@knowledgeindia Thank you for explaination 🎉. It was good. But i observed once issue and its a general question, Lets say in same above usecase where you are creating IAM Role in all those 56 accounts which creates IAM Assume Role which will cosumed by your Security Saas provider./internal team. To assume those role, ideally you have to provide them all 56 ARN back. ; Now how will you do that here. Or lets say you created ec2 instances in each account using stackset and you have to provide back those 56 Public IPs back to the team, how will you do that. In stackset, I am able to see the parameter section but not the Output Section. Now in such scenario you have to login into each account to get their value from Output section under CFT. Or am i missing anything ?
Good observation. 2 scenarios here: 1. if you are interested in a property that can be derived, then you do via a logic, e.g. for IAM role you will keep the same role name in all the accounts, and hence you can get generate the role ARN if you have the account ID list. 2. for scenarios like Public IP of EC2 instances, you will have to write a script to read it from all the stacks (from different accounts), or you may read it directly from the actual resource by filtering those with a particular tag value. It is not possible to get actual resource details from the stackset level, you can only get up to stack name, id, etc.
@@knowledgeindia i hope, they should have this feature in their roadmap. Otherwise, to get values from the Output section , i have to login into each account and in each region which is very painful; because on day 1 i wanted to avoid login into each account & hence was thinking to use stacksets. 😅
No explanation of template content, stackset info missing and the service role that will be used by AWS to create the roles in account. Not useful video.
This video is from our 2days CloudFormation Bootcamp ..
Details on knowledgeindia.in/
Simple and clear explanation with hands-on demo, excellent teaching style!
Glad it helped! May be share it with your friends and help them as well.
@knowledgeindia Thank you for explaination 🎉. It was good. But i observed once issue and its a general question, Lets say in same above usecase where you are creating IAM Role in all those 56 accounts which creates IAM Assume Role which will cosumed by your Security Saas provider./internal team. To assume those role, ideally you have to provide them all 56 ARN back. ; Now how will you do that here. Or lets say you created ec2 instances in each account using stackset and you have to provide back those 56 Public IPs back to the team, how will you do that. In stackset, I am able to see the parameter section but not the Output Section. Now in such scenario you have to login into each account to get their value from Output section under CFT.
Or am i missing anything ?
Good observation.
2 scenarios here:
1. if you are interested in a property that can be derived, then you do via a logic, e.g. for IAM role you will keep the same role name in all the accounts, and hence you can get generate the role ARN if you have the account ID list.
2. for scenarios like Public IP of EC2 instances, you will have to write a script to read it from all the stacks (from different accounts), or you may read it directly from the actual resource by filtering those with a particular tag value.
It is not possible to get actual resource details from the stackset level, you can only get up to stack name, id, etc.
@@knowledgeindia i hope, they should have this feature in their roadmap. Otherwise, to get values from the Output section , i have to login into each account and in each region which is very painful; because on day 1 i wanted to avoid login into each account & hence was thinking to use stacksets. 😅
Nice. It's easy to understand. Thanks for that content. Can you please make a video on Cloud Query as well?
Pls continue this series
How did you create the cloud formation script, or did you first created the lambda function? The explanation is not proper.
Loved it! Can I get the template please?
No explanation of template content, stackset info missing and the service role that will be used by AWS to create the roles in account. Not useful video.