Prerequisites for using CloudFormation StackSets

StackSets extend the functionality of stacks, so you can create, update, or delete stacks across multiple accounts and Regions with a single operation.

Because StackSets perform stack operations across multiple accounts, before you can create your first stack set you need the necessary permissions defined in your Amazon Web Services accounts.

You can manage StackSets using self-managed or service-managed permissions.

For self-managed StackSets, you must create and manage IAM roles in each target account and Amazon Web Services Region. For more information, see Grant self-managed permissions.
For service-managed StackSets, you don't need to manually create and manage IAM roles in each account; Amazon handles the role creation and permissions for you. For more information, see Activate trusted access.

Note

Activating trusted access with Amazon Organizations for Amazon CloudFormation StackSets isn't currently supported in the China Beijing and Ningxia Regions.

Topics

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Managing stacks with StackSets

Enable Amazon Web Services Regions that are disabled by default