software.amazon.awscdk.core

Class CfnStackSet

java.lang.Object

software.constructs.Construct

software.amazon.awscdk.core.Construct

software.amazon.awscdk.core.CfnElement

software.amazon.awscdk.core.CfnRefElement

software.amazon.awscdk.core.CfnResource

software.amazon.awscdk.core.CfnStackSet

All Implemented Interfaces:

IConstruct, IDependable, IInspectable

@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)",
           date="2023-03-14T16:25:20.500Z")
public class CfnStackSet
extends CfnResource
implements IInspectable

A CloudFormation `AWS::CloudFormation::StackSet`.

The AWS::CloudFormation::StackSet enables you to provision stacks into AWS accounts and across Regions by using a single CloudFormation template. In the stack set, you specify the template to use, in addition to any parameters and capabilities that the template requires.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.core.*;
 Object managedExecution;
 CfnStackSet cfnStackSet = CfnStackSet.Builder.create(this, "MyCfnStackSet")
         .permissionModel("permissionModel")
         .stackSetName("stackSetName")
         // the properties below are optional
         .administrationRoleArn("administrationRoleArn")
         .autoDeployment(AutoDeploymentProperty.builder()
                 .enabled(false)
                 .retainStacksOnAccountRemoval(false)
                 .build())
         .callAs("callAs")
         .capabilities(List.of("capabilities"))
         .description("description")
         .executionRoleName("executionRoleName")
         .managedExecution(managedExecution)
         .operationPreferences(OperationPreferencesProperty.builder()
                 .failureToleranceCount(123)
                 .failureTolerancePercentage(123)
                 .maxConcurrentCount(123)
                 .maxConcurrentPercentage(123)
                 .regionConcurrencyType("regionConcurrencyType")
                 .regionOrder(List.of("regionOrder"))
                 .build())
         .parameters(List.of(ParameterProperty.builder()
                 .parameterKey("parameterKey")
                 .parameterValue("parameterValue")
                 .build()))
         .stackInstancesGroup(List.of(StackInstancesProperty.builder()
                 .deploymentTargets(DeploymentTargetsProperty.builder()
                         .accountFilterType("accountFilterType")
                         .accounts(List.of("accounts"))
                         .organizationalUnitIds(List.of("organizationalUnitIds"))
                         .build())
                 .regions(List.of("regions"))
                 // the properties below are optional
                 .parameterOverrides(List.of(ParameterProperty.builder()
                         .parameterKey("parameterKey")
                         .parameterValue("parameterValue")
                         .build()))
                 .build()))
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .templateBody("templateBody")
         .templateUrl("templateUrl")
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static interface	CfnStackSet.AutoDeploymentProperty [ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organizational unit (OU).
static class	CfnStackSet.Builder A fluent builder for CfnStackSet.
static interface	CfnStackSet.DeploymentTargetsProperty The AWS OrganizationalUnitIds or Accounts for which to create stack instances in the specified Regions.
static interface	CfnStackSet.ManagedExecutionProperty Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
static interface	CfnStackSet.OperationPreferencesProperty The user-specified preferences for how AWS CloudFormation performs a stack set operation.
static interface	CfnStackSet.ParameterProperty The Parameter data type.
static interface	CfnStackSet.StackInstancesProperty Stack instances in some specific accounts and Regions.

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IInspectable

IInspectable.Jsii$Default, IInspectable.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct

IConstruct.Jsii$Default

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CFN_RESOURCE_TYPE_NAME The CloudFormation resource type name for this resource class.

Constructor Summary

Constructors

Modifier	Constructor and Description
	CfnStackSet(Construct scope, java.lang.String id, CfnStackSetProps props) Create a new `AWS::CloudFormation::StackSet`.
protected	CfnStackSet(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	CfnStackSet(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
java.lang.String	getAdministrationRoleArn() The Amazon Resource Number (ARN) of the IAM role to use to create this stack set.
java.lang.String	getAttrStackSetId() The ID of the stack that you're creating.
java.lang.Object	getAutoDeployment() [ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).
java.lang.String	getCallAs() [Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
java.util.List<java.lang.String>	getCapabilities() The capabilities that are allowed in the stack set.
protected java.util.Map<java.lang.String,java.lang.Object>	getCfnProperties()
java.lang.String	getDescription() A description of the stack set.
java.lang.String	getExecutionRoleName() The name of the IAM execution role to use to create the stack set.
java.lang.Object	getManagedExecution() Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
java.lang.Object	getOperationPreferences() The user-specified preferences for how AWS CloudFormation performs a stack set operation.
java.lang.Object	getParameters() The input parameters for the stack set template.
java.lang.String	getPermissionModel() Describes how the IAM roles required for stack set operations are created.
java.lang.Object	getStackInstancesGroup() A group of stack instances with parameters in some specific accounts and Regions.
java.lang.String	getStackSetName() The name to associate with the stack set.
TagManager	getTags() The key-value pairs to associate with this stack set and the stacks created from it.
java.lang.String	getTemplateBody() The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.
java.lang.String	getTemplateUrl() Location of file containing the template body.
void	inspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.
protected java.util.Map<java.lang.String,java.lang.Object>	renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)
void	setAdministrationRoleArn(java.lang.String value) The Amazon Resource Number (ARN) of the IAM role to use to create this stack set.
void	setAutoDeployment(CfnStackSet.AutoDeploymentProperty value) [ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).
void	setAutoDeployment(IResolvable value) [ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).
void	setCallAs(java.lang.String value) [Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
void	setCapabilities(java.util.List<java.lang.String> value) The capabilities that are allowed in the stack set.
void	setDescription(java.lang.String value) A description of the stack set.
void	setExecutionRoleName(java.lang.String value) The name of the IAM execution role to use to create the stack set.
void	setManagedExecution(java.lang.Object value) Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
void	setOperationPreferences(CfnStackSet.OperationPreferencesProperty value) The user-specified preferences for how AWS CloudFormation performs a stack set operation.
void	setOperationPreferences(IResolvable value) The user-specified preferences for how AWS CloudFormation performs a stack set operation.
void	setParameters(IResolvable value) The input parameters for the stack set template.
void	setParameters(java.util.List<java.lang.Object> value) The input parameters for the stack set template.
void	setPermissionModel(java.lang.String value) Describes how the IAM roles required for stack set operations are created.
void	setStackInstancesGroup(IResolvable value) A group of stack instances with parameters in some specific accounts and Regions.
void	setStackInstancesGroup(java.util.List<java.lang.Object> value) A group of stack instances with parameters in some specific accounts and Regions.
void	setStackSetName(java.lang.String value) The name to associate with the stack set.
void	setTemplateBody(java.lang.String value) The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.
void	setTemplateUrl(java.lang.String value) Location of file containing the template body.

Methods inherited from class software.amazon.awscdk.core.CfnResource

addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties

Methods inherited from class software.amazon.awscdk.core.CfnRefElement

getRef

Methods inherited from class software.amazon.awscdk.core.CfnElement

getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId

Methods inherited from class software.amazon.awscdk.core.Construct

getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

CFN_RESOURCE_TYPE_NAME

public static final java.lang.String CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.

Constructor Detail

CfnStackSet

protected CfnStackSet(software.amazon.jsii.JsiiObjectRef objRef)

CfnStackSet

protected CfnStackSet(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

CfnStackSet

public CfnStackSet(Construct scope,
                   java.lang.String id,
                   CfnStackSetProps props)

Create a new `AWS::CloudFormation::StackSet`.

Parameters:

scope - - scope in which this resource is defined. This parameter is required.

id - - scoped id of the resource. This parameter is required.

props - - resource properties. This parameter is required.

Method Detail

inspect

public void inspect(TreeInspector inspector)

Examines the CloudFormation resource and discloses attributes.

Specified by:

inspect in interface IInspectable

Parameters:

inspector - - tree inspector to collect and process attributes. This parameter is required.

renderProperties

protected java.util.Map<java.lang.String,java.lang.Object> renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)

Overrides:

renderProperties in class CfnResource

Parameters:

props - This parameter is required.

getAttrStackSetId

public java.lang.String getAttrStackSetId()

The ID of the stack that you're creating.

getCfnProperties

protected java.util.Map<java.lang.String,java.lang.Object> getCfnProperties()

Overrides:

getCfnProperties in class CfnResource

getTags

public TagManager getTags()

The key-value pairs to associate with this stack set and the stacks created from it.

AWS CloudFormation also propagates these tags to supported resources that are created in the stacks. A maximum number of 50 tags can be specified.

getManagedExecution

public java.lang.Object getManagedExecution()

Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.

When active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.

If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.

You can't modify your stack set's execution configuration while there are running or queued operations for that stack set.

When inactive (default), StackSets performs one operation at a time in request order.

setManagedExecution

public void setManagedExecution(java.lang.Object value)

Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.

When active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.

If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.

You can't modify your stack set's execution configuration while there are running or queued operations for that stack set.

When inactive (default), StackSets performs one operation at a time in request order.

getPermissionModel

public java.lang.String getPermissionModel()

Describes how the IAM roles required for stack set operations are created.

• With SELF_MANAGED permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see Grant Self-Managed Stack Set Permissions .
• With SERVICE_MANAGED permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see Grant Service-Managed Stack Set Permissions .

Allowed Values : SERVICE_MANAGED | SELF_MANAGED

The PermissionModel property is required.

setPermissionModel

public void setPermissionModel(java.lang.String value)

Describes how the IAM roles required for stack set operations are created.

• With SELF_MANAGED permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see Grant Self-Managed Stack Set Permissions .
• With SERVICE_MANAGED permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see Grant Service-Managed Stack Set Permissions .

Allowed Values : SERVICE_MANAGED | SELF_MANAGED

The PermissionModel property is required.

getStackSetName

public java.lang.String getStackSetName()

The name to associate with the stack set.

The name must be unique in the Region where you create your stack set.

Maximum : 128

Pattern : ^[a-zA-Z][a-zA-Z0-9-]{0,127}$

The StackSetName property is required.

setStackSetName

public void setStackSetName(java.lang.String value)

The name to associate with the stack set.

The name must be unique in the Region where you create your stack set.

Maximum : 128

Pattern : ^[a-zA-Z][a-zA-Z0-9-]{0,127}$

The StackSetName property is required.

getAdministrationRoleArn

public java.lang.String getAdministrationRoleArn()

The Amazon Resource Number (ARN) of the IAM role to use to create this stack set.

Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.

Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Prerequisites: Granting Permissions for Stack Set Operations in the AWS CloudFormation User Guide .

Minimum : 20

Maximum : 2048

setAdministrationRoleArn

public void setAdministrationRoleArn(java.lang.String value)

The Amazon Resource Number (ARN) of the IAM role to use to create this stack set.

Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.

Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Prerequisites: Granting Permissions for Stack Set Operations in the AWS CloudFormation User Guide .

Minimum : 20

Maximum : 2048

getAutoDeployment

public java.lang.Object getAutoDeployment()

[ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).

setAutoDeployment

public void setAutoDeployment(IResolvable value)

[ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).

setAutoDeployment

public void setAutoDeployment(CfnStackSet.AutoDeploymentProperty value)

[ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).

getCallAs

public java.lang.String getCallAs()

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• To create a stack set with service-managed permissions while signed in to the management account, specify SELF .
• To create a stack set with service-managed permissions while signed in to a delegated administrator account, specify DELEGATED_ADMIN .

Your AWS account must be registered as a delegated admin in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide .

Stack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.

Valid Values : SELF | DELEGATED_ADMIN

setCallAs

public void setCallAs(java.lang.String value)

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

• To create a stack set with service-managed permissions while signed in to the management account, specify SELF .
• To create a stack set with service-managed permissions while signed in to a delegated administrator account, specify DELEGATED_ADMIN .

Your AWS account must be registered as a delegated admin in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide .

Stack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.

Valid Values : SELF | DELEGATED_ADMIN

getCapabilities

public java.util.List<java.lang.String> getCapabilities()

The capabilities that are allowed in the stack set.

Some stack set templates might include resources that can affect permissions in your AWS account —for example, by creating new AWS Identity and Access Management ( IAM ) users. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates .

setCapabilities

public void setCapabilities(java.util.List<java.lang.String> value)

The capabilities that are allowed in the stack set.

Some stack set templates might include resources that can affect permissions in your AWS account —for example, by creating new AWS Identity and Access Management ( IAM ) users. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates .

getDescription

public java.lang.String getDescription()

A description of the stack set.

Minimum : 1

Maximum : 1024

setDescription

public void setDescription(java.lang.String value)

A description of the stack set.

Minimum : 1

Maximum : 1024

getExecutionRoleName

public java.lang.String getExecutionRoleName()

The name of the IAM execution role to use to create the stack set.

If you don't specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation.

Minimum : 1

Maximum : 64

Pattern : [a-zA-Z_0-9+=,.@-]+

setExecutionRoleName

public void setExecutionRoleName(java.lang.String value)

The name of the IAM execution role to use to create the stack set.

If you don't specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation.

Minimum : 1

Maximum : 64

Pattern : [a-zA-Z_0-9+=,.@-]+

getOperationPreferences

public java.lang.Object getOperationPreferences()

The user-specified preferences for how AWS CloudFormation performs a stack set operation.

setOperationPreferences

public void setOperationPreferences(IResolvable value)

The user-specified preferences for how AWS CloudFormation performs a stack set operation.

setOperationPreferences

public void setOperationPreferences(CfnStackSet.OperationPreferencesProperty value)

The user-specified preferences for how AWS CloudFormation performs a stack set operation.

getParameters

public java.lang.Object getParameters()

The input parameters for the stack set template.

setParameters

public void setParameters(IResolvable value)

The input parameters for the stack set template.

setParameters

public void setParameters(java.util.List<java.lang.Object> value)

The input parameters for the stack set template.

getStackInstancesGroup

public java.lang.Object getStackInstancesGroup()

A group of stack instances with parameters in some specific accounts and Regions.

setStackInstancesGroup

public void setStackInstancesGroup(IResolvable value)

A group of stack instances with parameters in some specific accounts and Regions.

setStackInstancesGroup

public void setStackInstancesGroup(java.util.List<java.lang.Object> value)

A group of stack instances with parameters in some specific accounts and Regions.

getTemplateBody

public java.lang.String getTemplateBody()

The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.

You must include either TemplateURL or TemplateBody in a StackSet, but you can't use both. Dynamic references in the TemplateBody may not work correctly in all cases. It's recommended to pass templates containing dynamic references through TemplateUrl instead.

Minimum : 1

Maximum : 51200

setTemplateBody

public void setTemplateBody(java.lang.String value)

The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.

You must include either TemplateURL or TemplateBody in a StackSet, but you can't use both. Dynamic references in the TemplateBody may not work correctly in all cases. It's recommended to pass templates containing dynamic references through TemplateUrl instead.

Minimum : 1

Maximum : 51200

getTemplateUrl

public java.lang.String getTemplateUrl()

Location of file containing the template body.

The URL must point to a template (max size: 460,800 bytes) that's located in an Amazon S3 bucket.

You must include either TemplateURL or TemplateBody in a StackSet, but you can't use both.

Minimum : 1

Maximum : 1024

setTemplateUrl

public void setTemplateUrl(java.lang.String value)

Location of file containing the template body.

The URL must point to a template (max size: 460,800 bytes) that's located in an Amazon S3 bucket.

You must include either TemplateURL or TemplateBody in a StackSet, but you can't use both.

Minimum : 1

Maximum : 1024