Creating a stack - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Creating a stack

To create a stack you run the aws cloudformation create-stack command. You must provide the stack name, the location of a valid template, and any input parameters.

Parameters are separated with a space and the key names are case sensitive. If you mistype a parameter key name when you run aws cloudformation create-stack, Amazon CloudFormation doesn't create the stack and reports that the template doesn't contain that parameter.


You can use your own bucket and manage its permissions by manually uploading templates to either Amazon S3 or Amazon Systems Manager. Then whenever you create or update a stack, specify the Amazon S3 or Amazon Systems Manager of a template file.

By default, aws cloudformation describe-stacks returns parameter values. To prevent sensitive parameter values such as passwords from being returned, include a NoEcho property set to TRUE in your Amazon CloudFormation template.


Using the NoEcho attribute does not mask any information stored in the following:

  • The Metadata template section. CloudFormation does not transform, modify, or redact any information you include in the Metadata section. For more information, see Metadata.

  • The Outputs template section. For more information, see Outputs.

  • The Metadata attribute of a resource definition. For more information, see Metadata attribute.

We strongly recommend you do not use these mechanisms to include sensitive information, such as passwords or secrets.


Rather than embedding sensitive information directly in your CloudFormation templates, we recommend you use dynamic parameters in the stack template to reference sensitive information that is stored and managed outside of CloudFormation, such as in the Amazon Systems Manager Parameter Store or Amazon Secrets Manager.

For more information, see the Do not embed credentials in your templates best practice.

The following example creates the myteststack stack:

PROMPT> aws cloudformation create-stack \ --stack-name myteststack \ --template-body file:///home/testuser/mytemplate.json \ --parameters ParameterKey=Parm1,ParameterValue=test1 ParameterKey=Parm2,ParameterValue=test2

CloudFormation returns the following output:

{ "StackId" : "arn:aws:cloudformation:us-east-1:123456789012:stack/myteststack/330b0120-1771-11e4-af37-50ba1b98bea6" }

The following example creates the myteststack stack in an Amazon Systems Manager document:

PROMPT> aws cloudformation create-stack \ --stack-name myteststack \ --template-url "ssm-doc://arn:aws:ssm:us-east-1:123456789012:document/documentName"