

Type: string

The URL of a page providing detailed documentation for this extension.

ExecutionRoleArn

Type: string

The Amazon Resource Name (ARN) of the IAM execution role used to register the extension. If your resource type calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your extension with the appropriate credentials.

IsDefaultVersion

Type: boolean

Whether the specified extension version is set as the default version.

LastUpdated

Type: timestamp (string|DateTime or anything parsable by strtotime)

When the specified extension version was registered.

LoggingConfig

Type: LoggingConfig structure

Contains logging configuration information for an extension.

ProvisioningType

Type: string

The provisioning behavior of the extension. AWS CloudFormation determines the provisioning type during registration, based on the types of handlers in the schema handler package submitted.

Valid values include:

FULLY_MUTABLE: The extension includes an update handler to process updates to the extension during stack update operations.
IMMUTABLE: The extension does not include an update handler, so the extension cannot be updated and must instead be replaced during stack update operations.
NON_PROVISIONABLE: The extension does not include all of the following handlers, and therefore cannot actually be provisioned.
- create
- read
- delete

Schema

Type: string

The schema that defines the extension.

For more information on extension schemas, see Resource Provider Schema in the CloudFormation CLI User Guide.

SourceUrl

Type: string

The URL of the source code for the extension.

TimeCreated

Type: timestamp (string|DateTime or anything parsable by strtotime)

When the specified extension version was registered.

Type

Type: string

The kind of extension.

TypeName

Type: string

The name of the registered extension.

Visibility

Type: string

The scope at which the extension is visible and usable in CloudFormation operations.

Valid values include:

PRIVATE: The extension is only visible and usable within the account in which it is registered. Currently, AWS CloudFormation marks any types you register as PRIVATE.
PUBLIC: The extension is publically visible and usable within any Amazon account.

Errors

CFNRegistryException:
An error occurred during a CloudFormation registry operation.
TypeNotFoundException:
The specified type does not exist in the CloudFormation registry.

DescribeTypeRegistration

$result = $client->describeTypeRegistration([/* ... */]);
$promise = $client->describeTypeRegistrationAsync([/* ... */]);

Returns information about an extension's registration, including its current status and type and version identifiers.

When you initiate a registration request using RegisterType , you can then use DescribeTypeRegistration to monitor the progress of that registration request.

Once the registration request has completed, use DescribeType to return detailed information about an extension.

Parameter Syntax

$result = $client->describeTypeRegistration([
    'RegistrationToken' => '<string>', // REQUIRED
]);

Parameter Details

Members

RegistrationToken

Required: Yes
Type: string

The identifier for this registration request.

This registration token is generated by CloudFormation when you initiate a registration request using RegisterType .

Result Syntax

[
    'Description' => '<string>',
    'ProgressStatus' => 'COMPLETE|IN_PROGRESS|FAILED',
    'TypeArn' => '<string>',
    'TypeVersionArn' => '<string>',
]

Result Details

Members

Description

Type: string

The description of the extension registration request.

ProgressStatus

Type: string

The current status of the extension registration request.

TypeArn

Type: string

The Amazon Resource Name (ARN) of the extension being registered.

For registration requests with a ProgressStatus of other than COMPLETE, this will be null.

TypeVersionArn

Type: string

The Amazon Resource Name (ARN) of this specific version of the extension being registered.

For registration requests with a ProgressStatus of other than COMPLETE, this will be null.

Errors

CFNRegistryException:
An error occurred during a CloudFormation registry operation.

DetectStackDrift

$result = $client->detectStackDrift([/* ... */]);
$promise = $client->detectStackDriftAsync([/* ... */]);

Detects whether a stack's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters. For each resource in the stack that supports drift detection, AWS CloudFormation compares the actual configuration of the resource with its expected template configuration. Only resource properties explicitly defined in the stack template are checked for drift. A stack is considered to have drifted if one or more of its resources differ from their expected template configurations. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.

Use DetectStackDrift to detect drift on all supported resources for a given stack, or DetectStackResourceDrift to detect drift on individual resources.

For a list of stack resources that currently support drift detection, see Resources that Support Drift Detection.

DetectStackDrift can take up to several minutes, depending on the number of resources contained within the stack. Use DescribeStackDriftDetectionStatus to monitor the progress of a detect stack drift operation. Once the drift detection operation has completed, use DescribeStackResourceDrifts to return drift information about the stack and its resources.

When detecting drift on a stack, AWS CloudFormation does not detect drift on any nested stacks belonging to that stack. Perform DetectStackDrift directly on the nested stack itself.

Parameter Syntax

$result = $client->detectStackDrift([
    'LogicalResourceIds' => ['<string>', ...],
    'StackName' => '<string>', // REQUIRED
]);

Parameter Details

Members

LogicalResourceIds

Type: Array of strings

The logical names of any resources you want to use as filters.

StackName

Required: Yes
Type: string

The name of the stack for which you want to detect drift.

Result Syntax

[
    'StackDriftDetectionId' => '<string>',
]

Result Details

Members

StackDriftDetectionId

Required: Yes
Type: string

The ID of the drift detection results of this operation.

Errors

There are no errors described for this operation.

DetectStackResourceDrift

$result = $client->detectStackResourceDrift([/* ... */]);
$promise = $client->detectStackResourceDriftAsync([/* ... */]);

Returns information about whether a resource's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters. This information includes actual and expected property values for resources in which AWS CloudFormation detects drift. Only resource properties explicitly defined in the stack template are checked for drift. For more information about stack and resource drift, see Detecting Unregulated Configuration Changes to Stacks and Resources.

Use DetectStackResourceDrift to detect drift on individual resources, or DetectStackDrift to detect drift on all resources in a given stack that support drift detection.

Resources that do not currently support drift detection cannot be checked. For a list of resources that support drift detection, see Resources that Support Drift Detection.

Parameter Syntax

$result = $client->detectStackResourceDrift([
    'LogicalResourceId' => '<string>', // REQUIRED
    'StackName' => '<string>', // REQUIRED
]);

Parameter Details

Members

LogicalResourceId

Required: Yes
Type: string

The logical name of the resource for which to return drift information.

StackName

Required: Yes
Type: string

The name of the stack to which the resource belongs.

Result Syntax

[
    'StackResourceDrift' => [
        'ActualProperties' => '<string>',
        'ExpectedProperties' => '<string>',
        'LogicalResourceId' => '<string>',
        'ModuleInfo' => [
            'LogicalIdHierarchy' => '<string>',
            'TypeHierarchy' => '<string>',
        ],
        'PhysicalResourceId' => '<string>',
        'PhysicalResourceIdContext' => [
            [
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'PropertyDifferences' => [
            [
                'ActualValue' => '<string>',
                'DifferenceType' => 'ADD|REMOVE|NOT_EQUAL',
                'ExpectedValue' => '<string>',
                'PropertyPath' => '<string>',
            ],
            // ...
        ],
        'ResourceType' => '<string>',
        'StackId' => '<string>',
        'StackResourceDriftStatus' => 'IN_SYNC|MODIFIED|DELETED|NOT_CHECKED',
        'Timestamp' => <DateTime>,
    ],
]

Result Details

Members

StackResourceDrift

Required: Yes
Type: StackResourceDrift structure

Information about whether the resource's actual configuration has drifted from its expected template configuration, including actual and expected property values and any differences detected.

Errors

There are no errors described for this operation.

DetectStackSetDrift

$result = $client->detectStackSetDrift([/* ... */]);
$promise = $client->detectStackSetDriftAsync([/* ... */]);

Detect drift on a stack set. When CloudFormation performs drift detection on a stack set, it performs drift detection on the stack associated with each stack instance in the stack set. For more information, see How CloudFormation Performs Drift Detection on a Stack Set.

DetectStackSetDrift returns the OperationId of the stack set drift detection operation. Use this operation id with DescribeStackSetOperation to monitor the progress of the drift detection operation. The drift detection operation may take some time, depending on the number of stack instances included in the stack set, as well as the number of resources included in each stack.

Once the operation has completed, use the following actions to return drift information:

Use DescribeStackSet to return detailed information about the stack set, including detailed information about the last completed drift operation performed on the stack set. (Information about drift operations that are in progress is not included.)
Use ListStackInstances to return a list of stack instances belonging to the stack set, including the drift status and last drift time checked of each instance.
Use DescribeStackInstance to return detailed information about a specific stack instance, including its drift status and last drift time checked.

For more information on performing a drift detection operation on a stack set, see Detecting Unmanaged Changes in Stack Sets.

You can only run a single drift detection operation on a given stack set at one time.

To stop a drift detection stack set operation, use StopStackSetOperation .

Parameter Syntax

$result = $client->detectStackSetDrift([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'OperationId' => '<string>',
    'OperationPreferences' => [
        'FailureToleranceCount' => <integer>,
        'FailureTolerancePercentage' => <integer>,
        'MaxConcurrentCount' => <integer>,
        'MaxConcurrentPercentage' => <integer>,
        'RegionConcurrencyType' => 'SEQUENTIAL|PARALLEL',
        'RegionOrder' => ['<string>', ...],
    ],
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

OperationId

Type: string

The ID of the stack set operation.

OperationPreferences

Type: StackSetOperationPreferences structure

The user-specified preferences for how AWS CloudFormation performs a stack set operation.

For more information on maximum concurrent accounts and failure tolerance, see Stack set operation options.

StackSetName

Required: Yes
Type: string

The name of the stack set on which to perform the drift detection operation.

Result Syntax

[
    'OperationId' => '<string>',
]

Result Details

Members

OperationId

Type: string

The ID of the drift detection stack set operation.

you can use this operation id with DescribeStackSetOperation to monitor the progress of the drift detection operation.

Errors

InvalidOperationException:
The specified operation isn't valid.
OperationInProgressException:
Another operation is currently in progress for this stack set. Only one operation can be performed for a stack set at a given time.
StackSetNotFoundException:
The specified stack set doesn't exist.

EstimateTemplateCost

$result = $client->estimateTemplateCost([/* ... */]);
$promise = $client->estimateTemplateCostAsync([/* ... */]);

Returns the estimated monthly cost of a template. The return value is an AWS Simple Monthly Calculator URL with a query string that describes the resources required to run the template.

Parameter Syntax

$result = $client->estimateTemplateCost([
    'Parameters' => [
        [
            'ParameterKey' => '<string>',
            'ParameterValue' => '<string>',
            'ResolvedValue' => '<string>',
            'UsePreviousValue' => true || false,
        ],
        // ...
    ],
    'TemplateBody' => '<string>',
    'TemplateURL' => '<string>',
]);

Parameter Details

Members

Parameters

Type: Array of Parameter structures

A list of Parameter structures that specify input parameters.

TemplateBody

Type: string

Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. (For more information, go to Template Anatomy in the AWS CloudFormation User Guide.)

Conditional: You must pass TemplateBody or TemplateURL. If both are passed, only TemplateBody is used.

TemplateURL

Type: string

Location of file containing the template body. The URL must point to a template that is located in an Amazon S3 bucket or a Systems Manager document. For more information, go to Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must pass TemplateURL or TemplateBody. If both are passed, only TemplateBody is used.

Result Syntax

[
    'Url' => '<string>',
]

Result Details

Members

Url

Type: string

An AWS Simple Monthly Calculator URL with a query string that describes the resources required to run the template.

Errors

There are no errors described for this operation.

ExecuteChangeSet

$result = $client->executeChangeSet([/* ... */]);
$promise = $client->executeChangeSetAsync([/* ... */]);

Updates a stack using the input information that was provided when the specified change set was created. After the call successfully completes, AWS CloudFormation starts updating the stack. Use the DescribeStacks action to view the status of the update.

When you execute a change set, AWS CloudFormation deletes all other change sets associated with the stack because they aren't valid for the updated stack.

If a stack policy is associated with the stack, AWS CloudFormation enforces the policy during the update. You can't specify a temporary stack policy that overrides the current policy.

To create a change set for the entire stack hierachy, IncludeNestedStacks must have been set to True.

Parameter Syntax

$result = $client->executeChangeSet([
    'ChangeSetName' => '<string>', // REQUIRED
    'ClientRequestToken' => '<string>',
    'StackName' => '<string>',
]);

Parameter Details

Members

ChangeSetName

Required: Yes
Type: string

The name or ARN of the change set that you want use to update the specified stack.

ClientRequestToken

Type: string

A unique identifier for this ExecuteChangeSet request. Specify this token if you plan to retry requests so that AWS CloudFormation knows that you're not attempting to execute a change set to update a stack with the same name. You might retry ExecuteChangeSet requests to ensure that AWS CloudFormation successfully received them.

StackName

Type: string

If you specified the name of a change set, specify the stack name or ID (ARN) that is associated with the change set you want to execute.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

InvalidChangeSetStatusException:
The specified change set can't be used to update the stack. For example, the change set status might be CREATE_IN_PROGRESS, or the stack status might be UPDATE_IN_PROGRESS.
ChangeSetNotFoundException:
The specified change set name or ID doesn't exit. To view valid change sets for a stack, use the ListChangeSets action.
InsufficientCapabilitiesException:
The template contains resources with capabilities that weren't specified in the Capabilities parameter.
TokenAlreadyExistsException:
A client request token already exists.

GetStackPolicy

$result = $client->getStackPolicy([/* ... */]);
$promise = $client->getStackPolicyAsync([/* ... */]);

Returns the stack policy for a specified stack. If a stack doesn't have a policy, a null value is returned.

Parameter Syntax

$result = $client->getStackPolicy([
    'StackName' => '<string>', // REQUIRED
]);

Parameter Details

Members

StackName

Required: Yes
Type: string

The name or unique stack ID that is associated with the stack whose policy you want to get.

Result Syntax

[
    'StackPolicyBody' => '<string>',
]

Result Details

Members

StackPolicyBody

Type: string

Structure containing the stack policy body. (For more information, go to Prevent Updates to Stack Resources in the AWS CloudFormation User Guide.)

Errors

There are no errors described for this operation.

GetTemplate

$result = $client->getTemplate([/* ... */]);
$promise = $client->getTemplateAsync([/* ... */]);

Returns the template body for a specified stack. You can get the template for running or deleted stacks.

For deleted stacks, GetTemplate returns the template for up to 90 days after the stack has been deleted.

If the template does not exist, a ValidationError is returned.

Parameter Syntax

$result = $client->getTemplate([
    'ChangeSetName' => '<string>',
    'StackName' => '<string>',
    'TemplateStage' => 'Original|Processed',
]);

Parameter Details

Members

ChangeSetName

Type: string

The name or Amazon Resource Name (ARN) of a change set for which AWS CloudFormation returns the associated template. If you specify a name, you must also specify the StackName.

StackName

Type: string

The name or the unique stack ID that is associated with the stack, which are not always interchangeable:

Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.

Default: There is no default value.

TemplateStage

Type: string

For templates that include transforms, the stage of the template that AWS CloudFormation returns. To get the user-submitted template, specify Original. To get the template after AWS CloudFormation has processed all transforms, specify Processed.

If the template doesn't include transforms, Original and Processed return the same template. By default, AWS CloudFormation specifies Original.

Result Syntax

[
    'StagesAvailable' => ['<string>', ...],
    'TemplateBody' => '<string>',
]

Result Details

Members

StagesAvailable

Type: Array of strings

The stage of the template that you can retrieve. For stacks, the Original and Processed templates are always available. For change sets, the Original template is always available. After AWS CloudFormation finishes creating the change set, the Processed template becomes available.

TemplateBody

Type: string

Structure containing the template body. (For more information, go to Template Anatomy in the AWS CloudFormation User Guide.)

AWS CloudFormation returns the same template that was used when the stack was created.

Errors

ChangeSetNotFoundException:
The specified change set name or ID doesn't exit. To view valid change sets for a stack, use the ListChangeSets action.

GetTemplateSummary

$result = $client->getTemplateSummary([/* ... */]);
$promise = $client->getTemplateSummaryAsync([/* ... */]);

Returns information about a new or existing template. The GetTemplateSummary action is useful for viewing parameter information, such as default parameter values and parameter types, before you create or update a stack or stack set.

You can use the GetTemplateSummary action when you submit a template, or you can get template information for a stack set, or a running or deleted stack.

For deleted stacks, GetTemplateSummary returns the template information for up to 90 days after the stack has been deleted. If the template does not exist, a ValidationError is returned.

Parameter Syntax

$result = $client->getTemplateSummary([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'StackName' => '<string>',
    'StackSetName' => '<string>',
    'TemplateBody' => '<string>',
    'TemplateURL' => '<string>',
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

StackName

Type: string

The name or the stack ID that is associated with the stack, which are not always interchangeable. For running stacks, you can specify either the stack's name or its unique stack ID. For deleted stack, you must specify the unique stack ID.

Conditional: You must specify only one of the following parameters: StackName, StackSetName, TemplateBody, or TemplateURL.

StackSetName

Type: string

The name or unique ID of the stack set from which the stack was created.

Conditional: You must specify only one of the following parameters: StackName, StackSetName, TemplateBody, or TemplateURL.

TemplateBody

Type: string

Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information about templates, see Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must specify only one of the following parameters: StackName, StackSetName, TemplateBody, or TemplateURL.

TemplateURL

Type: string

Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that is located in an Amazon S3 bucket or a Systems Manager document. For more information about templates, see Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must specify only one of the following parameters: StackName, StackSetName, TemplateBody, or TemplateURL.

Result Syntax

[
    'Capabilities' => ['<string>', ...],
    'CapabilitiesReason' => '<string>',
    'DeclaredTransforms' => ['<string>', ...],
    'Description' => '<string>',
    'Metadata' => '<string>',
    'Parameters' => [
        [
            'DefaultValue' => '<string>',
            'Description' => '<string>',
            'NoEcho' => true || false,
            'ParameterConstraints' => [
                'AllowedValues' => ['<string>', ...],
            ],
            'ParameterKey' => '<string>',
            'ParameterType' => '<string>',
        ],
        // ...
    ],
    'ResourceIdentifierSummaries' => [
        [
            'LogicalResourceIds' => ['<string>', ...],
            'ResourceIdentifiers' => ['<string>', ...],
            'ResourceType' => '<string>',
        ],
        // ...
    ],
    'ResourceTypes' => ['<string>', ...],
    'Version' => '<string>',
]

Result Details

Members

Capabilities

Type: Array of strings

The capabilities found within the template. If your template contains IAM resources, you must specify the CAPABILITY_IAM or CAPABILITY_NAMED_IAM value for this parameter when you use the CreateStack or UpdateStack actions with your template; otherwise, those actions return an InsufficientCapabilities error.

For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.

CapabilitiesReason

Type: string

The list of resources that generated the values in the Capabilities response element.

DeclaredTransforms

Type: Array of strings

A list of the transforms that are declared in the template.

Description

Type: string

The value that is defined in the Description property of the template.

Metadata

Type: string

The value that is defined for the Metadata property of the template.

Parameters

Type: Array of ParameterDeclaration structures

A list of parameter declarations that describe various properties for each parameter.

ResourceIdentifierSummaries

Type: Array of ResourceIdentifierSummary structures

A list of resource identifier summaries that describe the target resources of an import operation and the properties you can provide during the import to identify the target resources. For example, BucketName is a possible identifier property for an AWS::S3::Bucket resource.

ResourceTypes

Type: Array of strings

A list of all the template resource types that are defined in the template, such as AWS::EC2::Instance, AWS::Dynamo::Table, and Custom::MyCustomInstance.

Version

Type: string

The AWS template format version, which identifies the capabilities of the template.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.

ListChangeSets

$result = $client->listChangeSets([/* ... */]);
$promise = $client->listChangeSetsAsync([/* ... */]);

Returns the ID and status of each active change set for a stack. For example, AWS CloudFormation lists change sets that are in the CREATE_IN_PROGRESS or CREATE_PENDING state.

Parameter Syntax

$result = $client->listChangeSets([
    'NextToken' => '<string>',
    'StackName' => '<string>', // REQUIRED
]);

Parameter Details

Members

NextToken

Type: string

A string (provided by the ListChangeSets response output) that identifies the next page of change sets that you want to retrieve.

StackName

Required: Yes
Type: string

The name or the Amazon Resource Name (ARN) of the stack for which you want to list change sets.

Result Syntax

[
    'NextToken' => '<string>',
    'Summaries' => [
        [
            'ChangeSetId' => '<string>',
            'ChangeSetName' => '<string>',
            'CreationTime' => <DateTime>,
            'Description' => '<string>',
            'ExecutionStatus' => 'UNAVAILABLE|AVAILABLE|EXECUTE_IN_PROGRESS|EXECUTE_COMPLETE|EXECUTE_FAILED|OBSOLETE',
            'IncludeNestedStacks' => true || false,
            'ParentChangeSetId' => '<string>',
            'RootChangeSetId' => '<string>',
            'StackId' => '<string>',
            'StackName' => '<string>',
            'Status' => 'CREATE_PENDING|CREATE_IN_PROGRESS|CREATE_COMPLETE|DELETE_PENDING|DELETE_IN_PROGRESS|DELETE_COMPLETE|DELETE_FAILED|FAILED',
            'StatusReason' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

If the output exceeds 1 MB, a string that identifies the next page of change sets. If there is no additional page, this value is null.

Summaries

Type: Array of ChangeSetSummary structures

A list of ChangeSetSummary structures that provides the ID and status of each change set for the specified stack.

Errors

There are no errors described for this operation.

ListExports

$result = $client->listExports([/* ... */]);
$promise = $client->listExportsAsync([/* ... */]);

Lists all exported output values in the account and Region in which you call this action. Use this action to see the exported output values that you can import into other stacks. To import values, use the Fn::ImportValue function.

For more information, see AWS CloudFormation Export Stack Output Values.

Parameter Syntax

$result = $client->listExports([
    'NextToken' => '<string>',
]);

Parameter Details

Members

NextToken

Type: string

A string (provided by the ListExports response output) that identifies the next page of exported output values that you asked to retrieve.

Result Syntax

[
    'Exports' => [
        [
            'ExportingStackId' => '<string>',
            'Name' => '<string>',
            'Value' => '<string>',
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members

Exports

Type: Array of Export structures

The output for the ListExports action.

NextToken

Type: string

If the output exceeds 100 exported output values, a string that identifies the next page of exports. If there is no additional page, this value is null.

Errors

There are no errors described for this operation.

ListImports

$result = $client->listImports([/* ... */]);
$promise = $client->listImportsAsync([/* ... */]);

Lists all stacks that are importing an exported output value. To modify or remove an exported output value, first use this action to see which stacks are using it. To see the exported output values in your account, see ListExports.

For more information about importing an exported output value, see the Fn::ImportValue function.

Parameter Syntax

$result = $client->listImports([
    'ExportName' => '<string>', // REQUIRED
    'NextToken' => '<string>',
]);

Parameter Details

Members

ExportName

Required: Yes
Type: string

The name of the exported output value. AWS CloudFormation returns the stack names that are importing this value.

NextToken

Type: string

A string (provided by the ListImports response output) that identifies the next page of stacks that are importing the specified exported output value.

Result Syntax

[
    'Imports' => ['<string>', ...],
    'NextToken' => '<string>',
]

Result Details

Members

Imports

Type: Array of strings

A list of stack names that are importing the specified exported output value.

NextToken

Type: string

A string that identifies the next page of exports. If there is no additional page, this value is null.

Errors

There are no errors described for this operation.

ListStackInstances

$result = $client->listStackInstances([/* ... */]);
$promise = $client->listStackInstancesAsync([/* ... */]);

Returns summary information about stack instances that are associated with the specified stack set. You can filter for stack instances that are associated with a specific AWS account name or Region, or that have a specific status.

Parameter Syntax

$result = $client->listStackInstances([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'Filters' => [
        [
            'Name' => 'DETAILED_STATUS',
            'Values' => '<string>',
        ],
        // ...
    ],
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'StackInstanceAccount' => '<string>',
    'StackInstanceRegion' => '<string>',
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

Filters

Type: Array of StackInstanceFilter structures

The status that stack instances are filtered by.

MaxResults

Type: int

NextToken

Type: string

If the previous request didn't return all of the remaining results, the response's NextToken parameter value is set to a token. To retrieve the next set of results, call ListStackInstances again and assign that token to the request object's NextToken parameter. If there are no remaining results, the previous response object's NextToken parameter is set to null.

StackInstanceAccount

Type: string

The name of the AWS account that you want to list stack instances for.

StackInstanceRegion

Type: string

The name of the Region where you want to list stack instances.

StackSetName

Required: Yes
Type: string

The name or unique ID of the stack set that you want to list stack instances for.

Result Syntax

[
    'NextToken' => '<string>',
    'Summaries' => [
        [
            'Account' => '<string>',
            'DriftStatus' => 'DRIFTED|IN_SYNC|UNKNOWN|NOT_CHECKED',
            'LastDriftCheckTimestamp' => <DateTime>,
            'OrganizationalUnitId' => '<string>',
            'Region' => '<string>',
            'StackId' => '<string>',
            'StackInstanceStatus' => [
                'DetailedStatus' => 'PENDING|RUNNING|SUCCEEDED|FAILED|CANCELLED|INOPERABLE',
            ],
            'StackSetId' => '<string>',
            'Status' => 'CURRENT|OUTDATED|INOPERABLE',
            'StatusReason' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

If the request doesn't return all of the remaining results, NextToken is set to a token. To retrieve the next set of results, call ListStackInstances again and assign that token to the request object's NextToken parameter. If the request returns all results, NextToken is set to null.

Summaries

Type: Array of StackInstanceSummary structures

A list of StackInstanceSummary structures that contain information about the specified stack instances.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.

ListStackResources

$result = $client->listStackResources([/* ... */]);
$promise = $client->listStackResourcesAsync([/* ... */]);

Returns descriptions of all resources of the specified stack.

For deleted stacks, ListStackResources returns resource information for up to 90 days after the stack has been deleted.

Parameter Syntax

$result = $client->listStackResources([
    'NextToken' => '<string>',
    'StackName' => '<string>', // REQUIRED
]);

Parameter Details

Members

NextToken

Type: string

A string that identifies the next page of stack resources that you want to retrieve.

StackName

Required: Yes
Type: string

The name or the unique stack ID that is associated with the stack, which are not always interchangeable:

Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.

Default: There is no default value.

Result Syntax

[
    'NextToken' => '<string>',
    'StackResourceSummaries' => [
        [
            'DriftInformation' => [
                'LastCheckTimestamp' => <DateTime>,
                'StackResourceDriftStatus' => 'IN_SYNC|MODIFIED|DELETED|NOT_CHECKED',
            ],
            'LastUpdatedTimestamp' => <DateTime>,
            'LogicalResourceId' => '<string>',
            'ModuleInfo' => [
                'LogicalIdHierarchy' => '<string>',
                'TypeHierarchy' => '<string>',
            ],
            'PhysicalResourceId' => '<string>',
            'ResourceStatus' => 'CREATE_IN_PROGRESS|CREATE_FAILED|CREATE_COMPLETE|DELETE_IN_PROGRESS|DELETE_FAILED|DELETE_COMPLETE|DELETE_SKIPPED|UPDATE_IN_PROGRESS|UPDATE_FAILED|UPDATE_COMPLETE|IMPORT_FAILED|IMPORT_COMPLETE|IMPORT_IN_PROGRESS|IMPORT_ROLLBACK_IN_PROGRESS|IMPORT_ROLLBACK_FAILED|IMPORT_ROLLBACK_COMPLETE',
            'ResourceStatusReason' => '<string>',
            'ResourceType' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

If the output exceeds 1 MB, a string that identifies the next page of stack resources. If no additional page exists, this value is null.

StackResourceSummaries

Type: Array of StackResourceSummary structures

A list of StackResourceSummary structures.

Errors

There are no errors described for this operation.

ListStackSetOperationResults

$result = $client->listStackSetOperationResults([/* ... */]);
$promise = $client->listStackSetOperationResultsAsync([/* ... */]);

Returns summary information about the results of a stack set operation.

Parameter Syntax

$result = $client->listStackSetOperationResults([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'OperationId' => '<string>', // REQUIRED
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

MaxResults

Type: int

NextToken

Type: string

If the previous request didn't return all of the remaining results, the response object's NextToken parameter value is set to a token. To retrieve the next set of results, call ListStackSetOperationResults again and assign that token to the request object's NextToken parameter. If there are no remaining results, the previous response object's NextToken parameter is set to null.

OperationId

Required: Yes
Type: string

The ID of the stack set operation.

StackSetName

Required: Yes
Type: string

The name or unique ID of the stack set that you want to get operation results for.

Result Syntax

[
    'NextToken' => '<string>',
    'Summaries' => [
        [
            'Account' => '<string>',
            'AccountGateResult' => [
                'Status' => 'SUCCEEDED|FAILED|SKIPPED',
                'StatusReason' => '<string>',
            ],
            'OrganizationalUnitId' => '<string>',
            'Region' => '<string>',
            'Status' => 'PENDING|RUNNING|SUCCEEDED|FAILED|CANCELLED',
            'StatusReason' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

If the request doesn't return all results, NextToken is set to a token. To retrieve the next set of results, call ListOperationResults again and assign that token to the request object's NextToken parameter. If there are no remaining results, NextToken is set to null.

Summaries

Type: Array of StackSetOperationResultSummary structures

A list of StackSetOperationResultSummary structures that contain information about the specified operation results, for accounts and Regions that are included in the operation.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.
OperationNotFoundException:
The specified ID refers to an operation that doesn't exist.

ListStackSetOperations

$result = $client->listStackSetOperations([/* ... */]);
$promise = $client->listStackSetOperationsAsync([/* ... */]);

Returns summary information about operations performed on a stack set.

Parameter Syntax

$result = $client->listStackSetOperations([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

MaxResults

Type: int

NextToken

Type: string

If the previous paginated request didn't return all of the remaining results, the response object's NextToken parameter value is set to a token. To retrieve the next set of results, call ListStackSetOperations again and assign that token to the request object's NextToken parameter. If there are no remaining results, the previous response object's NextToken parameter is set to null.

StackSetName

Required: Yes
Type: string

The name or unique ID of the stack set that you want to get operation summaries for.

Result Syntax

[
    'NextToken' => '<string>',
    'Summaries' => [
        [
            'Action' => 'CREATE|UPDATE|DELETE|DETECT_DRIFT',
            'CreationTimestamp' => <DateTime>,
            'EndTimestamp' => <DateTime>,
            'OperationId' => '<string>',
            'Status' => 'RUNNING|SUCCEEDED|FAILED|STOPPING|STOPPED|QUEUED',
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

Summaries

Type: Array of StackSetOperationSummary structures

A list of StackSetOperationSummary structures that contain summary information about operations for the specified stack set.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.

ListStackSets

$result = $client->listStackSets([/* ... */]);
$promise = $client->listStackSetsAsync([/* ... */]);

Returns summary information about stack sets that are associated with the user.

[Self-managed permissions] If you set the CallAs parameter to SELF while signed in to your AWS account, ListStackSets returns all self-managed stack sets in your AWS account.
[Service-managed permissions] If you set the CallAs parameter to SELF while signed in to the organization's management account, ListStackSets returns all stack sets in the management account.
[Service-managed permissions] If you set the CallAs parameter to DELEGATED_ADMIN while signed in to your member account, ListStackSets returns all stack sets with service-managed permissions in the management account.

Parameter Syntax

$result = $client->listStackSets([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'Status' => 'ACTIVE|DELETED',
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

MaxResults

Type: int

NextToken

Type: string

If the previous paginated request didn't return all of the remaining results, the response object's NextToken parameter value is set to a token. To retrieve the next set of results, call ListStackSets again and assign that token to the request object's NextToken parameter. If there are no remaining results, the previous response object's NextToken parameter is set to null.

Status

Type: string

The status of the stack sets that you want to get summary information about.

Result Syntax

[
    'NextToken' => '<string>',
    'Summaries' => [
        [
            'AutoDeployment' => [
                'Enabled' => true || false,
                'RetainStacksOnAccountRemoval' => true || false,
            ],
            'Description' => '<string>',
            'DriftStatus' => 'DRIFTED|IN_SYNC|UNKNOWN|NOT_CHECKED',
            'LastDriftCheckTimestamp' => <DateTime>,
            'PermissionModel' => 'SERVICE_MANAGED|SELF_MANAGED',
            'StackSetId' => '<string>',
            'StackSetName' => '<string>',
            'Status' => 'ACTIVE|DELETED',
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

Summaries

Type: Array of StackSetSummary structures

A list of StackSetSummary structures that contain information about the user's stack sets.

Errors

There are no errors described for this operation.

ListStacks

$result = $client->listStacks([/* ... */]);
$promise = $client->listStacksAsync([/* ... */]);

Returns the summary information for stacks whose status matches the specified StackStatusFilter. Summary information for stacks that have been deleted is kept for 90 days after the stack is deleted. If no StackStatusFilter is specified, summary information for all stacks is returned (including existing stacks and stacks that have been deleted).

Parameter Syntax

$result = $client->listStacks([
    'NextToken' => '<string>',
    'StackStatusFilter' => ['<string>', ...],
]);

Parameter Details

Members

NextToken

Type: string

A string that identifies the next page of stacks that you want to retrieve.

StackStatusFilter

Type: Array of strings

Stack status to use as a filter. Specify one or more stack status codes to list only stacks with the specified status codes. For a complete list of stack status codes, see the StackStatus parameter of the Stack data type.

Result Syntax

[
    'NextToken' => '<string>',
    'StackSummaries' => [
        [
            'CreationTime' => <DateTime>,
            'DeletionTime' => <DateTime>,
            'DriftInformation' => [
                'LastCheckTimestamp' => <DateTime>,
                'StackDriftStatus' => 'DRIFTED|IN_SYNC|UNKNOWN|NOT_CHECKED',
            ],
            'LastUpdatedTime' => <DateTime>,
            'ParentId' => '<string>',
            'RootId' => '<string>',
            'StackId' => '<string>',
            'StackName' => '<string>',
            'StackStatus' => 'CREATE_IN_PROGRESS|CREATE_FAILED|CREATE_COMPLETE|ROLLBACK_IN_PROGRESS|ROLLBACK_FAILED|ROLLBACK_COMPLETE|DELETE_IN_PROGRESS|DELETE_FAILED|DELETE_COMPLETE|UPDATE_IN_PROGRESS|UPDATE_COMPLETE_CLEANUP_IN_PROGRESS|UPDATE_COMPLETE|UPDATE_ROLLBACK_IN_PROGRESS|UPDATE_ROLLBACK_FAILED|UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS|UPDATE_ROLLBACK_COMPLETE|REVIEW_IN_PROGRESS|IMPORT_IN_PROGRESS|IMPORT_COMPLETE|IMPORT_ROLLBACK_IN_PROGRESS|IMPORT_ROLLBACK_FAILED|IMPORT_ROLLBACK_COMPLETE',
            'StackStatusReason' => '<string>',
            'TemplateDescription' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of stacks. If no additional page exists, this value is null.

StackSummaries

Type: Array of StackSummary structures

A list of StackSummary structures containing information about the specified stacks.

Errors

There are no errors described for this operation.

ListTypeRegistrations

$result = $client->listTypeRegistrations([/* ... */]);
$promise = $client->listTypeRegistrationsAsync([/* ... */]);

Returns a list of registration tokens for the specified extension(s).

Parameter Syntax

$result = $client->listTypeRegistrations([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'RegistrationStatusFilter' => 'COMPLETE|IN_PROGRESS|FAILED',
    'Type' => 'RESOURCE|MODULE',
    'TypeArn' => '<string>',
    'TypeName' => '<string>',
]);

Parameter Details

Members

MaxResults

Type: int

NextToken

Type: string

If the previous paginated request didn't return all of the remaining results, the response object's NextToken parameter value is set to a token. To retrieve the next set of results, call this action again and assign that token to the request object's NextToken parameter. If there are no remaining results, the previous response object's NextToken parameter is set to null.

RegistrationStatusFilter

Type: string

The current status of the extension registration request.

The default is IN_PROGRESS.

Type

Type: string

The kind of extension.

Conditional: You must specify either TypeName and Type, or Arn.

TypeArn

Type: string

The Amazon Resource Name (ARN) of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

TypeName

Type: string

The name of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

Result Syntax

[
    'NextToken' => '<string>',
    'RegistrationTokenList' => ['<string>', ...],
]

Result Details

Members

NextToken

Type: string

If the request doesn't return all of the remaining results, NextToken is set to a token. To retrieve the next set of results, call this action again and assign that token to the request object's NextToken parameter. If the request returns all results, NextToken is set to null.

RegistrationTokenList

Type: Array of strings

A list of extension registration tokens.

Use DescribeTypeRegistration to return detailed information about a type registration request.

Errors

CFNRegistryException:
An error occurred during a CloudFormation registry operation.

ListTypeVersions

$result = $client->listTypeVersions([/* ... */]);
$promise = $client->listTypeVersionsAsync([/* ... */]);

Returns summary information about the versions of an extension.

Parameter Syntax

$result = $client->listTypeVersions([
    'Arn' => '<string>',
    'DeprecatedStatus' => 'LIVE|DEPRECATED',
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'Type' => 'RESOURCE|MODULE',
    'TypeName' => '<string>',
]);

Parameter Details

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the extension for which you want version summary information.

Conditional: You must specify either TypeName and Type, or Arn.

DeprecatedStatus

Type: string

The deprecation status of the extension versions that you want to get summary information about.

Valid values include:

LIVE: The extension version is registered and can be used in CloudFormation operations, dependent on its provisioning behavior and visibility scope.
DEPRECATED: The extension version has been deregistered and can no longer be used in CloudFormation operations.

The default is LIVE.

MaxResults

Type: int

NextToken

Type: string

If the previous paginated request didn't return all of the remaining results, the response object's NextToken parameter value is set to a token. To retrieve the next set of results, call this action again and assign that token to the request object's NextToken parameter. If there are no remaining results, the previous response object's NextToken parameter is set to null.

Type

Type: string

The kind of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

TypeName

Type: string

The name of the extension for which you want version summary information.

Conditional: You must specify either TypeName and Type, or Arn.

Result Syntax

[
    'NextToken' => '<string>',
    'TypeVersionSummaries' => [
        [
            'Arn' => '<string>',
            'Description' => '<string>',
            'IsDefaultVersion' => true || false,
            'TimeCreated' => <DateTime>,
            'Type' => 'RESOURCE|MODULE',
            'TypeName' => '<string>',
            'VersionId' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

TypeVersionSummaries

Type: Array of TypeVersionSummary structures

A list of TypeVersionSummary structures that contain information about the specified extension's versions.

Errors

CFNRegistryException:
An error occurred during a CloudFormation registry operation.

ListTypes

$result = $client->listTypes([/* ... */]);
$promise = $client->listTypesAsync([/* ... */]);

Returns summary information about extension that have been registered with CloudFormation.

Parameter Syntax

$result = $client->listTypes([
    'DeprecatedStatus' => 'LIVE|DEPRECATED',
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'ProvisioningType' => 'NON_PROVISIONABLE|IMMUTABLE|FULLY_MUTABLE',
    'Type' => 'RESOURCE|MODULE',
    'Visibility' => 'PUBLIC|PRIVATE',
]);

Parameter Details

Members

DeprecatedStatus

Type: string

The deprecation status of the extension that you want to get summary information about.

Valid values include:

LIVE: The extension is registered for use in CloudFormation operations.
DEPRECATED: The extension has been deregistered and can no longer be used in CloudFormation operations.

MaxResults

Type: int

NextToken

Type: string

If the previous paginated request didn't return all of the remaining results, the response object's NextToken parameter value is set to a token. To retrieve the next set of results, call this action again and assign that token to the request object's NextToken parameter. If there are no remaining results, the previous response object's NextToken parameter is set to null.

ProvisioningType

Type: string

The provisioning behavior of the type. AWS CloudFormation determines the provisioning type during registration, based on the types of handlers in the schema handler package submitted.

Valid values include:

FULLY_MUTABLE: The extension includes an update handler to process updates to the extension during stack update operations.
IMMUTABLE: The extension does not include an update handler, so the extension cannot be updated and must instead be replaced during stack update operations.
NON_PROVISIONABLE: The extension does not include create, read, and delete handlers, and therefore cannot actually be provisioned.

Type

Type: string

The type of extension.

Visibility

Type: string

The scope at which the extension is visible and usable in CloudFormation operations.

Valid values include:

PRIVATE: The extension is only visible and usable within the account in which it is registered. Currently, AWS CloudFormation marks any extension you create as PRIVATE.
PUBLIC: The extension is publically visible and usable within any Amazon account.

The default is PRIVATE.

Result Syntax

[
    'NextToken' => '<string>',
    'TypeSummaries' => [
        [
            'DefaultVersionId' => '<string>',
            'Description' => '<string>',
            'LastUpdated' => <DateTime>,
            'Type' => 'RESOURCE|MODULE',
            'TypeArn' => '<string>',
            'TypeName' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members

NextToken

Type: string

TypeSummaries

Type: Array of TypeSummary structures

A list of TypeSummary structures that contain information about the specified extensions.

Errors

CFNRegistryException:
An error occurred during a CloudFormation registry operation.

RecordHandlerProgress

$result = $client->recordHandlerProgress([/* ... */]);
$promise = $client->recordHandlerProgressAsync([/* ... */]);

Reports progress of a resource handler to CloudFormation.

Reserved for use by the CloudFormation CLI. Do not use this API in your code.

Parameter Syntax

$result = $client->recordHandlerProgress([
    'BearerToken' => '<string>', // REQUIRED
    'ClientRequestToken' => '<string>',
    'CurrentOperationStatus' => 'PENDING|IN_PROGRESS|SUCCESS|FAILED',
    'ErrorCode' => 'NotUpdatable|InvalidRequest|AccessDenied|InvalidCredentials|AlreadyExists|NotFound|ResourceConflict|Throttling|ServiceLimitExceeded|NotStabilized|GeneralServiceException|ServiceInternalError|NetworkFailure|InternalFailure',
    'OperationStatus' => 'PENDING|IN_PROGRESS|SUCCESS|FAILED', // REQUIRED
    'ResourceModel' => '<string>',
    'StatusMessage' => '<string>',
]);

Parameter Details

Members

BearerToken

Required: Yes
Type: string

Reserved for use by the CloudFormation CLI.

ClientRequestToken

Type: string

Reserved for use by the CloudFormation CLI.

CurrentOperationStatus

Type: string

Reserved for use by the CloudFormation CLI.

ErrorCode

Type: string

Reserved for use by the CloudFormation CLI.

OperationStatus

Required: Yes
Type: string

Reserved for use by the CloudFormation CLI.

ResourceModel

Type: string

Reserved for use by the CloudFormation CLI.

StatusMessage

Type: string

Reserved for use by the CloudFormation CLI.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

InvalidStateTransitionException:
Error reserved for use by the CloudFormation CLI. CloudFormation does not return this error to users.
OperationStatusCheckFailedException:
Error reserved for use by the CloudFormation CLI. CloudFormation does not return this error to users.

RegisterType

$result = $client->registerType([/* ... */]);
$promise = $client->registerTypeAsync([/* ... */]);

Registers an extension with the CloudFormation service. Registering an extension makes it available for use in CloudFormation templates in your AWS account, and includes:

Validating the extension schema
Determining which handlers, if any, have been specified for the extension
Making the extension available for use in your account

For more information on how to develop extensions and ready them for registeration, see Creating Resource Providers in the CloudFormation CLI User Guide.

You can have a maximum of 50 resource extension versions registered at a time. This maximum is per account and per region. Use DeregisterType to deregister specific extension versions if necessary.

Once you have initiated a registration request using RegisterType , you can use DescribeTypeRegistration to monitor the progress of the registration request.

Parameter Syntax

$result = $client->registerType([
    'ClientRequestToken' => '<string>',
    'ExecutionRoleArn' => '<string>',
    'LoggingConfig' => [
        'LogGroupName' => '<string>', // REQUIRED
        'LogRoleArn' => '<string>', // REQUIRED
    ],
    'SchemaHandlerPackage' => '<string>', // REQUIRED
    'Type' => 'RESOURCE|MODULE',
    'TypeName' => '<string>', // REQUIRED
]);

Parameter Details

Members

ClientRequestToken

Type: string

A unique identifier that acts as an idempotency key for this registration request. Specifying a client request token prevents CloudFormation from generating more than one version of an extension from the same registeration request, even if the request is submitted multiple times.

ExecutionRoleArn

Type: string

The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the extension. If your extension calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the extension handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the extension handler, thereby supplying your extension with the appropriate credentials.

LoggingConfig

Type: LoggingConfig structure

Specifies logging configuration information for an extension.

SchemaHandlerPackage

Required: Yes
Type: string

A url to the S3 bucket containing the extension project package that contains the neccessary files for the extension you want to register.

For information on generating a schema handler package for the extension you want to register, see submit in the CloudFormation CLI User Guide.

The user registering the extension must be able to access the package in the S3 bucket. That is, the user needs to have GetObject permissions for the schema handler package. For more information, see Actions, Resources, and Condition Keys for Amazon S3 in the AWS Identity and Access Management User Guide.

Type

Type: string

The kind of extension.

TypeName

Required: Yes
Type: string

The name of the extension being registered.

We recommend that extension names adhere to the following pattern: company_or_organization::service::type.

The following organization namespaces are reserved and cannot be used in your extension names:

Alexa
AMZN
Amazon
AWS
Custom
Dev

Result Syntax

[
    'RegistrationToken' => '<string>',
]

Result Details

Members

RegistrationToken

Type: string

The identifier for this registration request.

Use this registration token when calling DescribeTypeRegistration , which returns information about the status and IDs of the extension registration.

Errors

CFNRegistryException:
An error occurred during a CloudFormation registry operation.

SetStackPolicy

$result = $client->setStackPolicy([/* ... */]);
$promise = $client->setStackPolicyAsync([/* ... */]);

Sets a stack policy for a specified stack.

Parameter Syntax

$result = $client->setStackPolicy([
    'StackName' => '<string>', // REQUIRED
    'StackPolicyBody' => '<string>',
    'StackPolicyURL' => '<string>',
]);

Parameter Details

Members

StackName

Required: Yes
Type: string

The name or unique stack ID that you want to associate a policy with.

StackPolicyBody

Type: string

Structure containing the stack policy body. For more information, go to Prevent Updates to Stack Resources in the AWS CloudFormation User Guide. You can specify either the StackPolicyBody or the StackPolicyURL parameter, but not both.

StackPolicyURL

Type: string

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

There are no errors described for this operation.

SetTypeDefaultVersion

$result = $client->setTypeDefaultVersion([/* ... */]);
$promise = $client->setTypeDefaultVersionAsync([/* ... */]);

Specify the default version of an extension. The default version of an extension will be used in CloudFormation operations.

Parameter Syntax

$result = $client->setTypeDefaultVersion([
    'Arn' => '<string>',
    'Type' => 'RESOURCE|MODULE',
    'TypeName' => '<string>',
    'VersionId' => '<string>',
]);

Parameter Details

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the extension for which you want version summary information.

Conditional: You must specify either TypeName and Type, or Arn.

Type

Type: string

The kind of extension.

Conditional: You must specify either TypeName and Type, or Arn.

TypeName

Type: string

The name of the extension.

Conditional: You must specify either TypeName and Type, or Arn.

VersionId

Type: string

The ID of a specific version of the extension. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the extension version when it is registered.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

CFNRegistryException:
An error occurred during a CloudFormation registry operation.
TypeNotFoundException:
The specified type does not exist in the CloudFormation registry.

SignalResource

$result = $client->signalResource([/* ... */]);
$promise = $client->signalResourceAsync([/* ... */]);

Sends a signal to the specified resource with a success or failure status. You can use the SignalResource API in conjunction with a creation policy or update policy. AWS CloudFormation doesn't proceed with a stack creation or update until resources receive the required number of signals or the timeout period is exceeded. The SignalResource API is useful in cases where you want to send signals from anywhere other than an Amazon EC2 instance.

Parameter Syntax

$result = $client->signalResource([
    'LogicalResourceId' => '<string>', // REQUIRED
    'StackName' => '<string>', // REQUIRED
    'Status' => 'SUCCESS|FAILURE', // REQUIRED
    'UniqueId' => '<string>', // REQUIRED
]);

Parameter Details

Members

LogicalResourceId

Required: Yes
Type: string

The logical ID of the resource that you want to signal. The logical ID is the name of the resource that given in the template.

StackName

Required: Yes
Type: string

The stack name or unique stack ID that includes the resource that you want to signal.

Status

Required: Yes
Type: string

The status of the signal, which is either success or failure. A failure signal causes AWS CloudFormation to immediately fail the stack creation or update.

UniqueId

Required: Yes
Type: string

A unique ID of the signal. When you signal Amazon EC2 instances or Auto Scaling groups, specify the instance ID that you are signaling as the unique ID. If you send multiple signals to a single resource (such as signaling a wait condition), each signal requires a different unique ID.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

There are no errors described for this operation.

StopStackSetOperation

$result = $client->stopStackSetOperation([/* ... */]);
$promise = $client->stopStackSetOperationAsync([/* ... */]);

Stops an in-progress operation on a stack set and its associated stack instances.

Parameter Syntax

$result = $client->stopStackSetOperation([
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'OperationId' => '<string>', // REQUIRED
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

OperationId

Required: Yes
Type: string

The ID of the stack operation.

StackSetName

Required: Yes
Type: string

The name or unique ID of the stack set that you want to stop the operation for.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.
OperationNotFoundException:
The specified ID refers to an operation that doesn't exist.
InvalidOperationException:
The specified operation isn't valid.

UpdateStack

$result = $client->updateStack([/* ... */]);
$promise = $client->updateStackAsync([/* ... */]);

Updates a stack as specified in the template. After the call completes successfully, the stack update starts. You can check the status of the stack via the DescribeStacks action.

To get a copy of the template for an existing stack, you can use the GetTemplate action.

For more information about creating an update template, updating a stack, and monitoring the progress of the update, see Updating a Stack.

Parameter Syntax

$result = $client->updateStack([
    'Capabilities' => ['<string>', ...],
    'ClientRequestToken' => '<string>',
    'NotificationARNs' => ['<string>', ...],
    'Parameters' => [
        [
            'ParameterKey' => '<string>',
            'ParameterValue' => '<string>',
            'ResolvedValue' => '<string>',
            'UsePreviousValue' => true || false,
        ],
        // ...
    ],
    'ResourceTypes' => ['<string>', ...],
    'RoleARN' => '<string>',
    'RollbackConfiguration' => [
        'MonitoringTimeInMinutes' => <integer>,
        'RollbackTriggers' => [
            [
                'Arn' => '<string>', // REQUIRED
                'Type' => '<string>', // REQUIRED
            ],
            // ...
        ],
    ],
    'StackName' => '<string>', // REQUIRED
    'StackPolicyBody' => '<string>',
    'StackPolicyDuringUpdateBody' => '<string>',
    'StackPolicyDuringUpdateURL' => '<string>',
    'StackPolicyURL' => '<string>',
    'Tags' => [
        [
            'Key' => '<string>', // REQUIRED
            'Value' => '<string>', // REQUIRED
        ],
        // ...
    ],
    'TemplateBody' => '<string>',
    'TemplateURL' => '<string>',
    'UsePreviousTemplate' => true || false,
]);

Parameter Details

Members

Capabilities

Type: Array of strings

In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for AWS CloudFormation to update the stack.

CAPABILITY_IAM and CAPABILITY_NAMED_IAM

Some stack templates might include resources that can affect permissions in your AWS account; for example, by creating new AWS Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.

The following IAM resources require you to specify either the CAPABILITY_IAM or CAPABILITY_NAMED_IAM capability.
- If you have IAM resources, you can specify either capability.
- If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.
- If you don't specify either of these capabilities, AWS CloudFormation returns an InsufficientCapabilities error.
If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.
For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.
CAPABILITY_AUTO_EXPAND

Some template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually updating the stack. If your stack template contains one or more macros, and you choose to update a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by AWS CloudFormation.

If you want to update a stack from a stack template that contains macros and nested stacks, you must update the stack directly from the template using this capability.

You should only update stacks directly from a stack template that contains macros if you know what processing the macro performs.

Each macro relies on an underlying Lambda service function for processing stack templates. Be aware that the Lambda function owner can update the function operation without AWS CloudFormation being notified.

For more information, see Using AWS CloudFormation Macros to Perform Custom Processing on Templates.

ClientRequestToken

Type: string

A unique identifier for this UpdateStack request. Specify this token if you plan to retry requests so that AWS CloudFormation knows that you're not attempting to update a stack with the same name. You might retry UpdateStack requests to ensure that AWS CloudFormation successfully received them.

NotificationARNs

Type: Array of strings

Amazon Simple Notification Service topic Amazon Resource Names (ARNs) that AWS CloudFormation associates with the stack. Specify an empty list to remove all notification topics.

Parameters

Type: Array of Parameter structures

A list of Parameter structures that specify input parameters for the stack. For more information, see the Parameter data type.

ResourceTypes

Type: Array of strings

The template resource types that you have permissions to work with for this update stack action, such as AWS::EC2::Instance, AWS::EC2::*, or Custom::MyCustomInstance.

If the list of resource types doesn't include a resource that you're updating, the stack update fails. By default, AWS CloudFormation grants permissions to all resource types. AWS Identity and Access Management (IAM) uses this parameter for AWS CloudFormation-specific condition keys in IAM policies. For more information, see Controlling Access with AWS Identity and Access Management.

RoleARN

Type: string

The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that AWS CloudFormation assumes to update the stack. AWS CloudFormation uses the role's credentials to make calls on your behalf. AWS CloudFormation always uses this role for all future operations on the stack. As long as users have permission to operate on the stack, AWS CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least privilege.

RollbackConfiguration

Type: RollbackConfiguration structure

The rollback triggers for AWS CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

StackName

Required: Yes
Type: string

The name or unique stack ID of the stack to update.

StackPolicyBody

Type: string

Structure containing a new stack policy body. You can specify either the StackPolicyBody or the StackPolicyURL parameter, but not both.

You might update the stack policy, for example, in order to protect a new resource that you created during a stack update. If you do not specify a stack policy, the current policy that is associated with the stack is unchanged.

StackPolicyDuringUpdateBody

Type: string

Structure containing the temporary overriding stack policy body. You can specify either the StackPolicyDuringUpdateBody or the StackPolicyDuringUpdateURL parameter, but not both.

If you want to update protected resources, specify a temporary overriding stack policy during this update. If you do not specify a stack policy, the current policy that is associated with the stack will be used.

StackPolicyDuringUpdateURL

Type: string

Location of a file containing the temporary overriding stack policy. The URL must point to a policy (max size: 16KB) located in an S3 bucket in the same Region as the stack. You can specify either the StackPolicyDuringUpdateBody or the StackPolicyDuringUpdateURL parameter, but not both.

StackPolicyURL

Type: string

Location of a file containing the updated stack policy. The URL must point to a policy (max size: 16KB) located in an S3 bucket in the same Region as the stack. You can specify either the StackPolicyBody or the StackPolicyURL parameter, but not both.

Tags

Type: Array of Tag structures

Key-value pairs to associate with this stack. AWS CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.

If you don't specify this parameter, AWS CloudFormation doesn't modify the stack's tags. If you specify an empty value, AWS CloudFormation removes all associated tags.

TemplateBody

Type: string

Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. (For more information, go to Template Anatomy in the AWS CloudFormation User Guide.)

Conditional: You must specify only one of the following parameters: TemplateBody, TemplateURL, or set the UsePreviousTemplate to true.

TemplateURL

Type: string

Conditional: You must specify only one of the following parameters: TemplateBody, TemplateURL, or set the UsePreviousTemplate to true.

UsePreviousTemplate

Type: boolean

Reuse the existing template that is associated with the stack that you are updating.

Conditional: You must specify only one of the following parameters: TemplateBody, TemplateURL, or set the UsePreviousTemplate to true.

Result Syntax

[
    'StackId' => '<string>',
]

Result Details

Members

StackId

Type: string

Unique identifier of the stack.

Errors

InsufficientCapabilitiesException:
The template contains resources with capabilities that weren't specified in the Capabilities parameter.
TokenAlreadyExistsException:
A client request token already exists.

UpdateStackInstances

$result = $client->updateStackInstances([/* ... */]);
$promise = $client->updateStackInstancesAsync([/* ... */]);

Updates the parameter values for stack instances for the specified accounts, within the specified Regions. A stack instance refers to a stack in a specific account and Region.

You can only update stack instances in Regions and accounts where they already exist; to create additional stack instances, use CreateStackInstances.

During stack set updates, any parameters overridden for a stack instance are not updated, but retain their overridden value.

You can only update the parameter values that are specified in the stack set; to add or delete a parameter itself, use UpdateStackSet to update the stack set template. If you add a parameter to a template, before you can override the parameter value specified in the stack set you must first use UpdateStackSet to update all stack instances with the updated template and parameter value specified in the stack set. Once a stack instance has been updated with the new parameter, you can then override the parameter value using UpdateStackInstances.

Parameter Syntax

$result = $client->updateStackInstances([
    'Accounts' => ['<string>', ...],
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'DeploymentTargets' => [
        'Accounts' => ['<string>', ...],
        'AccountsUrl' => '<string>',
        'OrganizationalUnitIds' => ['<string>', ...],
    ],
    'OperationId' => '<string>',
    'OperationPreferences' => [
        'FailureToleranceCount' => <integer>,
        'FailureTolerancePercentage' => <integer>,
        'MaxConcurrentCount' => <integer>,
        'MaxConcurrentPercentage' => <integer>,
        'RegionConcurrencyType' => 'SEQUENTIAL|PARALLEL',
        'RegionOrder' => ['<string>', ...],
    ],
    'ParameterOverrides' => [
        [
            'ParameterKey' => '<string>',
            'ParameterValue' => '<string>',
            'ResolvedValue' => '<string>',
            'UsePreviousValue' => true || false,
        ],
        // ...
    ],
    'Regions' => ['<string>', ...], // REQUIRED
    'StackSetName' => '<string>', // REQUIRED
]);

Parameter Details

Members

Accounts

Type: Array of strings

[Self-managed permissions] The names of one or more AWS accounts for which you want to update parameter values for stack instances. The overridden parameter values will be applied to all stack instances in the specified accounts and Regions.

You can specify Accounts or DeploymentTargets, but not both.

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

DeploymentTargets

Type: DeploymentTargets structure

[Service-managed permissions] The AWS Organizations accounts for which you want to update parameter values for stack instances. If your update targets OUs, the overridden parameter values only apply to the accounts that are currently in the target OUs and their child OUs. Accounts added to the target OUs and their child OUs in the future won't use the overridden values.

You can specify Accounts or DeploymentTargets, but not both.

OperationId

Type: string

The unique identifier for this stack set operation.

If you don't specify an operation ID, the SDK generates one automatically.

OperationPreferences

Type: StackSetOperationPreferences structure

Preferences for how AWS CloudFormation performs this stack set operation.

ParameterOverrides

Type: Array of Parameter structures

A list of input parameters whose values you want to update for the specified stack instances.

To override the current value for a parameter, include the parameter and specify its value.
To leave a parameter set to its present value, you can do one of the following:
- Do not include the parameter in the list.
- Include the parameter and specify UsePreviousValue as true. (You cannot specify both a value and set UsePreviousValue to true.)
To set all overridden parameter back to the values specified in the stack set, specify a parameter list but do not include any parameters.
To leave all parameters set to their present values, do not specify this property at all.

During stack set updates, any parameter values overridden for a stack instance are not updated, but retain their overridden value.

You can only override the parameter values that are specified in the stack set; to add or delete a parameter itself, use UpdateStackSet to update the stack set template. If you add a parameter to a template, before you can override the parameter value specified in the stack set you must first use UpdateStackSet to update all stack instances with the updated template and parameter value specified in the stack set. Once a stack instance has been updated with the new parameter, you can then override the parameter value using UpdateStackInstances.

Regions

Required: Yes
Type: Array of strings

The names of one or more Regions in which you want to update parameter values for stack instances. The overridden parameter values will be applied to all stack instances in the specified accounts and Regions.

StackSetName

Required: Yes
Type: string

The name or unique ID of the stack set associated with the stack instances.

Result Syntax

[
    'OperationId' => '<string>',
]

Result Details

Members

OperationId

Type: string

The unique identifier for this stack set operation.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.
StackInstanceNotFoundException:
The specified stack instance doesn't exist.
OperationInProgressException:
Another operation is currently in progress for this stack set. Only one operation can be performed for a stack set at a given time.
OperationIdAlreadyExistsException:
The specified operation ID already exists.
StaleRequestException:
Another operation has been performed on this stack set since the specified operation was performed.
InvalidOperationException:
The specified operation isn't valid.

UpdateStackSet

$result = $client->updateStackSet([/* ... */]);
$promise = $client->updateStackSetAsync([/* ... */]);

Updates the stack set, and associated stack instances in the specified accounts and Regions.

Even if the stack set operation created by updating the stack set fails (completely or partially, below or above a specified failure tolerance), the stack set is updated with your changes. Subsequent CreateStackInstances calls on the specified stack set use the updated stack set.

Parameter Syntax

$result = $client->updateStackSet([
    'Accounts' => ['<string>', ...],
    'AdministrationRoleARN' => '<string>',
    'AutoDeployment' => [
        'Enabled' => true || false,
        'RetainStacksOnAccountRemoval' => true || false,
    ],
    'CallAs' => 'SELF|DELEGATED_ADMIN',
    'Capabilities' => ['<string>', ...],
    'DeploymentTargets' => [
        'Accounts' => ['<string>', ...],
        'AccountsUrl' => '<string>',
        'OrganizationalUnitIds' => ['<string>', ...],
    ],
    'Description' => '<string>',
    'ExecutionRoleName' => '<string>',
    'OperationId' => '<string>',
    'OperationPreferences' => [
        'FailureToleranceCount' => <integer>,
        'FailureTolerancePercentage' => <integer>,
        'MaxConcurrentCount' => <integer>,
        'MaxConcurrentPercentage' => <integer>,
        'RegionConcurrencyType' => 'SEQUENTIAL|PARALLEL',
        'RegionOrder' => ['<string>', ...],
    ],
    'Parameters' => [
        [
            'ParameterKey' => '<string>',
            'ParameterValue' => '<string>',
            'ResolvedValue' => '<string>',
            'UsePreviousValue' => true || false,
        ],
        // ...
    ],
    'PermissionModel' => 'SERVICE_MANAGED|SELF_MANAGED',
    'Regions' => ['<string>', ...],
    'StackSetName' => '<string>', // REQUIRED
    'Tags' => [
        [
            'Key' => '<string>', // REQUIRED
            'Value' => '<string>', // REQUIRED
        ],
        // ...
    ],
    'TemplateBody' => '<string>',
    'TemplateURL' => '<string>',
    'UsePreviousTemplate' => true || false,
]);

Parameter Details

Members

Accounts

Type: Array of strings

[Self-managed permissions] The accounts in which to update associated stack instances. If you specify accounts, you must also specify the Regions in which to update stack set instances.

To update all the stack instances associated with this stack set, do not specify the Accounts or Regions properties.

If the stack set update includes changes to the template (that is, if the TemplateBody or TemplateURL properties are specified), or the Parameters property, AWS CloudFormation marks all stack instances with a status of OUTDATED prior to updating the stack instances in the specified accounts and Regions. If the stack set update does not include changes to the template or parameters, AWS CloudFormation updates the stack instances in the specified accounts and Regions, while leaving all other stack instances with their existing stack instance status.

AdministrationRoleARN

Type: string

The Amazon Resource Number (ARN) of the IAM role to use to update this stack set.

Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Granting Permissions for Stack Set Operations in the AWS CloudFormation User Guide.

If you specified a customized administrator role when you created the stack set, you must specify a customized administrator role, even if it is the same customized administrator role used with this stack set previously.

AutoDeployment

Type: AutoDeployment structure

[Service-managed permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).

If you specify AutoDeployment, do not specify DeploymentTargets or Regions.

CallAs

Type: string

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.

Your AWS account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide.

Capabilities

Type: Array of strings

In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for AWS CloudFormation to update the stack set and its associated stack instances.

CAPABILITY_IAM and CAPABILITY_NAMED_IAM

Some stack templates might include resources that can affect permissions in your AWS account; for example, by creating new AWS Identity and Access Management (IAM) users. For those stacks sets, you must explicitly acknowledge this by specifying one of these capabilities.

The following IAM resources require you to specify either the CAPABILITY_IAM or CAPABILITY_NAMED_IAM capability.
- If you have IAM resources, you can specify either capability.
- If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.
- If you don't specify either of these capabilities, AWS CloudFormation returns an InsufficientCapabilities error.
If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.
For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.
CAPABILITY_AUTO_EXPAND

Some templates reference macros. If your stack set template references one or more macros, you must update the stack set directly from the processed template, without first reviewing the resulting changes in a change set. To update the stack set directly, you must acknowledge this capability. For more information, see Using AWS CloudFormation Macros to Perform Custom Processing on Templates.

Stack sets with service-managed permissions do not currently support the use of macros in templates. (This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by AWS CloudFormation.) Even if you specify this capability for a stack set with service-managed permissions, if you reference a macro in your template the stack set operation will fail.

DeploymentTargets

Type: DeploymentTargets structure

[Service-managed permissions] The AWS Organizations accounts in which to update associated stack instances.

To update all the stack instances associated with this stack set, do not specify DeploymentTargets or Regions.

If the stack set update includes changes to the template (that is, if TemplateBody or TemplateURL is specified), or the Parameters, AWS CloudFormation marks all stack instances with a status of OUTDATED prior to updating the stack instances in the specified accounts and Regions. If the stack set update does not include changes to the template or parameters, AWS CloudFormation updates the stack instances in the specified accounts and Regions, while leaving all other stack instances with their existing stack instance status.

Description

Type: string

A brief description of updates that you are making.

ExecutionRoleName

Type: string

The name of the IAM execution role to use to update the stack set. If you do not specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation.

Specify an IAM role only if you are using customized execution roles to control which stack resources users and groups can include in their stack sets.

If you specify a customized execution role, AWS CloudFormation uses that role to update the stack. If you do not specify a customized execution role, AWS CloudFormation performs the update using the role previously associated with the stack set, so long as you have permissions to perform operations on the stack set.

OperationId

Type: string

The unique ID for this stack set operation.

If you don't specify an operation ID, AWS CloudFormation generates one automatically.

Repeating this stack set operation with a new operation ID retries all stack instances whose status is OUTDATED.

OperationPreferences

Type: StackSetOperationPreferences structure

Preferences for how AWS CloudFormation performs this stack set operation.

Parameters

Type: Array of Parameter structures

A list of input parameters for the stack set template.

PermissionModel

Type: string

Describes how the IAM roles required for stack set operations are created. You cannot modify PermissionModel if there are stack instances associated with your stack set.

With self-managed permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see Grant Self-Managed Stack Set Permissions.
With service-managed permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations. For more information, see Grant Service-Managed Stack Set Permissions.

Regions

Type: Array of strings

The Regions in which to update associated stack instances. If you specify Regions, you must also specify accounts in which to update stack set instances.

To update all the stack instances associated with this stack set, do not specify the Accounts or Regions properties.

StackSetName

Required: Yes
Type: string

The name or unique ID of the stack set that you want to update.

Tags

Type: Array of Tag structures

If you specify tags for this parameter, those tags replace any list of tags that are currently associated with this stack set. This means:

If you don't specify this parameter, AWS CloudFormation doesn't modify the stack's tags.
If you specify any tags using this parameter, you must specify all the tags that you want associated with this stack set, even tags you've specifed before (for example, when creating the stack set or during a previous update of the stack set.). Any tags that you don't include in the updated list of tags are removed from the stack set, and therefore from the stacks and resources as well.
If you specify an empty value, AWS CloudFormation removes all currently associated tags.

If you specify new tags as part of an UpdateStackSet action, AWS CloudFormation checks to see if you have the required IAM permission to tag resources. If you omit tags that are currently associated with the stack set from the list of tags you specify, AWS CloudFormation assumes that you want to remove those tags from the stack set, and checks to see if you have permission to untag resources. If you don't have the necessary permission(s), the entire UpdateStackSet action fails with an access denied error, and the stack set is not updated.

TemplateBody

Type: string

The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information, see Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must specify only one of the following parameters: TemplateBody or TemplateURL—or set UsePreviousTemplate to true.

TemplateURL

Type: string

The location of the file that contains the template body. The URL must point to a template (maximum size: 460,800 bytes) that is located in an Amazon S3 bucket or a Systems Manager document. For more information, see Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must specify only one of the following parameters: TemplateBody or TemplateURL—or set UsePreviousTemplate to true.

UsePreviousTemplate

Type: boolean

Use the existing template that's associated with the stack set that you're updating.

Conditional: You must specify only one of the following parameters: TemplateBody or TemplateURL—or set UsePreviousTemplate to true.

Result Syntax

[
    'OperationId' => '<string>',
]

Result Details

Members

OperationId

Type: string

The unique ID for this stack set operation.

Errors

StackSetNotFoundException:
The specified stack set doesn't exist.
OperationInProgressException:
Another operation is currently in progress for this stack set. Only one operation can be performed for a stack set at a given time.
OperationIdAlreadyExistsException:
The specified operation ID already exists.
StaleRequestException:
Another operation has been performed on this stack set since the specified operation was performed.
InvalidOperationException:
The specified operation isn't valid.
StackInstanceNotFoundException:
The specified stack instance doesn't exist.

UpdateTerminationProtection

$result = $client->updateTerminationProtection([/* ... */]);
$promise = $client->updateTerminationProtectionAsync([/* ... */]);

Updates termination protection for the specified stack. If a user attempts to delete a stack with termination protection enabled, the operation fails and the stack remains unchanged. For more information, see Protecting a Stack From Being Deleted in the AWS CloudFormation User Guide.

For nested stacks, termination protection is set on the root stack and cannot be changed directly on the nested stack.

Parameter Syntax

$result = $client->updateTerminationProtection([
    'EnableTerminationProtection' => true || false, // REQUIRED
    'StackName' => '<string>', // REQUIRED
]);

Parameter Details

Members

EnableTerminationProtection

Required: Yes
Type: boolean

Whether to enable termination protection on the specified stack.

StackName

Required: Yes
Type: string

The name or unique ID of the stack for which you want to set termination protection.

Result Syntax

[
    'StackId' => '<string>',
]

Result Details

Members

StackId

Type: string

The unique ID of the stack.

Errors

There are no errors described for this operation.

ValidateTemplate

$result = $client->validateTemplate([/* ... */]);
$promise = $client->validateTemplateAsync([/* ... */]);

Validates a specified template. AWS CloudFormation first checks if the template is valid JSON. If it isn't, AWS CloudFormation checks if the template is valid YAML. If both these checks fail, AWS CloudFormation returns a template validation error.

Parameter Syntax

$result = $client->validateTemplate([
    'TemplateBody' => '<string>',
    'TemplateURL' => '<string>',
]);

Parameter Details

Members

TemplateBody

Type: string

Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information, go to Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must pass TemplateURL or TemplateBody. If both are passed, only TemplateBody is used.

TemplateURL

Type: string

Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that is located in an Amazon S3 bucket or a Systems Manager document. For more information, go to Template Anatomy in the AWS CloudFormation User Guide.

Conditional: You must pass TemplateURL or TemplateBody. If both are passed, only TemplateBody is used.

Result Syntax

[
    'Capabilities' => ['<string>', ...],
    'CapabilitiesReason' => '<string>',
    'DeclaredTransforms' => ['<string>', ...],
    'Description' => '<string>',
    'Parameters' => [
        [
            'DefaultValue' => '<string>',
            'Description' => '<string>',
            'NoEcho' => true || false,
            'ParameterKey' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members

Capabilities

Type: Array of strings

For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.

CapabilitiesReason

Type: string

The list of resources that generated the values in the Capabilities response element.

DeclaredTransforms

Type: Array of strings

A list of the transforms that are declared in the template.

Description

Type: string

The description found within the template.

Parameters

Type: Array of TemplateParameter structures

A list of TemplateParameter structures.

Errors

There are no errors described for this operation.

Shapes

AccountGateResult

Description

Structure that contains the results of the account gate function which AWS CloudFormation invokes, if present, before proceeding with a stack set operation in an account and Region.

For each account and Region, AWS CloudFormation lets you specify a Lamdba function that encapsulates any requirements that must be met before CloudFormation can proceed with a stack set operation in that account and Region. CloudFormation invokes the function each time a stack set operation is requested for that account and Region; if the function returns FAILED, CloudFormation cancels the operation in that account and Region, and sets the stack set operation result status for that account and Region to FAILED.

For more information, see Configuring a target account gate.

Members

Status

Type: string

The status of the account gate function.

SUCCEEDED: The account gate function has determined that the account and Region passes any requirements for a stack set operation to occur. AWS CloudFormation proceeds with the stack operation in that account and Region.
FAILED: The account gate function has determined that the account and Region does not meet the requirements for a stack set operation to occur. AWS CloudFormation cancels the stack set operation in that account and Region, and sets the stack set operation result status for that account and Region to FAILED.
SKIPPED: AWS CloudFormation has skipped calling the account gate function for this account and Region, for one of the following reasons:
- An account gate function has not been specified for the account and Region. AWS CloudFormation proceeds with the stack set operation in this account and Region.
- The AWSCloudFormationStackSetExecutionRole of the stack set adminstration account lacks permissions to invoke the function. AWS CloudFormation proceeds with the stack set operation in this account and Region.
- Either no action is necessary, or no action is possible, on the stack. AWS CloudFormation skips the stack set operation in this account and Region.

StatusReason

Type: string

The reason for the account gate status assigned to this account and Region for the stack set operation.

AccountLimit

Description

The AccountLimit data type.

CloudFormation has the following limits per account:

Number of concurrent resources
Number of stacks
Number of stack outputs

For more information about these account limits, and other CloudFormation limits, see AWS CloudFormation Limits in the AWS CloudFormation User Guide.

Members

Name

Type: string

The name of the account limit.

Values: ConcurrentResourcesLimit | StackLimit | StackOutputsLimit

Value

Type: int

The value that is associated with the account limit name.

AlreadyExistsException

Description

The resource with the name requested already exists.

Members

AutoDeployment

Description

[Service-managed permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).

Members

Enabled

Type: boolean

If set to true, StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.

RetainStacksOnAccountRemoval

Type: boolean

If set to true, stack resources are retained when an account is removed from a target organization or OU. If set to false, stack resources are deleted. Specify only if Enabled is set to True.

CFNRegistryException

Description

An error occurred during a CloudFormation registry operation.

Members

Message

Type: string

Change

Description

The Change structure describes the changes AWS CloudFormation will perform if you execute the change set.

Members

ResourceChange

Type: ResourceChange structure

A ResourceChange structure that describes the resource and action that AWS CloudFormation will perform.

Type

Type: string

The type of entity that AWS CloudFormation changes. Currently, the only entity type is Resource.

ChangeSetNotFoundException

Description

The specified change set name or ID doesn't exit. To view valid change sets for a stack, use the ListChangeSets action.

Members

ChangeSetSummary

Description

The ChangeSetSummary structure describes a change set, its status, and the stack with which it's associated.

Members

ChangeSetId

Type: string

The ID of the change set.

ChangeSetName

Type: string

The name of the change set.

CreationTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The start time when the change set was created, in UTC.

Description

Type: string

Descriptive information about the change set.

ExecutionStatus

Type: string

IncludeNestedStacks

Type: boolean

Specifies the current setting of IncludeNestedStacks for the change set.

ParentChangeSetId

Type: string

The parent change set ID.

RootChangeSetId

Type: string

The root change set ID.

StackId

Type: string

The ID of the stack with which the change set is associated.

StackName

Type: string

The name of the stack with which the change set is associated.

Status

Type: string

The state of the change set, such as CREATE_IN_PROGRESS, CREATE_COMPLETE, or FAILED.

StatusReason

Type: string

A description of the change set's status. For example, if your change set is in the FAILED state, AWS CloudFormation shows the error message.

ContinueUpdateRollbackOutput

Description

The output for a ContinueUpdateRollback action.

Members

CreateChangeSetOutput

Description

The output for the CreateChangeSet action.

Members

Id

Type: string

The Amazon Resource Name (ARN) of the change set.

StackId

Type: string

The unique ID of the stack.

CreateStackInstancesOutput

Members

OperationId

Type: string

The unique identifier for this stack set operation.

CreateStackOutput

Description

The output for a CreateStack action.

Members

StackId

Type: string

Unique identifier of the stack.

CreateStackSetOutput

Members

StackSetId

Type: string

The ID of the stack set that you're creating.

CreatedButModifiedException

Description

The specified resource exists, but has been changed.

Members

DeleteChangeSetOutput

Description

The output for the DeleteChangeSet action.

Members

DeleteStackInstancesOutput

Members

OperationId

Type: string

The unique identifier for this stack set operation.

DeleteStackSetOutput

Members

DeploymentTargets

Description

[Service-managed permissions] The AWS Organizations accounts to which StackSets deploys. StackSets does not deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization.

For update operations, you can specify either Accounts or OrganizationalUnitIds. For create and delete operations, specify OrganizationalUnitIds.

Members

Accounts

Type: Array of strings

The names of one or more AWS accounts for which you want to deploy stack set updates.

AccountsUrl

Type: string

Returns the value of the AccountsUrl property.

OrganizationalUnitIds

Type: Array of strings

The organization root ID or organizational unit (OU) IDs to which StackSets deploys.

DeregisterTypeOutput

Members

DescribeAccountLimitsOutput

Description

The output for the DescribeAccountLimits action.

Members

AccountLimits

Type: Array of AccountLimit structures

An account limit structure that contain a list of AWS CloudFormation account limits and their values.

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of limits. If no additional page exists, this value is null.

DescribeChangeSetOutput

Description

The output for the DescribeChangeSet action.

Members

Capabilities

Type: Array of strings

If you execute the change set, the list of capabilities that were explicitly acknowledged when the change set was created.

ChangeSetId

Type: string

The ARN of the change set.

ChangeSetName

Type: string

The name of the change set.

Changes

Type: Array of Change structures

A list of Change structures that describes the resources AWS CloudFormation changes if you execute the change set.

CreationTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The start time when the change set was created, in UTC.

Description

Type: string

Information about the change set.

ExecutionStatus

Type: string

IncludeNestedStacks

Type: boolean

Verifies if IncludeNestedStacks is set to True.

NextToken

Type: string

If the output exceeds 1 MB, a string that identifies the next page of changes. If there is no additional page, this value is null.

NotificationARNs

Type: Array of strings

The ARNs of the Amazon Simple Notification Service (Amazon SNS) topics that will be associated with the stack if you execute the change set.

Parameters

Type: Array of Parameter structures

A list of Parameter structures that describes the input parameters and their values used to create the change set. For more information, see the Parameter data type.

ParentChangeSetId

Type: string

Specifies the change set ID of the parent change set in the current nested change set hierarchy.

RollbackConfiguration

Type: RollbackConfiguration structure

The rollback triggers for AWS CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

RootChangeSetId

Type: string

Specifies the change set ID of the root change set in the current nested change set hierarchy.

StackId

Type: string

The ARN of the stack that is associated with the change set.

StackName

Type: string

The name of the stack that is associated with the change set.

Status

Type: string

The current status of the change set, such as CREATE_IN_PROGRESS, CREATE_COMPLETE, or FAILED.

StatusReason

Type: string

A description of the change set's status. For example, if your attempt to create a change set failed, AWS CloudFormation shows the error message.

Tags

Type: Array of Tag structures

If you execute the change set, the tags that will be associated with the stack.

DescribeStackDriftDetectionStatusOutput

Members

DetectionStatus

Required: Yes
Type: string

The status of the stack drift detection operation.

DETECTION_COMPLETE: The stack drift detection operation has successfully completed for all resources in the stack that support drift detection. (Resources that do not currently support stack detection remain unchecked.)

If you specified logical resource IDs for AWS CloudFormation to use as a filter for the stack drift detection operation, only the resources with those logical IDs are checked for drift.
DETECTION_FAILED: The stack drift detection operation has failed for at least one resource in the stack. Results will be available for resources on which AWS CloudFormation successfully completed drift detection.
DETECTION_IN_PROGRESS: The stack drift detection operation is currently in progress.

DetectionStatusReason

Type: string

The reason the stack drift detection operation has its current status.

DriftedStackResourceCount

Type: int

StackDriftDetectionId

Required: Yes
Type: string

The ID of the drift detection results of this operation.

StackDriftStatus

Type: string

Status of the stack's actual configuration compared to its expected configuration.

DRIFTED: The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.
NOT_CHECKED: AWS CloudFormation has not checked if the stack differs from its expected template configuration.
IN_SYNC: The stack's actual configuration matches its expected template configuration.
UNKNOWN: This value is reserved for future use.

StackId

Required: Yes
Type: string

The ID of the stack.

Timestamp

Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

Time at which the stack drift detection operation was initiated.

DescribeStackEventsOutput

Description

The output for a DescribeStackEvents action.

Members

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of events. If no additional page exists, this value is null.

StackEvents

Type: Array of StackEvent structures

A list of StackEvents structures.

DescribeStackInstanceOutput

Members

StackInstance

Type: StackInstance structure

The stack instance that matches the specified request parameters.

DescribeStackResourceDriftsOutput

Members

NextToken

Type: string

StackResourceDrifts

Required: Yes
Type: Array of StackResourceDrift structures

DescribeStackResourceOutput

Description

The output for a DescribeStackResource action.

Members

StackResourceDetail

Type: StackResourceDetail structure

A StackResourceDetail structure containing the description of the specified resource in the specified stack.

DescribeStackResourcesOutput

Description

The output for a DescribeStackResources action.

Members

StackResources

Type: Array of StackResource structures

A list of StackResource structures.

DescribeStackSetOperationOutput

Members

StackSetOperation

Type: StackSetOperation structure

The specified stack set operation.

DescribeStackSetOutput

Members

StackSet

Type: StackSet structure

The specified stack set.

DescribeStacksOutput

Description

The output for a DescribeStacks action.

Members

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of stacks. If no additional page exists, this value is null.

Stacks

Type: Array of Stack structures

A list of stack structures.

DescribeTypeOutput

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the extension.

DefaultVersionId

Type: string

The ID of the default version of the extension. The default version is used when the extension version is not specified.

To set the default version of an extension, use SetTypeDefaultVersion .

DeprecatedStatus

Type: string

The deprecation status of the extension version.

Valid values include:

LIVE: The extension is registered and can be used in CloudFormation operations, dependent on its provisioning behavior and visibility scope.
DEPRECATED: The extension has been deregistered and can no longer be used in CloudFormation operations.

Description

Type: string

The description of the registered extension.

DocumentationUrl

Type: string

The URL of a page providing detailed documentation for this extension.

ExecutionRoleArn

Type: string

IsDefaultVersion

Type: boolean

Whether the specified extension version is set as the default version.

LastUpdated

Type: timestamp (string|DateTime or anything parsable by strtotime)

When the specified extension version was registered.

LoggingConfig

Type: LoggingConfig structure

Contains logging configuration information for an extension.

ProvisioningType

Type: string

The provisioning behavior of the extension. AWS CloudFormation determines the provisioning type during registration, based on the types of handlers in the schema handler package submitted.

Valid values include:

FULLY_MUTABLE: The extension includes an update handler to process updates to the extension during stack update operations.
IMMUTABLE: The extension does not include an update handler, so the extension cannot be updated and must instead be replaced during stack update operations.
NON_PROVISIONABLE: The extension does not include all of the following handlers, and therefore cannot actually be provisioned.
- create
- read
- delete

Schema

Type: string

The schema that defines the extension.

For more information on extension schemas, see Resource Provider Schema in the CloudFormation CLI User Guide.

SourceUrl

Type: string

The URL of the source code for the extension.

TimeCreated

Type: timestamp (string|DateTime or anything parsable by strtotime)

When the specified extension version was registered.

Type

Type: string

The kind of extension.

TypeName

Type: string

The name of the registered extension.

Visibility

Type: string

The scope at which the extension is visible and usable in CloudFormation operations.

Valid values include:

PRIVATE: The extension is only visible and usable within the account in which it is registered. Currently, AWS CloudFormation marks any types you register as PRIVATE.
PUBLIC: The extension is publically visible and usable within any Amazon account.

DescribeTypeRegistrationOutput

Members

Description

Type: string

The description of the extension registration request.

ProgressStatus

Type: string

The current status of the extension registration request.

TypeArn

Type: string

The Amazon Resource Name (ARN) of the extension being registered.

For registration requests with a ProgressStatus of other than COMPLETE, this will be null.

TypeVersionArn

Type: string

The Amazon Resource Name (ARN) of this specific version of the extension being registered.

For registration requests with a ProgressStatus of other than COMPLETE, this will be null.

DetectStackDriftOutput

Members

StackDriftDetectionId

Required: Yes
Type: string

The ID of the drift detection results of this operation.

DetectStackResourceDriftOutput

Members

StackResourceDrift

Required: Yes
Type: StackResourceDrift structure

Information about whether the resource's actual configuration has drifted from its expected template configuration, including actual and expected property values and any differences detected.

DetectStackSetDriftOutput

Members

OperationId

Type: string

The ID of the drift detection stack set operation.

you can use this operation id with DescribeStackSetOperation to monitor the progress of the drift detection operation.

EstimateTemplateCostOutput

Description

The output for a EstimateTemplateCost action.

Members

Url

Type: string

An AWS Simple Monthly Calculator URL with a query string that describes the resources required to run the template.

ExecuteChangeSetOutput

Description

The output for the ExecuteChangeSet action.

Members

Export

Description

The Export structure describes the exported output values for a stack.

Members

ExportingStackId

Type: string

The stack that contains the exported output name and value.

Name

Type: string

The name of exported output value. Use this name and the Fn::ImportValue function to import the associated value into other stacks. The name is defined in the Export field in the associated stack's Outputs section.

Value

Type: string

The value of the exported output, such as a resource physical ID. This value is defined in the Export field in the associated stack's Outputs section.

GetStackPolicyOutput

Description

The output for the GetStackPolicy action.

Members

StackPolicyBody

Type: string

Structure containing the stack policy body. (For more information, go to Prevent Updates to Stack Resources in the AWS CloudFormation User Guide.)

GetTemplateOutput

Description

The output for GetTemplate action.

Members

StagesAvailable

Type: Array of strings

TemplateBody

Type: string

Structure containing the template body. (For more information, go to Template Anatomy in the AWS CloudFormation User Guide.)

AWS CloudFormation returns the same template that was used when the stack was created.

GetTemplateSummaryOutput

Description

The output for the GetTemplateSummary action.

Members

Capabilities

Type: Array of strings

For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.

CapabilitiesReason

Type: string

The list of resources that generated the values in the Capabilities response element.

DeclaredTransforms

Type: Array of strings

A list of the transforms that are declared in the template.

Description

Type: string

The value that is defined in the Description property of the template.

Metadata

Type: string

The value that is defined for the Metadata property of the template.

Parameters

Type: Array of ParameterDeclaration structures

A list of parameter declarations that describe various properties for each parameter.

ResourceIdentifierSummaries

Type: Array of ResourceIdentifierSummary structures

ResourceTypes

Type: Array of strings

A list of all the template resource types that are defined in the template, such as AWS::EC2::Instance, AWS::Dynamo::Table, and Custom::MyCustomInstance.

Version

Type: string

The AWS template format version, which identifies the capabilities of the template.

InsufficientCapabilitiesException

Description

The template contains resources with capabilities that weren't specified in the Capabilities parameter.

Members

InvalidChangeSetStatusException

Description

The specified change set can't be used to update the stack. For example, the change set status might be CREATE_IN_PROGRESS, or the stack status might be UPDATE_IN_PROGRESS.

Members

InvalidOperationException

Description

The specified operation isn't valid.

Members

InvalidStateTransitionException

Description

Error reserved for use by the CloudFormation CLI. CloudFormation does not return this error to users.

Members

LimitExceededException

Description

The quota for the resource has already been reached.

For information on resource and stack limitations, see Limits in the AWS CloudFormation User Guide.

Members

ListChangeSetsOutput

Description

The output for the ListChangeSets action.

Members

NextToken

Type: string

If the output exceeds 1 MB, a string that identifies the next page of change sets. If there is no additional page, this value is null.

Summaries

Type: Array of ChangeSetSummary structures

A list of ChangeSetSummary structures that provides the ID and status of each change set for the specified stack.

ListExportsOutput

Members

Exports

Type: Array of Export structures

The output for the ListExports action.

NextToken

Type: string

If the output exceeds 100 exported output values, a string that identifies the next page of exports. If there is no additional page, this value is null.

ListImportsOutput

Members

Imports

Type: Array of strings

A list of stack names that are importing the specified exported output value.

NextToken

Type: string

A string that identifies the next page of exports. If there is no additional page, this value is null.

ListStackInstancesOutput

Members

NextToken

Type: string

Summaries

Type: Array of StackInstanceSummary structures

A list of StackInstanceSummary structures that contain information about the specified stack instances.

ListStackResourcesOutput

Description

The output for a ListStackResources action.

Members

NextToken

Type: string

If the output exceeds 1 MB, a string that identifies the next page of stack resources. If no additional page exists, this value is null.

StackResourceSummaries

Type: Array of StackResourceSummary structures

A list of StackResourceSummary structures.

ListStackSetOperationResultsOutput

Members

NextToken

Type: string

Summaries

Type: Array of StackSetOperationResultSummary structures

A list of StackSetOperationResultSummary structures that contain information about the specified operation results, for accounts and Regions that are included in the operation.

ListStackSetOperationsOutput

Members

NextToken

Type: string

Summaries

Type: Array of StackSetOperationSummary structures

A list of StackSetOperationSummary structures that contain summary information about operations for the specified stack set.

ListStackSetsOutput

Members

NextToken

Type: string

Summaries

Type: Array of StackSetSummary structures

A list of StackSetSummary structures that contain information about the user's stack sets.

ListStacksOutput

Description

The output for ListStacks action.

Members

NextToken

Type: string

If the output exceeds 1 MB in size, a string that identifies the next page of stacks. If no additional page exists, this value is null.

StackSummaries

Type: Array of StackSummary structures

A list of StackSummary structures containing information about the specified stacks.

ListTypeRegistrationsOutput

Members

NextToken

Type: string

RegistrationTokenList

Type: Array of strings

A list of extension registration tokens.

Use DescribeTypeRegistration to return detailed information about a type registration request.

ListTypeVersionsOutput

Members

NextToken

Type: string

TypeVersionSummaries

Type: Array of TypeVersionSummary structures

A list of TypeVersionSummary structures that contain information about the specified extension's versions.

ListTypesOutput

Members

NextToken

Type: string

TypeSummaries

Type: Array of TypeSummary structures

A list of TypeSummary structures that contain information about the specified extensions.

LoggingConfig

Description

Contains logging configuration information for a type.

Members

LogGroupName

Required: Yes
Type: string

The Amazon CloudWatch log group to which CloudFormation sends error logging information when invoking the type's handlers.

LogRoleArn

Required: Yes
Type: string

The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs.

ModuleInfo

Description

Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.

For more information on modules, see Using modules to encapsulate and reuse resource configurations in the CloudFormation User Guide.

Members

LogicalIdHierarchy

Type: string

A concantenated list of the logical IDs of the module or modules containing the resource. Modules are listed starting with the inner-most nested module, and separated by /.

In the following example, the resource was created from a module, moduleA, that is nested inside a parent module, moduleB.

moduleA/moduleB

For more information, see Referencing resources in a module in the CloudFormation User Guide.

TypeHierarchy

Type: string

A concantenated list of the the module type or types containing the resource. Module types are listed starting with the inner-most nested module, and separated by /.

In the following example, the resource was created from a module of type AWS::First::Example::MODULE, that is nested inside a parent module of type AWS::Second::Example::MODULE.

AWS::First::Example::MODULE/AWS::Second::Example::MODULE

NameAlreadyExistsException

Description

The specified name is already in use.

Members

OperationIdAlreadyExistsException

Description

The specified operation ID already exists.

Members

OperationInProgressException

Description

Another operation is currently in progress for this stack set. Only one operation can be performed for a stack set at a given time.

Members

OperationNotFoundException

Description

The specified ID refers to an operation that doesn't exist.

Members

OperationStatusCheckFailedException

Description

Error reserved for use by the CloudFormation CLI. CloudFormation does not return this error to users.

Members

Output

Description

The Output data type.

Members

Description

Type: string

User defined description associated with the output.

ExportName

Type: string

The name of the export associated with the output.

OutputKey

Type: string

The key associated with the output.

OutputValue

Type: string

The value associated with the output.

Parameter

Description

The Parameter data type.

Members

ParameterKey

Type: string

The key associated with the parameter. If you don't specify a key and value for a particular parameter, AWS CloudFormation uses the default value that is specified in your template.

ParameterValue

Type: string

The input value associated with the parameter.

ResolvedValue

Type: string

Read-only. The value that corresponds to a Systems Manager parameter key. This field is returned only for SSM parameter types in the template.

UsePreviousValue

Type: boolean

During a stack update, use the existing parameter value that the stack is using for a given parameter key. If you specify true, do not specify a parameter value.

ParameterConstraints

Description

A set of criteria that AWS CloudFormation uses to validate parameter values. Although other constraints might be defined in the stack template, AWS CloudFormation returns only the AllowedValues property.

Members

AllowedValues

Type: Array of strings

A list of values that are permitted for a parameter.

ParameterDeclaration

Description

The ParameterDeclaration data type.

Members

DefaultValue

Type: string

The default value of the parameter.

Description

Type: string

The description that is associate with the parameter.

NoEcho

Type: boolean

Flag that indicates whether the parameter value is shown as plain text in logs and in the AWS Management Console.

ParameterConstraints

Type: ParameterConstraints structure

The criteria that AWS CloudFormation uses to validate parameter values.

ParameterKey

Type: string

The name that is associated with the parameter.

ParameterType

Type: string

The type of parameter.

PhysicalResourceIdContextKeyValuePair

Description

Context information that enables AWS CloudFormation to uniquely identify a resource. AWS CloudFormation uses context key-value pairs in cases where a resource's logical and physical IDs are not enough to uniquely identify that resource. Each context key-value pair specifies a resource that contains the targeted resource.

Members

Key

Required: Yes
Type: string

The resource context key.

Value

Required: Yes
Type: string

The resource context value.

PropertyDifference

Description

Information about a resource property whose actual value differs from its expected value, as defined in the stack template and any values specified as template parameters. These will be present only for resources whose StackResourceDriftStatus is MODIFIED. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.

Members

ActualValue

Required: Yes
Type: string

The actual property value of the resource property.

DifferenceType

Required: Yes
Type: string

The type of property difference.

ADD: A value has been added to a resource property that is an array or list data type.
REMOVE: The property has been removed from the current resource configuration.
NOT_EQUAL: The current property value differs from its expected value (as defined in the stack template and any values specified as template parameters).

ExpectedValue

Required: Yes
Type: string

The expected property value of the resource property, as defined in the stack template and any values specified as template parameters.

PropertyPath

Required: Yes
Type: string

The fully-qualified path to the resource property.

RecordHandlerProgressOutput

Members

RegisterTypeOutput

Members

RegistrationToken

Type: string

The identifier for this registration request.

Use this registration token when calling DescribeTypeRegistration , which returns information about the status and IDs of the extension registration.

ResourceChange

Description

The ResourceChange structure describes the resource and the action that AWS CloudFormation will perform on it if you execute this change set.

Members

Action

Type: string

The action that AWS CloudFormation takes on the resource, such as Add (adds a new resource), Modify (changes a resource), Remove (deletes a resource), Import (imports a resource), or Dynamic (exact action for the resource cannot be determined).

ChangeSetId

Type: string

The change set ID of the nested change set.

Details

Type: Array of ResourceChangeDetail structures

For the Modify action, a list of ResourceChangeDetail structures that describes the changes that AWS CloudFormation will make to the resource.

LogicalResourceId

Type: string

The resource's logical ID, which is defined in the stack's template.

ModuleInfo

Type: ModuleInfo structure

Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.

PhysicalResourceId

Type: string

The resource's physical ID (resource name). Resources that you are adding don't have physical IDs because they haven't been created.

Replacement

Type: string

For the Modify action, indicates whether AWS CloudFormation will replace the resource by creating a new one and deleting the old one. This value depends on the value of the RequiresRecreation property in the ResourceTargetDefinition structure. For example, if the RequiresRecreation field is Always and the Evaluation field is Static, Replacement is True. If the RequiresRecreation field is Always and the Evaluation field is Dynamic, Replacement is Conditionally.

If you have multiple changes with different RequiresRecreation values, the Replacement value depends on the change with the most impact. A RequiresRecreation value of Always has the most impact, followed by Conditionally, and then Never.

ResourceType

Type: string

The type of AWS CloudFormation resource, such as AWS::S3::Bucket.

Scope

Type: Array of strings

For the Modify action, indicates which resource attribute is triggering this update, such as a change in the resource attribute's Metadata, Properties, or Tags.

ResourceChangeDetail

Description

For a resource with Modify as the action, the ResourceChange structure describes the changes AWS CloudFormation will make to that resource.

Members

CausingEntity

Type: string

The identity of the entity that triggered this change. This entity is a member of the group that is specified by the ChangeSource field. For example, if you modified the value of the KeyPairName parameter, the CausingEntity is the name of the parameter (KeyPairName).

If the ChangeSource value is DirectModification, no value is given for CausingEntity.

ChangeSource

Type: string

The group to which the CausingEntity value belongs. There are five entity groups:

ResourceReference entities are Ref intrinsic functions that refer to resources in the template, such as { "Ref" : "MyEC2InstanceResource" }.
ParameterReference entities are Ref intrinsic functions that get template parameter values, such as { "Ref" : "MyPasswordParameter" }.
ResourceAttribute entities are Fn::GetAtt intrinsic functions that get resource attribute values, such as { "Fn::GetAtt" : [ "MyEC2InstanceResource", "PublicDnsName" ] }.
DirectModification entities are changes that are made directly to the template.
Automatic entities are AWS::CloudFormation::Stack resource types, which are also known as nested stacks. If you made no changes to the AWS::CloudFormation::Stack resource, AWS CloudFormation sets the ChangeSource to Automatic because the nested stack's template might have changed. Changes to a nested stack's template aren't visible to AWS CloudFormation until you run an update on the parent stack.

Evaluation

Type: string

Indicates whether AWS CloudFormation can determine the target value, and whether the target value will change before you execute a change set.

For Static evaluations, AWS CloudFormation can determine that the target value will change, and its value. For example, if you directly modify the InstanceType property of an EC2 instance, AWS CloudFormation knows that this property value will change, and its value, so this is a Static evaluation.

For Dynamic evaluations, cannot determine the target value because it depends on the result of an intrinsic function, such as a Ref or Fn::GetAtt intrinsic function, when the stack is updated. For example, if your template includes a reference to a resource that is conditionally recreated, the value of the reference (the physical ID of the resource) might change, depending on if the resource is recreated. If the resource is recreated, it will have a new physical ID, so all references to that resource will also be updated.

Target

Type: ResourceTargetDefinition structure

A ResourceTargetDefinition structure that describes the field that AWS CloudFormation will change and whether the resource will be recreated.

ResourceIdentifierSummary

Description

Describes the target resources of a specific type in your import template (for example, all AWS::S3::Bucket resources) and the properties you can provide during the import to identify resources of that type.

Members

LogicalResourceIds

Type: Array of strings

The logical IDs of the target resources of the specified ResourceType, as defined in the import template.

ResourceIdentifiers

Type: Array of strings

The resource properties you can provide during the import to identify your target resources. For example, BucketName is a possible identifier property for AWS::S3::Bucket resources.

ResourceType

Type: string

The template resource type of the target resources, such as AWS::S3::Bucket.

ResourceTargetDefinition

Description

The field that AWS CloudFormation will change, such as the name of a resource's property, and whether the resource will be recreated.

Members

Attribute

Type: string

Indicates which resource attribute is triggering this update, such as a change in the resource attribute's Metadata, Properties, or Tags.

Name

Type: string

If the Attribute value is Properties, the name of the property. For all other attributes, the value is null.

RequiresRecreation

Type: string

If the Attribute value is Properties, indicates whether a change to this property causes the resource to be recreated. The value can be Never, Always, or Conditionally. To determine the conditions for a Conditionally recreation, see the update behavior for that property in the AWS CloudFormation User Guide.

ResourceToImport

Description

Describes the target resource of an import operation.

Members

LogicalResourceId

Required: Yes
Type: string

The logical ID of the target resource as specified in the template.

ResourceIdentifier

Required: Yes
Type: Associative array of custom strings keys (ResourceIdentifierPropertyKey) to strings

A key-value pair that identifies the target resource. The key is an identifier property (for example, BucketName for AWS::S3::Bucket resources) and the value is the actual property value (for example, MyS3Bucket).

ResourceType

Required: Yes
Type: string

The type of resource to import into your stack, such as AWS::S3::Bucket. For a list of supported resource types, see Resources that support import operations in the AWS CloudFormation User Guide.

RollbackConfiguration

Description

Structure containing the rollback triggers for AWS CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

Rollback triggers enable you to have AWS CloudFormation monitor the state of your application during stack creation and updating, and to roll back that operation if the application breaches the threshold of any of the alarms you've specified. For more information, see Monitor and Roll Back Stack Operations.

Members

MonitoringTimeInMinutes

Type: int

The amount of time, in minutes, during which CloudFormation should monitor all the rollback triggers after the stack creation or update operation deploys all necessary resources.

The default is 0 minutes.

If you specify a monitoring period but do not specify any rollback triggers, CloudFormation still waits the specified period of time before cleaning up old resources after update operations. You can use this monitoring period to perform any manual stack validation desired, and manually cancel the stack creation or update (using CancelUpdateStack, for example) as necessary.

If you specify 0 for this parameter, CloudFormation still monitors the specified rollback triggers during stack creation and update operations. Then, for update operations, it begins disposing of old resources immediately once the operation completes.

RollbackTriggers

Type: Array of RollbackTrigger structures

The triggers to monitor during stack creation or update actions.

By default, AWS CloudFormation saves the rollback triggers specified for a stack and applies them to any subsequent update operations for the stack, unless you specify otherwise. If you do specify rollback triggers for this parameter, those triggers replace any list of triggers previously specified for the stack. This means:

To use the rollback triggers previously specified for this stack, if any, don't specify this parameter.
To specify new or updated rollback triggers, you must specify all the triggers that you want used for this stack, even triggers you've specifed before (for example, when creating the stack or during a previous stack update). Any triggers that you don't include in the updated list of triggers are no longer applied to the stack.
To remove all currently specified triggers, specify an empty list for this parameter.

If a specified trigger is missing, the entire stack operation fails and is rolled back.

RollbackTrigger

Description

A rollback trigger AWS CloudFormation monitors during creation and updating of stacks. If any of the alarms you specify goes to ALARM state during the stack operation or within the specified monitoring period afterwards, CloudFormation rolls back the entire stack operation.

Members

Arn

Required: Yes
Type: string

The Amazon Resource Name (ARN) of the rollback trigger.

If a specified trigger is missing, the entire stack operation fails and is rolled back.

Type

Required: Yes
Type: string

The resource type of the rollback trigger. Currently, AWS::CloudWatch::Alarm is the only supported resource type.

SetTypeDefaultVersionOutput

Members

Stack

Description

The Stack data type.

Members

Capabilities

Type: Array of strings

The capabilities allowed in the stack.

ChangeSetId

Type: string

The unique ID of the change set.

CreationTime

Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The time at which the stack was created.

DeletionTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The time the stack was deleted.

Description

Type: string

A user-defined description associated with the stack.

DisableRollback

Type: boolean

Boolean to enable or disable rollback on stack creation failures:

true: disable rollback
false: enable rollback

DriftInformation

Type: StackDriftInformation structure

Information on whether a stack's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.

EnableTerminationProtection

Type: boolean

Whether termination protection is enabled for the stack.

For nested stacks, termination protection is set on the root stack and cannot be changed directly on the nested stack. For more information, see Protecting a Stack From Being Deleted in the AWS CloudFormation User Guide.

LastUpdatedTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The time the stack was last updated. This field will only be returned if the stack has been updated at least once.

NotificationARNs

Type: Array of strings

SNS topic ARNs to which stack related events are published.

Outputs

Type: Array of Output structures

A list of output structures.

Parameters

Type: Array of Parameter structures

A list of Parameter structures.

ParentId

Type: string

For nested stacks--stacks created as resources for another stack--the stack ID of the direct parent of this stack. For the first level of nested stacks, the root stack is also the parent stack.

For more information, see Working with Nested Stacks in the AWS CloudFormation User Guide.

RoleARN

Type: string

The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that is associated with the stack. During a stack operation, AWS CloudFormation uses this role's credentials to make calls on your behalf.

RollbackConfiguration

Type: RollbackConfiguration structure

The rollback triggers for AWS CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

RootId

Type: string

For nested stacks--stacks created as resources for another stack--the stack ID of the top-level stack to which the nested stack ultimately belongs.

For more information, see Working with Nested Stacks in the AWS CloudFormation User Guide.

StackId

Type: string

Unique identifier of the stack.

StackName

Required: Yes
Type: string

The name associated with the stack.

StackStatus

Required: Yes
Type: string

Current status of the stack.

StackStatusReason

Type: string

Success/failure message associated with the stack status.

Tags

Type: Array of Tag structures

A list of Tags that specify information about the stack.

TimeoutInMinutes

Type: int

The amount of time within which stack creation should complete.

StackDriftInformation

Description

Contains information about whether the stack's actual configuration differs, or has drifted, from its expected configuration, as defined in the stack template and any values specified as template parameters. A stack is considered to have drifted if one or more of its resources have drifted.

Members

LastCheckTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

Most recent time when a drift detection operation was initiated on the stack, or any of its individual resources that support drift detection.

StackDriftStatus

Required: Yes
Type: string

Status of the stack's actual configuration compared to its expected template configuration.

DRIFTED: The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.
NOT_CHECKED: AWS CloudFormation has not checked if the stack differs from its expected template configuration.
IN_SYNC: The stack's actual configuration matches its expected template configuration.
UNKNOWN: This value is reserved for future use.

StackDriftInformationSummary

Description

Members

LastCheckTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

Most recent time when a drift detection operation was initiated on the stack, or any of its individual resources that support drift detection.

StackDriftStatus

Required: Yes
Type: string

Status of the stack's actual configuration compared to its expected template configuration.

DRIFTED: The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.
NOT_CHECKED: AWS CloudFormation has not checked if the stack differs from its expected template configuration.
IN_SYNC: The stack's actual configuration matches its expected template configuration.
UNKNOWN: This value is reserved for future use.

StackEvent

Description

The StackEvent data type.

Members

ClientRequestToken

Type: string

The token passed to the operation that generated this event.

EventId

Required: Yes
Type: string

The unique ID of this event.

LogicalResourceId

Type: string

The logical name of the resource specified in the template.

PhysicalResourceId

Type: string

The name or unique identifier associated with the physical instance of the resource.

ResourceProperties

Type: string

BLOB of the properties used to create the resource.

ResourceStatus

Type: string

Current status of the resource.

ResourceStatusReason

Type: string

Success/failure message associated with the resource.

ResourceType

Type: string

Type of resource. (For more information, go to AWS Resource Types Reference in the AWS CloudFormation User Guide.)

StackId

Required: Yes
Type: string

The unique ID name of the instance of the stack.

StackName

Required: Yes
Type: string

The name associated with a stack.

Timestamp

Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

Time the status was updated.

StackInstance

Description

An AWS CloudFormation stack, in a specific account and Region, that's part of a stack set operation. A stack instance is a reference to an attempted or actual stack in a given account within a given Region. A stack instance can exist without a stack—for example, if the stack couldn't be created for some reason. A stack instance is associated with only one stack set. Each stack instance contains the ID of its associated stack set, as well as the ID of the actual stack and the stack status.

Members

Account

Type: string

[Self-managed permissions] The name of the AWS account that the stack instance is associated with.

DriftStatus

Type: string

Status of the stack instance's actual configuration compared to the expected template and parameter configuration of the stack set to which it belongs.

DRIFTED: The stack differs from the expected template and parameter configuration of the stack set to which it belongs. A stack instance is considered to have drifted if one or more of the resources in the associated stack have drifted.
NOT_CHECKED: AWS CloudFormation has not checked if the stack instance differs from its expected stack set configuration.
IN_SYNC: The stack instance's actual configuration matches its expected stack set configuration.
UNKNOWN: This value is reserved for future use.

LastDriftCheckTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

Most recent time when CloudFormation performed a drift detection operation on the stack instance. This value will be NULL for any stack instance on which drift detection has not yet been performed.

OrganizationalUnitId

Type: string

[Service-managed permissions] The organization root ID or organizational unit (OU) IDs that you specified for DeploymentTargets.

ParameterOverrides

Type: Array of Parameter structures

A list of parameters from the stack set template whose values have been overridden in this stack instance.

Region

Type: string

The name of the AWS Region that the stack instance is associated with.

StackId

Type: string

The ID of the stack instance.

StackInstanceStatus

Type: StackInstanceComprehensiveStatus structure

The detailed status of the stack instance.

StackSetId

Type: string

The name or unique ID of the stack set that the stack instance is associated with.

Status

Type: string

The status of the stack instance, in terms of its synchronization with its associated stack set.

INOPERABLE: A DeleteStackInstances operation has failed and left the stack in an unstable state. Stacks in this state are excluded from further UpdateStackSet operations. You might need to perform a DeleteStackInstances operation, with RetainStacks set to true, to delete the stack instance, and then delete the stack manually.
OUTDATED: The stack isn't currently up to date with the stack set because:
- The associated stack failed during a CreateStackSet or UpdateStackSet operation.
- The stack was part of a CreateStackSet or UpdateStackSet operation that failed or was stopped before the stack was created or updated.
CURRENT: The stack is currently up to date with the stack set.

StatusReason

Type: string

The explanation for the specific status code that is assigned to this stack instance.

StackInstanceComprehensiveStatus

Description

The detailed status of the stack instance.

Members

DetailedStatus

Type: string

CANCELLED: The operation in the specified account and Region has been cancelled. This is either because a user has stopped the stack set operation, or because the failure tolerance of the stack set operation has been exceeded.
FAILED: The operation in the specified account and Region failed. If the stack set operation fails in enough accounts within a Region, the failure tolerance for the stack set operation as a whole might be exceeded.
INOPERABLE: A DeleteStackInstances operation has failed and left the stack in an unstable state. Stacks in this state are excluded from further UpdateStackSet operations. You might need to perform a DeleteStackInstances operation, with RetainStacks set to true, to delete the stack instance, and then delete the stack manually.
PENDING: The operation in the specified account and Region has yet to start.
RUNNING: The operation in the specified account and Region is currently in progress.
SUCCEEDED: The operation in the specified account and Region completed successfully.

StackInstanceFilter

Description

The status that stack instances are filtered by.

Members

Name

Type: string

The type of filter to apply.

Values

Type: string

The status to filter by.

StackInstanceNotFoundException

Description

The specified stack instance doesn't exist.

Members

StackInstanceSummary

Description

The structure that contains summary information about a stack instance.

Members

Account

Type: string

[Self-managed permissions] The name of the AWS account that the stack instance is associated with.

DriftStatus

Type: string

Status of the stack instance's actual configuration compared to the expected template and parameter configuration of the stack set to which it belongs.

DRIFTED: The stack differs from the expected template and parameter configuration of the stack set to which it belongs. A stack instance is considered to have drifted if one or more of the resources in the associated stack have drifted.
NOT_CHECKED: AWS CloudFormation has not checked if the stack instance differs from its expected stack set configuration.
IN_SYNC: The stack instance's actual configuration matches its expected stack set configuration.
UNKNOWN: This value is reserved for future use.

LastDriftCheckTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

Most recent time when CloudFormation performed a drift detection operation on the stack instance. This value will be NULL for any stack instance on which drift detection has not yet been performed.

OrganizationalUnitId

Type: string

[Service-managed permissions] The organization root ID or organizational unit (OU) IDs that you specified for DeploymentTargets.

Region

Type: string

The name of the AWS Region that the stack instance is associated with.

StackId

Type: string

The ID of the stack instance.

StackInstanceStatus

Type: StackInstanceComprehensiveStatus structure

The detailed status of the stack instance.

StackSetId

Type: string

The name or unique ID of the stack set that the stack instance is associated with.

Status

Type: string

The status of the stack instance, in terms of its synchronization with its associated stack set.

INOPERABLE: A DeleteStackInstances operation has failed and left the stack in an unstable state. Stacks in this state are excluded from further UpdateStackSet operations. You might need to perform a DeleteStackInstances operation, with RetainStacks set to true, to delete the stack instance, and then delete the stack manually.
OUTDATED: The stack isn't currently up to date with the stack set because:
- The associated stack failed during a CreateStackSet or UpdateStackSet operation.
- The stack was part of a CreateStackSet or UpdateStackSet operation that failed or was stopped before the stack was created or updated.
CURRENT: The stack is currently up to date with the stack set.

StatusReason

Type: string

The explanation for the specific status code assigned to this stack instance.

StackResource

Description

The StackResource data type.

Members

Description

Type: string

User defined description associated with the resource.

DriftInformation

Type: StackResourceDriftInformation structure

Information about whether the resource's actual configuration differs, or has drifted, from its expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.

LogicalResourceId

Required: Yes
Type: string

The logical name of the resource specified in the template.

ModuleInfo

Type: ModuleInfo structure

Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.

PhysicalResourceId

Type: string

The name or unique identifier that corresponds to a physical instance ID of a resource supported by AWS CloudFormation.

ResourceStatus

Required: Yes
Type: string

Current status of the resource.

ResourceStatusReason

Type: string

Success/failure message associated with the resource.

ResourceType

Required: Yes
Type: string

Type of resource. (For more information, go to AWS Resource Types Reference in the AWS CloudFormation User Guide.)

StackId

Type: string

Unique identifier of the stack.

StackName

Type: string

The name associated with the stack.

Timestamp

Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

Time the status was updated.

StackResourceDetail

Description

Contains detailed information about the specified stack resource.

Members

Description

Type: string

User defined description associated with the resource.

DriftInformation

Type: StackResourceDriftInformation structure

LastUpdatedTimestamp

Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

Time the status was updated.

LogicalResourceId

Required: Yes
Type: string

The logical name of the resource specified in the template.

Metadata

Type: string

The content of the Metadata attribute declared for the resource. For more information, see Metadata Attribute in the AWS CloudFormation User Guide.

ModuleInfo

Type: ModuleInfo structure

Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.

PhysicalResourceId

Type: string

The name or unique identifier that corresponds to a physical instance ID of a resource supported by AWS CloudFormation.

ResourceStatus

Required: Yes
Type: string

Current status of the resource.

ResourceStatusReason

Type: string

Success/failure message associated with the resource.

ResourceType

Required: Yes
Type: string

Type of resource. ((For more information, go to AWS Resource Types Reference in the AWS CloudFormation User Guide.)

StackId

Type: string

Unique identifier of the stack.

StackName

Type: string

The name associated with the stack.

StackResourceDrift

Description

Contains the drift information for a resource that has been checked for drift. This includes actual and expected property values for resources in which AWS CloudFormation has detected drift. Only resource properties explicitly defined in the stack template are checked for drift. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.

Resources that do not currently support drift detection cannot be checked. For a list of resources that support drift detection, see Resources that Support Drift Detection.

Use DetectStackResourceDrift to detect drift on individual resources, or DetectStackDrift to detect drift on all resources in a given stack that support drift detection.

Members

ActualProperties

Type: string

A JSON structure containing the actual property values of the stack resource.

For resources whose StackResourceDriftStatus is DELETED, this structure will not be present.

ExpectedProperties

Type: string

A JSON structure containing the expected property values of the stack resource, as defined in the stack template and any values specified as template parameters.

For resources whose StackResourceDriftStatus is DELETED, this structure will not be present.

LogicalResourceId

Required: Yes
Type: string

The logical name of the resource specified in the template.

ModuleInfo

Type: ModuleInfo structure

Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.

PhysicalResourceId

Type: string

The name or unique identifier that corresponds to a physical instance ID of a resource supported by AWS CloudFormation.

PhysicalResourceIdContext

Type: Array of PhysicalResourceIdContextKeyValuePair structures

PropertyDifferences

Type: Array of PropertyDifference structures

A collection of the resource properties whose actual values differ from their expected values. These will be present only for resources whose StackResourceDriftStatus is MODIFIED.

ResourceType

Required: Yes
Type: string

The type of the resource.

StackId

Required: Yes
Type: string

The ID of the stack.

StackResourceDriftStatus

Required: Yes
Type: string

Status of the resource's actual configuration compared to its expected configuration

DELETED: The resource differs from its expected template configuration because the resource has been deleted.
MODIFIED: One or more resource properties differ from their expected values (as defined in the stack template and any values specified as template parameters).
IN_SYNC: The resources's actual configuration matches its expected template configuration.
NOT_CHECKED: AWS CloudFormation does not currently return this value.

Timestamp

Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

Time at which AWS CloudFormation performed drift detection on the stack resource.

StackResourceDriftInformation

Description

Contains information about whether the resource's actual configuration differs, or has drifted, from its expected configuration.

Members

LastCheckTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

When AWS CloudFormation last checked if the resource had drifted from its expected configuration.

StackResourceDriftStatus

Required: Yes
Type: string

Status of the resource's actual configuration compared to its expected configuration

DELETED: The resource differs from its expected configuration in that it has been deleted.
MODIFIED: The resource differs from its expected configuration.
NOT_CHECKED: AWS CloudFormation has not checked if the resource differs from its expected configuration.

Any resources that do not currently support drift detection have a status of NOT_CHECKED. For more information, see Resources that Support Drift Detection.
IN_SYNC: The resources's actual configuration matches its expected configuration.

StackResourceDriftInformationSummary

Description

Summarizes information about whether the resource's actual configuration differs, or has drifted, from its expected configuration.

Members

LastCheckTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

When AWS CloudFormation last checked if the resource had drifted from its expected configuration.

StackResourceDriftStatus

Required: Yes
Type: string

Status of the resource's actual configuration compared to its expected configuration

DELETED: The resource differs from its expected configuration in that it has been deleted.
MODIFIED: The resource differs from its expected configuration.
NOT_CHECKED: AWS CloudFormation has not checked if the resource differs from its expected configuration.

Any resources that do not currently support drift detection have a status of NOT_CHECKED. For more information, see Resources that Support Drift Detection. If you performed an ContinueUpdateRollback operation on a stack, any resources included in ResourcesToSkip will also have a status of NOT_CHECKED. For more information on skipping resources during rollback operations, see Continue Rolling Back an Update in the AWS CloudFormation User Guide.
IN_SYNC: The resources's actual configuration matches its expected configuration.

StackResourceSummary

Description

Contains high-level information about the specified stack resource.

Members

DriftInformation

Type: StackResourceDriftInformationSummary structure

LastUpdatedTimestamp

Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

Time the status was updated.

LogicalResourceId

Required: Yes
Type: string

The logical name of the resource specified in the template.

ModuleInfo

Type: ModuleInfo structure

Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.

PhysicalResourceId

Type: string

The name or unique identifier that corresponds to a physical instance ID of the resource.

ResourceStatus

Required: Yes
Type: string

Current status of the resource.

ResourceStatusReason

Type: string

Success/failure message associated with the resource.

ResourceType

Required: Yes
Type: string

Type of resource. (For more information, go to AWS Resource Types Reference in the AWS CloudFormation User Guide.)

StackSet

Description

A structure that contains information about a stack set. A stack set enables you to provision stacks into AWS accounts and across Regions by using a single CloudFormation template. In the stack set, you specify the template to use, as well as any parameters and capabilities that the template requires.

Members

AdministrationRoleARN

Type: string

The Amazon Resource Number (ARN) of the IAM role used to create or update the stack set.

Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Prerequisites: Granting Permissions for Stack Set Operations in the AWS CloudFormation User Guide.

AutoDeployment

Type: AutoDeployment structure

[Service-managed permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).

Capabilities

Type: Array of strings

The capabilities that are allowed in the stack set. Some stack set templates might include resources that can affect permissions in your AWS account—for example, by creating new AWS Identity and Access Management (IAM) users. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.

Description

Type: string

A description of the stack set that you specify when the stack set is created or updated.

ExecutionRoleName

Type: string

The name of the IAM execution role used to create or update the stack set.

Use customized execution roles to control which stack resources users and groups can include in their stack sets.

OrganizationalUnitIds

Type: Array of strings

[Service-managed permissions] The organization root ID or organizational unit (OU) IDs that you specified for DeploymentTargets.

Parameters

Type: Array of Parameter structures

A list of input parameters for a stack set.

PermissionModel

Type: string

Describes how the IAM roles required for stack set operations are created.

With self-managed permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see Grant Self-Managed Stack Set Permissions.
With service-managed permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations. For more information, see Grant Service-Managed Stack Set Permissions.

StackSetARN

Type: string

The Amazon Resource Number (ARN) of the stack set.

StackSetDriftDetectionDetails

Type: StackSetDriftDetectionDetails structure

Detailed information about the drift status of the stack set.

For stack sets, contains information about the last completed drift operation performed on the stack set. Information about drift operations currently in progress is not included.

StackSetId

Type: string

The ID of the stack set.

StackSetName

Type: string

The name that's associated with the stack set.

Status

Type: string

The status of the stack set.

Tags

Type: Array of Tag structures

A list of tags that specify information about the stack set. A maximum number of 50 tags can be specified.

TemplateBody

Type: string

The structure that contains the body of the template that was used to create or update the stack set.

StackSetDriftDetectionDetails

Description

Detailed information about the drift status of the stack set.

For stack sets, contains information about the last completed drift operation performed on the stack set. Information about drift operations in-progress is not included.

For stack set operations, includes information about drift operations currently being performed on the stack set.

For more information, see Detecting Unmanaged Changes in Stack Sets in the AWS CloudFormation User Guide.

Members

DriftDetectionStatus

Type: string

The status of the stack set drift detection operation.

COMPLETED: The drift detection operation completed without failing on any stack instances.
FAILED: The drift detection operation exceeded the specified failure tolerance.
PARTIAL_SUCCESS: The drift detection operation completed without exceeding the failure tolerance for the operation.
IN_PROGRESS: The drift detection operation is currently being performed.
STOPPED: The user has cancelled the drift detection operation.

DriftStatus

Type: string

Status of the stack set's actual configuration compared to its expected template and parameter configuration. A stack set is considered to have drifted if one or more of its stack instances have drifted from their expected template and parameter configuration.

DRIFTED: One or more of the stack instances belonging to the stack set stack differs from the expected template and parameter configuration. A stack instance is considered to have drifted if one or more of the resources in the associated stack have drifted.
NOT_CHECKED: AWS CloudFormation has not checked the stack set for drift.
IN_SYNC: All of the stack instances belonging to the stack set stack match from the expected template and parameter configuration.

DriftedStackInstancesCount

Type: int

The number of stack instances that have drifted from the expected template and parameter configuration of the stack set. A stack instance is considered to have drifted if one or more of the resources in the associated stack do not match their expected configuration.

FailedStackInstancesCount

Type: int

The number of stack instances for which the drift detection operation failed.

InProgressStackInstancesCount

Type: int

The number of stack instances that are currently being checked for drift.

InSyncStackInstancesCount

Type: int

The number of stack instances which match the expected template and parameter configuration of the stack set.

LastDriftCheckTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

Most recent time when CloudFormation performed a drift detection operation on the stack set. This value will be NULL for any stack set on which drift detection has not yet been performed.

TotalStackInstancesCount

Type: int

The total number of stack instances belonging to this stack set.

The total number of stack instances is equal to the total of:

Stack instances that match the stack set configuration.
Stack instances that have drifted from the stack set configuration.
Stack instances where the drift detection operation has failed.
Stack instances currently being checked for drift.

StackSetNotEmptyException

Description

You can't yet delete this stack set, because it still contains one or more stack instances. Delete all stack instances from the stack set before deleting the stack set.

Members

StackSetNotFoundException

Description

The specified stack set doesn't exist.

Members

StackSetOperation

Description

The structure that contains information about a stack set operation.

Members

Action

Type: string

The type of stack set operation: CREATE, UPDATE, or DELETE. Create and delete operations affect only the specified stack set instances that are associated with the specified stack set. Update operations affect both the stack set itself, as well as all associated stack set instances.

AdministrationRoleARN

Type: string

The Amazon Resource Number (ARN) of the IAM role used to perform this stack set operation.

Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Define Permissions for Multiple Administrators in the AWS CloudFormation User Guide.

CreationTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

The time at which the operation was initiated. Note that the creation times for the stack set operation might differ from the creation time of the individual stacks themselves. This is because AWS CloudFormation needs to perform preparatory work for the operation, such as dispatching the work to the requested Regions, before actually creating the first stacks.

DeploymentTargets

Type: DeploymentTargets structure

[Service-managed permissions] The AWS Organizations accounts affected by the stack operation.

EndTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

The time at which the stack set operation ended, across all accounts and Regions specified. Note that this doesn't necessarily mean that the stack set operation was successful, or even attempted, in each account or Region.

ExecutionRoleName

Type: string

The name of the IAM execution role used to create or update the stack set.

Use customized execution roles to control which stack resources users and groups can include in their stack sets.

OperationId

Type: string

The unique ID of a stack set operation.

OperationPreferences

Type: StackSetOperationPreferences structure

The preferences for how AWS CloudFormation performs this stack set operation.

RetainStacks

Type: boolean

For stack set operations of action type DELETE, specifies whether to remove the stack instances from the specified stack set, but doesn't delete the stacks. You can't reassociate a retained stack, or add an existing, saved stack to a new stack set.

StackSetDriftDetectionDetails

Type: StackSetDriftDetectionDetails structure

Detailed information about the drift status of the stack set. This includes information about drift operations currently being performed on the stack set.

this information will only be present for stack set operations whose Action type is DETECT_DRIFT.

For more information, see Detecting Unmanaged Changes in Stack Sets in the AWS CloudFormation User Guide.

StackSetId

Type: string

The ID of the stack set.

Status

Type: string

The status of the operation.

FAILED: The operation exceeded the specified failure tolerance. The failure tolerance value that you've set for an operation is applied for each Region during stack create and update operations. If the number of failed stacks within a Region exceeds the failure tolerance, the status of the operation in the Region is set to FAILED. This in turn sets the status of the operation as a whole to FAILED, and AWS CloudFormation cancels the operation in any remaining Regions.
QUEUED: [Service-managed permissions] For automatic deployments that require a sequence of operations, the operation is queued to be performed. For more information, see the stack set operation status codes in the AWS CloudFormation User Guide.
RUNNING: The operation is currently being performed.
STOPPED: The user has cancelled the operation.
STOPPING: The operation is in the process of stopping, at user request.
SUCCEEDED: The operation completed creating or updating all the specified stacks without exceeding the failure tolerance for the operation.

StackSetOperationPreferences

Description

The user-specified preferences for how AWS CloudFormation performs a stack set operation.

For more information on maximum concurrent accounts and failure tolerance, see Stack set operation options.

Members

FailureToleranceCount

Type: int

The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region. If the operation is stopped in a Region, AWS CloudFormation doesn't attempt the operation in any subsequent Regions.

Conditional: You must specify either FailureToleranceCount or FailureTolerancePercentage (but not both).

FailureTolerancePercentage

Type: int

The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region. If the operation is stopped in a Region, AWS CloudFormation doesn't attempt the operation in any subsequent Regions.

When calculating the number of accounts based on the specified percentage, AWS CloudFormation rounds down to the next whole number.

Conditional: You must specify either FailureToleranceCount or FailureTolerancePercentage, but not both.

MaxConcurrentCount

Type: int

The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of FailureToleranceCount. MaxConcurrentCount is at most one more than the FailureToleranceCount.

Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.

Conditional: You must specify either MaxConcurrentCount or MaxConcurrentPercentage, but not both.

MaxConcurrentPercentage

Type: int

The maximum percentage of accounts in which to perform this operation at one time.

When calculating the number of accounts based on the specified percentage, AWS CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.

Conditional: You must specify either MaxConcurrentCount or MaxConcurrentPercentage, but not both.

RegionConcurrencyType

Type: string

The concurrency type of deploying StackSets operations in regions, could be in parallel or one region at a time.

RegionOrder

Type: Array of strings

The order of the Regions in where you want to perform the stack operation.

StackSetOperationResultSummary

Description

The structure that contains information about a specified operation's results for a given account in a given Region.

Members

Account

Type: string

[Self-managed permissions] The name of the AWS account for this operation result.

AccountGateResult

Type: AccountGateResult structure

The results of the account gate function AWS CloudFormation invokes, if present, before proceeding with stack set operations in an account

OrganizationalUnitId

Type: string

[Service-managed permissions] The organization root ID or organizational unit (OU) IDs that you specified for DeploymentTargets.

Region

Type: string

The name of the AWS Region for this operation result.

Status

Type: string

The result status of the stack set operation for the given account in the given Region.

CANCELLED: The operation in the specified account and Region has been cancelled. This is either because a user has stopped the stack set operation, or because the failure tolerance of the stack set operation has been exceeded.
FAILED: The operation in the specified account and Region failed.

If the stack set operation fails in enough accounts within a Region, the failure tolerance for the stack set operation as a whole might be exceeded.
RUNNING: The operation in the specified account and Region is currently in progress.
PENDING: The operation in the specified account and Region has yet to start.
SUCCEEDED: The operation in the specified account and Region completed successfully.

StatusReason

Type: string

The reason for the assigned result status.

StackSetOperationSummary

Description

The structures that contain summary information about the specified operation.

Members

Action

Type: string

The type of operation: CREATE, UPDATE, or DELETE. Create and delete operations affect only the specified stack instances that are associated with the specified stack set. Update operations affect both the stack set itself as well as all associated stack set instances.

CreationTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

EndTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

OperationId

Type: string

The unique ID of the stack set operation.

Status

Type: string

The overall status of the operation.

FAILED: The operation exceeded the specified failure tolerance. The failure tolerance value that you've set for an operation is applied for each Region during stack create and update operations. If the number of failed stacks within a Region exceeds the failure tolerance, the status of the operation in the Region is set to FAILED. This in turn sets the status of the operation as a whole to FAILED, and AWS CloudFormation cancels the operation in any remaining Regions.
QUEUED: [Service-managed permissions] For automatic deployments that require a sequence of operations, the operation is queued to be performed. For more information, see the stack set operation status codes in the AWS CloudFormation User Guide.
RUNNING: The operation is currently being performed.
STOPPED: The user has cancelled the operation.
STOPPING: The operation is in the process of stopping, at user request.
SUCCEEDED: The operation completed creating or updating all the specified stacks without exceeding the failure tolerance for the operation.

StackSetSummary

Description

The structures that contain summary information about the specified stack set.

Members

AutoDeployment

Type: AutoDeployment structure

[Service-managed permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organizational unit (OU).

Description

Type: string

A description of the stack set that you specify when the stack set is created or updated.

DriftStatus

Type: string

DRIFTED: One or more of the stack instances belonging to the stack set stack differs from the expected template and parameter configuration. A stack instance is considered to have drifted if one or more of the resources in the associated stack have drifted.
NOT_CHECKED: AWS CloudFormation has not checked the stack set for drift.
IN_SYNC: All of the stack instances belonging to the stack set stack match from the expected template and parameter configuration.
UNKNOWN: This value is reserved for future use.

LastDriftCheckTimestamp

Type: timestamp (string|DateTime or anything parsable by strtotime)

Most recent time when CloudFormation performed a drift detection operation on the stack set. This value will be NULL for any stack set on which drift detection has not yet been performed.

PermissionModel

Type: string

Describes how the IAM roles required for stack set operations are created.

With self-managed permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see Grant Self-Managed Stack Set Permissions.
With service-managed permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations. For more information, see Grant Service-Managed Stack Set Permissions.

StackSetId

Type: string

The ID of the stack set.

StackSetName

Type: string

The name of the stack set.

Status

Type: string

The status of the stack set.

StackSummary

Description

The StackSummary Data Type

Members

CreationTime

Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The time the stack was created.

DeletionTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The time the stack was deleted.

DriftInformation

Type: StackDriftInformationSummary structure

Summarizes information on whether a stack's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.

LastUpdatedTime

Type: timestamp (string|DateTime or anything parsable by strtotime)

The time the stack was last updated. This field will only be returned if the stack has been updated at least once.

ParentId

Type: string

For nested stacks--stacks created as resources for another stack--the stack ID of the direct parent of this stack. For the first level of nested stacks, the root stack is also the parent stack.

For more information, see Working with Nested Stacks in the AWS CloudFormation User Guide.

RootId

Type: string

For nested stacks--stacks created as resources for another stack--the stack ID of the top-level stack to which the nested stack ultimately belongs.

For more information, see Working with Nested Stacks in the AWS CloudFormation User Guide.

StackId

Type: string

Unique stack identifier.

StackName

Required: Yes
Type: string

The name associated with the stack.

StackStatus

Required: Yes
Type: string

The current status of the stack.

StackStatusReason

Type: string

Success/Failure message associated with the stack status.

TemplateDescription

Type: string

The template description of the template used to create the stack.

StaleRequestException

Description

Another operation has been performed on this stack set since the specified operation was performed.

Members

StopStackSetOperationOutput

Members

TemplateParameter

Description

The TemplateParameter data type.

Members

DefaultValue

Type: string

The default value associated with the parameter.

Description

Type: string

User defined description associated with the parameter.

NoEcho

Type: boolean

Flag indicating whether the parameter should be displayed as plain text in logs and UIs.

ParameterKey

Type: string

The name associated with the parameter.

TokenAlreadyExistsException

Description

A client request token already exists.

Members

TypeNotFoundException

Description

The specified type does not exist in the CloudFormation registry.

Members

TypeSummary

Description

Contains summary information about the specified CloudFormation type.

Members

DefaultVersionId

Type: string

The ID of the default version of the type. The default version is used when the type version is not specified.

To set the default version of a type, use SetTypeDefaultVersion .

Description

Type: string

The description of the type.

LastUpdated

Type: timestamp (string|DateTime or anything parsable by strtotime)

When the current default version of the type was registered.

Type

Type: string

The kind of type.

TypeArn

Type: string

The Amazon Resource Name (ARN) of the type.

TypeName

Type: string

The name of the type.

TypeVersionSummary

Description

Contains summary information about a specific version of a CloudFormation type.

Members

Arn

Type: string

The Amazon Resource Name (ARN) of the type version.

Description

Type: string

The description of the type version.

IsDefaultVersion

Type: boolean

Whether the specified type version is set as the default version.

TimeCreated

Type: timestamp (string|DateTime or anything parsable by strtotime)

When the version was registered.

Type

Type: string

The kind of type.

TypeName

Type: string

The name of the type.

VersionId

Type: string

The ID of a specific version of the type. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the type version when it is registered.

UpdateStackInstancesOutput

Members

OperationId

Type: string

The unique identifier for this stack set operation.

UpdateStackOutput

Description

The output for an UpdateStack action.

Members

StackId

Type: string

Unique identifier of the stack.

UpdateStackSetOutput

Members

OperationId

Type: string

The unique ID for this stack set operation.

UpdateTerminationProtectionOutput

Members

StackId

Type: string

The unique ID of the stack.

ValidateTemplateOutput

Description

The output for ValidateTemplate action.

Members

Capabilities

Type: Array of strings

For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.

CapabilitiesReason

Type: string

The list of resources that generated the values in the Capabilities response element.

DeclaredTransforms

Type: Array of strings

A list of the transforms that are declared in the template.

Description

Type: string

The description found within the template.

Parameters

Type: Array of TemplateParameter structures

A list of TemplateParameter structures.

Namespaces

Classes

Interfaces

Traits

Exceptions

Functions

AWS CloudFormation 2010-05-15

Operation Summary

Paginators

Waiters

Operations

CancelUpdateStack

Parameter Syntax

Parameter Details

Members

Result Syntax

Result Details

Errors

ContinueUpdateRollback

Parameter Syntax

Parameter Details

Members

Result Syntax

Result Details

Errors

CreateChangeSet

Parameter Syntax

Parameter Details

Members

Result Syntax

Result Details

Members

Errors

CreateStack

Parameter Syntax

Parameter Details

Members

Result Syntax

Result Details

Members

Errors

CreateStackInstances

Parameter Syntax

Parameter Details

Members

Result Syntax

Result Details

Members

Errors

CreateStackSet

Parameter Syntax

Parameter Details

Members

Result Syntax

Result Details

Members

Errors

DeleteChangeSet

Parameter Syntax

Parameter Details

Members

Result Syntax

Result Details

Errors

DeleteStack

Parameter Syntax

Parameter Details

Members

Result Syntax

Result Details

Errors

DeleteStackInstances

Parameter Syntax

Parameter Details

Members

Result Syntax

Result Details

Members

Errors

DeleteStackSet