AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.
Creates a new stack. For more information, see Create a New Stack .
Required Permissions : To use this action, an IAM user must have an attached policy that explicitly grants permissions. For more information about user permissions, see Managing User Permissions .
See also: AWS API Documentation
create-stack
--name <value>
[--vpc-id <value>]
[--attributes <value>]
--service-role-arn <value>
--default-instance-profile-arn <value>
[--default-os <value>]
[--hostname-theme <value>]
[--default-availability-zone <value>]
[--default-subnet-id <value>]
[--custom-json <value>]
[--configuration-manager <value>]
[--chef-configuration <value>]
[--use-custom-cookbooks | --no-use-custom-cookbooks]
[--use-opsworks-security-groups | --no-use-opsworks-security-groups]
[--custom-cookbooks-source <value>]
[--default-ssh-key-name <value>]
[--default-root-device-type <value>]
[--agent-version <value>]
--stack-region <value>
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
--name
(string)
The stack name. Stack names can be a maximum of 64 characters.
--vpc-id
(string)
The ID of the VPC that the stack is to be launched into. The VPC must be in the stack's region. All instances are launched into this VPC. You cannot change the ID later.
- If your account supports EC2-Classic, the default value is
no VPC
.- If your account does not support EC2-Classic, the default value is the default VPC for the specified region.
If the VPC ID corresponds to a default VPC and you have specified either the
DefaultAvailabilityZone
or theDefaultSubnetId
parameter only, OpsWorks Stacks infers the value of the other parameter. If you specify neither parameter, OpsWorks Stacks sets these parameters to the first valid Availability Zone for the specified region and the corresponding default VPC subnet ID, respectively.If you specify a nondefault VPC ID, note the following:
- It must belong to a VPC in your account that is in the specified region.
- You must specify a value for
DefaultSubnetId
.For more information about how to use OpsWorks Stacks with a VPC, see Running a Stack in a VPC . For more information about default VPC and EC2-Classic, see Supported Platforms .
--attributes
(map)
One or more user-defined key-value pairs to be added to the stack attributes.
key -> (string)
value -> (string)
Shorthand Syntax:
KeyName1=string,KeyName2=string
Where valid key names are:
Color
JSON Syntax:
{"Color": "string"
...}
--service-role-arn
(string)
The stack's IAM role, which allows OpsWorks Stacks to work with Amazon Web Services resources on your behalf. You must set this parameter to the Amazon Resource Name (ARN) for an existing IAM role. For more information about IAM ARNs, see Using Identifiers .
--default-instance-profile-arn
(string)
The Amazon Resource Name (ARN) of an IAM profile that is the default profile for all of the stack's EC2 instances. For more information about IAM ARNs, see Using Identifiers .
--default-os
(string)
The stack's default operating system, which is installed on every instance unless you specify a different operating system when you create the instance. You can specify one of the following.
- A supported Linux operating system: An Amazon Linux version, such as
Amazon Linux 2
,Amazon Linux 2018.03
,Amazon Linux 2017.09
,Amazon Linux 2017.03
,Amazon Linux 2016.09
,Amazon Linux 2016.03
,Amazon Linux 2015.09
, orAmazon Linux 2015.03
.- A supported Ubuntu operating system, such as
Ubuntu 18.04 LTS
,Ubuntu 16.04 LTS
,Ubuntu 14.04 LTS
, orUbuntu 12.04 LTS
.CentOS Linux 7
Red Hat Enterprise Linux 7
- A supported Windows operating system, such as
Microsoft Windows Server 2012 R2 Base
,Microsoft Windows Server 2012 R2 with SQL Server Express
,Microsoft Windows Server 2012 R2 with SQL Server Standard
, orMicrosoft Windows Server 2012 R2 with SQL Server Web
.- A custom AMI:
Custom
. You specify the custom AMI you want to use when you create instances. For more information, see Using Custom AMIs .The default option is the current Amazon Linux version. Not all operating systems are supported with all versions of Chef. For more information about supported operating systems, see OpsWorks Stacks Operating Systems .
--hostname-theme
(string)
The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. By default,
HostnameTheme
is set toLayer_Dependent
, which creates host names by appending integers to the layer's short name. The other themes are:
Baked_Goods
Clouds
Europe_Cities
Fruits
Greek_Deities_and_Titans
Legendary_creatures_from_Japan
Planets_and_Moons
Roman_Deities
Scottish_Islands
US_Cities
Wild_Cats
To obtain a generated host name, call
GetHostNameSuggestion
, which returns a host name based on the current theme.
--default-availability-zone
(string)
The stack's default Availability Zone, which must be in the specified region. For more information, see Regions and Endpoints . If you also specify a value forDefaultSubnetId
, the subnet must be in the same zone. For more information, see theVpcId
parameter description.
--default-subnet-id
(string)
The stack's default VPC subnet ID. This parameter is required if you specify a value for theVpcId
parameter. All instances are launched into this subnet unless you specify otherwise when you create the instance. If you also specify a value forDefaultAvailabilityZone
, the subnet must be in that zone. For information on default values and when this parameter is required, see theVpcId
parameter description.
--custom-json
(string)
A string that contains user-defined, custom JSON. It can be used to override the corresponding default stack configuration attribute values or to pass data to recipes. The string should be in the following format:
"{\"key1\": \"value1\", \"key2\": \"value2\",...}"
For more information about custom JSON, see Use Custom JSON to Modify the Stack Configuration Attributes .
--configuration-manager
(structure)
The configuration manager. When you create a stack we recommend that you use the configuration manager to specify the Chef version: 12, 11.10, or 11.4 for Linux stacks, or 12.2 for Windows stacks. The default value for Linux stacks is currently 12.
Name -> (string)
The name. This parameter must be set toChef
.Version -> (string)
The Chef version. This parameter must be set to 12, 11.10, or 11.4 for Linux stacks, and to 12.2 for Windows stacks. The default value for Linux stacks is 12.
Shorthand Syntax:
Name=string,Version=string
JSON Syntax:
{
"Name": "string",
"Version": "string"
}
--chef-configuration
(structure)
A
ChefConfiguration
object that specifies whether to enable Berkshelf and the Berkshelf version on Chef 11.10 stacks. For more information, see Create a New Stack .ManageBerkshelf -> (boolean)
Whether to enable Berkshelf.BerkshelfVersion -> (string)
The Berkshelf version.
Shorthand Syntax:
ManageBerkshelf=boolean,BerkshelfVersion=string
JSON Syntax:
{
"ManageBerkshelf": true|false,
"BerkshelfVersion": "string"
}
--use-custom-cookbooks
| --no-use-custom-cookbooks
(boolean)
Whether the stack uses custom cookbooks.
--use-opsworks-security-groups
| --no-use-opsworks-security-groups
(boolean)
Whether to associate the OpsWorks Stacks built-in security groups with the stack's layers.
OpsWorks Stacks provides a standard set of built-in security groups, one for each layer, which are associated with layers by default. With
UseOpsworksSecurityGroups
you can instead provide your own custom security groups.UseOpsworksSecurityGroups
has the following settings:
- True - OpsWorks Stacks automatically associates the appropriate built-in security group with each layer (default setting). You can associate additional security groups with a layer after you create it, but you cannot delete the built-in security group.
- False - OpsWorks Stacks does not associate built-in security groups with layers. You must create appropriate EC2 security groups and associate a security group with each layer that you create. However, you can still manually associate a built-in security group with a layer on creation; custom security groups are required only for those layers that need custom settings.
For more information, see Create a New Stack .
--custom-cookbooks-source
(structure)
Contains the information required to retrieve an app or cookbook from a repository. For more information, see Adding Apps or Cookbooks and Recipes .
Type -> (string)
The repository type.Url -> (string)
The source URL. The following is an example of an Amazon S3 source URL:https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz
.Username -> (string)
This parameter depends on the repository type.
- For Amazon S3 bundles, set
Username
to the appropriate IAM access key ID.- For HTTP bundles, Git repositories, and Subversion repositories, set
Username
to the user name.Password -> (string)
When included in a request, the parameter depends on the repository type.
- For Amazon S3 bundles, set
Password
to the appropriate IAM secret access key.- For HTTP bundles and Subversion repositories, set
Password
to the password.For more information on how to safely handle IAM credentials, see https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html .
In responses, OpsWorks Stacks returns
*****FILTERED*****
instead of the actual value.SshKey -> (string)
In requests, the repository's SSH key.
In responses, OpsWorks Stacks returns
*****FILTERED*****
instead of the actual value.Revision -> (string)
The application's version. OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.
Shorthand Syntax:
Type=string,Url=string,Username=string,Password=string,SshKey=string,Revision=string
JSON Syntax:
{
"Type": "git"|"svn"|"archive"|"s3",
"Url": "string",
"Username": "string",
"Password": "string",
"SshKey": "string",
"Revision": "string"
}
--default-ssh-key-name
(string)
A default Amazon EC2 key pair name. The default value is none. If you specify a key pair name, OpsWorks installs the public key on the instance and you can use the private key with an SSH client to log in to the instance. For more information, see Using SSH to Communicate with an Instance and Managing SSH Access . You can override this setting by specifying a different key pair, or no key pair, when you create an instance .
--default-root-device-type
(string)
The default root device type. This value is the default for all instances in the stack, but you can override it when you create an instance. The default option is
instance-store
. For more information, see Storage for the Root Device .Possible values:
ebs
instance-store
--agent-version
(string)
The default OpsWorks Stacks agent version. You have the following options:
- Auto-update - Set this parameter to
LATEST
. OpsWorks Stacks automatically installs new agent versions on the stack's instances as soon as they are available.- Fixed version - Set this parameter to your preferred agent version. To update the agent version, you must edit the stack configuration and specify a new version. OpsWorks Stacks installs that version on the stack's instances.
The default setting is the most recent release of the agent. To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call DescribeAgentVersions . AgentVersion cannot be set to Chef 12.2.
Note
You can also specify an agent version when you create or update an instance, which overrides the stack's default setting.
--stack-region
(string)
The stack's Amazon Web Services Region, such as
ap-south-1
. For more information about Amazon Web Services Regions, see Regions and Endpoints .Note
In the CLI, this API maps to the--stack-region
parameter. If the--stack-region
parameter and the CLI common parameter--region
are set to the same value, the stack uses a regional endpoint. If the--stack-region
parameter is not set, but the CLI--region
parameter is, this also results in a stack with a regional endpoint. However, if the--region
parameter is set tous-east-1
, and the--stack-region
parameter is set to one of the following, then the stack uses a legacy or classic region:us-west-1, us-west-2, sa-east-1, eu-central-1, eu-west-1, ap-northeast-1, ap-southeast-1, ap-southeast-2
. In this case, the actual API endpoint of the stack is inus-east-1
. Only the preceding regions are supported as classic regions in theus-east-1
API endpoint. Because it is a best practice to choose the regional endpoint that is closest to where you manage Amazon Web Services, we recommend that you use regional endpoints for new stacks. The CLI common--region
parameter always specifies a regional API endpoint; it cannot be used to specify a classic OpsWorks Stacks region.
--cli-input-json
(string)
Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
--debug
(boolean)
Turn on debug logging.
--endpoint-url
(string)
Override command's default URL with the given URL.
--no-verify-ssl
(boolean)
By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.
--no-paginate
(boolean)
Disable automatic pagination. If automatic pagination is disabled, the AWS CLI will only make one call, for the first page of results.
--output
(string)
The formatting style for command output.
--query
(string)
A JMESPath query to use in filtering the response data.
--profile
(string)
Use a specific profile from your credential file.
--region
(string)
The region to use. Overrides config/env settings.
--version
(string)
Display the version of this tool.
--color
(string)
Turn on/off color output.
--no-sign-request
(boolean)
Do not sign requests. Credentials will not be loaded if this argument is provided.
--ca-bundle
(string)
The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.
--cli-read-timeout
(int)
The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.
--cli-connect-timeout
(int)
The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.
To use the following examples, you must have the AWS CLI installed and configured. See the Getting started guide in the AWS CLI User Guide for more information.
Unless otherwise stated, all examples have unix-like quotation rules. These examples will need to be adapted to your terminal's quoting rules. See Using quotation marks with strings in the AWS CLI User Guide .
To create a stack
The following create-stack
command creates a stack named CLI Stack.
aws opsworks create-stack --name "CLI Stack" --stack-region "us-east-1" --service-role-arn arn:aws:iam::123456789012:role/aws-opsworks-service-role --default-instance-profile-arn arn:aws:iam::123456789012:instance-profile/aws-opsworks-ec2-role --region us-east-1
The service-role-arn
and default-instance-profile-arn
parameters are required. You typically
use the ones that AWS OpsWorks
creates for you when you create your first stack. To get the Amazon Resource Names (ARNs) for your
account, go to the IAM console, choose Roles
in the navigation panel,
choose the role or profile, and choose the Summary
tab.
Output:
{
"StackId": "f6673d70-32e6-4425-8999-265dd002fec7"
}
More Information
For more information, see Create a New Stack in the AWS OpsWorks User Guide.
StackId -> (string)
The stack ID, which is an opaque string that you use to identify the stack when performing actions such asDescribeStacks
.