2016/03/29 - AWS CloudFormation - 5 new api methods
Creates a list of changes for a stack. AWS CloudFormation generates the change set by comparing the stack's information with the information that you submit. A change set can help you understand which resources AWS CloudFormation will change and how it will change them before you update your stack. Change sets allow you to check before you make a change so that you don't delete or replace critical resources.
AWS CloudFormation doesn't make any changes to the stack when you create a change set. To make the specified changes, you must execute the change set by using the ExecuteChangeSet action.
After the call successfully completes, AWS CloudFormation starts creating the change set. To check the status of the change set, use the DescribeChangeSet action.
Request Syntax
client.create_change_set(
StackName='string',
TemplateBody='string',
TemplateURL='string',
UsePreviousTemplate=True|False,
Parameters=[
{
'ParameterKey': 'string',
'ParameterValue': 'string',
'UsePreviousValue': True|False
},
],
Capabilities=[
'CAPABILITY_IAM',
],
ResourceTypes=[
'string',
],
NotificationARNs=[
'string',
],
Tags=[
{
'Key': 'string',
'Value': 'string'
},
],
ChangeSetName='string',
ClientToken='string',
Description='string'
)
string
[REQUIRED]
The name or the unique ID of the stack for which you are creating a change set. AWS CloudFormation generates the change set by comparing this stack's information with the information that you submit, such as a modified template or different parameter input values.
string
A structure that contains the body of the revised template, with a minimum length of 1 byte and a maximum length of 51,200 bytes. AWS CloudFormation generates the change set by comparing this template with the template of the stack that you specified.
Conditional: You must specify only TemplateBody or TemplateURL .
string
The location of the file that contains the revised template. The URL must point to a template (max size: 460,800 bytes) that is located in an S3 bucket. AWS CloudFormation generates the change set by comparing this template with the stack that you specified.
Conditional: You must specify only TemplateBody or TemplateURL .
boolean
Whether to reuse the template that is associated with the stack to create the change set.
list
A list of Parameter structures that specify input parameters for the change set. For more information, see the Parameter data type.
(dict) --
The Parameter data type.
ParameterKey (string) --
The key associated with the parameter. If you don't specify a key and value for a particular parameter, AWS CloudFormation uses the default value that is specified in your template.
ParameterValue (string) --
The value associated with the parameter.
UsePreviousValue (boolean) --
During a stack update, use the existing parameter value that the stack is using for a given parameter key. If you specify true , do not specify a parameter value.
list
A list of capabilities that you must specify before AWS CloudFormation can update certain stacks. Some stack templates might include resources that can affect permissions in your AWS account, for example, by creating new AWS Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge their capabilities by specifying this parameter.
Currently, the only valid value is CAPABILITY_IAM , which is required for the following resources: AWS::IAM::AccessKey, AWS::IAM::Group, AWS::IAM::InstanceProfile, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, and AWS::IAM::UserToGroupAddition. If your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary. If your template contains any of the listed resources and you don't specify this parameter, this action returns an InsufficientCapabilities error.
(string) --
list
The template resource types that you have permissions to work with if you execute this change set, such as AWS::EC2::Instance , AWS::EC2::* , or Custom::MyCustomInstance .
If the list of resource types doesn't include a resource type that you're updating, the stack update fails. By default, AWS CloudFormation grants permissions to all resource types. AWS Identity and Access Management (IAM) uses this parameter for condition keys in IAM policies for AWS CloudFormation. For more information, see Controlling Access with AWS Identity and Access Management in the AWS CloudFormation User Guide.
(string) --
list
The Amazon Resource Names (ARNs) of Amazon Simple Notification Service (Amazon SNS) topics that AWS CloudFormation associates with the stack. To remove all associated notification topics, specify an empty list.
(string) --
list
Key-value pairs to associate with this stack. AWS CloudFormation also propagates these tags to resources in the stack. You can specify a maximum of 10 tags.
(dict) --
The Tag type enables you to specify a key-value pair that can be used to store information about an AWS CloudFormation stack.
Key (string) --
Required . A string used to identify this tag. You can specify a maximum of 128 characters for a tag key. Tags owned by Amazon Web Services (AWS) have the reserved prefix: aws: .
Value (string) --
Required . A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value.
string
[REQUIRED]
The name of the change set. The name must be unique among all change sets that are associated with the specified stack.
A change set name can contain only alphanumeric, case sensitive characters and hyphens. It must start with an alphabetic character and cannot exceed 128 characters.
string
A unique identifier for this CreateChangeSet request. Specify this token if you plan to retry requests so that AWS CloudFormation knows that you're not attempting to create another change set with the same name. You might retry CreateChangeSet requests to ensure that AWS CloudFormation successfully received them.
string
A description to help you identify this change set.
dict
Response Syntax
{
'Id': 'string'
}
Response Structure
(dict) --
The output for the CreateChangeSet action.
Id (string) --
The Amazon Resource Name (ARN) of the change set.
Updates a stack using the input information that was provided when the specified change set was created. After the call successfully completes, AWS CloudFormation starts updating the stack. Use the DescribeStacks action to view the status of the update.
When you execute a change set, AWS CloudFormation deletes all other change sets associated with the stack because they aren't valid for the updated stack.
If a stack policy is associated with the stack, AWS CloudFormation enforces the policy during the update. You can't specify a temporary stack policy that overrides the current policy.
Request Syntax
client.execute_change_set(
ChangeSetName='string',
StackName='string'
)
string
[REQUIRED]
The name or ARN of the change set that you want use to update the specified stack.
string
If you specified the name of a change set, specify the stack name or ID (ARN) that is associated with the change set you want to execute.
dict
Response Syntax
{}
Response Structure
(dict) --
The output for the ExecuteChangeSet action.
Deletes the specified change set. Deleting change sets ensures that no one executes the wrong change set.
If the call successfully completes, AWS CloudFormation successfully deleted the change set.
Request Syntax
client.delete_change_set(
ChangeSetName='string',
StackName='string'
)
string
[REQUIRED]
The name or Amazon Resource Name (ARN) of the change set that you want to delete.
string
If you specified the name of a change set to delete, specify the stack name or ID (ARN) that is associated with it.
dict
Response Syntax
{}
Response Structure
(dict) --
The output for the DeleteChangeSet action.
Returns the inputs for the change set and a list of changes that AWS CloudFormation will make if you execute the change set. For more information, see Updating Stacks Using Change Sets in the AWS CloudFormation User Guide.
Request Syntax
client.describe_change_set(
ChangeSetName='string',
StackName='string',
NextToken='string'
)
string
[REQUIRED]
The name or Amazon Resource Name (ARN) of the change set that you want to describe.
string
If you specified the name of a change set, specify the stack name or ID (ARN) of the change set you want to describe.
string
A string (provided by the DescribeChangeSet response output) that identifies the next page of information that you want to retrieve.
dict
Response Syntax
{
'ChangeSetName': 'string',
'ChangeSetId': 'string',
'StackId': 'string',
'StackName': 'string',
'Description': 'string',
'Parameters': [
{
'ParameterKey': 'string',
'ParameterValue': 'string',
'UsePreviousValue': True|False
},
],
'CreationTime': datetime(2015, 1, 1),
'Status': 'CREATE_PENDING'|'CREATE_IN_PROGRESS'|'CREATE_COMPLETE'|'DELETE_COMPLETE'|'FAILED',
'StatusReason': 'string',
'NotificationARNs': [
'string',
],
'Capabilities': [
'CAPABILITY_IAM',
],
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'Changes': [
{
'Type': 'Resource',
'ResourceChange': {
'Action': 'Add'|'Modify'|'Remove',
'LogicalResourceId': 'string',
'PhysicalResourceId': 'string',
'ResourceType': 'string',
'Replacement': 'True'|'False'|'Conditional',
'Scope': [
'Properties'|'Metadata'|'CreationPolicy'|'UpdatePolicy'|'DeletionPolicy'|'Tags',
],
'Details': [
{
'Target': {
'Attribute': 'Properties'|'Metadata'|'CreationPolicy'|'UpdatePolicy'|'DeletionPolicy'|'Tags',
'Name': 'string',
'RequiresRecreation': 'Never'|'Conditionally'|'Always'
},
'Evaluation': 'Static'|'Dynamic',
'ChangeSource': 'ResourceReference'|'ParameterReference'|'ResourceAttribute'|'DirectModification'|'Automatic',
'CausingEntity': 'string'
},
]
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
The output for the DescribeChangeSet action.
ChangeSetName (string) --
The name of the change set.
ChangeSetId (string) --
The ARN of the change set.
StackId (string) --
The ARN of the stack that is associated with the change set.
StackName (string) --
The name of the stack that is associated with the change set.
Description (string) --
Information about the change set.
Parameters (list) --
A list of Parameter structures that describes the input parameters and their values used to create the change set. For more information, see the Parameter data type.
(dict) --
The Parameter data type.
ParameterKey (string) --
The key associated with the parameter. If you don't specify a key and value for a particular parameter, AWS CloudFormation uses the default value that is specified in your template.
ParameterValue (string) --
The value associated with the parameter.
UsePreviousValue (boolean) --
During a stack update, use the existing parameter value that the stack is using for a given parameter key. If you specify true , do not specify a parameter value.
CreationTime (datetime) --
The start time when the change set was created, in UTC.
Status (string) --
The current status of the change set, such as CREATE_IN_PROGRESS , CREATE_COMPLETE , or FAILED .
StatusReason (string) --
A description of the change set's status. For example, if your attempt to create a change set failed, AWS CloudFormation shows the error message.
NotificationARNs (list) --
The ARNs of the Amazon Simple Notification Service (Amazon SNS) topics that will be associated with the stack if you execute the change set.
(string) --
Capabilities (list) --
If you execute the change set, the list of capabilities that were explicitly acknowledged when the change set was created.
(string) --
Tags (list) --
If you execute the change set, the tags that will be associated with the stack.
(dict) --
The Tag type enables you to specify a key-value pair that can be used to store information about an AWS CloudFormation stack.
Key (string) --
Required . A string used to identify this tag. You can specify a maximum of 128 characters for a tag key. Tags owned by Amazon Web Services (AWS) have the reserved prefix: aws: .
Value (string) --
Required . A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value.
Changes (list) --
A list of Change structures that describes the resources AWS CloudFormation changes if you execute the change set.
(dict) --
The Change structure describes the changes AWS CloudFormation will perform if you execute the change set.
Type (string) --
The type of entity that AWS CloudFormation changes. Currently, the only entity type is Resource .
ResourceChange (dict) --
A ResourceChange structure that describes the resource and action that AWS CloudFormation will perform.
Action (string) --
The action that AWS CloudFormation takes on the resource, such as Add (adds a new resource), Modify (changes a resource), or Remove (deletes a resource).
LogicalResourceId (string) --
The resource's logical ID, which is defined in the stack's template.
PhysicalResourceId (string) --
The resource's physical ID (resource name). Resources that you are adding don't have physical IDs because they haven't been created.
ResourceType (string) --
The type of AWS CloudFormation resource, such as AWS::S3::Bucket .
Replacement (string) --
For the Modify action, indicates whether AWS CloudFormation will replace the resource by creating a new one and deleting the old one. This value depends on the value of the RequiresRecreation property in the ResourceTargetDefinition structure. For example, if the RequiresRecreation field is Always and the Evaluation field is Static , Replacement is True . If the RequiresRecreation field is Always and the Evaluation field is Dynamic , Replacement is Conditionally .
If you have multiple changes with different RequiresRecreation values, the Replacement value depends on the change with the most impact. A RequiresRecreation value of Always has the most impact, followed by Conditionally , and then Never .
Scope (list) --
For the Modify action, indicates which resource attribute is triggering this update, such as a change in the resource attribute's Metadata , Properties , or Tags .
(string) --
Details (list) --
For the Modify action, a list of ResourceChangeDetail structures that describes the changes that AWS CloudFormation will make to the resource.
(dict) --
For a resource with Modify as the action, the ResourceChange structure describes the changes AWS CloudFormation will make to that resource.
Target (dict) --
A ResourceTargetDefinition structure that describes the field that AWS CloudFormation will change and whether the resource will be recreated.
Attribute (string) --
Indicates which resource attribute is triggering this update, such as a change in the resource attribute's Metadata , Properties , or Tags .
Name (string) --
If the Attribute value is Properties , the name of the property. For all other attributes, the value is null.
RequiresRecreation (string) --
If the Attribute value is Properties , indicates whether a change to this property causes the resource to be recreated. The value can be Never , Always , or Conditionally . To determine the conditions for a Conditionally recreation, see the update behavior for that property in the AWS CloudFormation User Guide.
Evaluation (string) --
Indicates whether AWS CloudFormation can determine the target value, and whether the target value will change before you execute a change set.
For Static evaluations, AWS CloudFormation can determine that the target value will change, and its value. For example, if you directly modify the InstanceType property of an EC2 instance, AWS CloudFormation knows that this property value will change, and its value, so this is a Static evaluation.
For Dynamic evaluations, cannot determine the target value because it depends on the result of an intrinsic function, such as a Ref or Fn::GetAtt intrinsic function, when the stack is updated. For example, if your template includes a reference to a resource that is conditionally recreated, the value of the reference (the physical ID of the resource) might change, depending on if the resource is recreated. If the resource is recreated, it will have a new physical ID, so all references to that resource will also be updated.
ChangeSource (string) --
The group to which the CausingEntity value belongs. There are five entity groups:
ResourceReference entities are Ref intrinsic functions that refer to resources in the template, such as { "Ref" : "MyEC2InstanceResource" } .
ParameterReference entities are Ref intrinsic functions that get template parameter values, such as { "Ref" : "MyPasswordParameter" } .
ResourceAttribute entities are Fn::GetAtt intrinsic functions that get resource attribute values, such as { "Fn::GetAtt" : [ "MyEC2InstanceResource", "PublicDnsName" ] } .
DirectModification entities are changes that are made directly to the template.
Automatic entities are AWS::CloudFormation::Stack resource types, which are also known as nested stacks. If you made no changes to the AWS::CloudFormation::Stack resource, AWS CloudFormation sets the ChangeSource to Automatic because the nested stack's template might have changed. Changes to a nested stack's template aren't visible to AWS CloudFormation until you run an update on the parent stack.
CausingEntity (string) --
The identity of the entity that triggered this change. This entity is a member of the group that is specified by the ChangeSource field. For example, if you modified the value of the KeyPairName parameter, the CausingEntity is the name of the parameter ( KeyPairName ).
If the ChangeSource value is DirectModification , no value is given for CausingEntity .
NextToken (string) --
If the output exceeds 1 MB, a string that identifies the next page of changes. If there is no additional page, this value is null.
Returns the ID and status of each active change set for a stack. For example, AWS CloudFormation lists change sets that are in the CREATE_IN_PROGRESS or CREATE_PENDING state.
Request Syntax
client.list_change_sets(
StackName='string',
NextToken='string'
)
string
[REQUIRED]
The name or the Amazon Resource Name (ARN) of the stack for which you want to list change sets.
string
A string (provided by the ListChangeSets response output) that identifies the next page of change sets that you want to retrieve.
dict
Response Syntax
{
'Summaries': [
{
'StackId': 'string',
'StackName': 'string',
'ChangeSetId': 'string',
'ChangeSetName': 'string',
'Status': 'CREATE_PENDING'|'CREATE_IN_PROGRESS'|'CREATE_COMPLETE'|'DELETE_COMPLETE'|'FAILED',
'StatusReason': 'string',
'CreationTime': datetime(2015, 1, 1),
'Description': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
The output for the ListChangeSets action.
Summaries (list) --
A list of ChangeSetSummary structures that provides the ID and status of each change set for the specified stack.
(dict) --
The ChangeSetSummary structure describes a change set, its status, and the stack with which it's associated.
StackId (string) --
The ID of the stack with which the change set is associated.
StackName (string) --
The name of the stack with which the change set is associated.
ChangeSetId (string) --
The ID of the change set.
ChangeSetName (string) --
The name of the change set.
Status (string) --
The state of the change set, such as CREATE_IN_PROGRESS , CREATE_COMPLETE , or FAILED .
StatusReason (string) --
A description of the change set's status. For example, if your change set is in the FAILED state, AWS CloudFormation shows the error message.
CreationTime (datetime) --
The start time when the change set was created, in UTC.
Description (string) --
Descriptive information about the change set.
NextToken (string) --
If the output exceeds 1 MB, a string that identifies the next page of change sets. If there is no additional page, this value is null.