Update your stack set using the CloudFormation console or AWS CLI
You can update your stack set using either the CloudFormation console or the AWS CLI.
Note
To override parameter values for a stack instance, see Override parameters on stack instances. To add and remove accounts and Regions from a stack set, see Add stacks to a stack set and Delete stack instances from your stack set.
Update your stack set using the CloudFormation console
Sign in to the AWS Management Console and open the AWS CloudFormation console at https://console.aws.amazon.com/cloudformation
. -
On the navigation bar at the top of the screen, choose the AWS Region you created the stack set in.
-
From the navigation pane, choose StackSets.
-
On the StackSets page, select the stack set you want to update.
-
With the stack set selected, choose Edit StackSet details from the Actions menu.
-
On the Choose a template page, update the Permissions section as needed, or skip to the next step.
-
For Prerequisite - Prepare template, choose Use current template to use the current template, or Replace current template to specify an S3 URL to another template or upload a new template.
-
Choose Next.
-
On the Specify StackSet details page, for StackSet description, update the description for the stack set as needed.
-
For Parameters, update the parameter values as needed.
-
Choose Next.
-
On the Configure StackSet options page, for Tags, modify the tags as needed. You can add, update, or delete tags. For more information about how tags are used in AWS, see Organizing and tracking costs using AWS cost allocation tags in the AWS Billing and Cost Management User Guide.
-
For Execution configuration, you can update the execution configuration as needed.
Note
If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.
You can't modify your stack set's execution configuration while there are running or queued operations for that stack set.
-
If your template contains IAM resources, for Capabilities, choose I acknowledge that this template may create IAM resources to specify that you want to use IAM resources in the template. For more information, see Acknowledging IAM resources in CloudFormation templates.
-
Choose Next.
-
On the Set deployment options page, provide the accounts and Regions for the update.
CloudFormation will deploy stack updates in the specified accounts within the first Region, then moves on to the next, and so on, as long as a Region's deployment failures don't exceed a specified failure tolerance.
-
[Self-managed permissions] For Accounts, Deployment locations, choose Deploy stacks in accounts. Paste the target account IDs that you used to create your stack set in the text box, separating multiple numbers with commas.
[Service-managed permissions] Do one of the following:
-
Choose Deploy to organizational units (OUs). Enter the target OUs that you used to create your stack set.
-
Choose Deploy to accounts. Paste the target OU IDs or account IDs that you used to create your stack set.
-
-
For Specify regions, specify the order in which you want CloudFormation to deploy your updates.
-
For Deployment options:
-
For Maximum concurrent accounts, modify the maximum concurrent accounts as needed.
-
For Failure tolerance, modify the failure tolerance as needed.
-
For Region concurrency, modify the region concurrency as needed.
-
For Concurrency mode, modify the concurrency mode as needed.
-
-
Choose Next to continue.
-
-
On the Review page, review your choices. To make changes, choose Edit on the related section.
-
When you're ready to proceed, choose Submit.
CloudFormation starts applying your updates to your stack set, and displays the Operations tab of the stack set details page. You can view the progress and status of update operations on the Operations tab.
Update your stack set using the AWS CLI
When acting as a delegated administrator, you must set the --call-as
option to DELEGATED_ADMIN each time you run a StackSets
command.
--call-asDELEGATED_ADMIN
-
Use the update-stack-set command to make changes to your stack set.
In the following example command, we are updating the stack set by using
--parameters. Specifically, we change the default snapshot delivery frequency for delivery channel configuration fromTwentyFour_HourstoTwelve_Hours. Because we are still using the current template, we add the--use-previous-templateoption.[Self-managed permissions] For the
--accountsoption, provide the account IDs you want your update to target.aws cloudformation update-stack-set --stack-set-namemy-awsconfig-stackset\ --use-previous-template --parametersParameterKey=MaximumExecutionFrequency,ParameterValue=Twelve_Hours\ --accounts'["account_ID_1","account_ID_2"]'\ --regions'["us-west-2","us-east-1"]'[Service-managed permissions] For the
--deployment-targetsoption, provide the organization (root) ID, OU IDs, or AWS Organizations account IDs you want your update to target.aws cloudformation update-stack-set --stack-set-namemy-stackset\ --use-previous-template \ --parametersParameterKey=MaximumExecutionFrequency,ParameterValue=Twelve_Hours\ --deployment-targets OrganizationalUnitIds='["ou-rcuk-1x5j1lwo", "ou-rcuk-slr5lh0a"]'\ --regions'["us-west-2","us-east-1"]'To specify your preferences for how CloudFormation performs this stack set operation, specify the
--operation-preferencesoption, as in the following example. For the purposes of this example, we're using count, not percentage. To apply percentages instead, useFailureTolerancePercentageorMaxConcurrentPercentage.--operation-preferencesFailureToleranceCount=0,MaxConcurrentCount=1Note
The value of
MaxConcurrentCountis dependent on the value ofFailureToleranceCount.MaxConcurrentCountis at most one more thanFailureToleranceCount. -
Verify that your stack set was updated successfully by running the describe-stack-set-operation command to show the status and results of your update operation. For
--operation-id, use the operation ID that was returned by your update-stack-set command.aws cloudformation describe-stack-set-operation \ --operation-idoperation_ID
