Automate Multi-Account and Multi-Region Deployments using CloudFormation stack set

Introduction

AWS CloudFormation is a comprehensive infrastructure-as-code (IaC) solution that enables users to automatically and systematically define and manage AWS resources. CloudFormation Stack is a group of AWS resources that are managed as a single entity and specified in a CloudFormation template. With the help of stacks, users can simplify the systematic and repeated building, updating, and deletion of AWS infrastructure. Databases, S3 buckets, EC2 instances, and other resources can be deployed and managed effectively with stacks, guaranteeing consistency and minimizing manual task.

Deploying the resources in multiple accounts and multiple regions is a repetitive task for the cloud engineers. AWS has extended the capabilities of cloudformation stack with cloudformation StackSet. This blog will explain CloudFormation StackSets, their benefits, and how to use them.

What Is CloudFormation StackSets?

CloudFormation StackSets, are useful when businesses need to deploy CloudFormation stacks across several AWS accounts and regions. Provisioning, updating, and deleting stacks across different AWS environments is made simpler by StackSets, which allow centralized management. Large businesses who have numerous AWS accounts as part of AWS Organizations and operate in different geographic areas would find this very helpful.

Key Terminologies of StackSets

1. StackSet: A logical thing that holds the CloudFormation template and deployment configurations.
2. Stack Instances: Individual instances of the stack that are deployed to specify the accounts and regions.
3. Administrator Account: The AWS account where we manage and deploys StackSets.
4. Target Accounts: The AWS accounts where the resources get deployed.
5. Regions: The AWS regions where the StackSet is executed.

Benefits of Using CloudFormation StackSets

1. Scalability: Deploy infrastructure across multiple AWS accounts and regions in one stackset creation.
2. Consistency: Provides a uniform deployment across all AWS environments.
3. Centralized Management: Manage and monitor infrastructure deployments from a single administrator account.
4. Time-Efficient: Reduces manual efforts required for deploying CloudFormation stacks in multiple locations.
5. Integration with AWS Organizations: Allow new AWS accounts resources to be automatically deployed to them as soon as they are added to the organization.

How to Create CloudFormation StackSets

You can create a StackSet via the AWS Console, CLI, or SDK. Below is a step-by-step guide for creating stack set using console:

1. Open the cloudformation service on the on the console

2. Click StackSet from left panel and select Create StackSet

3. In Choose Template section select option as mentioned below

• Permission: Service manage permission
• Pre-requisite Prepare template: Template is ready
• Specify Template: Upload a file, then click on Choose File. Give the path of the file from your local computer. Then Click Next.

4. In Specify StackSet Details page select the option as mentioned below

• StackSet Name: Test
• StackSet Description: Test
• Parameter: Environment Name: Dev

For the VPC CIDR, Public Subnet CIDR’s put down the values as per your requirements. Then Select Next.

5. In Configure StackSet option, keep default and click

6. In Set Deployment Option select the options as mentioned below:

• Add Stack to stackset: Deploy new stacks
• Deployment Target: Deploy to organization
• Auto-Deployment Option: Keep default
• Specify Region: Select Mumbai and N. Virginia region (Note: You can select region as per your requirements)
• Deployment Options: Keep default
• Select Next

7. On Review page scroll at the bottom of the screen and Click

8. I had deployed stack set to my organization which have 5 member accounts and selected 2 regions it means this stack set will create 10 stack instances. At the end I had create 10VPC with all its component in one single API call.

The Best Ways to Use StackSets

1. Track Deployments: To keep tracks on StackSet modifications, use AWS CloudTrail and AWS Config.
2. Test Before Deployment: Before deploying the CloudFormation template as a StackSet, make sure it works in a single account.
3. Use Service-Managed Permissions: This makes stack deployments easier when working with AWS Organizations.
4. Optimize Parallel Deployments: Set up the right concurrency parameters to strike a balance between API throttling and speed.
5. Put stack policies into place to stop unintentional removal or alteration of important resources.

Conclusion

CloudFormation with StackSets make it easier to manage infrastructure installations across several accounts and geographical locations. Organizations can reduce operational costs and gain automation, scalability, and consistency by utilizing StackSets. StackSets offer an effective solution for small teams seeking centralized infrastructure control or enterprises overseeing resources across multiple regions.

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.

CloudThat is the first Indian Company to win the prestigious Microsoft Partner 2024 Award and is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, Microsoft Gold Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, AWS GenAI Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner,  AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, Amazon ECS Service Delivery Partner, AWS Glue Service Delivery Partner, Amazon Redshift Service Delivery Partner, AWS Control Tower Service Delivery Partner, AWS WAF Service Delivery Partner, Amazon CloudFront, Amazon OpenSearch, AWS DMS and many more.

To get started, go through our Consultancy page and Managed Services Package, CloudThat’s offerings.