String status
The status of the account gate function.
SUCCEEDED: The account gate function has determined that the account and Region passes any
requirements for a stack set operation to occur. CloudFormation proceeds with the stack operation in that account
and Region.
FAILED: The account gate function has determined that the account and Region doesn't meet the
requirements for a stack set operation to occur. CloudFormation cancels the stack set operation in that account
and Region, and sets the stack set operation result status for that account and Region to FAILED.
SKIPPED: CloudFormation has skipped calling the account gate function for this account and Region,
for one of the following reasons:
An account gate function hasn't been specified for the account and Region. CloudFormation proceeds with the stack set operation in this account and Region.
The AWSCloudFormationStackSetExecutionRole of the stack set administration account lacks permissions
to invoke the function. CloudFormation proceeds with the stack set operation in this account and Region.
Either no action is necessary, or no action is possible, on the stack. CloudFormation skips the stack set operation in this account and Region.
String statusReason
The reason for the account gate status assigned to this account and Region for the stack set operation.
String type
The extension type.
Conditional: You must specify PublicTypeArn, or TypeName, Type, and
PublisherId.
String publicTypeArn
The Amazon Resource Name (ARN) of the public extension.
Conditional: You must specify PublicTypeArn, or TypeName, Type, and
PublisherId.
String publisherId
The ID of the extension publisher.
Conditional: You must specify PublicTypeArn, or TypeName, Type, and
PublisherId.
String typeName
The name of the extension.
Conditional: You must specify PublicTypeArn, or TypeName, Type, and
PublisherId.
String typeNameAlias
An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.
An extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.
Boolean autoUpdate
Whether to automatically update the extension in this account and Region when a new minor version is published by the extension publisher. Major versions released by the publisher must be manually updated.
The default is true.
LoggingConfig loggingConfig
Contains logging configuration information for an extension.
String executionRoleArn
The name of the IAM execution role to use to activate the extension.
String versionBump
Manually updates a previously-activated type to a new major or minor version, if available. You can also use this
parameter to update the value of AutoUpdate.
MAJOR: CloudFormation updates the extension to the newest major version, if one is available.
MINOR: CloudFormation updates the extension to the newest minor version, if one is available.
Long majorVersion
The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available minor version of the major version selected.
You can specify MajorVersion or VersionBump, but not both.
String arn
The Amazon Resource Name (ARN) of the activated extension, in this account and Region.
Boolean enabled
If set to true, StackSets automatically deploys additional stack instances to Organizations accounts
that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is
removed from a target organization or OU, StackSets deletes stack instances from the account in the specified
Regions.
Boolean retainStacksOnAccountRemoval
If set to true, stack resources are retained when an account is removed from a target organization
or OU. If set to false, stack resources are deleted. Specify only if Enabled is set to
True.
String errorCode
The error code.
String errorMessage
The error message.
TypeConfigurationIdentifier typeConfigurationIdentifier
Identifying information for the configuration of a CloudFormation extension.
SdkInternalList<T> typeConfigurationIdentifiers
The list of identifiers for the desired extension configurations.
SdkInternalList<T> errors
A list of information concerning any errors generated during the setting of the specified configurations.
SdkInternalList<T> unprocessedTypeConfigurations
A list of any of the specified extension configurations that CloudFormation could not process for any reason.
SdkInternalList<T> typeConfigurations
A list of any of the specified extension configurations from the CloudFormation registry.
String stackName
If you don't pass a parameter to StackName, the API returns a response that describes all resources
in the account.
The IAM policy below can be added to IAM policies when you want to limit resource-level permissions and avoid returning a response when no parameter is sent in the request:
{ "Version": "2012-10-17", "Statement": [{ "Effect": "Deny", "Action": "cloudformation:DescribeStacks", "NotResource": "arn:aws:cloudformation:*:*:stack/*/*" }] }
The name or the unique stack ID that's associated with the stack.
String clientRequestToken
A unique identifier for this CancelUpdateStack request. Specify this token if you plan to retry
requests so that CloudFormation knows that you're not attempting to cancel an update on a stack with the same
name. You might retry CancelUpdateStack requests to ensure that CloudFormation successfully received
them.
String type
The type of entity that CloudFormation changes. Currently, the only entity type is Resource.
Integer hookInvocationCount
Is either null, if no hooks invoke for the resource, or contains the number of hooks that will
invoke for the resource.
ResourceChange resourceChange
A ResourceChange structure that describes the resource and action that CloudFormation will perform.
String invocationPoint
Specifies the points in provisioning logic where a hook is invoked.
String failureMode
Specify the hook failure mode for non-compliant resources in the followings ways.
FAIL Stops provisioning resources.
WARN Allows provisioning to continue with a warning message.
String typeName
The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of
Organization::Service::Hook.
The following organization namespaces are reserved and can't be used in your hook type names:
Alexa
AMZN
Amazon
ASK
AWS
Custom
Dev
String typeVersionId
The version ID of the type specified.
String typeConfigurationVersionId
The version ID of the type configuration.
ChangeSetHookTargetDetails targetDetails
Specifies details about the target that the hook will run against.
String targetType
The name of the type.
ChangeSetHookResourceTargetDetails resourceTargetDetails
Required if TargetType is RESOURCE.
String stackId
The ID of the stack with which the change set is associated.
String stackName
The name of the stack with which the change set is associated.
String changeSetId
The ID of the change set.
String changeSetName
The name of the change set.
String executionStatus
If the change set execution status is AVAILABLE, you can execute the change set. If you can't
execute the change set, the status indicates why. For example, a change set might be in an
UNAVAILABLE state because CloudFormation is still creating it or in an OBSOLETE state
because the stack was already updated.
String status
The state of the change set, such as CREATE_IN_PROGRESS, CREATE_COMPLETE, or
FAILED.
String statusReason
A description of the change set's status. For example, if your change set is in the FAILED state,
CloudFormation shows the error message.
Date creationTime
The start time when the change set was created, in UTC.
String description
Descriptive information about the change set.
Boolean includeNestedStacks
Specifies the current setting of IncludeNestedStacks for the change set.
String parentChangeSetId
The parent change set ID.
String rootChangeSetId
The root change set ID.
String stackName
The name or the unique ID of the stack that you want to continue rolling back.
Don't specify the name of a nested stack (a stack that was created by using the
AWS::CloudFormation::Stack resource). Instead, use this operation on the parent stack (the stack
that contains the AWS::CloudFormation::Stack resource).
String roleARN
The Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that CloudFormation assumes to roll back the stack. CloudFormation uses the role's credentials to make calls on your behalf. CloudFormation always uses this role for all future operations on the stack. Provided that users have permission to operate on the stack, CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least permission.
If you don't specify a value, CloudFormation uses the role that was previously associated with the stack. If no role is available, CloudFormation uses a temporary session that's generated from your user credentials.
SdkInternalList<T> resourcesToSkip
A list of the logical IDs of the resources that CloudFormation skips during the continue update rollback
operation. You can specify only resources that are in the UPDATE_FAILED state because a rollback
failed. You can't specify resources that are in the UPDATE_FAILED state for other reasons, for
example, because an update was canceled. To check why a resource update failed, use the
DescribeStackResources action, and view the resource status reason.
Specify this property to skip rolling back resources that CloudFormation can't successfully roll back. We
recommend that you troubleshoot resources before skipping them. CloudFormation sets the status of the specified resources to
UPDATE_COMPLETE and continues to roll back the stack. After the rollback is complete, the state of
the skipped resources will be inconsistent with the state of the resources in the stack template. Before
performing another stack update, you must update the stack or resources to be consistent with each other. If you
don't, subsequent stack updates might fail, and the stack will become unrecoverable.
Specify the minimum number of resources required to successfully roll back your stack. For example, a failed resource update might cause dependent resources to fail. In this case, it might not be necessary to skip the dependent resources.
To skip resources that are part of nested stacks, use the following format:
NestedStackName.ResourceLogicalID. If you want to specify the logical ID of a stack resource (
Type: AWS::CloudFormation::Stack) in the ResourcesToSkip list, then its corresponding
embedded stack must be in one of the following states: DELETE_IN_PROGRESS,
DELETE_COMPLETE, or DELETE_FAILED.
Don't confuse a child stack's name with its corresponding logical ID defined in the parent stack. For an example of a continue update rollback operation with nested stacks, see Using ResourcesToSkip to recover a nested stacks hierarchy.
String clientRequestToken
A unique identifier for this ContinueUpdateRollback request. Specify this token if you plan to retry
requests so that CloudFormation knows that you're not attempting to continue the rollback to a stack with the
same name. You might retry ContinueUpdateRollback requests to ensure that CloudFormation
successfully received them.
String stackName
The name or the unique ID of the stack for which you are creating a change set. CloudFormation generates the change set by comparing this stack's information with the information that you submit, such as a modified template or different parameter input values.
String templateBody
A structure that contains the body of the revised template, with a minimum length of 1 byte and a maximum length of 51,200 bytes. CloudFormation generates the change set by comparing this template with the template of the stack that you specified.
Conditional: You must specify only TemplateBody or TemplateURL.
String templateURL
The location of the file that contains the revised template. The URL must point to a template (max size: 460,800 bytes) that's located in an Amazon S3 bucket or a Systems Manager document. CloudFormation generates the change set by comparing this template with the stack that you specified.
Conditional: You must specify only TemplateBody or TemplateURL.
Boolean usePreviousTemplate
Whether to reuse the template that's associated with the stack to create the change set.
SdkInternalList<T> parameters
A list of Parameter structures that specify input parameters for the change set. For more
information, see the Parameter data type.
SdkInternalList<T> capabilities
In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for CloudFormation to create the stack.
CAPABILITY_IAM and CAPABILITY_NAMED_IAM
Some stack templates might include resources that can affect permissions in your Amazon Web Services account; for example, by creating new Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.
The following IAM resources require you to specify either the CAPABILITY_IAM or
CAPABILITY_NAMED_IAM capability.
If you have IAM resources, you can specify either capability.
If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.
If you don't specify either of these capabilities, CloudFormation returns an
InsufficientCapabilities error.
If your stack template contains these resources, we suggest that you review all permissions associated with them and edit their permissions if necessary.
For more information, see Acknowledging IAM resources in CloudFormation templates.
CAPABILITY_AUTO_EXPAND
Some template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by CloudFormation.
This capacity doesn't apply to creating change sets, and specifying it when creating change sets has no effect.
If you want to create a stack from a stack template that contains macros and nested stacks, you must create or update the stack directly from the template using the CreateStack or UpdateStack action, and specifying this capability.
For more information about macros, see Using CloudFormation macros to perform custom processing on templates.
SdkInternalList<T> resourceTypes
The template resource types that you have permissions to work with if you execute this change set, such as
AWS::EC2::Instance, AWS::EC2::*, or Custom::MyCustomInstance.
If the list of resource types doesn't include a resource type that you're updating, the stack update fails. By default, CloudFormation grants permissions to all resource types. Identity and Access Management (IAM) uses this parameter for condition keys in IAM policies for CloudFormation. For more information, see Controlling access with Identity and Access Management in the CloudFormation User Guide.
String roleARN
The Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that CloudFormation assumes when executing the change set. CloudFormation uses the role's credentials to make calls on your behalf. CloudFormation uses this role for all future operations on the stack. Provided that users have permission to operate on the stack, CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least permission.
If you don't specify a value, CloudFormation uses the role that was previously associated with the stack. If no role is available, CloudFormation uses a temporary session that is generated from your user credentials.
RollbackConfiguration rollbackConfiguration
The rollback triggers for CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.
SdkInternalList<T> notificationARNs
The Amazon Resource Names (ARNs) of Amazon Simple Notification Service (Amazon SNS) topics that CloudFormation associates with the stack. To remove all associated notification topics, specify an empty list.
SdkInternalList<T> tags
Key-value pairs to associate with this stack. CloudFormation also propagates these tags to resources in the stack. You can specify a maximum of 50 tags.
String changeSetName
The name of the change set. The name must be unique among all change sets that are associated with the specified stack.
A change set name can contain only alphanumeric, case sensitive characters, and hyphens. It must start with an alphabetical character and can't exceed 128 characters.
String clientToken
A unique identifier for this CreateChangeSet request. Specify this token if you plan to retry
requests so that CloudFormation knows that you're not attempting to create another change set with the same name.
You might retry CreateChangeSet requests to ensure that CloudFormation successfully received them.
String description
A description to help you identify this change set.
String changeSetType
The type of change set operation. To create a change set for a new stack, specify CREATE. To create
a change set for an existing stack, specify UPDATE. To create a change set for an import operation,
specify IMPORT.
If you create a change set for a new stack, CloudFormation creates a stack with a unique stack ID, but no template or resources. The stack will be in the REVIEW_IN_PROGRESS state until you execute the change set.
By default, CloudFormation specifies UPDATE. You can't use the UPDATE type to create a
change set for a new stack or the CREATE type to create a change set for an existing stack.
SdkInternalList<T> resourcesToImport
The resources to import into your stack.
Boolean includeNestedStacks
Creates a change set for the all nested stacks specified in the template. The default behavior of this action is
set to False. To include nested sets in a change set, specify True.
String onStackFailure
Determines what action will be taken if stack creation fails. If this parameter is specified, the
DisableRollback parameter to the ExecuteChangeSet API operation must not be specified. This must be one of these values:
DELETE - Deletes the change set if the stack creation fails. This is only valid when the
ChangeSetType parameter is set to CREATE. If the deletion of the stack fails, the
status of the stack is DELETE_FAILED.
DO_NOTHING - if the stack creation fails, do nothing. This is equivalent to specifying
true for the DisableRollback parameter to the ExecuteChangeSet API operation.
ROLLBACK - if the stack creation fails, roll back the stack. This is equivalent to specifying
false for the DisableRollback parameter to the ExecuteChangeSet API operation.
For nested stacks, when the OnStackFailure parameter is set to DELETE for the change
set for the parent stack, any failure in a child stack will cause the parent stack creation to fail and all
stacks to be deleted.
String stackSetName
The name or unique ID of the stack set that you want to create stack instances from.
SdkInternalList<T> accounts
[Self-managed permissions] The names of one or more Amazon Web Services accounts that you want to create stack instances in the specified Region(s) for.
You can specify Accounts or DeploymentTargets, but not both.
DeploymentTargets deploymentTargets
[Service-managed permissions] The Organizations accounts for which to create stack instances in the specified Amazon Web Services Regions.
You can specify Accounts or DeploymentTargets, but not both.
SdkInternalList<T> regions
The names of one or more Amazon Web Services Regions where you want to create stack instances using the specified Amazon Web Services accounts.
SdkInternalList<T> parameterOverrides
A list of stack set parameters whose values you want to override in the selected stack instances.
Any overridden parameter values will be applied to all stack instances in the specified accounts and Amazon Web Services Regions. When specifying parameters and their values, be aware of how CloudFormation sets parameter values during stack instance operations:
To override the current value for a parameter, include the parameter and specify its value.
To leave an overridden parameter set to its present value, include the parameter and specify
UsePreviousValue as true. (You can't specify both a value and set
UsePreviousValue to true.)
To set an overridden parameter back to the value specified in the stack set, specify a parameter list but don't include the parameter in the list.
To leave all parameters set to their present values, don't specify this property at all.
During stack set updates, any parameter values overridden for a stack instance aren't updated, but retain their overridden value.
You can only override the parameter values that are specified in the stack set; to add or delete a parameter itself, use UpdateStackSet to update the stack set template.
StackSetOperationPreferences operationPreferences
Preferences for how CloudFormation performs this stack set operation.
String operationId
The unique identifier for this stack set operation.
The operation ID also functions as an idempotency token, to ensure that CloudFormation performs the stack set operation only once, even if you retry the request multiple times. You might retry stack set operation requests to ensure that CloudFormation successfully received them.
If you don't specify an operation ID, the SDK generates one automatically.
Repeating this stack set operation with a new operation ID retries all stack instances whose status is
OUTDATED.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
String operationId
The unique identifier for this stack set operation.
String stackName
The name that's associated with the stack. The name must be unique in the Region in which you are creating the stack.
A stack name can contain only alphanumeric characters (case sensitive) and hyphens. It must start with an alphabetical character and can't be longer than 128 characters.
String templateBody
Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information, go to Template anatomy in the CloudFormation User Guide.
Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but
not both.
String templateURL
Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that's located in an Amazon S3 bucket or a Systems Manager document. For more information, go to the Template anatomy in the CloudFormation User Guide.
Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but
not both.
SdkInternalList<T> parameters
A list of Parameter structures that specify input parameters for the stack. For more information,
see the Parameter data
type.
Boolean disableRollback
Set to true to disable rollback of the stack if stack creation failed. You can specify either
DisableRollback or OnFailure, but not both.
Default: false
RollbackConfiguration rollbackConfiguration
The rollback triggers for CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.
Integer timeoutInMinutes
The amount of time that can pass before the stack status becomes CREATE_FAILED; if DisableRollback
is not set or is set to false, the stack will be rolled back.
SdkInternalList<T> notificationARNs
The Amazon Simple Notification Service (Amazon SNS) topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).
SdkInternalList<T> capabilities
In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for CloudFormation to create the stack.
CAPABILITY_IAM and CAPABILITY_NAMED_IAM
Some stack templates might include resources that can affect permissions in your Amazon Web Services account; for example, by creating new Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.
The following IAM resources require you to specify either the CAPABILITY_IAM or
CAPABILITY_NAMED_IAM capability.
If you have IAM resources, you can specify either capability.
If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.
If you don't specify either of these capabilities, CloudFormation returns an
InsufficientCapabilities error.
If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.
For more information, see Acknowledging IAM Resources in CloudFormation Templates.
CAPABILITY_AUTO_EXPAND
Some template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by CloudFormation.
If you want to create a stack from a stack template that contains macros and nested stacks, you must create the stack directly from the template using this capability.
You should only create stacks directly from a stack template that contains macros if you know what processing the macro performs.
Each macro relies on an underlying Lambda service function for processing stack templates. Be aware that the Lambda function owner can update the function operation without CloudFormation being notified.
For more information, see Using CloudFormation macros to perform custom processing on templates.
SdkInternalList<T> resourceTypes
The template resource types that you have permissions to work with for this create stack action, such as
AWS::EC2::Instance, AWS::EC2::*, or Custom::MyCustomInstance. Use the
following syntax to describe template resource types: AWS::* (for all Amazon Web Services
resources), Custom::* (for all custom resources), Custom::logical_ID (for a
specific custom resource), AWS::service_name::* (for all resources of a particular Amazon Web
Services service), and AWS::service_name::resource_logical_ID (for a specific Amazon
Web Services resource).
If the list of resource types doesn't include a resource that you're creating, the stack creation fails. By default, CloudFormation grants permissions to all resource types. Identity and Access Management (IAM) uses this parameter for CloudFormation-specific condition keys in IAM policies. For more information, see Controlling Access with Identity and Access Management.
String roleARN
The Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that CloudFormation assumes to create the stack. CloudFormation uses the role's credentials to make calls on your behalf. CloudFormation always uses this role for all future operations on the stack. Provided that users have permission to operate on the stack, CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least privilege.
If you don't specify a value, CloudFormation uses the role that was previously associated with the stack. If no role is available, CloudFormation uses a temporary session that's generated from your user credentials.
String onFailure
Determines what action will be taken if stack creation fails. This must be one of: DO_NOTHING,
ROLLBACK, or DELETE. You can specify either OnFailure or
DisableRollback, but not both.
Default: ROLLBACK
String stackPolicyBody
Structure containing the stack policy body. For more information, go to Prevent
Updates to Stack Resources in the CloudFormation User Guide. You can specify either the
StackPolicyBody or the StackPolicyURL parameter, but not both.
String stackPolicyURL
Location of a file containing the stack policy. The URL must point to a policy (maximum size: 16 KB) located in
an S3 bucket in the same Region as the stack. You can specify either the StackPolicyBody or the
StackPolicyURL parameter, but not both.
SdkInternalList<T> tags
Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.
String clientRequestToken
A unique identifier for this CreateStack request. Specify this token if you plan to retry requests
so that CloudFormation knows that you're not attempting to create a stack with the same name. You might retry
CreateStack requests to ensure that CloudFormation successfully received them.
All events initiated by a given stack operation are assigned the same client request token, which you can use to
track operations. For example, if you execute a CreateStack operation with the token
token1, then all the StackEvents generated by that operation will have
ClientRequestToken set as token1.
In the console, stack operations display the client request token on the Events tab. Stack operations that are
initiated from the console use the token format Console-StackOperation-ID, which helps you easily identify
the stack operation . For example, if you create a stack using the console, each stack event would be assigned
the same token in the following format: Console-CreateStack-7f59c3cf-00d2-40c7-b2ff-e75db0987002.
Boolean enableTerminationProtection
Whether to enable termination protection on the specified stack. If a user attempts to delete a stack with termination protection enabled, the operation fails and the stack remains unchanged. For more information, see Protecting a Stack From Being Deleted in the CloudFormation User Guide. Termination protection is deactivated on stacks by default.
For nested stacks, termination protection is set on the root stack and can't be changed directly on the nested stack.
Boolean retainExceptOnCreate
This deletion policy deletes newly created resources, but retains existing resources, when a stack operation is
rolled back. This ensures new, empty, and unused resources are deleted, while critical resources and their data
are retained. RetainExceptOnCreate can be specified for any resource that supports the
DeletionPolicy attribute.
String stackId
Unique identifier of the stack.
String stackSetName
The name to associate with the stack set. The name must be unique in the Region where you create your stack set.
A stack name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and can't be longer than 128 characters.
String description
A description of the stack set. You can use the description to identify the stack set's purpose or other important information.
String templateBody
The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information, see Template Anatomy in the CloudFormation User Guide.
Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but not both.
String templateURL
The location of the file that contains the template body. The URL must point to a template (maximum size: 460,800 bytes) that's located in an Amazon S3 bucket or a Systems Manager document. For more information, see Template Anatomy in the CloudFormation User Guide.
Conditional: You must specify either the TemplateBody or the TemplateURL parameter, but not both.
String stackId
The stack ID you are importing into a new stack set. Specify the Amazon Resource Name (ARN) of the stack.
SdkInternalList<T> parameters
The input parameters for the stack set template.
SdkInternalList<T> capabilities
In some cases, you must explicitly acknowledge that your stack set template contains certain capabilities in order for CloudFormation to create the stack set and related stack instances.
CAPABILITY_IAM and CAPABILITY_NAMED_IAM
Some stack templates might include resources that can affect permissions in your Amazon Web Services account; for example, by creating new Identity and Access Management (IAM) users. For those stack sets, you must explicitly acknowledge this by specifying one of these capabilities.
The following IAM resources require you to specify either the CAPABILITY_IAM or
CAPABILITY_NAMED_IAM capability.
If you have IAM resources, you can specify either capability.
If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.
If you don't specify either of these capabilities, CloudFormation returns an
InsufficientCapabilities error.
If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.
For more information, see Acknowledging IAM Resources in CloudFormation Templates.
CAPABILITY_AUTO_EXPAND
Some templates reference macros. If your stack set template references one or more macros, you must create the stack set directly from the processed template, without first reviewing the resulting changes in a change set. To create the stack set directly, you must acknowledge this capability. For more information, see Using CloudFormation Macros to Perform Custom Processing on Templates.
Stack sets with service-managed permissions don't currently support the use of macros in templates. (This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by CloudFormation.) Even if you specify this capability for a stack set with service-managed permissions, if you reference a macro in your template the stack set operation will fail.
SdkInternalList<T> tags
The key-value pairs to associate with this stack set and the stacks created from it. CloudFormation also propagates these tags to supported resources that are created in the stacks. A maximum number of 50 tags can be specified.
If you specify tags as part of a CreateStackSet action, CloudFormation checks to see if you have the
required IAM permission to tag resources. If you don't, the entire CreateStackSet action fails with
an access denied error, and the stack set is not created.
String administrationRoleARN
The Amazon Resource Name (ARN) of the IAM role to use to create this stack set.
Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Prerequisites: Granting Permissions for Stack Set Operations in the CloudFormation User Guide.
String executionRoleName
The name of the IAM execution role to use to create the stack set. If you do not specify an execution role,
CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation.
Specify an IAM role only if you are using customized execution roles to control which stack resources users and groups can include in their stack sets.
String permissionModel
Describes how the IAM roles required for stack set operations are created. By default, SELF-MANAGED
is specified.
With self-managed permissions, you must create the administrator and execution roles required to
deploy to target accounts. For more information, see Grant
Self-Managed Stack Set Permissions.
With service-managed permissions, StackSets automatically creates the IAM roles required to deploy
to accounts managed by Organizations. For more information, see Grant Service-Managed Stack Set Permissions.
AutoDeployment autoDeployment
Describes whether StackSets automatically deploys to Organizations accounts that are added to the target
organization or organizational unit (OU). Specify only if PermissionModel is
SERVICE_MANAGED.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
To create a stack set with service-managed permissions while signed in to the management account, specify
SELF.
To create a stack set with service-managed permissions while signed in to a delegated administrator account,
specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated admin in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
Stack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.
String clientRequestToken
A unique identifier for this CreateStackSet request. Specify this token if you plan to retry
requests so that CloudFormation knows that you're not attempting to create another stack set with the same name.
You might retry CreateStackSet requests to ensure that CloudFormation successfully received them.
If you don't specify an operation ID, the SDK generates one automatically.
ManagedExecution managedExecution
Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
String stackSetId
The ID of the stack set that you're creating.
String typeName
The type name of the extension, in this account and Region. If you specified a type name alias when enabling the extension, use the type name alias.
Conditional: You must specify either Arn, or TypeName and Type.
String type
The extension type.
Conditional: You must specify either Arn, or TypeName and Type.
String arn
The Amazon Resource Name (ARN) for the extension, in this account and Region.
Conditional: You must specify either Arn, or TypeName and Type.
String stackSetName
The name or unique ID of the stack set that you want to delete stack instances for.
SdkInternalList<T> accounts
[Self-managed permissions] The names of the Amazon Web Services accounts that you want to delete stack instances for.
You can specify Accounts or DeploymentTargets, but not both.
DeploymentTargets deploymentTargets
[Service-managed permissions] The Organizations accounts from which to delete stack instances.
You can specify Accounts or DeploymentTargets, but not both.
SdkInternalList<T> regions
The Amazon Web Services Regions where you want to delete stack set instances.
StackSetOperationPreferences operationPreferences
Preferences for how CloudFormation performs this stack set operation.
Boolean retainStacks
Removes the stack instances from the specified stack set, but doesn't delete the stacks. You can't reassociate a retained stack or add an existing, saved stack to a new stack set.
For more information, see Stack set operation options.
String operationId
The unique identifier for this stack set operation.
If you don't specify an operation ID, the SDK generates one automatically.
The operation ID also functions as an idempotency token, to ensure that CloudFormation performs the stack set operation only once, even if you retry the request multiple times. You can retry stack set operation requests to ensure that CloudFormation successfully received them.
Repeating this stack set operation with a new operation ID retries all stack instances whose status is
OUTDATED.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
String operationId
The unique identifier for this stack set operation.
String stackName
The name or the unique stack ID that's associated with the stack.
SdkInternalList<T> retainResources
For stacks in the DELETE_FAILED state, a list of resource logical IDs that are associated with the
resources you want to retain. During deletion, CloudFormation deletes the stack but doesn't delete the retained
resources.
Retaining resources is useful when you can't delete a resource, such as a non-empty S3 bucket, but you want to delete the stack.
String roleARN
The Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that CloudFormation assumes to delete the stack. CloudFormation uses the role's credentials to make calls on your behalf.
If you don't specify a value, CloudFormation uses the role that was previously associated with the stack. If no role is available, CloudFormation uses a temporary session that's generated from your user credentials.
String clientRequestToken
A unique identifier for this DeleteStack request. Specify this token if you plan to retry requests
so that CloudFormation knows that you're not attempting to delete a stack with the same name. You might retry
DeleteStack requests to ensure that CloudFormation successfully received them.
All events initiated by a given stack operation are assigned the same client request token, which you can use to
track operations. For example, if you execute a CreateStack operation with the token
token1, then all the StackEvents generated by that operation will have
ClientRequestToken set as token1.
In the console, stack operations display the client request token on the Events tab. Stack operations that are
initiated from the console use the token format Console-StackOperation-ID, which helps you easily identify
the stack operation . For example, if you create a stack using the console, each stack event would be assigned
the same token in the following format: Console-CreateStack-7f59c3cf-00d2-40c7-b2ff-e75db0987002.
String stackSetName
The name or unique ID of the stack set that you're deleting. You can obtain this value by running ListStackSets.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
SdkInternalList<T> accounts
The names of one or more Amazon Web Services accounts for which you want to deploy stack set updates.
String accountsUrl
Returns the value of the AccountsUrl property.
SdkInternalList<T> organizationalUnitIds
The organization root ID or organizational unit (OU) IDs to which StackSets deploys.
String accountFilterType
Limit deployment targets to individual accounts or include additional accounts with provided OUs.
The following is a list of possible values for the AccountFilterType operation.
INTERSECTION: StackSets deploys to the accounts specified in Accounts parameter.
DIFFERENCE: StackSets excludes the accounts specified in Accounts parameter. This
enables user to avoid certain accounts within an OU such as suspended accounts.
UNION: StackSets includes additional accounts deployment targets.
This is the default value if AccountFilterType is not provided. This enables user to update an
entire OU and individual accounts from a different OU in one request, which used to be two separate requests.
NONE: Deploys to all the accounts in specified organizational units (OU).
String arn
The Amazon Resource Name (ARN) of the extension.
Conditional: You must specify either TypeName and Type, or Arn.
String type
The kind of extension.
Conditional: You must specify either TypeName and Type, or Arn.
String typeName
The name of the extension.
Conditional: You must specify either TypeName and Type, or Arn.
String versionId
The ID of a specific version of the extension. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the extension version when it is registered.
String nextToken
A string that identifies the next page of limits that you want to retrieve.
SdkInternalList<T> accountLimits
An account limit structure that contain a list of CloudFormation account limits and their values.
String nextToken
If the output exceeds 1 MB in size, a string that identifies the next page of limits. If no additional page exists, this value is null.
String changeSetName
The name or Amazon Resource Name (ARN) of the change set that you want to describe.
String stackName
If you specified the name of a change set, specify the stack name or stack ID (ARN) of the change set you want to describe.
String nextToken
A string, provided by the DescribeChangeSetHooks response output, that identifies the next page of
information that you want to retrieve.
String logicalResourceId
If specified, lists only the hooks related to the specified LogicalResourceId.
String changeSetId
The change set identifier (stack ID).
String changeSetName
The change set name.
SdkInternalList<T> hooks
List of hook objects.
String status
Provides the status of the change set hook.
String nextToken
Pagination token, null or empty if no more results.
String stackId
The stack identifier (stack ID).
String stackName
The stack name.
String changeSetName
The name or Amazon Resource Name (ARN) of the change set that you want to describe.
String stackName
If you specified the name of a change set, specify the stack name or ID (ARN) of the change set you want to describe.
String nextToken
A string (provided by the DescribeChangeSet response output) that identifies the next page of information that you want to retrieve.
String changeSetName
The name of the change set.
String changeSetId
The Amazon Resource Name (ARN) of the change set.
String stackId
The Amazon Resource Name (ARN) of the stack that's associated with the change set.
String stackName
The name of the stack that's associated with the change set.
String description
Information about the change set.
SdkInternalList<T> parameters
A list of Parameter structures that describes the input parameters and their values used to create
the change set. For more information, see the Parameter data
type.
Date creationTime
The start time when the change set was created, in UTC.
String executionStatus
If the change set execution status is AVAILABLE, you can execute the change set. If you can't
execute the change set, the status indicates why. For example, a change set might be in an
UNAVAILABLE state because CloudFormation is still creating it or in an OBSOLETE state
because the stack was already updated.
String status
The current status of the change set, such as CREATE_IN_PROGRESS, CREATE_COMPLETE, or
FAILED.
String statusReason
A description of the change set's status. For example, if your attempt to create a change set failed, CloudFormation shows the error message.
SdkInternalList<T> notificationARNs
The ARNs of the Amazon Simple Notification Service (Amazon SNS) topics that will be associated with the stack if you execute the change set.
RollbackConfiguration rollbackConfiguration
The rollback triggers for CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.
SdkInternalList<T> capabilities
If you execute the change set, the list of capabilities that were explicitly acknowledged when the change set was created.
SdkInternalList<T> tags
If you execute the change set, the tags that will be associated with the stack.
SdkInternalList<T> changes
A list of Change structures that describes the resources CloudFormation changes if you execute the
change set.
String nextToken
If the output exceeds 1 MB, a string that identifies the next page of changes. If there is no additional page, this value is null.
Boolean includeNestedStacks
Verifies if IncludeNestedStacks is set to True.
String parentChangeSetId
Specifies the change set ID of the parent change set in the current nested change set hierarchy.
String rootChangeSetId
Specifies the change set ID of the root change set in the current nested change set hierarchy.
String onStackFailure
Determines what action will be taken if stack creation fails. When this parameter is specified, the
DisableRollback parameter to the ExecuteChangeSet API operation must not be specified. This must be one of these values:
DELETE - Deletes the change set if the stack creation fails. This is only valid when the
ChangeSetType parameter is set to CREATE. If the deletion of the stack fails, the
status of the stack is DELETE_FAILED.
DO_NOTHING - if the stack creation fails, do nothing. This is equivalent to specifying
true for the DisableRollback parameter to the ExecuteChangeSet API operation.
ROLLBACK - if the stack creation fails, roll back the stack. This is equivalent to specifying
false for the DisableRollback parameter to the ExecuteChangeSet API operation.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
String status
Presents the status of the OrganizationAccess.
String publisherId
The ID of the extension publisher.
If you don't supply a PublisherId, and you have registered as an extension publisher,
DescribePublisher returns information about your own publisher account.
String publisherId
The ID of the extension publisher.
String publisherStatus
Whether the publisher is verified. Currently, all registered publishers are verified.
String identityProvider
The type of account used as the identity provider when registering this publisher with CloudFormation.
String publisherProfile
The URL to the publisher's profile with the identity provider.
String stackDriftDetectionId
The ID of the drift detection results of this operation.
CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of drift results CloudFormation retains for any given stack, and for how long, may vary.
String stackId
The ID of the stack.
String stackDriftDetectionId
The ID of the drift detection results of this operation.
CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of reports CloudFormation retains for any given stack, and for how long, may vary.
String stackDriftStatus
Status of the stack's actual configuration compared to its expected configuration.
DRIFTED: The stack differs from its expected template configuration. A stack is considered to have
drifted if one or more of its resources have drifted.
NOT_CHECKED: CloudFormation hasn't checked if the stack differs from its expected template
configuration.
IN_SYNC: The stack's actual configuration matches its expected template configuration.
UNKNOWN: This value is reserved for future use.
String detectionStatus
The status of the stack drift detection operation.
DETECTION_COMPLETE: The stack drift detection operation has successfully completed for all resources
in the stack that support drift detection. (Resources that don't currently support stack detection remain
unchecked.)
If you specified logical resource IDs for CloudFormation to use as a filter for the stack drift detection operation, only the resources with those logical IDs are checked for drift.
DETECTION_FAILED: The stack drift detection operation has failed for at least one resource in the
stack. Results will be available for resources on which CloudFormation successfully completed drift detection.
DETECTION_IN_PROGRESS: The stack drift detection operation is currently in progress.
String detectionStatusReason
The reason the stack drift detection operation has its current status.
Integer driftedStackResourceCount
Total number of stack resources that have drifted. This is NULL until the drift detection operation reaches a
status of DETECTION_COMPLETE. This value will be 0 for stacks whose drift status is
IN_SYNC.
Date timestamp
Time at which the stack drift detection operation was initiated.
String stackName
The name or the unique stack ID that's associated with the stack, which aren't always interchangeable:
Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.
Default: There is no default value.
String nextToken
A string that identifies the next page of events that you want to retrieve.
SdkInternalList<T> stackEvents
A list of StackEvents structures.
String nextToken
If the output exceeds 1 MB in size, a string that identifies the next page of events. If no additional page exists, this value is null.
String stackSetName
The name or the unique stack ID of the stack set that you want to get stack instance information for.
String stackInstanceAccount
The ID of an Amazon Web Services account that's associated with this stack instance.
String stackInstanceRegion
The name of a Region that's associated with this stack instance.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
StackInstance stackInstance
The stack instance that matches the specified request parameters.
String stackName
The name of the stack for which you want drift information.
SdkInternalList<T> stackResourceDriftStatusFilters
The resource drift status values to use as filters for the resource drift results returned.
DELETED: The resource differs from its expected template configuration in that the resource has been
deleted.
MODIFIED: One or more resource properties differ from their expected template values.
IN_SYNC: The resource's actual configuration matches its expected template configuration.
NOT_CHECKED: CloudFormation doesn't currently return this value.
String nextToken
A string that identifies the next page of stack resource drift results.
Integer maxResults
The maximum number of results to be returned with a single call. If the number of available results exceeds this
maximum, the response includes a NextToken value that you can assign to the NextToken
request parameter to get the next set of results.
SdkInternalList<T> stackResourceDrifts
Drift information for the resources that have been checked for drift in the specified stack. This includes actual and expected configuration values for resources where CloudFormation detects drift.
For a given stack, there will be one StackResourceDrift for each stack resource that has been
checked for drift. Resources that haven't yet been checked for drift aren't included. Resources that do not
currently support drift detection aren't checked, and so not included. For a list of resources that support drift
detection, see Resources that Support Drift Detection.
String nextToken
If the request doesn't return all the remaining results, NextToken is set to a token. To retrieve
the next set of results, call DescribeStackResourceDrifts again and assign that token to the request
object's NextToken parameter. If the request returns all results, NextToken is set to
null.
String stackName
The name or the unique stack ID that's associated with the stack, which aren't always interchangeable:
Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.
Default: There is no default value.
String logicalResourceId
The logical name of the resource as specified in the template.
Default: There is no default value.
StackResourceDetail stackResourceDetail
A StackResourceDetail structure containing the description of the specified resource in the
specified stack.
String stackName
The name or the unique stack ID that is associated with the stack, which aren't always interchangeable:
Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.
Default: There is no default value.
Required: Conditional. If you don't specify StackName, you must specify
PhysicalResourceId.
String logicalResourceId
The logical name of the resource as specified in the template.
Default: There is no default value.
String physicalResourceId
The name or unique identifier that corresponds to a physical instance ID of a resource supported by CloudFormation.
For example, for an Amazon Elastic Compute Cloud (EC2) instance, PhysicalResourceId corresponds to
the InstanceId. You can pass the EC2 InstanceId to DescribeStackResources
to find which stack the instance belongs to and what other resources are part of the stack.
Required: Conditional. If you don't specify PhysicalResourceId, you must specify
StackName.
Default: There is no default value.
SdkInternalList<T> stackResources
A list of StackResource structures.
String stackSetName
The name or the unique stack ID of the stack set for the stack operation.
String operationId
The unique ID of the stack set operation.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
StackSetOperation stackSetOperation
The specified stack set operation.
String stackSetName
The name or unique ID of the stack set whose description you want.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
StackSet stackSet
The specified stack set.
String stackName
If you don't pass a parameter to StackName, the API returns a response that describes all resources
in the account. This requires ListStacks and DescribeStacks permissions.
The IAM policy below can be added to IAM policies when you want to limit resource-level permissions and avoid returning a response when no parameter is sent in the request:
{ "Version": "2012-10-17", "Statement": [{ "Effect": "Deny", "Action": "cloudformation:DescribeStacks", "NotResource": "arn:aws:cloudformation:*:*:stack/*/*" }] }
The name or the unique stack ID that's associated with the stack, which aren't always interchangeable:
Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.
Default: There is no default value.
String nextToken
A string that identifies the next page of stacks that you want to retrieve.
SdkInternalList<T> stacks
A list of stack structures.
String nextToken
If the output exceeds 1 MB in size, a string that identifies the next page of stacks. If no additional page exists, this value is null.
String registrationToken
The identifier for this registration request.
This registration token is generated by CloudFormation when you initiate a registration request using RegisterType.
String progressStatus
The current status of the extension registration request.
String description
The description of the extension registration request.
String typeArn
The Amazon Resource Name (ARN) of the extension being registered.
For registration requests with a ProgressStatus of other than COMPLETE, this will be
null.
String typeVersionArn
The Amazon Resource Name (ARN) of this specific version of the extension being registered.
For registration requests with a ProgressStatus of other than COMPLETE, this will be
null.
String type
The kind of extension.
Conditional: You must specify either TypeName and Type, or Arn.
String typeName
The name of the extension.
Conditional: You must specify either TypeName and Type, or Arn.
String arn
The Amazon Resource Name (ARN) of the extension.
Conditional: You must specify either TypeName and Type, or Arn.
String versionId
The ID of a specific version of the extension. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the extension version when it is registered.
If you specify a VersionId, DescribeType returns information about that specific
extension version. Otherwise, it returns information about the default extension version.
String publisherId
The publisher ID of the extension publisher.
Extensions provided by Amazon Web Services are not assigned a publisher ID.
String publicVersionNumber
The version number of a public third-party extension.
String arn
The Amazon Resource Name (ARN) of the extension.
String type
The kind of extension.
String typeName
The name of the extension.
If the extension is a public third-party type you have activated with a type name alias, CloudFormation returns the type name alias. For more information, see ActivateType.
String defaultVersionId
The ID of the default version of the extension. The default version is used when the extension version isn't specified.
This applies only to private extensions you have registered in your account. For public extensions, both those
provided by Amazon Web Services and published by third parties, CloudFormation returns null. For
more information, see RegisterType.
To set the default version of an extension, use SetTypeDefaultVersion.
Boolean isDefaultVersion
Whether the specified extension version is set as the default version.
This applies only to private extensions you have registered in your account, and extensions published by Amazon
Web Services. For public third-party extensions, whether they are activated in your account, CloudFormation
returns null.
String typeTestsStatus
The contract test status of the registered extension version. To return the extension test status of a specific
extension version, you must specify VersionId.
This applies only to registered private extension versions. CloudFormation doesn't return this information for public extensions, whether they are activated in your account.
PASSED: The extension has passed all its contract tests.
An extension must have a test status of PASSED before it can be published. For more information, see
Publishing
extensions to make them available for public use in the CloudFormation Command Line Interface User
Guide.
FAILED: The extension has failed one or more contract tests.
IN_PROGRESS: Contract tests are currently being performed on the extension.
NOT_TESTED: Contract tests haven't been performed on the extension.
String typeTestsStatusDescription
The description of the test status. To return the extension test status of a specific extension version, you must
specify VersionId.
This applies only to registered private extension versions. CloudFormation doesn't return this information for public extensions, whether they are activated in your account.
String description
The description of the extension.
String schema
The schema that defines the extension.
For more information about extension schemas, see Resource Provider Schema in the CloudFormation CLI User Guide.
String provisioningType
For resource type extensions, the provisioning behavior of the resource type. CloudFormation determines the provisioning type during registration, based on the types of handlers in the schema handler package submitted.
Valid values include:
FULLY_MUTABLE: The resource type includes an update handler to process updates to the type during
stack update operations.
IMMUTABLE: The resource type doesn't include an update handler, so the type can't be updated and
must instead be replaced during stack update operations.
NON_PROVISIONABLE: The resource type doesn't include all the following handlers, and therefore can't
actually be provisioned.
create
read
delete
String deprecatedStatus
The deprecation status of the extension version.
Valid values include:
LIVE: The extension is activated or registered and can be used in CloudFormation operations,
dependent on its provisioning behavior and visibility scope.
DEPRECATED: The extension has been deactivated or deregistered and can no longer be used in
CloudFormation operations.
For public third-party extensions, CloudFormation returns null.
LoggingConfig loggingConfig
Contains logging configuration information for private extensions. This applies only to private extensions you
have registered in your account. For public extensions, both those provided by Amazon Web Services and published
by third parties, CloudFormation returns null. For more information, see RegisterType.
SdkInternalList<T> requiredActivatedTypes
For extensions that are modules, the public third-party extensions that must be activated in your account in order for the module itself to be activated.
String executionRoleArn
The Amazon Resource Name (ARN) of the IAM execution role used to register the extension. This applies only to private extensions you have registered in your account. For more information, see RegisterType.
If the registered extension calls any Amazon Web Services APIs, you must create an IAM execution role that includes the necessary permissions to call those Amazon Web Services APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your extension with the appropriate credentials.
String visibility
The scope at which the extension is visible and usable in CloudFormation operations.
Valid values include:
PRIVATE: The extension is only visible and usable within the account in which it is registered.
CloudFormation marks any extensions you register as PRIVATE.
PUBLIC: The extension is publicly visible and usable within any Amazon Web Services account.
String sourceUrl
The URL of the source code for the extension.
String documentationUrl
The URL of a page providing detailed documentation for this extension.
Date lastUpdated
When the specified extension version was registered. This applies only to:
Private extensions you have registered in your account. For more information, see RegisterType.
Public extensions you have activated in your account with auto-update specified. For more information, see ActivateType.
Date timeCreated
When the specified private extension version was registered or activated in your account.
String configurationSchema
A JSON string that represent the current configuration data for the extension in this account and Region.
To set the configuration data for an extension, use SetTypeConfiguration. For more information, see Configuring extensions at the account level in the CloudFormation User Guide.
String publisherId
The publisher ID of the extension publisher.
This applies only to public third-party extensions. For private registered extensions, and extensions provided by
Amazon Web Services, CloudFormation returns null.
String originalTypeName
For public extensions that have been activated for this account and Region, the type name of the public extension.
If you specified a TypeNameAlias when enabling the extension in this account and Region,
CloudFormation treats that alias as the extension's type name within the account and Region, not the type name of
the public extension. For more information, see Specifying aliases to refer to extensions in the CloudFormation User Guide.
String originalTypeArn
For public extensions that have been activated for this account and Region, the Amazon Resource Name (ARN) of the public extension.
String publicVersionNumber
The version number of a public third-party extension.
This applies only if you specify a public extension you have activated in your account, or specify a public
extension without specifying a version. For all other extensions, CloudFormation returns null.
String latestPublicVersion
The latest version of a public extension that is available for use.
This only applies if you specify a public extension, and you don't specify a version. For all other requests,
CloudFormation returns null.
Boolean isActivated
Whether the extension is activated in the account and Region.
This only applies to public third-party extensions. For all other extensions, CloudFormation returns
null.
Boolean autoUpdate
Whether CloudFormation automatically updates the extension in this account and Region when a new minor version is published by the extension publisher. Major versions released by the publisher must be manually updated. For more information, see Activating public extensions for use in your account in the CloudFormation User Guide.
String stackName
The name of the stack for which you want to detect drift.
SdkInternalList<T> logicalResourceIds
The logical names of any resources you want to use as filters.
String stackDriftDetectionId
The ID of the drift detection results of this operation.
CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of drift results CloudFormation retains for any given stack, and for how long, may vary.
StackResourceDrift stackResourceDrift
Information about whether the resource's actual configuration has drifted from its expected template configuration, including actual and expected property values and any differences detected.
String stackSetName
The name of the stack set on which to perform the drift detection operation.
StackSetOperationPreferences operationPreferences
The user-specified preferences for how CloudFormation performs a stack set operation.
For more information about maximum concurrent accounts and failure tolerance, see Stack set operation options.
String operationId
The ID of the stack set operation.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
String operationId
The ID of the drift detection stack set operation.
You can use this operation ID with DescribeStackSetOperation to monitor the progress of the drift detection operation.
String templateBody
Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. (For more information, go to Template Anatomy in the CloudFormation User Guide.)
Conditional: You must pass TemplateBody or TemplateURL. If both are passed, only
TemplateBody is used.
String templateURL
Location of file containing the template body. The URL must point to a template that's located in an Amazon S3 bucket or a Systems Manager document. For more information, go to Template Anatomy in the CloudFormation User Guide.
Conditional: You must pass TemplateURL or TemplateBody. If both are passed, only
TemplateBody is used.
SdkInternalList<T> parameters
A list of Parameter structures that specify input parameters.
String url
An Amazon Web Services Simple Monthly Calculator URL with a query string that describes the resources required to run the template.
String changeSetName
The name or Amazon Resource Name (ARN) of the change set that you want use to update the specified stack.
String stackName
If you specified the name of a change set, specify the stack name or Amazon Resource Name (ARN) that's associated with the change set you want to execute.
String clientRequestToken
A unique identifier for this ExecuteChangeSet request. Specify this token if you plan to retry
requests so that CloudFormation knows that you're not attempting to execute a change set to update a stack with
the same name. You might retry ExecuteChangeSet requests to ensure that CloudFormation successfully
received them.
Boolean disableRollback
Preserves the state of previously provisioned resources when an operation fails. This parameter can't be
specified when the OnStackFailure parameter to the CreateChangeSet API operation was specified.
True - if the stack creation fails, do nothing. This is equivalent to specifying
DO_NOTHING for the OnStackFailure parameter to the CreateChangeSet API operation.
False - if the stack creation fails, roll back the stack. This is equivalent to specifying
ROLLBACK for the OnStackFailure parameter to the CreateChangeSet API operation.
Default: True
Boolean retainExceptOnCreate
This deletion policy deletes newly created resources, but retains existing resources, when a stack operation is
rolled back. This ensures new, empty, and unused resources are deleted, while critical resources and their data
are retained. RetainExceptOnCreate can be specified for any resource that supports the
DeletionPolicy attribute.
String exportingStackId
The stack that contains the exported output name and value.
String name
The name of exported output value. Use this name and the Fn::ImportValue function to import the
associated value into other stacks. The name is defined in the Export field in the associated
stack's Outputs section.
String value
The value of the exported output, such as a resource physical ID. This value is defined in the
Export field in the associated stack's Outputs section.
String stackName
The name or unique stack ID that's associated with the stack whose policy you want to get.
String stackPolicyBody
Structure containing the stack policy body. (For more information, go to Prevent Updates to Stack Resources in the CloudFormation User Guide.)
String stackName
The name or the unique stack ID that's associated with the stack, which aren't always interchangeable:
Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.
Default: There is no default value.
String changeSetName
The name or Amazon Resource Name (ARN) of a change set for which CloudFormation returns the associated template.
If you specify a name, you must also specify the StackName.
String templateStage
For templates that include transforms, the stage of the template that CloudFormation returns. To get the
user-submitted template, specify Original. To get the template after CloudFormation has processed
all transforms, specify Processed.
If the template doesn't include transforms, Original and Processed return the same
template. By default, CloudFormation specifies Processed.
String templateBody
Structure containing the template body. (For more information, go to Template Anatomy in the CloudFormation User Guide.)
CloudFormation returns the same template that was used when the stack was created.
SdkInternalList<T> stagesAvailable
The stage of the template that you can retrieve. For stacks, the Original and Processed
templates are always available. For change sets, the Original template is always available. After
CloudFormation finishes creating the change set, the Processed template becomes available.
String templateBody
Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information about templates, see Template anatomy in the CloudFormation User Guide.
Conditional: You must specify only one of the following parameters: StackName,
StackSetName, TemplateBody, or TemplateURL.
String templateURL
Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that's located in an Amazon S3 bucket or a Systems Manager document. For more information about templates, see Template anatomy in the CloudFormation User Guide.
Conditional: You must specify only one of the following parameters: StackName,
StackSetName, TemplateBody, or TemplateURL.
String stackName
The name or the stack ID that's associated with the stack, which aren't always interchangeable. For running stacks, you can specify either the stack's name or its unique stack ID. For deleted stack, you must specify the unique stack ID.
Conditional: You must specify only one of the following parameters: StackName,
StackSetName, TemplateBody, or TemplateURL.
String stackSetName
The name or unique ID of the stack set from which the stack was created.
Conditional: You must specify only one of the following parameters: StackName,
StackSetName, TemplateBody, or TemplateURL.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
TemplateSummaryConfig templateSummaryConfig
Specifies options for the GetTemplateSummary API action.
SdkInternalList<T> parameters
A list of parameter declarations that describe various properties for each parameter.
String description
The value that's defined in the Description property of the template.
SdkInternalList<T> capabilities
The capabilities found within the template. If your template contains IAM resources, you must specify the
CAPABILITY_IAM or CAPABILITY_NAMED_IAM value for this parameter when you use the
CreateStack or UpdateStack actions with your template; otherwise, those actions return an
InsufficientCapabilities error.
For more information, see Acknowledging IAM Resources in CloudFormation Templates.
String capabilitiesReason
The list of resources that generated the values in the Capabilities response element.
SdkInternalList<T> resourceTypes
A list of all the template resource types that are defined in the template, such as
AWS::EC2::Instance, AWS::Dynamo::Table, and Custom::MyCustomInstance.
String version
The Amazon Web Services template format version, which identifies the capabilities of the template.
String metadata
The value that's defined for the Metadata property of the template.
SdkInternalList<T> declaredTransforms
A list of the transforms that are declared in the template.
SdkInternalList<T> resourceIdentifierSummaries
A list of resource identifier summaries that describe the target resources of an import operation and the
properties you can provide during the import to identify the target resources. For example,
BucketName is a possible identifier property for an AWS::S3::Bucket resource.
Warnings warnings
An object containing any warnings returned.
String stackSetName
The name of the stack set. The name must be unique in the Region where you create your stack set.
SdkInternalList<T> stackIds
The IDs of the stacks you are importing into a stack set. You import up to 10 stacks per stack set at a time.
Specify either StackIds or StackIdsUrl.
String stackIdsUrl
The Amazon S3 URL which contains list of stack ids to be inputted.
Specify either StackIds or StackIdsUrl.
SdkInternalList<T> organizationalUnitIds
The list of OU ID's to which the stacks being imported has to be mapped as deployment target.
StackSetOperationPreferences operationPreferences
The user-specified preferences for how CloudFormation performs a stack set operation.
For more information about maximum concurrent accounts and failure tolerance, see Stack set operation options.
String operationId
A unique, user defined, identifier for the stack set operation.
String callAs
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
For service managed stack sets, specify DELEGATED_ADMIN.
String operationId
The unique identifier for the stack set operation.
String stackName
The name or the Amazon Resource Name (ARN) of the stack for which you want to list change sets.
String nextToken
A string (provided by the ListChangeSets response output) that identifies the next page of change sets that you want to retrieve.
SdkInternalList<T> summaries
A list of ChangeSetSummary structures that provides the ID and status of each change set for the
specified stack.
String nextToken
If the output exceeds 1 MB, a string that identifies the next page of change sets. If there is no additional
page, this value is null.
String nextToken
A string (provided by the ListExports response output) that identifies the next page of exported output values that you asked to retrieve.
SdkInternalList<T> exports
The output for the ListExports action.
String nextToken
If the output exceeds 100 exported output values, a string that identifies the next page of exports. If there is no additional page, this value is null.
String exportName
The name of the exported output value. CloudFormation returns the stack names that are importing this value.
String nextToken
A string (provided by the ListImports response output) that identifies the next page of stacks that are importing the specified exported output value.
SdkInternalList<T> imports
A list of stack names that are importing the specified exported output value.
String nextToken
A string that identifies the next page of exports. If there is no additional page, this value is null.
String stackSetName
The name or unique ID of the stack set that you want to list drifted resources for.
String nextToken
If the previous paginated request didn't return all of the remaining results, the response object's
NextToken parameter value is set to a token. To retrieve the next set of results, call this action
again and assign that token to the request object's NextToken parameter. If there are no remaining
results, the previous response object's NextToken parameter is set to null.
Integer maxResults
The maximum number of results to be returned with a single call. If the number of available results exceeds this
maximum, the response includes a NextToken value that you can assign to the NextToken
request parameter to get the next set of results.
SdkInternalList<T> stackInstanceResourceDriftStatuses
The resource drift status of the stack instance.
DELETED: The resource differs from its expected template configuration in that the resource has been
deleted.
MODIFIED: One or more resource properties differ from their expected template values.
IN_SYNC: The resource's actual configuration matches its expected template configuration.
NOT_CHECKED: CloudFormation doesn't currently return this value.
String stackInstanceAccount
The name of the Amazon Web Services account that you want to list resource drifts for.
String stackInstanceRegion
The name of the Region where you want to list resource drifts.
String operationId
The unique ID of the drift operation.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
SdkInternalList<T> summaries
A list of StackInstanceResourceDriftSummary structures that contain information about the specified
stack instances.
String nextToken
If the previous paginated request didn't return all of the remaining results, the response object's
NextToken parameter value is set to a token. To retrieve the next set of results, call this action
again and assign that token to the request object's NextToken parameter. If there are no remaining
results, the previous response object's NextToken parameter is set to null.
String stackSetName
The name or unique ID of the stack set that you want to list stack instances for.
String nextToken
If the previous request didn't return all the remaining results, the response's NextToken parameter
value is set to a token. To retrieve the next set of results, call ListStackInstances again and
assign that token to the request object's NextToken parameter. If there are no remaining results,
the previous response object's NextToken parameter is set to null.
Integer maxResults
The maximum number of results to be returned with a single call. If the number of available results exceeds this
maximum, the response includes a NextToken value that you can assign to the NextToken
request parameter to get the next set of results.
SdkInternalList<T> filters
The filter to apply to stack instances
String stackInstanceAccount
The name of the Amazon Web Services account that you want to list stack instances for.
String stackInstanceRegion
The name of the Region where you want to list stack instances.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
SdkInternalList<T> summaries
A list of StackInstanceSummary structures that contain information about the specified stack
instances.
String nextToken
If the request doesn't return all the remaining results, NextToken is set to a token. To retrieve
the next set of results, call ListStackInstances again and assign that token to the request object's
NextToken parameter. If the request returns all results, NextToken is set to
null.
String stackName
The name or the unique stack ID that is associated with the stack, which aren't always interchangeable:
Running stacks: You can specify either the stack's name or its unique stack ID.
Deleted stacks: You must specify the unique stack ID.
Default: There is no default value.
String nextToken
A string that identifies the next page of stack resources that you want to retrieve.
SdkInternalList<T> stackResourceSummaries
A list of StackResourceSummary structures.
String nextToken
If the output exceeds 1 MB, a string that identifies the next page of stack resources. If no additional page exists, this value is null.
String stackSetName
The name or unique ID of the stack set that you want to get operation results for.
String operationId
The ID of the stack set operation.
String nextToken
If the previous request didn't return all the remaining results, the response object's NextToken
parameter value is set to a token. To retrieve the next set of results, call
ListStackSetOperationResults again and assign that token to the request object's
NextToken parameter. If there are no remaining results, the previous response object's
NextToken parameter is set to null.
Integer maxResults
The maximum number of results to be returned with a single call. If the number of available results exceeds this
maximum, the response includes a NextToken value that you can assign to the NextToken
request parameter to get the next set of results.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
SdkInternalList<T> filters
The filter to apply to operation results.
SdkInternalList<T> summaries
A list of StackSetOperationResultSummary structures that contain information about the specified
operation results, for accounts and Amazon Web Services Regions that are included in the operation.
String nextToken
If the request doesn't return all results, NextToken is set to a token. To retrieve the next set of
results, call ListOperationResults again and assign that token to the request object's
NextToken parameter. If there are no remaining results, NextToken is set to
null.
String stackSetName
The name or unique ID of the stack set that you want to get operation summaries for.
String nextToken
If the previous paginated request didn't return all of the remaining results, the response object's
NextToken parameter value is set to a token. To retrieve the next set of results, call
ListStackSetOperations again and assign that token to the request object's NextToken
parameter. If there are no remaining results, the previous response object's NextToken parameter is
set to null.
Integer maxResults
The maximum number of results to be returned with a single call. If the number of available results exceeds this
maximum, the response includes a NextToken value that you can assign to the NextToken
request parameter to get the next set of results.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
SdkInternalList<T> summaries
A list of StackSetOperationSummary structures that contain summary information about operations for
the specified stack set.
String nextToken
If the request doesn't return all results, NextToken is set to a token. To retrieve the next set of
results, call ListOperationResults again and assign that token to the request object's
NextToken parameter. If there are no remaining results, NextToken is set to
null.
String nextToken
If the previous paginated request didn't return all the remaining results, the response object's
NextToken parameter value is set to a token. To retrieve the next set of results, call
ListStackSets again and assign that token to the request object's NextToken parameter.
If there are no remaining results, the previous response object's NextToken parameter is set to
null.
Integer maxResults
The maximum number of results to be returned with a single call. If the number of available results exceeds this
maximum, the response includes a NextToken value that you can assign to the NextToken
request parameter to get the next set of results.
String status
The status of the stack sets that you want to get summary information about.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
SdkInternalList<T> summaries
A list of StackSetSummary structures that contain information about the user's stack sets.
String nextToken
If the request doesn't return all of the remaining results, NextToken is set to a token. To retrieve
the next set of results, call ListStackInstances again and assign that token to the request object's
NextToken parameter. If the request returns all results, NextToken is set to
null.
String nextToken
A string that identifies the next page of stacks that you want to retrieve.
SdkInternalList<T> stackStatusFilters
Stack status to use as a filter. Specify one or more stack status codes to list only stacks with the specified
status codes. For a complete list of stack status codes, see the StackStatus parameter of the
Stack data type.
SdkInternalList<T> stackSummaries
A list of StackSummary structures containing information about the specified stacks.
String nextToken
If the output exceeds 1 MB in size, a string that identifies the next page of stacks. If no additional page exists, this value is null.
String type
The kind of extension.
Conditional: You must specify either TypeName and Type, or Arn.
String typeName
The name of the extension.
Conditional: You must specify either TypeName and Type, or Arn.
String typeArn
The Amazon Resource Name (ARN) of the extension.
Conditional: You must specify either TypeName and Type, or Arn.
String registrationStatusFilter
The current status of the extension registration request.
The default is IN_PROGRESS.
Integer maxResults
The maximum number of results to be returned with a single call. If the number of available results exceeds this
maximum, the response includes a NextToken value that you can assign to the NextToken
request parameter to get the next set of results.
String nextToken
If the previous paginated request didn't return all the remaining results, the response object's
NextToken parameter value is set to a token. To retrieve the next set of results, call this action
again and assign that token to the request object's NextToken parameter. If there are no remaining
results, the previous response object's NextToken parameter is set to null.
SdkInternalList<T> registrationTokenList
A list of extension registration tokens.
Use DescribeTypeRegistration to return detailed information about a type registration request.
String nextToken
If the request doesn't return all the remaining results, NextToken is set to a token. To retrieve
the next set of results, call this action again and assign that token to the request object's
NextToken parameter. If the request returns all results, NextToken is set to
null.
String visibility
The scope at which the extensions are visible and usable in CloudFormation operations.
Valid values include:
PRIVATE: Extensions that are visible and usable within this account and Region. This includes:
Private extensions you have registered in this account and Region.
Public extensions that you have activated in this account and Region.
PUBLIC: Extensions that are publicly visible and available to be activated within any Amazon Web
Services account. This includes extensions from Amazon Web Services, in addition to third-party publishers.
The default is PRIVATE.
String provisioningType
For resource types, the provisioning behavior of the resource type. CloudFormation determines the provisioning type during registration, based on the types of handlers in the schema handler package submitted.
Valid values include:
FULLY_MUTABLE: The resource type includes an update handler to process updates to the type during
stack update operations.
IMMUTABLE: The resource type doesn't include an update handler, so the type can't be updated and
must instead be replaced during stack update operations.
NON_PROVISIONABLE: The resource type doesn't include create, read, and delete handlers, and
therefore can't actually be provisioned.
The default is FULLY_MUTABLE.
String deprecatedStatus
The deprecation status of the extension that you want to get summary information about.
Valid values include:
LIVE: The extension is registered for use in CloudFormation operations.
DEPRECATED: The extension has been deregistered and can no longer be used in CloudFormation
operations.
String type
The type of extension.
TypeFilters filters
Filter criteria to use in determining which extensions to return.
Filters must be compatible with Visibility to return valid results. For example, specifying
AWS_TYPES for Category and PRIVATE for Visibility returns an
empty list of types, but specifying PUBLIC for Visibility returns the desired list.
Integer maxResults
The maximum number of results to be returned with a single call. If the number of available results exceeds this
maximum, the response includes a NextToken value that you can assign to the NextToken
request parameter to get the next set of results.
String nextToken
If the previous paginated request didn't return all the remaining results, the response object's
NextToken parameter value is set to a token. To retrieve the next set of results, call this action
again and assign that token to the request object's NextToken parameter. If there are no remaining
results, the previous response object's NextToken parameter is set to null.
SdkInternalList<T> typeSummaries
A list of TypeSummary structures that contain information about the specified extensions.
String nextToken
If the request doesn't return all the remaining results, NextToken is set to a token. To retrieve
the next set of results, call this action again and assign that token to the request object's
NextToken parameter. If the request returns all results, NextToken is set to
null.
String type
The kind of the extension.
Conditional: You must specify either TypeName and Type, or Arn.
String typeName
The name of the extension for which you want version summary information.
Conditional: You must specify either TypeName and Type, or Arn.
String arn
The Amazon Resource Name (ARN) of the extension for which you want version summary information.
Conditional: You must specify either TypeName and Type, or Arn.
Integer maxResults
The maximum number of results to be returned with a single call. If the number of available results exceeds this
maximum, the response includes a NextToken value that you can assign to the NextToken
request parameter to get the next set of results.
String nextToken
If the previous paginated request didn't return all of the remaining results, the response object's
NextToken parameter value is set to a token. To retrieve the next set of results, call this action
again and assign that token to the request object's NextToken parameter. If there are no remaining
results, the previous response object's NextToken parameter is set to null.
String deprecatedStatus
The deprecation status of the extension versions that you want to get summary information about.
Valid values include:
LIVE: The extension version is registered and can be used in CloudFormation operations, dependent on
its provisioning behavior and visibility scope.
DEPRECATED: The extension version has been deregistered and can no longer be used in CloudFormation
operations.
The default is LIVE.
String publisherId
The publisher ID of the extension publisher.
Extensions published by Amazon aren't assigned a publisher ID.
SdkInternalList<T> typeVersionSummaries
A list of TypeVersionSummary structures that contain information about the specified extension's
versions.
String nextToken
If the request doesn't return all of the remaining results, NextToken is set to a token. To retrieve
the next set of results, call this action again and assign that token to the request object's
NextToken parameter. If the request returns all results, NextToken is set to
null.
String logRoleArn
The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.
String logGroupName
The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.
Boolean active
When true, StackSets performs non-conflicting operations concurrently and queues conflicting
operations. After conflicting operations finish, StackSets starts queued operations in request order.
If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.
You can't modify your stack set's execution configuration while there are running or queued operations for that stack set.
When false (default), StackSets performs one operation at a time in request order.
String typeHierarchy
A concatenated list of the module type or types containing the resource. Module types are listed starting with
the inner-most nested module, and separated by /.
In the following example, the resource was created from a module of type AWS::First::Example::MODULE
, that's nested inside a parent module of type AWS::Second::Example::MODULE.
AWS::First::Example::MODULE/AWS::Second::Example::MODULE
String logicalIdHierarchy
A concatenated list of the logical IDs of the module or modules containing the resource. Modules are listed
starting with the inner-most nested module, and separated by /.
In the following example, the resource was created from a module, moduleA, that's nested inside a
parent module, moduleB.
moduleA/moduleB
For more information, see Referencing resources in a module in the CloudFormation User Guide.
String parameterKey
The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.
String parameterValue
The input value associated with the parameter.
Boolean usePreviousValue
During a stack update, use the existing parameter value that the stack is using for a given parameter key. If you
specify true, do not specify a parameter value.
String resolvedValue
Read-only. The value that corresponds to a SSM parameter key. This field is returned only for SSM parameter types in the template.
SdkInternalList<T> allowedValues
A list of values that are permitted for a parameter.
String parameterKey
The name that's associated with the parameter.
String defaultValue
The default value of the parameter.
String parameterType
The type of parameter.
Boolean noEcho
Flag that indicates whether the parameter value is shown as plain text in logs and in the Amazon Web Services Management Console.
String description
The description that's associate with the parameter.
ParameterConstraints parameterConstraints
The criteria that CloudFormation uses to validate parameter values.
String propertyPath
The fully-qualified path to the resource property.
String expectedValue
The expected property value of the resource property, as defined in the stack template and any values specified as template parameters.
String actualValue
The actual property value of the resource property.
String differenceType
The type of property difference.
ADD: A value has been added to a resource property that's an array or list data type.
REMOVE: The property has been removed from the current resource configuration.
NOT_EQUAL: The current property value differs from its expected value (as defined in the stack
template and any values specified as template parameters).
String type
The type of the extension.
Conditional: You must specify Arn, or TypeName and Type.
String arn
The Amazon Resource Name (ARN) of the extension.
Conditional: You must specify Arn, or TypeName and Type.
String typeName
The name of the extension.
Conditional: You must specify Arn, or TypeName and Type.
String publicVersionNumber
The version number to assign to this version of the extension.
Use the following format, and adhere to semantic versioning when assigning a version number to your extension:
MAJOR.MINOR.PATCH
For more information, see Semantic Versioning 2.0.0.
If you don't specify a version number, CloudFormation increments the version number by one minor version release.
You cannot specify a version number the first time you publish a type. CloudFormation automatically sets the
first version number to be 1.0.0.
String publicTypeArn
The Amazon Resource Name (ARN) assigned to the public extension upon publication.
String bearerToken
Reserved for use by the CloudFormation CLI.
String operationStatus
Reserved for use by the CloudFormation CLI.
String currentOperationStatus
Reserved for use by the CloudFormation CLI.
String statusMessage
Reserved for use by the CloudFormation CLI.
String errorCode
Reserved for use by the CloudFormation CLI.
String resourceModel
Reserved for use by the CloudFormation CLI.
String clientRequestToken
Reserved for use by the CloudFormation CLI.
Boolean acceptTermsAndConditions
Whether you accept the Terms and Conditions for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to register to publish public extensions to the CloudFormation registry.
The default is false.
String connectionArn
If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.
For more information, see Registering your account to publish CloudFormation extensions in the CloudFormation CLI User Guide.
String publisherId
The ID assigned this account by CloudFormation for publishing extensions.
String type
The kind of extension.
String typeName
The name of the extension being registered.
We suggest that extension names adhere to the following patterns:
For resource types, company_or_organization::service::type.
For modules, company_or_organization::service::type::MODULE.
For hooks, MyCompany::Testing::MyTestHook.
The following organization namespaces are reserved and can't be used in your extension names:
Alexa
AMZN
Amazon
AWS
Custom
Dev
String schemaHandlerPackage
A URL to the S3 bucket containing the extension project package that contains the necessary files for the extension you want to register.
For information about generating a schema handler package for the extension you want to register, see submit in the CloudFormation CLI User Guide.
The user registering the extension must be able to access the package in the S3 bucket. That's, the user needs to have GetObject permissions for the schema handler package. For more information, see Actions, Resources, and Condition Keys for Amazon S3 in the Identity and Access Management User Guide.
LoggingConfig loggingConfig
Specifies logging configuration information for an extension.
String executionRoleArn
The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the extension.
For CloudFormation to assume the specified execution role, the role must contain a trust relationship with the
CloudFormation service principle (resources.cloudformation.amazonaws.com). For more information
about adding trust relationships, see Modifying a role trust policy in the Identity and Access Management User Guide.
If your extension calls Amazon Web Services APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those Amazon Web Services APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.
String clientRequestToken
A unique identifier that acts as an idempotency key for this registration request. Specifying a client request token prevents CloudFormation from generating more than one version of an extension from the same registration request, even if the request is submitted multiple times.
String registrationToken
The identifier for this registration request.
Use this registration token when calling DescribeTypeRegistration, which returns information about the status and IDs of the extension registration.
String typeNameAlias
An alias assigned to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.
String originalTypeName
The type name of the public extension.
If you specified a TypeNameAlias when enabling the extension in this account and Region,
CloudFormation treats that alias as the extension's type name within the account and Region, not the type name of
the public extension. For more information, see Specifying aliases to refer to extensions in the CloudFormation User Guide.
String publisherId
The publisher ID of the extension publisher.
SdkInternalList<T> supportedMajorVersions
A list of the major versions of the extension type that the macro supports.
String action
The action that CloudFormation takes on the resource, such as Add (adds a new resource),
Modify (changes a resource), Remove (deletes a resource), Import (imports
a resource), or Dynamic (exact action for the resource can't be determined).
String logicalResourceId
The resource's logical ID, which is defined in the stack's template.
String physicalResourceId
The resource's physical ID (resource name). Resources that you are adding don't have physical IDs because they haven't been created.
String resourceType
The type of CloudFormation resource, such as AWS::S3::Bucket.
String replacement
For the Modify action, indicates whether CloudFormation will replace the resource by creating a new
one and deleting the old one. This value depends on the value of the RequiresRecreation property in
the ResourceTargetDefinition structure. For example, if the RequiresRecreation field is
Always and the Evaluation field is Static, Replacement is
True. If the RequiresRecreation field is Always and the
Evaluation field is Dynamic, Replacement is Conditionally.
If you have multiple changes with different RequiresRecreation values, the Replacement
value depends on the change with the most impact. A RequiresRecreation value of Always
has the most impact, followed by Conditionally, and then Never.
SdkInternalList<T> scope
For the Modify action, indicates which resource attribute is triggering this update, such as a
change in the resource attribute's Metadata, Properties, or Tags.
SdkInternalList<T> details
For the Modify action, a list of ResourceChangeDetail structures that describes the
changes that CloudFormation will make to the resource.
String changeSetId
The change set ID of the nested change set.
ModuleInfo moduleInfo
Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.
ResourceTargetDefinition target
A ResourceTargetDefinition structure that describes the field that CloudFormation will change and
whether the resource will be recreated.
String evaluation
Indicates whether CloudFormation can determine the target value, and whether the target value will change before you execute a change set.
For Static evaluations, CloudFormation can determine that the target value will change, and its
value. For example, if you directly modify the InstanceType property of an EC2 instance,
CloudFormation knows that this property value will change, and its value, so this is a Static
evaluation.
For Dynamic evaluations, can't determine the target value because it depends on the result of an
intrinsic function, such as a Ref or Fn::GetAtt intrinsic function, when the stack is
updated. For example, if your template includes a reference to a resource that's conditionally recreated, the
value of the reference (the physical ID of the resource) might change, depending on if the resource is recreated.
If the resource is recreated, it will have a new physical ID, so all references to that resource will also be
updated.
String changeSource
The group to which the CausingEntity value belongs. There are five entity groups:
ResourceReference entities are Ref intrinsic functions that refer to resources in the
template, such as { "Ref" : "MyEC2InstanceResource" }.
ParameterReference entities are Ref intrinsic functions that get template parameter
values, such as { "Ref" : "MyPasswordParameter" }.
ResourceAttribute entities are Fn::GetAtt intrinsic functions that get resource
attribute values, such as { "Fn::GetAtt" : [ "MyEC2InstanceResource", "PublicDnsName" ] }.
DirectModification entities are changes that are made directly to the template.
Automatic entities are AWS::CloudFormation::Stack resource types, which are also known
as nested stacks. If you made no changes to the AWS::CloudFormation::Stack resource, CloudFormation
sets the ChangeSource to Automatic because the nested stack's template might have
changed. Changes to a nested stack's template aren't visible to CloudFormation until you run an update on the
parent stack.
String causingEntity
The identity of the entity that triggered this change. This entity is a member of the group that's specified by
the ChangeSource field. For example, if you modified the value of the KeyPairName
parameter, the CausingEntity is the name of the parameter (KeyPairName).
If the ChangeSource value is DirectModification, no value is given for
CausingEntity.
String resourceType
The template resource type of the target resources, such as AWS::S3::Bucket.
SdkInternalList<T> logicalResourceIds
The logical IDs of the target resources of the specified ResourceType, as defined in the import
template.
SdkInternalList<T> resourceIdentifiers
The resource properties you can provide during the import to identify your target resources. For example,
BucketName is a possible identifier property for AWS::S3::Bucket resources.
String attribute
Indicates which resource attribute is triggering this update, such as a change in the resource attribute's
Metadata, Properties, or Tags.
String name
If the Attribute value is Properties, the name of the property. For all other
attributes, the value is null.
String requiresRecreation
If the Attribute value is Properties, indicates whether a change to this property
causes the resource to be recreated. The value can be Never, Always, or
Conditionally. To determine the conditions for a Conditionally recreation, see the
update behavior for that property in the CloudFormation User Guide.
String resourceType
The type of resource to import into your stack, such as AWS::S3::Bucket. For a list of supported
resource types, see Resources that support import operations in the CloudFormation User Guide.
String logicalResourceId
The logical ID of the target resource as specified in the template.
Map<K,V> resourceIdentifier
A key-value pair that identifies the target resource. The key is an identifier property (for example,
BucketName for AWS::S3::Bucket resources) and the value is the actual property value
(for example, MyS3Bucket).
SdkInternalList<T> rollbackTriggers
The triggers to monitor during stack creation or update actions.
By default, CloudFormation saves the rollback triggers specified for a stack and applies them to any subsequent update operations for the stack, unless you specify otherwise. If you do specify rollback triggers for this parameter, those triggers replace any list of triggers previously specified for the stack. This means:
To use the rollback triggers previously specified for this stack, if any, don't specify this parameter.
To specify new or updated rollback triggers, you must specify all the triggers that you want used for this stack, even triggers you've specified before (for example, when creating the stack or during a previous stack update). Any triggers that you don't include in the updated list of triggers are no longer applied to the stack.
To remove all currently specified triggers, specify an empty list for this parameter.
If a specified trigger is missing, the entire stack operation fails and is rolled back.
Integer monitoringTimeInMinutes
The amount of time, in minutes, during which CloudFormation should monitor all the rollback triggers after the stack creation or update operation deploys all necessary resources.
The default is 0 minutes.
If you specify a monitoring period but don't specify any rollback triggers, CloudFormation still waits the specified period of time before cleaning up old resources after update operations. You can use this monitoring period to perform any manual stack validation desired, and manually cancel the stack creation or update (using CancelUpdateStack, for example) as necessary.
If you specify 0 for this parameter, CloudFormation still monitors the specified rollback triggers during stack creation and update operations. Then, for update operations, it begins disposing of old resources immediately once the operation completes.
String stackName
The name that's associated with the stack.
String roleARN
The Amazon Resource Name (ARN) of an Identity and Access Management role that CloudFormation assumes to rollback the stack.
String clientRequestToken
A unique identifier for this RollbackStack request.
Boolean retainExceptOnCreate
This deletion policy deletes newly created resources, but retains existing resources, when a stack operation is
rolled back. This ensures new, empty, and unused resources are deleted, while critical resources and their data
are retained. RetainExceptOnCreate can be specified for any resource that supports the
DeletionPolicy attribute.
String stackId
Unique identifier of the stack.
String arn
The Amazon Resource Name (ARN) of the rollback trigger.
If a specified trigger is missing, the entire stack operation fails and is rolled back.
String type
The resource type of the rollback trigger. Specify either AWS::CloudWatch::Alarm or AWS::CloudWatch::CompositeAlarm resource types.
String stackName
The name or unique stack ID that you want to associate a policy with.
String stackPolicyBody
Structure containing the stack policy body. For more information, go to Prevent
updates to stack resources in the CloudFormation User Guide. You can specify either the
StackPolicyBody or the StackPolicyURL parameter, but not both.
String stackPolicyURL
Location of a file containing the stack policy. The URL must point to a policy (maximum size: 16 KB) located in
an Amazon S3 bucket in the same Amazon Web Services Region as the stack. You can specify either the
StackPolicyBody or the StackPolicyURL parameter, but not both.
String typeArn
The Amazon Resource Name (ARN) for the extension, in this account and Region.
For public extensions, this will be the ARN assigned when you activate the type in this account and Region. For private extensions, this will be the ARN assigned when you register the type in this account and Region.
Do not include the extension versions suffix at the end of the ARN. You can set the configuration for an extension, but not for a specific extension version.
String configuration
The configuration data for the extension, in this account and Region.
The configuration data must be formatted as JSON, and validate against the schema returned in the
ConfigurationSchema response element of DescribeType.
For more information, see Defining account-level configuration data for an extension in the CloudFormation CLI User Guide.
String configurationAlias
An alias by which to refer to this extension configuration data.
Conditional: Specifying a configuration alias is required when setting a configuration for a resource type extension.
String typeName
The name of the extension.
Conditional: You must specify ConfigurationArn, or Type and TypeName.
String type
The type of extension.
Conditional: You must specify ConfigurationArn, or Type and TypeName.
String configurationArn
The Amazon Resource Name (ARN) for the configuration data, in this account and Region.
Conditional: You must specify ConfigurationArn, or Type and TypeName.
String arn
The Amazon Resource Name (ARN) of the extension for which you want version summary information.
Conditional: You must specify either TypeName and Type, or Arn.
String type
The kind of extension.
Conditional: You must specify either TypeName and Type, or Arn.
String typeName
The name of the extension.
Conditional: You must specify either TypeName and Type, or Arn.
String versionId
The ID of a specific version of the extension. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the extension version when it is registered.
String stackName
The stack name or unique stack ID that includes the resource that you want to signal.
String logicalResourceId
The logical ID of the resource that you want to signal. The logical ID is the name of the resource that given in the template.
String uniqueId
A unique ID of the signal. When you signal Amazon EC2 instances or Auto Scaling groups, specify the instance ID that you are signaling as the unique ID. If you send multiple signals to a single resource (such as signaling a wait condition), each signal requires a different unique ID.
String status
The status of the signal, which is either success or failure. A failure signal causes CloudFormation to immediately fail the stack creation or update.
String stackId
Unique identifier of the stack.
String stackName
The name associated with the stack.
String changeSetId
The unique ID of the change set.
String description
A user-defined description associated with the stack.
SdkInternalList<T> parameters
A list of Parameter structures.
Date creationTime
The time at which the stack was created.
Date deletionTime
The time the stack was deleted.
Date lastUpdatedTime
The time the stack was last updated. This field will only be returned if the stack has been updated at least once.
RollbackConfiguration rollbackConfiguration
The rollback triggers for CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.
String stackStatus
Current status of the stack.
String stackStatusReason
Success/failure message associated with the stack status.
Boolean disableRollback
Boolean to enable or disable rollback on stack creation failures:
true: disable rollback.
false: enable rollback.
SdkInternalList<T> notificationARNs
Amazon SNS topic Amazon Resource Names (ARNs) to which stack related events are published.
Integer timeoutInMinutes
The amount of time within which stack creation should complete.
SdkInternalList<T> capabilities
The capabilities allowed in the stack.
SdkInternalList<T> outputs
A list of output structures.
String roleARN
The Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that's associated with the stack. During a stack operation, CloudFormation uses this role's credentials to make calls on your behalf.
SdkInternalList<T> tags
A list of Tags that specify information about the stack.
Boolean enableTerminationProtection
Whether termination protection is enabled for the stack.
For nested stacks, termination protection is set on the root stack and can't be changed directly on the nested stack. For more information, see Protecting a Stack From Being Deleted in the CloudFormation User Guide.
String parentId
For nested stacks--stacks created as resources for another stack--the stack ID of the direct parent of this stack. For the first level of nested stacks, the root stack is also the parent stack.
For more information, see Working with Nested Stacks in the CloudFormation User Guide.
String rootId
For nested stacks--stacks created as resources for another stack--the stack ID of the top-level stack to which the nested stack ultimately belongs.
For more information, see Working with Nested Stacks in the CloudFormation User Guide.
StackDriftInformation driftInformation
Information about whether a stack's actual configuration differs, or has drifted, from its expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.
Boolean retainExceptOnCreate
This deletion policy deletes newly created resources, but retains existing resources, when a stack operation is
rolled back. This ensures new, empty, and unused resources are deleted, while critical resources and their data
are retained. RetainExceptOnCreate can be specified for any resource that supports the
DeletionPolicy attribute.
String stackDriftStatus
Status of the stack's actual configuration compared to its expected template configuration.
DRIFTED: The stack differs from its expected template configuration. A stack is considered to have
drifted if one or more of its resources have drifted.
NOT_CHECKED: CloudFormation hasn't checked if the stack differs from its expected template
configuration.
IN_SYNC: The stack's actual configuration matches its expected template configuration.
UNKNOWN: This value is reserved for future use.
Date lastCheckTimestamp
Most recent time when a drift detection operation was initiated on the stack, or any of its individual resources that support drift detection.
String stackDriftStatus
Status of the stack's actual configuration compared to its expected template configuration.
DRIFTED: The stack differs from its expected template configuration. A stack is considered to have
drifted if one or more of its resources have drifted.
NOT_CHECKED: CloudFormation hasn't checked if the stack differs from its expected template
configuration.
IN_SYNC: The stack's actual configuration matches its expected template configuration.
UNKNOWN: This value is reserved for future use.
Date lastCheckTimestamp
Most recent time when a drift detection operation was initiated on the stack, or any of its individual resources that support drift detection.
String stackId
The unique ID name of the instance of the stack.
String eventId
The unique ID of this event.
String stackName
The name associated with a stack.
String logicalResourceId
The logical name of the resource specified in the template.
String physicalResourceId
The name or unique identifier associated with the physical instance of the resource.
String resourceType
Type of resource. (For more information, go to Amazon Web Services Resource Types Reference in the CloudFormation User Guide.)
Date timestamp
Time the status was updated.
String resourceStatus
Current status of the resource.
String resourceStatusReason
Success/failure message associated with the resource.
String resourceProperties
BLOB of the properties used to create the resource.
String clientRequestToken
The token passed to the operation that generated this event.
All events triggered by a given stack operation are assigned the same client request token, which you can use to
track operations. For example, if you execute a CreateStack operation with the token
token1, then all the StackEvents generated by that operation will have
ClientRequestToken set as token1.
In the console, stack operations display the client request token on the Events tab. Stack operations that are
initiated from the console use the token format Console-StackOperation-ID, which helps you easily identify
the stack operation . For example, if you create a stack using the console, each stack event would be assigned
the same token in the following format: Console-CreateStack-7f59c3cf-00d2-40c7-b2ff-e75db0987002.
String hookType
The name of the hook.
String hookStatus
Provides the status of the change set hook.
String hookStatusReason
Provides the reason for the hook status.
String hookInvocationPoint
Invocation points are points in provisioning logic where hooks are initiated.
String hookFailureMode
Specify the hook failure mode for non-compliant resources in the followings ways.
FAIL Stops provisioning resources.
WARN Allows provisioning to continue with a warning message.
String stackSetId
The name or unique ID of the stack set that the stack instance is associated with.
String region
The name of the Amazon Web Services Region that the stack instance is associated with.
String account
[Self-managed permissions] The name of the Amazon Web Services account that the stack instance is associated with.
String stackId
The ID of the stack instance.
SdkInternalList<T> parameterOverrides
A list of parameters from the stack set template whose values have been overridden in this stack instance.
String status
The status of the stack instance, in terms of its synchronization with its associated stack set.
INOPERABLE: A DeleteStackInstances operation has failed and left the stack in an
unstable state. Stacks in this state are excluded from further UpdateStackSet operations. You might
need to perform a DeleteStackInstances operation, with RetainStacks set to
true, to delete the stack instance, and then delete the stack manually.
OUTDATED: The stack isn't currently up to date with the stack set because:
The associated stack failed during a CreateStackSet or UpdateStackSet operation.
The stack was part of a CreateStackSet or UpdateStackSet operation that failed or was
stopped before the stack was created or updated.
CURRENT: The stack is currently up to date with the stack set.
StackInstanceComprehensiveStatus stackInstanceStatus
The detailed status of the stack instance.
String statusReason
The explanation for the specific status code that's assigned to this stack instance.
String organizationalUnitId
[Service-managed permissions] The organization root ID or organizational unit (OU) IDs that you specified for DeploymentTargets.
String driftStatus
Status of the stack instance's actual configuration compared to the expected template and parameter configuration of the stack set to which it belongs.
DRIFTED: The stack differs from the expected template and parameter configuration of the stack set
to which it belongs. A stack instance is considered to have drifted if one or more of the resources in the
associated stack have drifted.
NOT_CHECKED: CloudFormation hasn't checked if the stack instance differs from its expected stack set
configuration.
IN_SYNC: The stack instance's actual configuration matches its expected stack set configuration.
UNKNOWN: This value is reserved for future use.
Date lastDriftCheckTimestamp
Most recent time when CloudFormation performed a drift detection operation on the stack instance. This value will
be NULL for any stack instance on which drift detection hasn't yet been performed.
String lastOperationId
The last unique ID of a StackSet operation performed on a stack instance.
String detailedStatus
CANCELLED: The operation in the specified account and Region has been canceled. This is either
because a user has stopped the stack set operation, or because the failure tolerance of the stack set operation
has been exceeded.
FAILED: The operation in the specified account and Region failed. If the stack set operation fails
in enough accounts within a Region, the failure tolerance for the stack set operation as a whole might be
exceeded.
INOPERABLE: A DeleteStackInstances operation has failed and left the stack in an
unstable state. Stacks in this state are excluded from further UpdateStackSet operations. You might
need to perform a DeleteStackInstances operation, with RetainStacks set to
true, to delete the stack instance, and then delete the stack manually.
PENDING: The operation in the specified account and Region has yet to start.
RUNNING: The operation in the specified account and Region is currently in progress.
SKIPPED_SUSPENDED_ACCOUNT: The operation in the specified account and Region has been skipped
because the account was suspended at the time of the operation.
SUCCEEDED: The operation in the specified account and Region completed successfully.
String stackId
The ID of the stack instance.
String logicalResourceId
The logical name of the resource specified in the template.
String physicalResourceId
The name or unique identifier that corresponds to a physical instance ID of a resource supported by CloudFormation.
SdkInternalList<T> physicalResourceIdContext
Context information that enables CloudFormation to uniquely identify a resource. CloudFormation uses context key-value pairs in cases where a resource's logical and physical IDs aren't enough to uniquely identify that resource. Each context key-value pair specifies a unique resource that contains the targeted resource.
String resourceType
Type of resource. For more information, go to Amazon Web Services Resource Types Reference in the CloudFormation User Guide.
SdkInternalList<T> propertyDifferences
Status of the actual configuration of the resource compared to its expected configuration. These will be present
only for resources whose StackInstanceResourceDriftStatus is MODIFIED.
String stackResourceDriftStatus
The drift status of the resource in a stack instance.
DELETED: The resource differs from its expected template configuration in that the resource has been
deleted.
MODIFIED: One or more resource properties differ from their expected template values.
IN_SYNC: The resource's actual configuration matches its expected template configuration.
NOT_CHECKED: CloudFormation doesn't currently return this value.
Date timestamp
Time at which the stack instance drift detection operation was initiated.
String stackSetId
The name or unique ID of the stack set that the stack instance is associated with.
String region
The name of the Amazon Web Services Region that the stack instance is associated with.
String account
[Self-managed permissions] The name of the Amazon Web Services account that the stack instance is associated with.
String stackId
The ID of the stack instance.
String status
The status of the stack instance, in terms of its synchronization with its associated stack set.
INOPERABLE: A DeleteStackInstances operation has failed and left the stack in an
unstable state. Stacks in this state are excluded from further UpdateStackSet operations. You might
need to perform a DeleteStackInstances operation, with RetainStacks set to
true, to delete the stack instance, and then delete the stack manually.
OUTDATED: The stack isn't currently up to date with the stack set because:
The associated stack failed during a CreateStackSet or UpdateStackSet operation.
The stack was part of a CreateStackSet or UpdateStackSet operation that failed or was
stopped before the stack was created or updated.
CURRENT: The stack is currently up to date with the stack set.
String statusReason
The explanation for the specific status code assigned to this stack instance.
StackInstanceComprehensiveStatus stackInstanceStatus
The detailed status of the stack instance.
String organizationalUnitId
[Service-managed permissions] The organization root ID or organizational unit (OU) IDs that you specified for DeploymentTargets.
String driftStatus
Status of the stack instance's actual configuration compared to the expected template and parameter configuration of the stack set to which it belongs.
DRIFTED: The stack differs from the expected template and parameter configuration of the stack set
to which it belongs. A stack instance is considered to have drifted if one or more of the resources in the
associated stack have drifted.
NOT_CHECKED: CloudFormation hasn't checked if the stack instance differs from its expected stack set
configuration.
IN_SYNC: The stack instance's actual configuration matches its expected stack set configuration.
UNKNOWN: This value is reserved for future use.
Date lastDriftCheckTimestamp
Most recent time when CloudFormation performed a drift detection operation on the stack instance. This value will
be NULL for any stack instance on which drift detection hasn't yet been performed.
String lastOperationId
The last unique ID of a StackSet operation performed on a stack instance.
String stackName
The name associated with the stack.
String stackId
Unique identifier of the stack.
String logicalResourceId
The logical name of the resource specified in the template.
String physicalResourceId
The name or unique identifier that corresponds to a physical instance ID of a resource supported by CloudFormation.
String resourceType
Type of resource. For more information, go to Amazon Web Services Resource Types Reference in the CloudFormation User Guide.
Date timestamp
Time the status was updated.
String resourceStatus
Current status of the resource.
String resourceStatusReason
Success/failure message associated with the resource.
String description
User defined description associated with the resource.
StackResourceDriftInformation driftInformation
Information about whether the resource's actual configuration differs, or has drifted, from its expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.
ModuleInfo moduleInfo
Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.
String stackName
The name associated with the stack.
String stackId
Unique identifier of the stack.
String logicalResourceId
The logical name of the resource specified in the template.
String physicalResourceId
The name or unique identifier that corresponds to a physical instance ID of a resource supported by CloudFormation.
String resourceType
Type of resource. For more information, go to Amazon Web Services Resource Types Reference in the CloudFormation User Guide.
Date lastUpdatedTimestamp
Time the status was updated.
String resourceStatus
Current status of the resource.
String resourceStatusReason
Success/failure message associated with the resource.
String description
User defined description associated with the resource.
String metadata
The content of the Metadata attribute declared for the resource. For more information, see Metadata
Attribute in the CloudFormation User Guide.
StackResourceDriftInformation driftInformation
Information about whether the resource's actual configuration differs, or has drifted, from its expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.
ModuleInfo moduleInfo
Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.
String stackId
The ID of the stack.
String logicalResourceId
The logical name of the resource specified in the template.
String physicalResourceId
The name or unique identifier that corresponds to a physical instance ID of a resource supported by CloudFormation.
SdkInternalList<T> physicalResourceIdContext
Context information that enables CloudFormation to uniquely identify a resource. CloudFormation uses context key-value pairs in cases where a resource's logical and physical IDs aren't enough to uniquely identify that resource. Each context key-value pair specifies a unique resource that contains the targeted resource.
String resourceType
The type of the resource.
String expectedProperties
A JSON structure containing the expected property values of the stack resource, as defined in the stack template and any values specified as template parameters.
For resources whose StackResourceDriftStatus is DELETED, this structure will not be
present.
String actualProperties
A JSON structure containing the actual property values of the stack resource.
For resources whose StackResourceDriftStatus is DELETED, this structure will not be
present.
SdkInternalList<T> propertyDifferences
A collection of the resource properties whose actual values differ from their expected values. These will be
present only for resources whose StackResourceDriftStatus is MODIFIED.
String stackResourceDriftStatus
Status of the resource's actual configuration compared to its expected configuration.
DELETED: The resource differs from its expected template configuration because the resource has been
deleted.
MODIFIED: One or more resource properties differ from their expected values (as defined in the stack
template and any values specified as template parameters).
IN_SYNC: The resource's actual configuration matches its expected template configuration.
NOT_CHECKED: CloudFormation does not currently return this value.
Date timestamp
Time at which CloudFormation performed drift detection on the stack resource.
ModuleInfo moduleInfo
Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.
String stackResourceDriftStatus
Status of the resource's actual configuration compared to its expected configuration
DELETED: The resource differs from its expected configuration in that it has been deleted.
MODIFIED: The resource differs from its expected configuration.
NOT_CHECKED: CloudFormation has not checked if the resource differs from its expected configuration.
Any resources that do not currently support drift detection have a status of NOT_CHECKED. For more
information, see Resources that Support Drift Detection.
IN_SYNC: The resource's actual configuration matches its expected configuration.
Date lastCheckTimestamp
When CloudFormation last checked if the resource had drifted from its expected configuration.
String stackResourceDriftStatus
Status of the resource's actual configuration compared to its expected configuration.
DELETED: The resource differs from its expected configuration in that it has been deleted.
MODIFIED: The resource differs from its expected configuration.
NOT_CHECKED: CloudFormation hasn't checked if the resource differs from its expected configuration.
Any resources that don't currently support drift detection have a status of NOT_CHECKED. For more
information, see Resources that Support Drift Detection. If you performed an ContinueUpdateRollback operation on a
stack, any resources included in ResourcesToSkip will also have a status of NOT_CHECKED
. For more information about skipping resources during rollback operations, see Continue Rolling Back an Update in the CloudFormation User Guide.
IN_SYNC: The resource's actual configuration matches its expected configuration.
Date lastCheckTimestamp
When CloudFormation last checked if the resource had drifted from its expected configuration.
String logicalResourceId
The logical name of the resource specified in the template.
String physicalResourceId
The name or unique identifier that corresponds to a physical instance ID of the resource.
String resourceType
Type of resource. (For more information, go to Amazon Web Services Resource Types Reference in the CloudFormation User Guide.)
Date lastUpdatedTimestamp
Time the status was updated.
String resourceStatus
Current status of the resource.
String resourceStatusReason
Success/failure message associated with the resource.
StackResourceDriftInformationSummary driftInformation
Information about whether the resource's actual configuration differs, or has drifted, from its expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.
ModuleInfo moduleInfo
Contains information about the module from which the resource was created, if the resource was created from a module included in the stack template.
String stackSetName
The name that's associated with the stack set.
String stackSetId
The ID of the stack set.
String description
A description of the stack set that you specify when the stack set is created or updated.
String status
The status of the stack set.
String templateBody
The structure that contains the body of the template that was used to create or update the stack set.
SdkInternalList<T> parameters
A list of input parameters for a stack set.
SdkInternalList<T> capabilities
The capabilities that are allowed in the stack set. Some stack set templates might include resources that can affect permissions in your Amazon Web Services account—for example, by creating new Identity and Access Management (IAM) users. For more information, see Acknowledging IAM Resources in CloudFormation Templates.
SdkInternalList<T> tags
A list of tags that specify information about the stack set. A maximum number of 50 tags can be specified.
String stackSetARN
The Amazon Resource Name (ARN) of the stack set.
String administrationRoleARN
The Amazon Resource Name (ARN) of the IAM role used to create or update the stack set.
Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Prerequisites: Granting Permissions for Stack Set Operations in the CloudFormation User Guide.
String executionRoleName
The name of the IAM execution role used to create or update the stack set.
Use customized execution roles to control which stack resources users and groups can include in their stack sets.
StackSetDriftDetectionDetails stackSetDriftDetectionDetails
Detailed information about the drift status of the stack set.
For stack sets, contains information about the last completed drift operation performed on the stack set. Information about drift operations currently in progress isn't included.
AutoDeployment autoDeployment
[Service-managed permissions] Describes whether StackSets automatically deploys to Organizations accounts that are added to a target organization or organizational unit (OU).
String permissionModel
Describes how the IAM roles required for stack set operations are created.
With self-managed permissions, you must create the administrator and execution roles required to
deploy to target accounts. For more information, see Grant
Self-Managed Stack Set Permissions.
With service-managed permissions, StackSets automatically creates the IAM roles required to deploy
to accounts managed by Organizations. For more information, see Grant Service-Managed Stack Set Permissions.
SdkInternalList<T> organizationalUnitIds
[Service-managed permissions] The organization root ID or organizational unit (OU) IDs that you specified for DeploymentTargets.
ManagedExecution managedExecution
Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
SdkInternalList<T> regions
Returns a list of all Amazon Web Services Regions the given StackSet has stack instances deployed in. The Amazon Web Services Regions list output is in no particular order.
String driftStatus
Status of the stack set's actual configuration compared to its expected template and parameter configuration. A stack set is considered to have drifted if one or more of its stack instances have drifted from their expected template and parameter configuration.
DRIFTED: One or more of the stack instances belonging to the stack set stack differs from the
expected template and parameter configuration. A stack instance is considered to have drifted if one or more of
the resources in the associated stack have drifted.
NOT_CHECKED: CloudFormation hasn't checked the stack set for drift.
IN_SYNC: All of the stack instances belonging to the stack set stack match from the expected
template and parameter configuration.
String driftDetectionStatus
The status of the stack set drift detection operation.
COMPLETED: The drift detection operation completed without failing on any stack instances.
FAILED: The drift detection operation exceeded the specified failure tolerance.
PARTIAL_SUCCESS: The drift detection operation completed without exceeding the failure tolerance for
the operation.
IN_PROGRESS: The drift detection operation is currently being performed.
STOPPED: The user has canceled the drift detection operation.
Date lastDriftCheckTimestamp
Most recent time when CloudFormation performed a drift detection operation on the stack set. This value will be
NULL for any stack set on which drift detection hasn't yet been performed.
Integer totalStackInstancesCount
The total number of stack instances belonging to this stack set.
The total number of stack instances is equal to the total of:
Stack instances that match the stack set configuration.
Stack instances that have drifted from the stack set configuration.
Stack instances where the drift detection operation has failed.
Stack instances currently being checked for drift.
Integer driftedStackInstancesCount
The number of stack instances that have drifted from the expected template and parameter configuration of the stack set. A stack instance is considered to have drifted if one or more of the resources in the associated stack don't match their expected configuration.
Integer inSyncStackInstancesCount
The number of stack instances which match the expected template and parameter configuration of the stack set.
Integer inProgressStackInstancesCount
The number of stack instances that are currently being checked for drift.
Integer failedStackInstancesCount
The number of stack instances for which the drift detection operation failed.
String operationId
The unique ID of a stack set operation.
String stackSetId
The ID of the stack set.
String action
The type of stack set operation: CREATE, UPDATE, or DELETE. Create and
delete operations affect only the specified stack set instances that are associated with the specified stack set.
Update operations affect both the stack set itself, in addition to all associated stack set instances.
String status
The status of the operation.
FAILED: The operation exceeded the specified failure tolerance. The failure tolerance value that
you've set for an operation is applied for each Region during stack create and update operations. If the number
of failed stacks within a Region exceeds the failure tolerance, the status of the operation in the Region is set
to FAILED. This in turn sets the status of the operation as a whole to FAILED, and
CloudFormation cancels the operation in any remaining Regions.
QUEUED: [Service-managed permissions] For automatic deployments that require a sequence of
operations, the operation is queued to be performed. For more information, see the stack set operation status codes in the CloudFormation User Guide.
RUNNING: The operation is currently being performed.
STOPPED: The user has canceled the operation.
STOPPING: The operation is in the process of stopping, at user request.
SUCCEEDED: The operation completed creating or updating all the specified stacks without exceeding
the failure tolerance for the operation.
StackSetOperationPreferences operationPreferences
The preferences for how CloudFormation performs this stack set operation.
Boolean retainStacks
For stack set operations of action type DELETE, specifies whether to remove the stack instances from
the specified stack set, but doesn't delete the stacks. You can't re-associate a retained stack, or add an
existing, saved stack to a new stack set.
String administrationRoleARN
The Amazon Resource Name (ARN) of the IAM role used to perform this stack set operation.
Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Define Permissions for Multiple Administrators in the CloudFormation User Guide.
String executionRoleName
The name of the IAM execution role used to create or update the stack set.
Use customized execution roles to control which stack resources users and groups can include in their stack sets.
Date creationTimestamp
The time at which the operation was initiated. Note that the creation times for the stack set operation might differ from the creation time of the individual stacks themselves. This is because CloudFormation needs to perform preparatory work for the operation, such as dispatching the work to the requested Regions, before actually creating the first stacks.
Date endTimestamp
The time at which the stack set operation ended, across all accounts and Regions specified. Note that this doesn't necessarily mean that the stack set operation was successful, or even attempted, in each account or Region.
DeploymentTargets deploymentTargets
[Service-managed permissions] The Organizations accounts affected by the stack operation.
StackSetDriftDetectionDetails stackSetDriftDetectionDetails
Detailed information about the drift status of the stack set. This includes information about drift operations currently being performed on the stack set.
This information will only be present for stack set operations whose Action type is
DETECT_DRIFT.
For more information, see Detecting Unmanaged Changes in Stack Sets in the CloudFormation User Guide.
String statusReason
The status of the operation in details.
StackSetOperationStatusDetails statusDetails
Detailed information about the StackSet operation.
String regionConcurrencyType
The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.
SdkInternalList<T> regionOrder
The order of the Regions where you want to perform the stack operation.
Integer failureToleranceCount
The number of accounts, per Region, for which this operation can fail before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.
Conditional: You must specify either FailureToleranceCount or
FailureTolerancePercentage (but not both).
By default, 0 is specified.
Integer failureTolerancePercentage
The percentage of accounts, per Region, for which this stack operation can fail before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.
When calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number.
Conditional: You must specify either FailureToleranceCount or
FailureTolerancePercentage, but not both.
By default, 0 is specified.
Integer maxConcurrentCount
The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of
FailureToleranceCount.MaxConcurrentCount is at most one more than the
FailureToleranceCount.
Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.
Conditional: You must specify either MaxConcurrentCount or MaxConcurrentPercentage, but
not both.
By default, 1 is specified.
Integer maxConcurrentPercentage
The maximum percentage of accounts in which to perform this operation at one time.
When calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.
Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.
Conditional: You must specify either MaxConcurrentCount or MaxConcurrentPercentage, but
not both.
By default, 1 is specified.
String account
[Self-managed permissions] The name of the Amazon Web Services account for this operation result.
String region
The name of the Amazon Web Services Region for this operation result.
String status
The result status of the stack set operation for the given account in the given Region.
CANCELLED: The operation in the specified account and Region has been canceled. This is either
because a user has stopped the stack set operation, or because the failure tolerance of the stack set operation
has been exceeded.
FAILED: The operation in the specified account and Region failed.
If the stack set operation fails in enough accounts within a Region, the failure tolerance for the stack set operation as a whole might be exceeded.
RUNNING: The operation in the specified account and Region is currently in progress.
PENDING: The operation in the specified account and Region has yet to start.
SUCCEEDED: The operation in the specified account and Region completed successfully.
String statusReason
The reason for the assigned result status.
AccountGateResult accountGateResult
The results of the account gate function CloudFormation invokes, if present, before proceeding with stack set operations in an account.
String organizationalUnitId
[Service-managed permissions] The organization root ID or organizational unit (OU) IDs that you specified for DeploymentTargets.
Integer failedStackInstancesCount
The number of stack instances for which the StackSet operation failed.
String operationId
The unique ID of the stack set operation.
String action
The type of operation: CREATE, UPDATE, or DELETE. Create and delete
operations affect only the specified stack instances that are associated with the specified stack set. Update
operations affect both the stack set itself and all associated stack set instances.
String status
The overall status of the operation.
FAILED: The operation exceeded the specified failure tolerance. The failure tolerance value that
you've set for an operation is applied for each Region during stack create and update operations. If the number
of failed stacks within a Region exceeds the failure tolerance, the status of the operation in the Region is set
to FAILED. This in turn sets the status of the operation as a whole to FAILED, and
CloudFormation cancels the operation in any remaining Regions.
QUEUED: [Service-managed permissions] For automatic deployments that require a sequence of
operations, the operation is queued to be performed. For more information, see the stack set operation status codes in the CloudFormation User Guide.
RUNNING: The operation is currently being performed.
STOPPED: The user has canceled the operation.
STOPPING: The operation is in the process of stopping, at user request.
SUCCEEDED: The operation completed creating or updating all the specified stacks without exceeding
the failure tolerance for the operation.
Date creationTimestamp
The time at which the operation was initiated. Note that the creation times for the stack set operation might differ from the creation time of the individual stacks themselves. This is because CloudFormation needs to perform preparatory work for the operation, such as dispatching the work to the requested Regions, before actually creating the first stacks.
Date endTimestamp
The time at which the stack set operation ended, across all accounts and Regions specified. Note that this doesn't necessarily mean that the stack set operation was successful, or even attempted, in each account or Region.
String statusReason
The status of the operation in details.
StackSetOperationStatusDetails statusDetails
Detailed information about the stack set operation.
StackSetOperationPreferences operationPreferences
The user-specified preferences for how CloudFormation performs a stack set operation.
For more information about maximum concurrent accounts and failure tolerance, see Stack set operation options.
String stackSetName
The name of the stack set.
String stackSetId
The ID of the stack set.
String description
A description of the stack set that you specify when the stack set is created or updated.
String status
The status of the stack set.
AutoDeployment autoDeployment
[Service-managed permissions] Describes whether StackSets automatically deploys to Organizations accounts that are added to a target organizational unit (OU).
String permissionModel
Describes how the IAM roles required for stack set operations are created.
With self-managed permissions, you must create the administrator and execution roles required to
deploy to target accounts. For more information, see Grant
Self-Managed Stack Set Permissions.
With service-managed permissions, StackSets automatically creates the IAM roles required to deploy
to accounts managed by Organizations. For more information, see Grant Service-Managed Stack Set Permissions.
String driftStatus
Status of the stack set's actual configuration compared to its expected template and parameter configuration. A stack set is considered to have drifted if one or more of its stack instances have drifted from their expected template and parameter configuration.
DRIFTED: One or more of the stack instances belonging to the stack set stack differs from the
expected template and parameter configuration. A stack instance is considered to have drifted if one or more of
the resources in the associated stack have drifted.
NOT_CHECKED: CloudFormation hasn't checked the stack set for drift.
IN_SYNC: All the stack instances belonging to the stack set stack match from the expected template
and parameter configuration.
UNKNOWN: This value is reserved for future use.
Date lastDriftCheckTimestamp
Most recent time when CloudFormation performed a drift detection operation on the stack set. This value will be
NULL for any stack set on which drift detection hasn't yet been performed.
ManagedExecution managedExecution
Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
String stackId
Unique stack identifier.
String stackName
The name associated with the stack.
String templateDescription
The template description of the template used to create the stack.
Date creationTime
The time the stack was created.
Date lastUpdatedTime
The time the stack was last updated. This field will only be returned if the stack has been updated at least once.
Date deletionTime
The time the stack was deleted.
String stackStatus
The current status of the stack.
String stackStatusReason
Success/Failure message associated with the stack status.
String parentId
For nested stacks--stacks created as resources for another stack--the stack ID of the direct parent of this stack. For the first level of nested stacks, the root stack is also the parent stack.
For more information, see Working with Nested Stacks in the CloudFormation User Guide.
String rootId
For nested stacks--stacks created as resources for another stack--the stack ID of the top-level stack to which the nested stack ultimately belongs.
For more information, see Working with Nested Stacks in the CloudFormation User Guide.
StackDriftInformationSummary driftInformation
Summarizes information about whether a stack's actual configuration differs, or has drifted, from its expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.
String stackSetName
The name or unique ID of the stack set that you want to stop the operation for.
String operationId
The ID of the stack operation.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
String key
Required. A string used to identify this tag. You can specify a maximum of 128 characters for a tag key.
Tags owned by Amazon Web Services (Amazon Web Services) have the reserved prefix: aws:.
String value
Required. A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value.
String parameterKey
The name associated with the parameter.
String defaultValue
The default value associated with the parameter.
Boolean noEcho
Flag indicating whether the parameter should be displayed as plain text in logs and UIs.
String description
User defined description associated with the parameter.
Boolean treatUnrecognizedResourceTypesAsWarnings
If set to True, any unrecognized resource types generate warnings and not an error. Any unrecognized
resource types are returned in the Warnings output parameter.
String arn
The Amazon Resource Name (ARN) of the extension.
Conditional: You must specify Arn, or TypeName and Type.
String type
The type of the extension to test.
Conditional: You must specify Arn, or TypeName and Type.
String typeName
The name of the extension to test.
Conditional: You must specify Arn, or TypeName and Type.
String versionId
The version of the extension to test.
You can specify the version id with either Arn, or with TypeName and Type.
If you don't specify a version, CloudFormation uses the default version of the extension in this account and Region for testing.
String logDeliveryBucket
The S3 bucket to which CloudFormation delivers the contract test execution logs.
CloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a
test type status of PASSED or FAILED.
The user calling TestType must be able to access items in the specified S3 bucket. Specifically, the
user needs the following permissions:
GetObject
PutObject
For more information, see Actions, Resources, and Condition Keys for Amazon S3 in the Amazon Web Services Identity and Access Management User Guide.
String typeVersionArn
The Amazon Resource Name (ARN) of the extension.
String arn
The Amazon Resource Name (ARN) for the configuration data, in this account and Region.
String alias
The alias specified for this configuration, if one was specified when the configuration was set.
String configuration
A JSON string specifying the configuration data for the extension, in this account and Region.
If a configuration hasn't been set for a specified extension, CloudFormation returns {}.
Date lastUpdated
When the configuration data was last updated for this extension.
If a configuration hasn't been set for a specified extension, CloudFormation returns null.
String typeArn
The Amazon Resource Name (ARN) for the extension, in this account and Region.
For public extensions, this will be the ARN assigned when you activate the type in this account and Region. For private extensions, this will be the ARN assigned when you register the type in this account and Region.
String typeName
The name of the extension.
Boolean isDefaultConfiguration
Whether this configuration data is the default configuration for the extension.
String typeArn
The Amazon Resource Name (ARN) for the extension, in this account and Region.
For public extensions, this will be the ARN assigned when you activate the type in this account and Region. For private extensions, this will be the ARN assigned when you register the type in this account and Region.
String typeConfigurationAlias
The alias specified for this configuration, if one was specified when the configuration was set.
String typeConfigurationArn
The Amazon Resource Name (ARN) for the configuration, in this account and Region.
String type
The type of extension.
String typeName
The name of the extension type to which this configuration applies.
String category
The category of extensions to return.
REGISTERED: Private extensions that have been registered for this account and Region.
ACTIVATED: Public extensions that have been activated for this account and Region.
THIRD_PARTY: Extensions available for use from publishers other than Amazon. This includes:
Private extensions registered in the account.
Public extensions from publishers other than Amazon, whether activated or not.
AWS_TYPES: Extensions available for use from Amazon.
String publisherId
The id of the publisher of the extension.
Extensions published by Amazon aren't assigned a publisher ID. Use the AWS_TYPES category to specify
a list of types published by Amazon.
String typeNamePrefix
A prefix to use as a filter for results.
String type
The kind of extension.
String typeName
The name of the extension.
If you specified a TypeNameAlias when you activate this
extension in your account and Region, CloudFormation considers that alias as the type name.
String defaultVersionId
The ID of the default version of the extension. The default version is used when the extension version isn't specified.
This applies only to private extensions you have registered in your account. For public extensions, both those
provided by Amazon and published by third parties, CloudFormation returns null. For more
information, see RegisterType.
To set the default version of an extension, use SetTypeDefaultVersion.
String typeArn
The Amazon Resource Name (ARN) of the extension.
Date lastUpdated
When the specified extension version was registered. This applies only to:
Private extensions you have registered in your account. For more information, see RegisterType.
Public extensions you have activated in your account with auto-update specified. For more information, see ActivateType.
For all other extension types, CloudFormation returns null.
String description
The description of the extension.
String publisherId
The ID of the extension publisher, if the extension is published by a third party. Extensions published by Amazon don't return a publisher ID.
String originalTypeName
For public extensions that have been activated for this account and Region, the type name of the public extension.
If you specified a TypeNameAlias when enabling the extension in this account and Region,
CloudFormation treats that alias as the extension's type name within the account and Region, not the type name of
the public extension. For more information, see Specifying aliases to refer to extensions in the CloudFormation User Guide.
String publicVersionNumber
For public extensions that have been activated for this account and Region, the version of the public extension to be used for CloudFormation operations in this account and Region.
How you specified AutoUpdate when enabling the extension affects whether CloudFormation
automatically updates the extension in this account and Region when a new version is released. For more
information, see Setting CloudFormation to automatically use new versions of extensions in the CloudFormation User
Guide.
String latestPublicVersion
For public extensions that have been activated for this account and Region, the latest version of the public
extension that is available. For any extensions other than activated third-arty extensions, CloudFormation
returns null.
How you specified AutoUpdate when enabling the extension affects whether CloudFormation
automatically updates the extension in this account and Region when a new version is released. For more
information, see Setting CloudFormation to automatically use new versions of extensions in the CloudFormation User
Guide.
String publisherIdentity
The service used to verify the publisher identity.
For more information, see Registering your account to publish CloudFormation extensions in the CFN-CLI User Guide for Extension Development.
String publisherName
The publisher name, as defined in the public profile for that publisher in the service used to verify the publisher identity.
Boolean isActivated
Whether the extension is activated for this account and Region.
This applies only to third-party public extensions. Extensions published by Amazon are activated by default.
String type
The kind of extension.
String typeName
The name of the extension.
String versionId
The ID of a specific version of the extension. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the extension version when it's registered.
Boolean isDefaultVersion
Whether the specified extension version is set as the default version.
This applies only to private extensions you have registered in your account, and extensions published by Amazon.
For public third-party extensions, CloudFormation returns null.
String arn
The Amazon Resource Name (ARN) of the extension version.
Date timeCreated
When the version was registered.
String description
The description of the extension version.
String publicVersionNumber
For public extensions that have been activated for this account and Region, the version of the public extension
to be used for CloudFormation operations in this account and Region. For any extensions other than activated
third-arty extensions, CloudFormation returns null.
How you specified AutoUpdate when enabling the extension affects whether CloudFormation
automatically updates the extension in this account and Region when a new version is released. For more
information, see Setting CloudFormation to automatically use new versions of extensions in the CloudFormation User
Guide.
String stackSetName
The name or unique ID of the stack set associated with the stack instances.
SdkInternalList<T> accounts
[Self-managed permissions] The names of one or more Amazon Web Services accounts for which you want to update parameter values for stack instances. The overridden parameter values will be applied to all stack instances in the specified accounts and Amazon Web Services Regions.
You can specify Accounts or DeploymentTargets, but not both.
DeploymentTargets deploymentTargets
[Service-managed permissions] The Organizations accounts for which you want to update parameter values for stack instances. If your update targets OUs, the overridden parameter values only apply to the accounts that are currently in the target OUs and their child OUs. Accounts added to the target OUs and their child OUs in the future won't use the overridden values.
You can specify Accounts or DeploymentTargets, but not both.
SdkInternalList<T> regions
The names of one or more Amazon Web Services Regions in which you want to update parameter values for stack instances. The overridden parameter values will be applied to all stack instances in the specified accounts and Amazon Web Services Regions.
SdkInternalList<T> parameterOverrides
A list of input parameters whose values you want to update for the specified stack instances.
Any overridden parameter values will be applied to all stack instances in the specified accounts and Amazon Web Services Regions. When specifying parameters and their values, be aware of how CloudFormation sets parameter values during stack instance update operations:
To override the current value for a parameter, include the parameter and specify its value.
To leave an overridden parameter set to its present value, include the parameter and specify
UsePreviousValue as true. (You can't specify both a value and set
UsePreviousValue to true.)
To set an overridden parameter back to the value specified in the stack set, specify a parameter list but don't include the parameter in the list.
To leave all parameters set to their present values, don't specify this property at all.
During stack set updates, any parameter values overridden for a stack instance aren't updated, but retain their overridden value.
You can only override the parameter values that are specified in the stack set; to add or delete a
parameter itself, use UpdateStackSet to update the stack set template. If you add a parameter to a
template, before you can override the parameter value specified in the stack set you must first use UpdateStackSet to update all stack instances with the updated template and parameter value specified in the
stack set. Once a stack instance has been updated with the new parameter, you can then override the parameter
value using UpdateStackInstances.
StackSetOperationPreferences operationPreferences
Preferences for how CloudFormation performs this stack set operation.
String operationId
The unique identifier for this stack set operation.
The operation ID also functions as an idempotency token, to ensure that CloudFormation performs the stack set operation only once, even if you retry the request multiple times. You might retry stack set operation requests to ensure that CloudFormation successfully received them.
If you don't specify an operation ID, the SDK generates one automatically.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
String operationId
The unique identifier for this stack set operation.
String stackName
The name or unique stack ID of the stack to update.
String templateBody
Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. (For more information, go to Template Anatomy in the CloudFormation User Guide.)
Conditional: You must specify only one of the following parameters: TemplateBody,
TemplateURL, or set the UsePreviousTemplate to true.
String templateURL
Location of file containing the template body. The URL must point to a template that's located in an Amazon S3 bucket or a Systems Manager document. For more information, go to Template Anatomy in the CloudFormation User Guide.
Conditional: You must specify only one of the following parameters: TemplateBody,
TemplateURL, or set the UsePreviousTemplate to true.
Boolean usePreviousTemplate
Reuse the existing template that is associated with the stack that you are updating.
Conditional: You must specify only one of the following parameters: TemplateBody,
TemplateURL, or set the UsePreviousTemplate to true.
String stackPolicyDuringUpdateBody
Structure containing the temporary overriding stack policy body. You can specify either the
StackPolicyDuringUpdateBody or the StackPolicyDuringUpdateURL parameter, but not both.
If you want to update protected resources, specify a temporary overriding stack policy during this update. If you don't specify a stack policy, the current policy that is associated with the stack will be used.
String stackPolicyDuringUpdateURL
Location of a file containing the temporary overriding stack policy. The URL must point to a policy (max size:
16KB) located in an S3 bucket in the same Region as the stack. You can specify either the
StackPolicyDuringUpdateBody or the StackPolicyDuringUpdateURL parameter, but not both.
If you want to update protected resources, specify a temporary overriding stack policy during this update. If you don't specify a stack policy, the current policy that is associated with the stack will be used.
SdkInternalList<T> parameters
A list of Parameter structures that specify input parameters for the stack. For more information,
see the Parameter data
type.
SdkInternalList<T> capabilities
In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for CloudFormation to update the stack.
CAPABILITY_IAM and CAPABILITY_NAMED_IAM
Some stack templates might include resources that can affect permissions in your Amazon Web Services account; for example, by creating new Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.
The following IAM resources require you to specify either the CAPABILITY_IAM or
CAPABILITY_NAMED_IAM capability.
If you have IAM resources, you can specify either capability.
If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.
If you don't specify either of these capabilities, CloudFormation returns an
InsufficientCapabilities error.
If your stack template contains these resources, we suggest that you review all permissions associated with them and edit their permissions if necessary.
For more information, see Acknowledging IAM Resources in CloudFormation Templates.
CAPABILITY_AUTO_EXPAND
Some template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually updating the stack. If your stack template contains one or more macros, and you choose to update a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by CloudFormation.
If you want to update a stack from a stack template that contains macros and nested stacks, you must update the stack directly from the template using this capability.
You should only update stacks directly from a stack template that contains macros if you know what processing the macro performs.
Each macro relies on an underlying Lambda service function for processing stack templates. Be aware that the Lambda function owner can update the function operation without CloudFormation being notified.
For more information, see Using CloudFormation Macros to Perform Custom Processing on Templates.
SdkInternalList<T> resourceTypes
The template resource types that you have permissions to work with for this update stack action, such as
AWS::EC2::Instance, AWS::EC2::*, or Custom::MyCustomInstance.
If the list of resource types doesn't include a resource that you're updating, the stack update fails. By default, CloudFormation grants permissions to all resource types. Identity and Access Management (IAM) uses this parameter for CloudFormation-specific condition keys in IAM policies. For more information, see Controlling Access with Identity and Access Management.
String roleARN
The Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that CloudFormation assumes to update the stack. CloudFormation uses the role's credentials to make calls on your behalf. CloudFormation always uses this role for all future operations on the stack. Provided that users have permission to operate on the stack, CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least privilege.
If you don't specify a value, CloudFormation uses the role that was previously associated with the stack. If no role is available, CloudFormation uses a temporary session that is generated from your user credentials.
RollbackConfiguration rollbackConfiguration
The rollback triggers for CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.
String stackPolicyBody
Structure containing a new stack policy body. You can specify either the StackPolicyBody or the
StackPolicyURL parameter, but not both.
You might update the stack policy, for example, in order to protect a new resource that you created during a stack update. If you don't specify a stack policy, the current policy that is associated with the stack is unchanged.
String stackPolicyURL
Location of a file containing the updated stack policy. The URL must point to a policy (max size: 16KB) located
in an S3 bucket in the same Region as the stack. You can specify either the StackPolicyBody or the
StackPolicyURL parameter, but not both.
You might update the stack policy, for example, in order to protect a new resource that you created during a stack update. If you don't specify a stack policy, the current policy that is associated with the stack is unchanged.
SdkInternalList<T> notificationARNs
Amazon Simple Notification Service topic Amazon Resource Names (ARNs) that CloudFormation associates with the stack. Specify an empty list to remove all notification topics.
SdkInternalList<T> tags
Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.
If you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.
Boolean disableRollback
Preserve the state of previously provisioned resources when an operation fails.
Default: False
String clientRequestToken
A unique identifier for this UpdateStack request. Specify this token if you plan to retry requests
so that CloudFormation knows that you're not attempting to update a stack with the same name. You might retry
UpdateStack requests to ensure that CloudFormation successfully received them.
All events triggered by a given stack operation are assigned the same client request token, which you can use to
track operations. For example, if you execute a CreateStack operation with the token
token1, then all the StackEvents generated by that operation will have
ClientRequestToken set as token1.
In the console, stack operations display the client request token on the Events tab. Stack operations that are
initiated from the console use the token format Console-StackOperation-ID, which helps you easily identify
the stack operation . For example, if you create a stack using the console, each stack event would be assigned
the same token in the following format: Console-CreateStack-7f59c3cf-00d2-40c7-b2ff-e75db0987002.
Boolean retainExceptOnCreate
This deletion policy deletes newly created resources, but retains existing resources, when a stack operation is
rolled back. This ensures new, empty, and unused resources are deleted, while critical resources and their data
are retained. RetainExceptOnCreate can be specified for any resource that supports the
DeletionPolicy attribute.
String stackId
Unique identifier of the stack.
String stackSetName
The name or unique ID of the stack set that you want to update.
String description
A brief description of updates that you are making.
String templateBody
The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information, see Template Anatomy in the CloudFormation User Guide.
Conditional: You must specify only one of the following parameters: TemplateBody or
TemplateURL—or set UsePreviousTemplate to true.
String templateURL
The location of the file that contains the template body. The URL must point to a template (maximum size: 460,800 bytes) that is located in an Amazon S3 bucket or a Systems Manager document. For more information, see Template Anatomy in the CloudFormation User Guide.
Conditional: You must specify only one of the following parameters: TemplateBody or
TemplateURL—or set UsePreviousTemplate to true.
Boolean usePreviousTemplate
Use the existing template that's associated with the stack set that you're updating.
Conditional: You must specify only one of the following parameters: TemplateBody or
TemplateURL—or set UsePreviousTemplate to true.
SdkInternalList<T> parameters
A list of input parameters for the stack set template.
SdkInternalList<T> capabilities
In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for CloudFormation to update the stack set and its associated stack instances.
CAPABILITY_IAM and CAPABILITY_NAMED_IAM
Some stack templates might include resources that can affect permissions in your Amazon Web Services account; for example, by creating new Identity and Access Management (IAM) users. For those stacks sets, you must explicitly acknowledge this by specifying one of these capabilities.
The following IAM resources require you to specify either the CAPABILITY_IAM or
CAPABILITY_NAMED_IAM capability.
If you have IAM resources, you can specify either capability.
If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM.
If you don't specify either of these capabilities, CloudFormation returns an
InsufficientCapabilities error.
If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.
For more information, see Acknowledging IAM Resources in CloudFormation Templates.
CAPABILITY_AUTO_EXPAND
Some templates reference macros. If your stack set template references one or more macros, you must update the stack set directly from the processed template, without first reviewing the resulting changes in a change set. To update the stack set directly, you must acknowledge this capability. For more information, see Using CloudFormation Macros to Perform Custom Processing on Templates.
Stack sets with service-managed permissions do not currently support the use of macros in templates. (This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by CloudFormation.) Even if you specify this capability for a stack set with service-managed permissions, if you reference a macro in your template the stack set operation will fail.
SdkInternalList<T> tags
The key-value pairs to associate with this stack set and the stacks created from it. CloudFormation also propagates these tags to supported resources that are created in the stacks. You can specify a maximum number of 50 tags.
If you specify tags for this parameter, those tags replace any list of tags that are currently associated with this stack set. This means:
If you don't specify this parameter, CloudFormation doesn't modify the stack's tags.
If you specify any tags using this parameter, you must specify all the tags that you want associated with this stack set, even tags you've specified before (for example, when creating the stack set or during a previous update of the stack set.). Any tags that you don't include in the updated list of tags are removed from the stack set, and therefore from the stacks and resources as well.
If you specify an empty value, CloudFormation removes all currently associated tags.
If you specify new tags as part of an UpdateStackSet action, CloudFormation checks to see if you
have the required IAM permission to tag resources. If you omit tags that are currently associated with the stack
set from the list of tags you specify, CloudFormation assumes that you want to remove those tags from the stack
set, and checks to see if you have permission to untag resources. If you don't have the necessary permission(s),
the entire UpdateStackSet action fails with an access denied error, and the stack set
is not updated.
StackSetOperationPreferences operationPreferences
Preferences for how CloudFormation performs this stack set operation.
String administrationRoleARN
The Amazon Resource Name (ARN) of the IAM role to use to update this stack set.
Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see Granting Permissions for Stack Set Operations in the CloudFormation User Guide.
If you specified a customized administrator role when you created the stack set, you must specify a customized administrator role, even if it is the same customized administrator role used with this stack set previously.
String executionRoleName
The name of the IAM execution role to use to update the stack set. If you do not specify an execution role,
CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation.
Specify an IAM role only if you are using customized execution roles to control which stack resources users and groups can include in their stack sets.
If you specify a customized execution role, CloudFormation uses that role to update the stack. If you do not specify a customized execution role, CloudFormation performs the update using the role previously associated with the stack set, so long as you have permissions to perform operations on the stack set.
DeploymentTargets deploymentTargets
[Service-managed permissions] The Organizations accounts in which to update associated stack instances.
To update all the stack instances associated with this stack set, do not specify DeploymentTargets
or Regions.
If the stack set update includes changes to the template (that is, if TemplateBody or
TemplateURL is specified), or the Parameters, CloudFormation marks all stack instances
with a status of OUTDATED prior to updating the stack instances in the specified accounts and Amazon
Web Services Regions. If the stack set update doesn't include changes to the template or parameters,
CloudFormation updates the stack instances in the specified accounts and Regions, while leaving all other stack
instances with their existing stack instance status.
String permissionModel
Describes how the IAM roles required for stack set operations are created. You cannot modify
PermissionModel if there are stack instances associated with your stack set.
With self-managed permissions, you must create the administrator and execution roles required to
deploy to target accounts. For more information, see Grant
Self-Managed Stack Set Permissions.
With service-managed permissions, StackSets automatically creates the IAM roles required to deploy
to accounts managed by Organizations. For more information, see Grant Service-Managed Stack Set Permissions.
AutoDeployment autoDeployment
[Service-managed permissions] Describes whether StackSets automatically deploys to Organizations accounts that are added to a target organization or organizational unit (OU).
If you specify AutoDeployment, don't specify DeploymentTargets or Regions.
String operationId
The unique ID for this stack set operation.
The operation ID also functions as an idempotency token, to ensure that CloudFormation performs the stack set operation only once, even if you retry the request multiple times. You might retry stack set operation requests to ensure that CloudFormation successfully received them.
If you don't specify an operation ID, CloudFormation generates one automatically.
Repeating this stack set operation with a new operation ID retries all stack instances whose status is
OUTDATED.
SdkInternalList<T> accounts
[Self-managed permissions] The accounts in which to update associated stack instances. If you specify accounts, you must also specify the Amazon Web Services Regions in which to update stack set instances.
To update all the stack instances associated with this stack set, don't specify the Accounts
or Regions properties.
If the stack set update includes changes to the template (that is, if the TemplateBody or
TemplateURL properties are specified), or the Parameters property, CloudFormation marks
all stack instances with a status of OUTDATED prior to updating the stack instances in the specified
accounts and Amazon Web Services Regions. If the stack set update does not include changes to the template or
parameters, CloudFormation updates the stack instances in the specified accounts and Amazon Web Services Regions,
while leaving all other stack instances with their existing stack instance status.
SdkInternalList<T> regions
The Amazon Web Services Regions in which to update associated stack instances. If you specify Regions, you must also specify accounts in which to update stack set instances.
To update all the stack instances associated with this stack set, do not specify the Accounts
or Regions properties.
If the stack set update includes changes to the template (that is, if the TemplateBody or
TemplateURL properties are specified), or the Parameters property, CloudFormation marks
all stack instances with a status of OUTDATED prior to updating the stack instances in the specified
accounts and Regions. If the stack set update does not include changes to the template or parameters,
CloudFormation updates the stack instances in the specified accounts and Regions, while leaving all other stack
instances with their existing stack instance status.
String callAs
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default, SELF is specified. Use SELF for stack sets with self-managed permissions.
If you are signed in to the management account, specify SELF.
If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN.
Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.
ManagedExecution managedExecution
Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.
String operationId
The unique ID for this stack set operation.
String stackId
The unique ID of the stack.
String templateBody
Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information, go to Template Anatomy in the CloudFormation User Guide.
Conditional: You must pass TemplateURL or TemplateBody. If both are passed, only
TemplateBody is used.
String templateURL
Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that is located in an Amazon S3 bucket or a Systems Manager document. For more information, go to Template Anatomy in the CloudFormation User Guide.
Conditional: You must pass TemplateURL or TemplateBody. If both are passed, only
TemplateBody is used.
SdkInternalList<T> parameters
A list of TemplateParameter structures.
String description
The description found within the template.
SdkInternalList<T> capabilities
The capabilities found within the template. If your template contains IAM resources, you must specify the CAPABILITY_IAM or CAPABILITY_NAMED_IAM value for this parameter when you use the CreateStack or UpdateStack actions with your template; otherwise, those actions return an InsufficientCapabilities error.
For more information, see Acknowledging IAM Resources in CloudFormation Templates.
String capabilitiesReason
The list of resources that generated the values in the Capabilities response element.
SdkInternalList<T> declaredTransforms
A list of the transforms that are declared in the template.
SdkInternalList<T> unrecognizedResourceTypes
A list of all of the unrecognized resource types. This is only returned if the TemplateSummaryConfig
parameter has the TreatUnrecognizedResourceTypesAsWarning configuration set to True.
Copyright © 2023. All rights reserved.