AWS CloudFormation

2023/06/07 - AWS CloudFormation - 2 updated api methods

Changes  AWS CloudFormation StackSets is updating the deployment experience for all stackset operations to skip suspended AWS accounts during deployments. StackSets will skip target AWS accounts that are suspended and set the Detailed Status of the corresponding stack instances as SKIPPED_SUSPENDED_ACCOUNT

DescribeStackInstance (updated) Link ¶
Changes (response)
{'StackInstance': {'StackInstanceStatus': {'DetailedStatus': {'SKIPPED_SUSPENDED_ACCOUNT'}}}}

Returns the stack instance that's associated with the specified StackSet, Amazon Web Services account, and Amazon Web Services Region.

For a list of stack instances that are associated with a specific StackSet, use ListStackInstances.

See also: AWS API Documentation

Request Syntax

client.describe_stack_instance(
    StackSetName='string',
    StackInstanceAccount='string',
    StackInstanceRegion='string',
    CallAs='SELF'|'DELEGATED_ADMIN'
)
type StackSetName:

string

param StackSetName:

[REQUIRED]

The name or the unique stack ID of the stack set that you want to get stack instance information for.

type StackInstanceAccount:

string

param StackInstanceAccount:

[REQUIRED]

The ID of an Amazon Web Services account that's associated with this stack instance.

type StackInstanceRegion:

string

param StackInstanceRegion:

[REQUIRED]

The name of a Region that's associated with this stack instance.

type CallAs:

string

param CallAs:

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

  • If you are signed in to the management account, specify SELF.

  • If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN. Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

rtype:

dict

returns:

Response Syntax

{
    'StackInstance': {
        'StackSetId': 'string',
        'Region': 'string',
        'Account': 'string',
        'StackId': 'string',
        'ParameterOverrides': [
            {
                'ParameterKey': 'string',
                'ParameterValue': 'string',
                'UsePreviousValue': True|False,
                'ResolvedValue': 'string'
            },
        ],
        'Status': 'CURRENT'|'OUTDATED'|'INOPERABLE',
        'StackInstanceStatus': {
            'DetailedStatus': 'PENDING'|'RUNNING'|'SUCCEEDED'|'FAILED'|'CANCELLED'|'INOPERABLE'|'SKIPPED_SUSPENDED_ACCOUNT'
        },
        'StatusReason': 'string',
        'OrganizationalUnitId': 'string',
        'DriftStatus': 'DRIFTED'|'IN_SYNC'|'UNKNOWN'|'NOT_CHECKED',
        'LastDriftCheckTimestamp': datetime(2015, 1, 1),
        'LastOperationId': 'string'
    }
}

Response Structure

  • (dict) --

    • StackInstance (dict) --

      The stack instance that matches the specified request parameters.

      • StackSetId (string) --

        The name or unique ID of the stack set that the stack instance is associated with.

      • Region (string) --

        The name of the Amazon Web Services Region that the stack instance is associated with.

      • Account (string) --

        [Self-managed permissions] The name of the Amazon Web Services account that the stack instance is associated with.

      • StackId (string) --

        The ID of the stack instance.

      • ParameterOverrides (list) --

        A list of parameters from the stack set template whose values have been overridden in this stack instance.

        • (dict) --

          The Parameter data type.

          • ParameterKey (string) --

            The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.

          • ParameterValue (string) --

            The input value associated with the parameter.

          • UsePreviousValue (boolean) --

            During a stack update, use the existing parameter value that the stack is using for a given parameter key. If you specify true, do not specify a parameter value.

          • ResolvedValue (string) --

            Read-only. The value that corresponds to a SSM parameter key. This field is returned only for SSM parameter types in the template.

      • Status (string) --

        The status of the stack instance, in terms of its synchronization with its associated stack set.

        • INOPERABLE: A DeleteStackInstances operation has failed and left the stack in an unstable state. Stacks in this state are excluded from further UpdateStackSet operations. You might need to perform a DeleteStackInstances operation, with RetainStacks set to true, to delete the stack instance, and then delete the stack manually.

        • OUTDATED: The stack isn't currently up to date with the stack set because:

          • The associated stack failed during a CreateStackSet or UpdateStackSet operation.

          • The stack was part of a CreateStackSet or UpdateStackSet operation that failed or was stopped before the stack was created or updated.

        • CURRENT: The stack is currently up to date with the stack set.

      • StackInstanceStatus (dict) --

        The detailed status of the stack instance.

        • DetailedStatus (string) --

          • CANCELLED: The operation in the specified account and Region has been canceled. This is either because a user has stopped the stack set operation, or because the failure tolerance of the stack set operation has been exceeded.

          • FAILED: The operation in the specified account and Region failed. If the stack set operation fails in enough accounts within a Region, the failure tolerance for the stack set operation as a whole might be exceeded.

          • INOPERABLE: A DeleteStackInstances operation has failed and left the stack in an unstable state. Stacks in this state are excluded from further UpdateStackSet operations. You might need to perform a DeleteStackInstances operation, with RetainStacks set to true, to delete the stack instance, and then delete the stack manually.

          • PENDING: The operation in the specified account and Region has yet to start.

          • RUNNING: The operation in the specified account and Region is currently in progress.

          • SKIPPED_SUSPENDED_ACCOUNT: The operation in the specified account and Region has been skipped because the account was suspended at the time of the operation.

          • SUCCEEDED: The operation in the specified account and Region completed successfully.

      • StatusReason (string) --

        The explanation for the specific status code that's assigned to this stack instance.

      • OrganizationalUnitId (string) --

        [Service-managed permissions] The organization root ID or organizational unit (OU) IDs that you specified for DeploymentTargets.

      • DriftStatus (string) --

        Status of the stack instance's actual configuration compared to the expected template and parameter configuration of the stack set to which it belongs.

        • DRIFTED: The stack differs from the expected template and parameter configuration of the stack set to which it belongs. A stack instance is considered to have drifted if one or more of the resources in the associated stack have drifted.

        • NOT_CHECKED: CloudFormation hasn't checked if the stack instance differs from its expected stack set configuration.

        • IN_SYNC: The stack instance's actual configuration matches its expected stack set configuration.

        • UNKNOWN: This value is reserved for future use.

      • LastDriftCheckTimestamp (datetime) --

        Most recent time when CloudFormation performed a drift detection operation on the stack instance. This value will be NULL for any stack instance on which drift detection hasn't yet been performed.

      • LastOperationId (string) --

        The last unique ID of a StackSet operation performed on a stack instance.

ListStackInstances (updated) Link ¶
Changes (response)
{'Summaries': {'StackInstanceStatus': {'DetailedStatus': {'SKIPPED_SUSPENDED_ACCOUNT'}}}}

Returns summary information about stack instances that are associated with the specified stack set. You can filter for stack instances that are associated with a specific Amazon Web Services account name or Region, or that have a specific status.

See also: AWS API Documentation

Request Syntax

client.list_stack_instances(
    StackSetName='string',
    NextToken='string',
    MaxResults=123,
    Filters=[
        {
            'Name': 'DETAILED_STATUS'|'LAST_OPERATION_ID',
            'Values': 'string'
        },
    ],
    StackInstanceAccount='string',
    StackInstanceRegion='string',
    CallAs='SELF'|'DELEGATED_ADMIN'
)
type StackSetName:

string

param StackSetName:

[REQUIRED]

The name or unique ID of the stack set that you want to list stack instances for.

type NextToken:

string

param NextToken:

If the previous request didn't return all the remaining results, the response's NextToken parameter value is set to a token. To retrieve the next set of results, call ListStackInstances again and assign that token to the request object's NextToken parameter. If there are no remaining results, the previous response object's NextToken parameter is set to null.

type MaxResults:

integer

param MaxResults:

The maximum number of results to be returned with a single call. If the number of available results exceeds this maximum, the response includes a NextToken value that you can assign to the NextToken request parameter to get the next set of results.

type Filters:

list

param Filters:

The filter to apply to stack instances

  • (dict) --

    The filter to apply to stack instances

    • Name (string) --

      The type of filter to apply.

    • Values (string) --

      The status to filter by.

type StackInstanceAccount:

string

param StackInstanceAccount:

The name of the Amazon Web Services account that you want to list stack instances for.

type StackInstanceRegion:

string

param StackInstanceRegion:

The name of the Region where you want to list stack instances.

type CallAs:

string

param CallAs:

[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.

By default, SELF is specified. Use SELF for stack sets with self-managed permissions.

  • If you are signed in to the management account, specify SELF.

  • If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN. Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide.

rtype:

dict

returns:

Response Syntax

{
    'Summaries': [
        {
            'StackSetId': 'string',
            'Region': 'string',
            'Account': 'string',
            'StackId': 'string',
            'Status': 'CURRENT'|'OUTDATED'|'INOPERABLE',
            'StatusReason': 'string',
            'StackInstanceStatus': {
                'DetailedStatus': 'PENDING'|'RUNNING'|'SUCCEEDED'|'FAILED'|'CANCELLED'|'INOPERABLE'|'SKIPPED_SUSPENDED_ACCOUNT'
            },
            'OrganizationalUnitId': 'string',
            'DriftStatus': 'DRIFTED'|'IN_SYNC'|'UNKNOWN'|'NOT_CHECKED',
            'LastDriftCheckTimestamp': datetime(2015, 1, 1),
            'LastOperationId': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • Summaries (list) --

      A list of StackInstanceSummary structures that contain information about the specified stack instances.

      • (dict) --

        The structure that contains summary information about a stack instance.

        • StackSetId (string) --

          The name or unique ID of the stack set that the stack instance is associated with.

        • Region (string) --

          The name of the Amazon Web Services Region that the stack instance is associated with.

        • Account (string) --

          [Self-managed permissions] The name of the Amazon Web Services account that the stack instance is associated with.

        • StackId (string) --

          The ID of the stack instance.

        • Status (string) --

          The status of the stack instance, in terms of its synchronization with its associated stack set.

          • INOPERABLE: A DeleteStackInstances operation has failed and left the stack in an unstable state. Stacks in this state are excluded from further UpdateStackSet operations. You might need to perform a DeleteStackInstances operation, with RetainStacks set to true, to delete the stack instance, and then delete the stack manually.

          • OUTDATED: The stack isn't currently up to date with the stack set because:

            • The associated stack failed during a CreateStackSet or UpdateStackSet operation.

            • The stack was part of a CreateStackSet or UpdateStackSet operation that failed or was stopped before the stack was created or updated.

          • CURRENT: The stack is currently up to date with the stack set.

        • StatusReason (string) --

          The explanation for the specific status code assigned to this stack instance.

        • StackInstanceStatus (dict) --

          The detailed status of the stack instance.

          • DetailedStatus (string) --

            • CANCELLED: The operation in the specified account and Region has been canceled. This is either because a user has stopped the stack set operation, or because the failure tolerance of the stack set operation has been exceeded.

            • FAILED: The operation in the specified account and Region failed. If the stack set operation fails in enough accounts within a Region, the failure tolerance for the stack set operation as a whole might be exceeded.

            • INOPERABLE: A DeleteStackInstances operation has failed and left the stack in an unstable state. Stacks in this state are excluded from further UpdateStackSet operations. You might need to perform a DeleteStackInstances operation, with RetainStacks set to true, to delete the stack instance, and then delete the stack manually.

            • PENDING: The operation in the specified account and Region has yet to start.

            • RUNNING: The operation in the specified account and Region is currently in progress.

            • SKIPPED_SUSPENDED_ACCOUNT: The operation in the specified account and Region has been skipped because the account was suspended at the time of the operation.

            • SUCCEEDED: The operation in the specified account and Region completed successfully.

        • OrganizationalUnitId (string) --

          [Service-managed permissions] The organization root ID or organizational unit (OU) IDs that you specified for DeploymentTargets.

        • DriftStatus (string) --

          Status of the stack instance's actual configuration compared to the expected template and parameter configuration of the stack set to which it belongs.

          • DRIFTED: The stack differs from the expected template and parameter configuration of the stack set to which it belongs. A stack instance is considered to have drifted if one or more of the resources in the associated stack have drifted.

          • NOT_CHECKED: CloudFormation hasn't checked if the stack instance differs from its expected stack set configuration.

          • IN_SYNC: The stack instance's actual configuration matches its expected stack set configuration.

          • UNKNOWN: This value is reserved for future use.

        • LastDriftCheckTimestamp (datetime) --

          Most recent time when CloudFormation performed a drift detection operation on the stack instance. This value will be NULL for any stack instance on which drift detection hasn't yet been performed.

        • LastOperationId (string) --

          The last unique ID of a StackSet operation performed on a stack instance.

    • NextToken (string) --

      If the request doesn't return all the remaining results, NextToken is set to a token. To retrieve the next set of results, call ListStackInstances again and assign that token to the request object's NextToken parameter. If the request returns all results, NextToken is set to null.