- Robert Boscacci/
- Projects/
- Certification: AWS DevOps Pro/
- 2: Configuration Mgmt / Infrastructure as Code/
- 2: CloudFormation/
- 9: CF StackSets/
9: CF StackSets
·1 min
Table of Contents
What are StackSets?
- C/R/U/D stacks across multiple accounts/regions in a single operation
- Has to be a stack deployed from admin account
- Target account is where you create/update/delete 1+ stacks in the set
Permission Models:
Self-managed:
- Deploy stack sets to any account where you’re allowed
- Create IAM roles that set up trust between accounts
Service-managed:
- Deploy stack instances to accounts managed by AWS Orgs
- IAM roles and trust are created for you
- (This is nice, but more up-front work)
Pipelines for StackSets
- In e.g. codeBuild, the buildspec file has changes against stack sets
Exam Tips
Where can you deploy StackSets?
- Across accounts and regions
Which types of accounts are required for StackSets?
- An admin acct and target accounts
What permission models are used with StackSets?
- Self-managed (IAM DIY)
- Service-managed (AWS Orgs integration)