Skip to main content
  1. Projects/
  2. Certification: AWS DevOps Pro/
  3. 2: Configuration Mgmt / Infrastructure as Code/
  4. 2: CloudFormation/

9: CF StackSets

·1 min

What are StackSets?

  • C/R/U/D stacks across multiple accounts/regions in a single operation
  • Has to be a stack deployed from admin account
  • Target account is where you create/update/delete 1+ stacks in the set

Permission Models:

Self-managed:

  • Deploy stack sets to any account where you’re allowed
  • Create IAM roles that set up trust between accounts

Service-managed:

  • Deploy stack instances to accounts managed by AWS Orgs
  • IAM roles and trust are created for you
  • (This is nice, but more up-front work)

Pipelines for StackSets

  • In e.g. codeBuild, the buildspec file has changes against stack sets

Exam Tips

Where can you deploy StackSets?

  • Across accounts and regions

Which types of accounts are required for StackSets?

  • An admin acct and target accounts

What permission models are used with StackSets?

  • Self-managed (IAM DIY)
  • Service-managed (AWS Orgs integration)