1. Packages
  2. AWS
  3. API Docs
  4. cloudformation
  5. StackSet
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

aws.cloudformation.StackSet

Explore with Pulumi AI

aws logo
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

    Manages a CloudFormation StackSet. StackSets allow CloudFormation templates to be easily deployed across multiple accounts and regions via StackSet Instances (aws.cloudformation.StackSetInstance resource). Additional information about StackSets can be found in the AWS CloudFormation User Guide.

    NOTE: All template parameters, including those with a Default, must be configured or ignored with the lifecycle configuration block ignore_changes argument.

    NOTE: All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.

    NOTE: When using a delegated administrator account, ensure that your IAM User or Role has the organizations:ListDelegatedAdministrators permission. Otherwise, you may get an error like ValidationError: Account used is not a delegated administrator.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = aws.iam.getPolicyDocument({
        statements: [{
            actions: ["sts:AssumeRole"],
            effect: "Allow",
            principals: [{
                identifiers: ["cloudformation.amazonaws.com"],
                type: "Service",
            }],
        }],
    });
    const aWSCloudFormationStackSetAdministrationRole = new aws.iam.Role("AWSCloudFormationStackSetAdministrationRole", {
        assumeRolePolicy: aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.then(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy => aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json),
        name: "AWSCloudFormationStackSetAdministrationRole",
    });
    const example = new aws.cloudformation.StackSet("example", {
        administrationRoleArn: aWSCloudFormationStackSetAdministrationRole.arn,
        name: "example",
        parameters: {
            VPCCidr: "10.0.0.0/16",
        },
        templateBody: JSON.stringify({
            Parameters: {
                VPCCidr: {
                    Type: "String",
                    Default: "10.0.0.0/16",
                    Description: "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.",
                },
            },
            Resources: {
                myVpc: {
                    Type: "AWS::EC2::VPC",
                    Properties: {
                        CidrBlock: {
                            Ref: "VPCCidr",
                        },
                        Tags: [{
                            Key: "Name",
                            Value: "Primary_CF_VPC",
                        }],
                    },
                },
            },
        }),
    });
    const aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = aws.iam.getPolicyDocumentOutput({
        statements: [{
            actions: ["sts:AssumeRole"],
            effect: "Allow",
            resources: [pulumi.interpolate`arn:aws:iam::*:role/${example.executionRoleName}`],
        }],
    });
    const aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new aws.iam.RolePolicy("AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy", {
        name: "ExecutionPolicy",
        policy: aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.apply(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy => aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.json),
        role: aWSCloudFormationStackSetAdministrationRole.name,
    });
    
    import pulumi
    import json
    import pulumi_aws as aws
    
    a_ws_cloud_formation_stack_set_administration_role_assume_role_policy = aws.iam.get_policy_document(statements=[{
        "actions": ["sts:AssumeRole"],
        "effect": "Allow",
        "principals": [{
            "identifiers": ["cloudformation.amazonaws.com"],
            "type": "Service",
        }],
    }])
    a_ws_cloud_formation_stack_set_administration_role = aws.iam.Role("AWSCloudFormationStackSetAdministrationRole",
        assume_role_policy=a_ws_cloud_formation_stack_set_administration_role_assume_role_policy.json,
        name="AWSCloudFormationStackSetAdministrationRole")
    example = aws.cloudformation.StackSet("example",
        administration_role_arn=a_ws_cloud_formation_stack_set_administration_role.arn,
        name="example",
        parameters={
            "VPCCidr": "10.0.0.0/16",
        },
        template_body=json.dumps({
            "Parameters": {
                "VPCCidr": {
                    "Type": "String",
                    "Default": "10.0.0.0/16",
                    "Description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.",
                },
            },
            "Resources": {
                "myVpc": {
                    "Type": "AWS::EC2::VPC",
                    "Properties": {
                        "CidrBlock": {
                            "Ref": "VPCCidr",
                        },
                        "Tags": [{
                            "Key": "Name",
                            "Value": "Primary_CF_VPC",
                        }],
                    },
                },
            },
        }))
    a_ws_cloud_formation_stack_set_administration_role_execution_policy = aws.iam.get_policy_document_output(statements=[{
        "actions": ["sts:AssumeRole"],
        "effect": "Allow",
        "resources": [example.execution_role_name.apply(lambda execution_role_name: f"arn:aws:iam::*:role/{execution_role_name}")],
    }])
    a_ws_cloud_formation_stack_set_administration_role_execution_policy_role_policy = aws.iam.RolePolicy("AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy",
        name="ExecutionPolicy",
        policy=a_ws_cloud_formation_stack_set_administration_role_execution_policy.json,
        role=a_ws_cloud_formation_stack_set_administration_role.name)
    
    package main
    
    import (
    	"encoding/json"
    	"fmt"
    
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
    			Statements: []iam.GetPolicyDocumentStatement{
    				{
    					Actions: []string{
    						"sts:AssumeRole",
    					},
    					Effect: pulumi.StringRef("Allow"),
    					Principals: []iam.GetPolicyDocumentStatementPrincipal{
    						{
    							Identifiers: []string{
    								"cloudformation.amazonaws.com",
    							},
    							Type: "Service",
    						},
    					},
    				},
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		aWSCloudFormationStackSetAdministrationRole, err := iam.NewRole(ctx, "AWSCloudFormationStackSetAdministrationRole", &iam.RoleArgs{
    			AssumeRolePolicy: pulumi.String(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Json),
    			Name:             pulumi.String("AWSCloudFormationStackSetAdministrationRole"),
    		})
    		if err != nil {
    			return err
    		}
    		tmpJSON0, err := json.Marshal(map[string]interface{}{
    			"Parameters": map[string]interface{}{
    				"VPCCidr": map[string]interface{}{
    					"Type":        "String",
    					"Default":     "10.0.0.0/16",
    					"Description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.",
    				},
    			},
    			"Resources": map[string]interface{}{
    				"myVpc": map[string]interface{}{
    					"Type": "AWS::EC2::VPC",
    					"Properties": map[string]interface{}{
    						"CidrBlock": map[string]interface{}{
    							"Ref": "VPCCidr",
    						},
    						"Tags": []map[string]interface{}{
    							map[string]interface{}{
    								"Key":   "Name",
    								"Value": "Primary_CF_VPC",
    							},
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		json0 := string(tmpJSON0)
    		example, err := cloudformation.NewStackSet(ctx, "example", &cloudformation.StackSetArgs{
    			AdministrationRoleArn: aWSCloudFormationStackSetAdministrationRole.Arn,
    			Name:                  pulumi.String("example"),
    			Parameters: pulumi.StringMap{
    				"VPCCidr": pulumi.String("10.0.0.0/16"),
    			},
    			TemplateBody: pulumi.String(json0),
    		})
    		if err != nil {
    			return err
    		}
    		aWSCloudFormationStackSetAdministrationRoleExecutionPolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
    			Statements: iam.GetPolicyDocumentStatementArray{
    				&iam.GetPolicyDocumentStatementArgs{
    					Actions: pulumi.StringArray{
    						pulumi.String("sts:AssumeRole"),
    					},
    					Effect: pulumi.String("Allow"),
    					Resources: pulumi.StringArray{
    						example.ExecutionRoleName.ApplyT(func(executionRoleName string) (string, error) {
    							return fmt.Sprintf("arn:aws:iam::*:role/%v", executionRoleName), nil
    						}).(pulumi.StringOutput),
    					},
    				},
    			},
    		}, nil)
    		_, err = iam.NewRolePolicy(ctx, "AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy", &iam.RolePolicyArgs{
    			Name: pulumi.String("ExecutionPolicy"),
    			Policy: pulumi.String(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.ApplyT(func(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy iam.GetPolicyDocumentResult) (*string, error) {
    				return &aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.Json, nil
    			}).(pulumi.StringPtrOutput)),
    			Role: aWSCloudFormationStackSetAdministrationRole.Name,
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using System.Text.Json;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()
        {
            Statements = new[]
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Actions = new[]
                    {
                        "sts:AssumeRole",
                    },
                    Effect = "Allow",
                    Principals = new[]
                    {
                        new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                        {
                            Identifiers = new[]
                            {
                                "cloudformation.amazonaws.com",
                            },
                            Type = "Service",
                        },
                    },
                },
            },
        });
    
        var aWSCloudFormationStackSetAdministrationRole = new Aws.Iam.Role("AWSCloudFormationStackSetAdministrationRole", new()
        {
            AssumeRolePolicy = aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
            Name = "AWSCloudFormationStackSetAdministrationRole",
        });
    
        var example = new Aws.CloudFormation.StackSet("example", new()
        {
            AdministrationRoleArn = aWSCloudFormationStackSetAdministrationRole.Arn,
            Name = "example",
            Parameters = 
            {
                { "VPCCidr", "10.0.0.0/16" },
            },
            TemplateBody = JsonSerializer.Serialize(new Dictionary<string, object?>
            {
                ["Parameters"] = new Dictionary<string, object?>
                {
                    ["VPCCidr"] = new Dictionary<string, object?>
                    {
                        ["Type"] = "String",
                        ["Default"] = "10.0.0.0/16",
                        ["Description"] = "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.",
                    },
                },
                ["Resources"] = new Dictionary<string, object?>
                {
                    ["myVpc"] = new Dictionary<string, object?>
                    {
                        ["Type"] = "AWS::EC2::VPC",
                        ["Properties"] = new Dictionary<string, object?>
                        {
                            ["CidrBlock"] = new Dictionary<string, object?>
                            {
                                ["Ref"] = "VPCCidr",
                            },
                            ["Tags"] = new[]
                            {
                                new Dictionary<string, object?>
                                {
                                    ["Key"] = "Name",
                                    ["Value"] = "Primary_CF_VPC",
                                },
                            },
                        },
                    },
                },
            }),
        });
    
        var aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()
        {
            Statements = new[]
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Actions = new[]
                    {
                        "sts:AssumeRole",
                    },
                    Effect = "Allow",
                    Resources = new[]
                    {
                        $"arn:aws:iam::*:role/{example.ExecutionRoleName}",
                    },
                },
            },
        });
    
        var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new Aws.Iam.RolePolicy("AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy", new()
        {
            Name = "ExecutionPolicy",
            Policy = aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
            Role = aWSCloudFormationStackSetAdministrationRole.Name,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.iam.IamFunctions;
    import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
    import com.pulumi.aws.iam.Role;
    import com.pulumi.aws.iam.RoleArgs;
    import com.pulumi.aws.cloudformation.StackSet;
    import com.pulumi.aws.cloudformation.StackSetArgs;
    import com.pulumi.aws.iam.RolePolicy;
    import com.pulumi.aws.iam.RolePolicyArgs;
    import static com.pulumi.codegen.internal.Serialization.*;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
                .statements(GetPolicyDocumentStatementArgs.builder()
                    .actions("sts:AssumeRole")
                    .effect("Allow")
                    .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                        .identifiers("cloudformation.amazonaws.com")
                        .type("Service")
                        .build())
                    .build())
                .build());
    
            var aWSCloudFormationStackSetAdministrationRole = new Role("aWSCloudFormationStackSetAdministrationRole", RoleArgs.builder()
                .assumeRolePolicy(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
                .name("AWSCloudFormationStackSetAdministrationRole")
                .build());
    
            var example = new StackSet("example", StackSetArgs.builder()
                .administrationRoleArn(aWSCloudFormationStackSetAdministrationRole.arn())
                .name("example")
                .parameters(Map.of("VPCCidr", "10.0.0.0/16"))
                .templateBody(serializeJson(
                    jsonObject(
                        jsonProperty("Parameters", jsonObject(
                            jsonProperty("VPCCidr", jsonObject(
                                jsonProperty("Type", "String"),
                                jsonProperty("Default", "10.0.0.0/16"),
                                jsonProperty("Description", "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.")
                            ))
                        )),
                        jsonProperty("Resources", jsonObject(
                            jsonProperty("myVpc", jsonObject(
                                jsonProperty("Type", "AWS::EC2::VPC"),
                                jsonProperty("Properties", jsonObject(
                                    jsonProperty("CidrBlock", jsonObject(
                                        jsonProperty("Ref", "VPCCidr")
                                    )),
                                    jsonProperty("Tags", jsonArray(jsonObject(
                                        jsonProperty("Key", "Name"),
                                        jsonProperty("Value", "Primary_CF_VPC")
                                    )))
                                ))
                            ))
                        ))
                    )))
                .build());
    
            final var aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
                .statements(GetPolicyDocumentStatementArgs.builder()
                    .actions("sts:AssumeRole")
                    .effect("Allow")
                    .resources(example.executionRoleName().applyValue(executionRoleName -> String.format("arn:aws:iam::*:role/%s", executionRoleName)))
                    .build())
                .build());
    
            var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new RolePolicy("aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy", RolePolicyArgs.builder()
                .name("ExecutionPolicy")
                .policy(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy -> aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
                .role(aWSCloudFormationStackSetAdministrationRole.name())
                .build());
    
        }
    }
    
    resources:
      aWSCloudFormationStackSetAdministrationRole:
        type: aws:iam:Role
        name: AWSCloudFormationStackSetAdministrationRole
        properties:
          assumeRolePolicy: ${aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json}
          name: AWSCloudFormationStackSetAdministrationRole
      example:
        type: aws:cloudformation:StackSet
        properties:
          administrationRoleArn: ${aWSCloudFormationStackSetAdministrationRole.arn}
          name: example
          parameters:
            VPCCidr: 10.0.0.0/16
          templateBody:
            fn::toJSON:
              Parameters:
                VPCCidr:
                  Type: String
                  Default: 10.0.0.0/16
                  Description: Enter the CIDR block for the VPC. Default is 10.0.0.0/16.
              Resources:
                myVpc:
                  Type: AWS::EC2::VPC
                  Properties:
                    CidrBlock:
                      Ref: VPCCidr
                    Tags:
                      - Key: Name
                        Value: Primary_CF_VPC
      aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy:
        type: aws:iam:RolePolicy
        name: AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy
        properties:
          name: ExecutionPolicy
          policy: ${aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.json}
          role: ${aWSCloudFormationStackSetAdministrationRole.name}
    variables:
      aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy:
        fn::invoke:
          Function: aws:iam:getPolicyDocument
          Arguments:
            statements:
              - actions:
                  - sts:AssumeRole
                effect: Allow
                principals:
                  - identifiers:
                      - cloudformation.amazonaws.com
                    type: Service
      aWSCloudFormationStackSetAdministrationRoleExecutionPolicy:
        fn::invoke:
          Function: aws:iam:getPolicyDocument
          Arguments:
            statements:
              - actions:
                  - sts:AssumeRole
                effect: Allow
                resources:
                  - arn:aws:iam::*:role/${example.executionRoleName}
    

    Create StackSet Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new StackSet(name: string, args?: StackSetArgs, opts?: CustomResourceOptions);
    @overload
    def StackSet(resource_name: str,
                 args: Optional[StackSetArgs] = None,
                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def StackSet(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 administration_role_arn: Optional[str] = None,
                 auto_deployment: Optional[StackSetAutoDeploymentArgs] = None,
                 call_as: Optional[str] = None,
                 capabilities: Optional[Sequence[str]] = None,
                 description: Optional[str] = None,
                 execution_role_name: Optional[str] = None,
                 managed_execution: Optional[StackSetManagedExecutionArgs] = None,
                 name: Optional[str] = None,
                 operation_preferences: Optional[StackSetOperationPreferencesArgs] = None,
                 parameters: Optional[Mapping[str, str]] = None,
                 permission_model: Optional[str] = None,
                 tags: Optional[Mapping[str, str]] = None,
                 template_body: Optional[str] = None,
                 template_url: Optional[str] = None)
    func NewStackSet(ctx *Context, name string, args *StackSetArgs, opts ...ResourceOption) (*StackSet, error)
    public StackSet(string name, StackSetArgs? args = null, CustomResourceOptions? opts = null)
    public StackSet(String name, StackSetArgs args)
    public StackSet(String name, StackSetArgs args, CustomResourceOptions options)
    
    type: aws:cloudformation:StackSet
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args StackSetArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args StackSetArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args StackSetArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args StackSetArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args StackSetArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var stackSetResource = new Aws.CloudFormation.StackSet("stackSetResource", new()
    {
        AdministrationRoleArn = "string",
        AutoDeployment = new Aws.CloudFormation.Inputs.StackSetAutoDeploymentArgs
        {
            Enabled = false,
            RetainStacksOnAccountRemoval = false,
        },
        CallAs = "string",
        Capabilities = new[]
        {
            "string",
        },
        Description = "string",
        ExecutionRoleName = "string",
        ManagedExecution = new Aws.CloudFormation.Inputs.StackSetManagedExecutionArgs
        {
            Active = false,
        },
        Name = "string",
        OperationPreferences = new Aws.CloudFormation.Inputs.StackSetOperationPreferencesArgs
        {
            FailureToleranceCount = 0,
            FailureTolerancePercentage = 0,
            MaxConcurrentCount = 0,
            MaxConcurrentPercentage = 0,
            RegionConcurrencyType = "string",
            RegionOrders = new[]
            {
                "string",
            },
        },
        Parameters = 
        {
            { "string", "string" },
        },
        PermissionModel = "string",
        Tags = 
        {
            { "string", "string" },
        },
        TemplateBody = "string",
        TemplateUrl = "string",
    });
    
    example, err := cloudformation.NewStackSet(ctx, "stackSetResource", &cloudformation.StackSetArgs{
    	AdministrationRoleArn: pulumi.String("string"),
    	AutoDeployment: &cloudformation.StackSetAutoDeploymentArgs{
    		Enabled:                      pulumi.Bool(false),
    		RetainStacksOnAccountRemoval: pulumi.Bool(false),
    	},
    	CallAs: pulumi.String("string"),
    	Capabilities: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Description:       pulumi.String("string"),
    	ExecutionRoleName: pulumi.String("string"),
    	ManagedExecution: &cloudformation.StackSetManagedExecutionArgs{
    		Active: pulumi.Bool(false),
    	},
    	Name: pulumi.String("string"),
    	OperationPreferences: &cloudformation.StackSetOperationPreferencesArgs{
    		FailureToleranceCount:      pulumi.Int(0),
    		FailureTolerancePercentage: pulumi.Int(0),
    		MaxConcurrentCount:         pulumi.Int(0),
    		MaxConcurrentPercentage:    pulumi.Int(0),
    		RegionConcurrencyType:      pulumi.String("string"),
    		RegionOrders: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	Parameters: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	PermissionModel: pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	TemplateBody: pulumi.String("string"),
    	TemplateUrl:  pulumi.String("string"),
    })
    
    var stackSetResource = new StackSet("stackSetResource", StackSetArgs.builder()
        .administrationRoleArn("string")
        .autoDeployment(StackSetAutoDeploymentArgs.builder()
            .enabled(false)
            .retainStacksOnAccountRemoval(false)
            .build())
        .callAs("string")
        .capabilities("string")
        .description("string")
        .executionRoleName("string")
        .managedExecution(StackSetManagedExecutionArgs.builder()
            .active(false)
            .build())
        .name("string")
        .operationPreferences(StackSetOperationPreferencesArgs.builder()
            .failureToleranceCount(0)
            .failureTolerancePercentage(0)
            .maxConcurrentCount(0)
            .maxConcurrentPercentage(0)
            .regionConcurrencyType("string")
            .regionOrders("string")
            .build())
        .parameters(Map.of("string", "string"))
        .permissionModel("string")
        .tags(Map.of("string", "string"))
        .templateBody("string")
        .templateUrl("string")
        .build());
    
    stack_set_resource = aws.cloudformation.StackSet("stackSetResource",
        administration_role_arn="string",
        auto_deployment={
            "enabled": False,
            "retain_stacks_on_account_removal": False,
        },
        call_as="string",
        capabilities=["string"],
        description="string",
        execution_role_name="string",
        managed_execution={
            "active": False,
        },
        name="string",
        operation_preferences={
            "failure_tolerance_count": 0,
            "failure_tolerance_percentage": 0,
            "max_concurrent_count": 0,
            "max_concurrent_percentage": 0,
            "region_concurrency_type": "string",
            "region_orders": ["string"],
        },
        parameters={
            "string": "string",
        },
        permission_model="string",
        tags={
            "string": "string",
        },
        template_body="string",
        template_url="string")
    
    const stackSetResource = new aws.cloudformation.StackSet("stackSetResource", {
        administrationRoleArn: "string",
        autoDeployment: {
            enabled: false,
            retainStacksOnAccountRemoval: false,
        },
        callAs: "string",
        capabilities: ["string"],
        description: "string",
        executionRoleName: "string",
        managedExecution: {
            active: false,
        },
        name: "string",
        operationPreferences: {
            failureToleranceCount: 0,
            failureTolerancePercentage: 0,
            maxConcurrentCount: 0,
            maxConcurrentPercentage: 0,
            regionConcurrencyType: "string",
            regionOrders: ["string"],
        },
        parameters: {
            string: "string",
        },
        permissionModel: "string",
        tags: {
            string: "string",
        },
        templateBody: "string",
        templateUrl: "string",
    });
    
    type: aws:cloudformation:StackSet
    properties:
        administrationRoleArn: string
        autoDeployment:
            enabled: false
            retainStacksOnAccountRemoval: false
        callAs: string
        capabilities:
            - string
        description: string
        executionRoleName: string
        managedExecution:
            active: false
        name: string
        operationPreferences:
            failureToleranceCount: 0
            failureTolerancePercentage: 0
            maxConcurrentCount: 0
            maxConcurrentPercentage: 0
            regionConcurrencyType: string
            regionOrders:
                - string
        parameters:
            string: string
        permissionModel: string
        tags:
            string: string
        templateBody: string
        templateUrl: string
    

    StackSet Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The StackSet resource accepts the following input properties:

    AdministrationRoleArn string
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    AutoDeployment StackSetAutoDeployment
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    CallAs string
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    Capabilities List<string>
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    Description string
    Description of the StackSet.
    ExecutionRoleName string
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    ManagedExecution StackSetManagedExecution
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    Name string
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    OperationPreferences StackSetOperationPreferences
    Preferences for how AWS CloudFormation performs a stack set update.
    Parameters Dictionary<string, string>
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    PermissionModel string
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    Tags Dictionary<string, string>
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TemplateBody string
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    TemplateUrl string
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.
    AdministrationRoleArn string
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    AutoDeployment StackSetAutoDeploymentArgs
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    CallAs string
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    Capabilities []string
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    Description string
    Description of the StackSet.
    ExecutionRoleName string
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    ManagedExecution StackSetManagedExecutionArgs
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    Name string
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    OperationPreferences StackSetOperationPreferencesArgs
    Preferences for how AWS CloudFormation performs a stack set update.
    Parameters map[string]string
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    PermissionModel string
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    Tags map[string]string
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TemplateBody string
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    TemplateUrl string
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.
    administrationRoleArn String
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    autoDeployment StackSetAutoDeployment
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    callAs String
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    capabilities List<String>
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    description String
    Description of the StackSet.
    executionRoleName String
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    managedExecution StackSetManagedExecution
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    name String
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    operationPreferences StackSetOperationPreferences
    Preferences for how AWS CloudFormation performs a stack set update.
    parameters Map<String,String>
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    permissionModel String
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    tags Map<String,String>
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    templateBody String
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    templateUrl String
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.
    administrationRoleArn string
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    autoDeployment StackSetAutoDeployment
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    callAs string
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    capabilities string[]
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    description string
    Description of the StackSet.
    executionRoleName string
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    managedExecution StackSetManagedExecution
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    name string
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    operationPreferences StackSetOperationPreferences
    Preferences for how AWS CloudFormation performs a stack set update.
    parameters {[key: string]: string}
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    permissionModel string
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    tags {[key: string]: string}
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    templateBody string
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    templateUrl string
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.
    administration_role_arn str
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    auto_deployment StackSetAutoDeploymentArgs
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    call_as str
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    capabilities Sequence[str]
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    description str
    Description of the StackSet.
    execution_role_name str
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    managed_execution StackSetManagedExecutionArgs
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    name str
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    operation_preferences StackSetOperationPreferencesArgs
    Preferences for how AWS CloudFormation performs a stack set update.
    parameters Mapping[str, str]
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    permission_model str
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    tags Mapping[str, str]
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    template_body str
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    template_url str
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.
    administrationRoleArn String
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    autoDeployment Property Map
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    callAs String
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    capabilities List<String>
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    description String
    Description of the StackSet.
    executionRoleName String
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    managedExecution Property Map
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    name String
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    operationPreferences Property Map
    Preferences for how AWS CloudFormation performs a stack set update.
    parameters Map<String>
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    permissionModel String
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    tags Map<String>
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    templateBody String
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    templateUrl String
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the StackSet resource produces the following output properties:

    Arn string
    Amazon Resource Name (ARN) of the StackSet.
    Id string
    The provider-assigned unique ID for this managed resource.
    StackSetId string
    Unique identifier of the StackSet.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Arn string
    Amazon Resource Name (ARN) of the StackSet.
    Id string
    The provider-assigned unique ID for this managed resource.
    StackSetId string
    Unique identifier of the StackSet.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn String
    Amazon Resource Name (ARN) of the StackSet.
    id String
    The provider-assigned unique ID for this managed resource.
    stackSetId String
    Unique identifier of the StackSet.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn string
    Amazon Resource Name (ARN) of the StackSet.
    id string
    The provider-assigned unique ID for this managed resource.
    stackSetId string
    Unique identifier of the StackSet.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn str
    Amazon Resource Name (ARN) of the StackSet.
    id str
    The provider-assigned unique ID for this managed resource.
    stack_set_id str
    Unique identifier of the StackSet.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn String
    Amazon Resource Name (ARN) of the StackSet.
    id String
    The provider-assigned unique ID for this managed resource.
    stackSetId String
    Unique identifier of the StackSet.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Look up Existing StackSet Resource

    Get an existing StackSet resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: StackSetState, opts?: CustomResourceOptions): StackSet
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            administration_role_arn: Optional[str] = None,
            arn: Optional[str] = None,
            auto_deployment: Optional[StackSetAutoDeploymentArgs] = None,
            call_as: Optional[str] = None,
            capabilities: Optional[Sequence[str]] = None,
            description: Optional[str] = None,
            execution_role_name: Optional[str] = None,
            managed_execution: Optional[StackSetManagedExecutionArgs] = None,
            name: Optional[str] = None,
            operation_preferences: Optional[StackSetOperationPreferencesArgs] = None,
            parameters: Optional[Mapping[str, str]] = None,
            permission_model: Optional[str] = None,
            stack_set_id: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None,
            template_body: Optional[str] = None,
            template_url: Optional[str] = None) -> StackSet
    func GetStackSet(ctx *Context, name string, id IDInput, state *StackSetState, opts ...ResourceOption) (*StackSet, error)
    public static StackSet Get(string name, Input<string> id, StackSetState? state, CustomResourceOptions? opts = null)
    public static StackSet get(String name, Output<String> id, StackSetState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AdministrationRoleArn string
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    Arn string
    Amazon Resource Name (ARN) of the StackSet.
    AutoDeployment StackSetAutoDeployment
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    CallAs string
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    Capabilities List<string>
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    Description string
    Description of the StackSet.
    ExecutionRoleName string
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    ManagedExecution StackSetManagedExecution
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    Name string
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    OperationPreferences StackSetOperationPreferences
    Preferences for how AWS CloudFormation performs a stack set update.
    Parameters Dictionary<string, string>
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    PermissionModel string
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    StackSetId string
    Unique identifier of the StackSet.
    Tags Dictionary<string, string>
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    TemplateBody string
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    TemplateUrl string
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.
    AdministrationRoleArn string
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    Arn string
    Amazon Resource Name (ARN) of the StackSet.
    AutoDeployment StackSetAutoDeploymentArgs
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    CallAs string
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    Capabilities []string
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    Description string
    Description of the StackSet.
    ExecutionRoleName string
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    ManagedExecution StackSetManagedExecutionArgs
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    Name string
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    OperationPreferences StackSetOperationPreferencesArgs
    Preferences for how AWS CloudFormation performs a stack set update.
    Parameters map[string]string
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    PermissionModel string
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    StackSetId string
    Unique identifier of the StackSet.
    Tags map[string]string
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    TemplateBody string
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    TemplateUrl string
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.
    administrationRoleArn String
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    arn String
    Amazon Resource Name (ARN) of the StackSet.
    autoDeployment StackSetAutoDeployment
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    callAs String
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    capabilities List<String>
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    description String
    Description of the StackSet.
    executionRoleName String
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    managedExecution StackSetManagedExecution
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    name String
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    operationPreferences StackSetOperationPreferences
    Preferences for how AWS CloudFormation performs a stack set update.
    parameters Map<String,String>
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    permissionModel String
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    stackSetId String
    Unique identifier of the StackSet.
    tags Map<String,String>
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    templateBody String
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    templateUrl String
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.
    administrationRoleArn string
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    arn string
    Amazon Resource Name (ARN) of the StackSet.
    autoDeployment StackSetAutoDeployment
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    callAs string
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    capabilities string[]
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    description string
    Description of the StackSet.
    executionRoleName string
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    managedExecution StackSetManagedExecution
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    name string
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    operationPreferences StackSetOperationPreferences
    Preferences for how AWS CloudFormation performs a stack set update.
    parameters {[key: string]: string}
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    permissionModel string
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    stackSetId string
    Unique identifier of the StackSet.
    tags {[key: string]: string}
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    templateBody string
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    templateUrl string
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.
    administration_role_arn str
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    arn str
    Amazon Resource Name (ARN) of the StackSet.
    auto_deployment StackSetAutoDeploymentArgs
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    call_as str
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    capabilities Sequence[str]
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    description str
    Description of the StackSet.
    execution_role_name str
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    managed_execution StackSetManagedExecutionArgs
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    name str
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    operation_preferences StackSetOperationPreferencesArgs
    Preferences for how AWS CloudFormation performs a stack set update.
    parameters Mapping[str, str]
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    permission_model str
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    stack_set_id str
    Unique identifier of the StackSet.
    tags Mapping[str, str]
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    template_body str
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    template_url str
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.
    administrationRoleArn String
    Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the SELF_MANAGED permission model.
    arn String
    Amazon Resource Name (ARN) of the StackSet.
    autoDeployment Property Map
    Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the SERVICE_MANAGED permission model.
    callAs String
    Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: SELF (default), DELEGATED_ADMIN.
    capabilities List<String>
    A list of capabilities. Valid values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND.
    description String
    Description of the StackSet.
    executionRoleName String
    Name of the IAM Role in all target accounts for StackSet operations. Defaults to AWSCloudFormationStackSetExecutionRole when using the SELF_MANAGED permission model. This should not be defined when using the SERVICE_MANAGED permission model.
    managedExecution Property Map
    Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.
    name String
    Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.
    operationPreferences Property Map
    Preferences for how AWS CloudFormation performs a stack set update.
    parameters Map<String>
    Key-value map of input parameters for the StackSet template. All template parameters, including those with a Default, must be configured or ignored with lifecycle configuration block ignore_changes argument. All NoEcho template parameters must be ignored with the lifecycle configuration block ignore_changes argument.
    permissionModel String
    Describes how the IAM roles required for your StackSet are created. Valid values: SELF_MANAGED (default), SERVICE_MANAGED.
    stackSetId String
    Unique identifier of the StackSet.
    tags Map<String>
    Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    templateBody String
    String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with template_url.
    templateUrl String
    String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with template_body.

    Supporting Types

    StackSetAutoDeployment, StackSetAutoDeploymentArgs

    Enabled bool
    Whether or not auto-deployment is enabled.
    RetainStacksOnAccountRemoval bool
    Whether or not to retain stacks when the account is removed.
    Enabled bool
    Whether or not auto-deployment is enabled.
    RetainStacksOnAccountRemoval bool
    Whether or not to retain stacks when the account is removed.
    enabled Boolean
    Whether or not auto-deployment is enabled.
    retainStacksOnAccountRemoval Boolean
    Whether or not to retain stacks when the account is removed.
    enabled boolean
    Whether or not auto-deployment is enabled.
    retainStacksOnAccountRemoval boolean
    Whether or not to retain stacks when the account is removed.
    enabled bool
    Whether or not auto-deployment is enabled.
    retain_stacks_on_account_removal bool
    Whether or not to retain stacks when the account is removed.
    enabled Boolean
    Whether or not auto-deployment is enabled.
    retainStacksOnAccountRemoval Boolean
    Whether or not to retain stacks when the account is removed.

    StackSetManagedExecution, StackSetManagedExecutionArgs

    Active bool
    When set to true, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. Default is false.
    Active bool
    When set to true, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. Default is false.
    active Boolean
    When set to true, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. Default is false.
    active boolean
    When set to true, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. Default is false.
    active bool
    When set to true, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. Default is false.
    active Boolean
    When set to true, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. Default is false.

    StackSetOperationPreferences, StackSetOperationPreferencesArgs

    FailureToleranceCount int
    The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.
    FailureTolerancePercentage int
    The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.
    MaxConcurrentCount int
    The maximum number of accounts in which to perform this operation at one time.
    MaxConcurrentPercentage int
    The maximum percentage of accounts in which to perform this operation at one time.
    RegionConcurrencyType string
    The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.
    RegionOrders List<string>
    The order of the Regions in where you want to perform the stack operation.
    FailureToleranceCount int
    The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.
    FailureTolerancePercentage int
    The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.
    MaxConcurrentCount int
    The maximum number of accounts in which to perform this operation at one time.
    MaxConcurrentPercentage int
    The maximum percentage of accounts in which to perform this operation at one time.
    RegionConcurrencyType string
    The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.
    RegionOrders []string
    The order of the Regions in where you want to perform the stack operation.
    failureToleranceCount Integer
    The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.
    failureTolerancePercentage Integer
    The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.
    maxConcurrentCount Integer
    The maximum number of accounts in which to perform this operation at one time.
    maxConcurrentPercentage Integer
    The maximum percentage of accounts in which to perform this operation at one time.
    regionConcurrencyType String
    The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.
    regionOrders List<String>
    The order of the Regions in where you want to perform the stack operation.
    failureToleranceCount number
    The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.
    failureTolerancePercentage number
    The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.
    maxConcurrentCount number
    The maximum number of accounts in which to perform this operation at one time.
    maxConcurrentPercentage number
    The maximum percentage of accounts in which to perform this operation at one time.
    regionConcurrencyType string
    The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.
    regionOrders string[]
    The order of the Regions in where you want to perform the stack operation.
    failure_tolerance_count int
    The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.
    failure_tolerance_percentage int
    The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.
    max_concurrent_count int
    The maximum number of accounts in which to perform this operation at one time.
    max_concurrent_percentage int
    The maximum percentage of accounts in which to perform this operation at one time.
    region_concurrency_type str
    The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.
    region_orders Sequence[str]
    The order of the Regions in where you want to perform the stack operation.
    failureToleranceCount Number
    The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.
    failureTolerancePercentage Number
    The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.
    maxConcurrentCount Number
    The maximum number of accounts in which to perform this operation at one time.
    maxConcurrentPercentage Number
    The maximum percentage of accounts in which to perform this operation at one time.
    regionConcurrencyType String
    The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.
    regionOrders List<String>
    The order of the Regions in where you want to perform the stack operation.

    Import

    Import CloudFormation StackSets when acting a delegated administrator in a member account using the name and call_as values separated by a comma (,). For example:

    Using pulumi import, import CloudFormation StackSets using the name. For example:

    $ pulumi import aws:cloudformation/stackSet:StackSet example example
    

    Using pulumi import, import CloudFormation StackSets when acting a delegated administrator in a member account using the name and call_as values separated by a comma (,). For example:

    $ pulumi import aws:cloudformation/stackSet:StackSet example example,DELEGATED_ADMIN
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi