Using StackSet For Cross Region Stack Management
AWS CloudFormation StackSets allows you to create, update, or delete CloudFormation stacks across multiple accounts and regions with a single operation.
This article will focus on how to deploy the same CloudFormation stack in multiple regions using AWS StackSets.
Create S3 buckets in two different regions regions using StackSets.
- Use cloudformation to create Administration Role using this template: https://s3.amazonaws.com/cloudformation-stackset-sample-templates-us-east-1/AWSCloudFormationStackSetAdministrationRole.yml
- Use cloudformation to create an Execution role which gives the Administrator account (i.e the account you are currently using) the power to run stacks using StackSets: https://s3.amazonaws.com/cloudformation-stackset-sample-templates-us-east-1/AWSCloudFormationStackSetExecutionRole.yml
Note: Use you account id when it asks for AdministratorAccountId
Note: Please be aware that this template grants Administrator access and so you might want to modify it to be more restrictive
- Once the two roles are created we can begin working on StackSets
- First we have to create and save the yaml file, we can call it s3.yaml
- Go to the CloudFormation page and click on StackSets in the left tab
- Select Create Stackset then Upload a template file of s3.yaml and click next
- Put in the StackSet name and description and click next
- Select self service permissions and select AWSCloudFormationStackSetAdministrationRole for IAM admin role ARN the IAM execution role name should be AWSCloudFormationStackSetExecutionRole
- Under Account numbers put in your account ID and under Specify regions put in the regions you’d like the StackSets to be run in and then submit
- Once the Stackset is created, select Stack Instance and the status should say OUTDATED but the status reason should say User Initiated, this means that the stack instance is getting configured. After a couple of minutes the status should change to Current and you can go to the Cloudformation pages in the regions you specified and you see that a new cloudformation stack has been created in those regions.