@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)", date="2023-03-14T16:25:20.500Z") public class CfnStackSet extends CfnResource implements IInspectable
The AWS::CloudFormation::StackSet
enables you to provision stacks into AWS accounts and across Regions by using a single CloudFormation template. In the stack set, you specify the template to use, in addition to any parameters and capabilities that the template requires.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.core.*; Object managedExecution; CfnStackSet cfnStackSet = CfnStackSet.Builder.create(this, "MyCfnStackSet") .permissionModel("permissionModel") .stackSetName("stackSetName") // the properties below are optional .administrationRoleArn("administrationRoleArn") .autoDeployment(AutoDeploymentProperty.builder() .enabled(false) .retainStacksOnAccountRemoval(false) .build()) .callAs("callAs") .capabilities(List.of("capabilities")) .description("description") .executionRoleName("executionRoleName") .managedExecution(managedExecution) .operationPreferences(OperationPreferencesProperty.builder() .failureToleranceCount(123) .failureTolerancePercentage(123) .maxConcurrentCount(123) .maxConcurrentPercentage(123) .regionConcurrencyType("regionConcurrencyType") .regionOrder(List.of("regionOrder")) .build()) .parameters(List.of(ParameterProperty.builder() .parameterKey("parameterKey") .parameterValue("parameterValue") .build())) .stackInstancesGroup(List.of(StackInstancesProperty.builder() .deploymentTargets(DeploymentTargetsProperty.builder() .accountFilterType("accountFilterType") .accounts(List.of("accounts")) .organizationalUnitIds(List.of("organizationalUnitIds")) .build()) .regions(List.of("regions")) // the properties below are optional .parameterOverrides(List.of(ParameterProperty.builder() .parameterKey("parameterKey") .parameterValue("parameterValue") .build())) .build())) .tags(List.of(CfnTag.builder() .key("key") .value("value") .build())) .templateBody("templateBody") .templateUrl("templateUrl") .build();
Modifier and Type | Class and Description |
---|---|
static interface |
CfnStackSet.AutoDeploymentProperty
[ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organizational unit (OU).
|
static class |
CfnStackSet.Builder
A fluent builder for
CfnStackSet . |
static interface |
CfnStackSet.DeploymentTargetsProperty
The AWS OrganizationalUnitIds or Accounts for which to create stack instances in the specified Regions.
|
static interface |
CfnStackSet.ManagedExecutionProperty
Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
|
static interface |
CfnStackSet.OperationPreferencesProperty
The user-specified preferences for how AWS CloudFormation performs a stack set operation.
|
static interface |
CfnStackSet.ParameterProperty
The Parameter data type.
|
static interface |
CfnStackSet.StackInstancesProperty
Stack instances in some specific accounts and Regions.
|
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy
IConstruct.Jsii$Default
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
|
Modifier | Constructor and Description |
---|---|
|
CfnStackSet(Construct scope,
java.lang.String id,
CfnStackSetProps props)
Create a new `AWS::CloudFormation::StackSet`.
|
protected |
CfnStackSet(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
CfnStackSet(software.amazon.jsii.JsiiObjectRef objRef) |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
getAdministrationRoleArn()
The Amazon Resource Number (ARN) of the IAM role to use to create this stack set.
|
java.lang.String |
getAttrStackSetId()
The ID of the stack that you're creating.
|
java.lang.Object |
getAutoDeployment()
[ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).
|
java.lang.String |
getCallAs()
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
|
java.util.List<java.lang.String> |
getCapabilities()
The capabilities that are allowed in the stack set.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
getCfnProperties() |
java.lang.String |
getDescription()
A description of the stack set.
|
java.lang.String |
getExecutionRoleName()
The name of the IAM execution role to use to create the stack set.
|
java.lang.Object |
getManagedExecution()
Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
|
java.lang.Object |
getOperationPreferences()
The user-specified preferences for how AWS CloudFormation performs a stack set operation.
|
java.lang.Object |
getParameters()
The input parameters for the stack set template.
|
java.lang.String |
getPermissionModel()
Describes how the IAM roles required for stack set operations are created.
|
java.lang.Object |
getStackInstancesGroup()
A group of stack instances with parameters in some specific accounts and Regions.
|
java.lang.String |
getStackSetName()
The name to associate with the stack set.
|
TagManager |
getTags()
The key-value pairs to associate with this stack set and the stacks created from it.
|
java.lang.String |
getTemplateBody()
The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.
|
java.lang.String |
getTemplateUrl()
Location of file containing the template body.
|
void |
inspect(TreeInspector inspector)
Examines the CloudFormation resource and discloses attributes.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
renderProperties(java.util.Map<java.lang.String,java.lang.Object> props) |
void |
setAdministrationRoleArn(java.lang.String value)
The Amazon Resource Number (ARN) of the IAM role to use to create this stack set.
|
void |
setAutoDeployment(CfnStackSet.AutoDeploymentProperty value)
[ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).
|
void |
setAutoDeployment(IResolvable value)
[ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).
|
void |
setCallAs(java.lang.String value)
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
|
void |
setCapabilities(java.util.List<java.lang.String> value)
The capabilities that are allowed in the stack set.
|
void |
setDescription(java.lang.String value)
A description of the stack set.
|
void |
setExecutionRoleName(java.lang.String value)
The name of the IAM execution role to use to create the stack set.
|
void |
setManagedExecution(java.lang.Object value)
Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
|
void |
setOperationPreferences(CfnStackSet.OperationPreferencesProperty value)
The user-specified preferences for how AWS CloudFormation performs a stack set operation.
|
void |
setOperationPreferences(IResolvable value)
The user-specified preferences for how AWS CloudFormation performs a stack set operation.
|
void |
setParameters(IResolvable value)
The input parameters for the stack set template.
|
void |
setParameters(java.util.List<java.lang.Object> value)
The input parameters for the stack set template.
|
void |
setPermissionModel(java.lang.String value)
Describes how the IAM roles required for stack set operations are created.
|
void |
setStackInstancesGroup(IResolvable value)
A group of stack instances with parameters in some specific accounts and Regions.
|
void |
setStackInstancesGroup(java.util.List<java.lang.Object> value)
A group of stack instances with parameters in some specific accounts and Regions.
|
void |
setStackSetName(java.lang.String value)
The name to associate with the stack set.
|
void |
setTemplateBody(java.lang.String value)
The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.
|
void |
setTemplateUrl(java.lang.String value)
Location of file containing the template body.
|
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties
getRef
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate
public static final java.lang.String CFN_RESOURCE_TYPE_NAME
protected CfnStackSet(software.amazon.jsii.JsiiObjectRef objRef)
protected CfnStackSet(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
public CfnStackSet(Construct scope, java.lang.String id, CfnStackSetProps props)
scope
- - scope in which this resource is defined. This parameter is required.id
- - scoped id of the resource. This parameter is required.props
- - resource properties. This parameter is required.public void inspect(TreeInspector inspector)
inspect
in interface IInspectable
inspector
- - tree inspector to collect and process attributes. This parameter is required.protected java.util.Map<java.lang.String,java.lang.Object> renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)
renderProperties
in class CfnResource
props
- This parameter is required.public java.lang.String getAttrStackSetId()
protected java.util.Map<java.lang.String,java.lang.Object> getCfnProperties()
getCfnProperties
in class CfnResource
public TagManager getTags()
AWS CloudFormation also propagates these tags to supported resources that are created in the stacks. A maximum number of 50 tags can be specified.
public java.lang.Object getManagedExecution()
When active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.
If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.
You can't modify your stack set's execution configuration while there are running or queued operations for that stack set.
When inactive (default), StackSets performs one operation at a time in request order.
public void setManagedExecution(java.lang.Object value)
When active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.
If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.
You can't modify your stack set's execution configuration while there are running or queued operations for that stack set.
When inactive (default), StackSets performs one operation at a time in request order.
public java.lang.String getPermissionModel()
SELF_MANAGED
permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see Grant Self-Managed Stack Set Permissions .SERVICE_MANAGED
permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see Grant Service-Managed Stack Set Permissions .
Allowed Values : SERVICE_MANAGED
| SELF_MANAGED
The
PermissionModel
property is required.
public void setPermissionModel(java.lang.String value)
SELF_MANAGED
permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see Grant Self-Managed Stack Set Permissions .SERVICE_MANAGED
permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see Grant Service-Managed Stack Set Permissions .
Allowed Values : SERVICE_MANAGED
| SELF_MANAGED
The
PermissionModel
property is required.
public java.lang.String getStackSetName()
The name must be unique in the Region where you create your stack set.
Maximum : 128
Pattern : ^[a-zA-Z][a-zA-Z0-9-]{0,127}$
The
StackSetName
property is required.
public void setStackSetName(java.lang.String value)
The name must be unique in the Region where you create your stack set.
Maximum : 128
Pattern : ^[a-zA-Z][a-zA-Z0-9-]{0,127}$
The
StackSetName
property is required.
public java.lang.String getAdministrationRoleArn()
Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.
Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Prerequisites: Granting Permissions for Stack Set Operations in the AWS CloudFormation User Guide .
Minimum : 20
Maximum : 2048
public void setAdministrationRoleArn(java.lang.String value)
Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.
Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Prerequisites: Granting Permissions for Stack Set Operations in the AWS CloudFormation User Guide .
Minimum : 20
Maximum : 2048
public java.lang.Object getAutoDeployment()
public void setAutoDeployment(IResolvable value)
public void setAutoDeployment(CfnStackSet.AutoDeploymentProperty value)
public java.lang.String getCallAs()
By default, SELF
is specified. Use SELF
for stack sets with self-managed permissions.
SELF
.DELEGATED_ADMIN
.Your AWS account must be registered as a delegated admin in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide .
Stack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.
Valid Values : SELF
| DELEGATED_ADMIN
public void setCallAs(java.lang.String value)
By default, SELF
is specified. Use SELF
for stack sets with self-managed permissions.
SELF
.DELEGATED_ADMIN
.Your AWS account must be registered as a delegated admin in the management account. For more information, see Register a delegated administrator in the AWS CloudFormation User Guide .
Stack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.
Valid Values : SELF
| DELEGATED_ADMIN
public java.util.List<java.lang.String> getCapabilities()
Some stack set templates might include resources that can affect permissions in your AWS account —for example, by creating new AWS Identity and Access Management ( IAM ) users. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates .
public void setCapabilities(java.util.List<java.lang.String> value)
Some stack set templates might include resources that can affect permissions in your AWS account —for example, by creating new AWS Identity and Access Management ( IAM ) users. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates .
public java.lang.String getDescription()
Minimum : 1
Maximum : 1024
public void setDescription(java.lang.String value)
Minimum : 1
Maximum : 1024
public java.lang.String getExecutionRoleName()
If you don't specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole
role for the stack set operation.
Minimum : 1
Maximum : 64
Pattern : [a-zA-Z_0-9+=,.@-]+
public void setExecutionRoleName(java.lang.String value)
If you don't specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole
role for the stack set operation.
Minimum : 1
Maximum : 64
Pattern : [a-zA-Z_0-9+=,.@-]+
public java.lang.Object getOperationPreferences()
public void setOperationPreferences(IResolvable value)
public void setOperationPreferences(CfnStackSet.OperationPreferencesProperty value)
public java.lang.Object getParameters()
public void setParameters(IResolvable value)
public void setParameters(java.util.List<java.lang.Object> value)
public java.lang.Object getStackInstancesGroup()
public void setStackInstancesGroup(IResolvable value)
public void setStackInstancesGroup(java.util.List<java.lang.Object> value)
public java.lang.String getTemplateBody()
You must include either TemplateURL
or TemplateBody
in a StackSet, but you can't use both. Dynamic references in the TemplateBody
may not work correctly in all cases. It's recommended to pass templates containing dynamic references through TemplateUrl
instead.
Minimum : 1
Maximum : 51200
public void setTemplateBody(java.lang.String value)
You must include either TemplateURL
or TemplateBody
in a StackSet, but you can't use both. Dynamic references in the TemplateBody
may not work correctly in all cases. It's recommended to pass templates containing dynamic references through TemplateUrl
instead.
Minimum : 1
Maximum : 51200
public java.lang.String getTemplateUrl()
The URL must point to a template (max size: 460,800 bytes) that's located in an Amazon S3 bucket.
You must include either TemplateURL
or TemplateBody
in a StackSet, but you can't use both.
Minimum : 1
Maximum : 1024
public void setTemplateUrl(java.lang.String value)
The URL must point to a template (max size: 460,800 bytes) that's located in an Amazon S3 bucket.
You must include either TemplateURL
or TemplateBody
in a StackSet, but you can't use both.
Minimum : 1
Maximum : 1024