Help Center> Resource Formation Service> API Reference> Resource Formation Service> Stack Sets> Creating a Stack Set
Updated on 2024-03-07 GMT+08:00
View PDF

Creating a Stack Set

Function

CreateStackSet

This is a synchronous API. This API creates an empty stack set that does not contain any stack instance and returns the stack set ID (stack_set_id).

URI

POST /v1/stack-sets

Request Parameters

Table 1 Request header parameters

Parameter

Mandatory

Type

Description

Client-Request-Id

Yes

String

Unique request ID. It is specified by a user and is used to locate a request. UUID is recommended.

Minimum: 36

Maximum: 128
Table 2 Request body parameters

Parameter

Mandatory

Type

Description

stack_set_name

Yes

String

Name of a stack set. The name is unique within its domain (domain_id) and region. Only letters, digits, underscores (_), and hyphens (-) are allowed. The name is case-sensitive and must start with a letter.

Minimum: 1

Maximum: 128

stack_set_description

No

String

Description of a stack set. It can be used by customers to identify their own stack sets.

Minimum: 0

Maximum: 1024

permission_model

No

String

Permission model. It defines the creation mode of the agency required for RFS to operate stack sets. The permission model can be: * SERVICE_MANAGED: You can use this model to create stack sets only after setting RFS as a trustworthy service in your organization. You do not need to manually create agencies. RFS automatically creates agencies for you based on the organization. Only an organization administrator or a delegated administrator can create stack sets using SERVICE_MANAGED permissions. * SELF_MANAGED: For deployment, you manually create agencies in advance, including the agency created by the management account for RFS and the agency created by the member account for the management account. The stack set creation will not fail even if the agency does not exist or is incorrect. An error is reported only when the stack set or stack instance is deployed.

Default: SELF_MANAGED

Enumeration values:

  • SELF_MANAGED

administration_agency_name

No

String

Administration agency names.

RFS uses this agency to obtain permissions that a member account grants to a management account.

This agency must contain the iam:tokens:assume permission to subsequently obtain the managed agency credentials. If it is not included, adding or deploying instances will fail.

When you define SELF_MANAGED permissions, you must specify either administration_agency_name or administration_agency_urn, but not both.

You are advised to specify administration_agency_urn when using a trust agency. administration_agency_name only receives agency names. If trust agency names are assigned to administration_agency_name, template fails to be deployed.

Do not specify this parameter when SERVICE_MANAGED permissions are used. Otherwise, error code 400 is returned.

Minimum: 0

Maximum: 64

managed_agency_name

No

String

Name of the managed agency.

RFS uses this agency to obtain the permissions required for deploying resources.

The names of the agencies that different member accounts grants to the management account must be the same. Currently, different agency permissions cannot be defined based on different providers.

This parameter must be specified when SELF_MANAGED permissions are defined. Do not specify this parameter when SERVICE_MANAGED permissions are used. Otherwise, error code 400 is returned.

Minimum: 0

Maximum: 64

template_body

No

String

HCL template, which describes the target status of a resource. RFS compares the difference between the statuses of this template and the current remote resource.

You can specify either template_body or template_uri, not both.

Note:

  • Stack sets do not encrypt sensitive data. RFS uses, logs, displays, and stores template_body as plaintext.

Minimum: 0

Maximum: 51200

template_uri

No

String

OBS address of an HCL template. The template describes the target status of a resource. RFS compares the difference between the statuses of this template and the current remote resource.

The OBS address allows mutual access to regions of the same type. Regions are classified into universal regions and dedicated regions. A universal region provides universal cloud services for common tenants. A dedicated region provides specific services for specific tenants.

The corresponding file must be a tf file or a zip package.

A .tf file must be named with a .tf or .tf.json suffix, compatible with HCL, and UTF-8 encoded.

Currently, only the .zip package is supported. The file name extension must be .zip. The decompressed files cannot contain .tfvars files. The maximum size of the file is 1 MB before decompression and 1 MB after decompression. A maximum of 100 files can be archived to one .zip package.

You can specify either template_body or template_uri, not both.

Note:

  • Stack sets do not encrypt sensitive data. RFS uses, logs, displays, and stores the template file content corresponding to template_uri as plaintext.

    • If the template file specified by the template_uri is in .zip format, the names of the files or folders within the package contain a maximum of 255 bytes, the length of the longest directory cannot exceed 2048 bytes, and the size of the .zip package cannot exceed 1 MB.

Minimum: 0

Maximum: 2048

vars_uri

No

String

OBS address of the HCL parameter file. Transferring parameters is supported by the HCL template. The same template can use different parameters for different purposes.

The OBS address allows mutual access to regions of the same type. Regions are classified into universal regions and dedicated regions. A universal region provides universal cloud services for common tenants. A dedicated region provides specific services for specific tenants.

  • vars_uri directs to a pre-signed URL of OBS. Currently, other addresses are not supported.

  • RFS supports vars_structure, vars_body, and vars_uri. If they declare the same variable, error 400 will be reported.

The content in vars_uri uses the tfvars format of HCL. You can save the content in .tfvars to a file, upload the file to OBS, and transfer the pre-signed URL of OBS to vars_uri.

  • Stack sets do not encrypt sensitive data. RFS uses, logs, displays, and stores the variable file content corresponding to vars_uri as plaintext.

Minimum: 0

Maximum: 2048

vars_body

No

String

Content of the HCL variable file. Transferring parameters is supported by the HCL template. The same template can use different parameters for different purposes.

  • The vars_body uses the tfvars format of HCL. You can submit the content in the .tfvars file to the vars_body.

  • RFS supports vars_structure, vars_body, and vars_uri. If they declare the same variable, error 400 will be reported.

  • If vars_body is too large, you can use vars_uri.

  • Stack sets do not encrypt sensitive data. RFS uses, logs, displays, and stores vars_body as plaintext.

Minimum: 0

Maximum: 51200

initial_stack_description

No

String

Description of stacks that is being initialized. It can be used to identify stacks managed by a stack set.

This description is used for stacks in the stack set only when they are created. To update the description of stacks that is being initialized, call the UpdateStackSet API.

If the stack set description is updated later, the managed stack description will not be updated synchronously.

Minimum: 0

Maximum: 1024

administration_agency_urn

No

String

Administration agency URNs.

RFS uses this agency to obtain permissions that a member account grants to a management account.

This agency must contain the sts:tokens:assume permission to subsequently obtain the managed agency credentials. If it is not included, adding or deploying instances will fail.

When you define SELF_MANAGED permissions, you must specify either administration_agency_name or administration_agency_urn, but not both.

You are advised to specify administration_agency_urn when using a trust agency. administration_agency_name only receives agency names. If trust agency names are assigned to administration_agency_name, template fails to be deployed.

Do not specify this parameter when SERVICE_MANAGED permissions are used. Otherwise, error code 400 is returned.

Response Parameters

Status code: 201

Table 3 Response body parameters

Parameter

Type

Description

stack_set_id

String

Unique ID of a stack set.

It is a UUID generated by RFS when a stack is created.

Stack set names are unique only at one specific time, so you can create a stack set named HelloWorld and another stack set with the same name after deleting the first one.

For parallel development in a team, users may want to ensure that the stack set they operate is the one created by themselves, not the one with the same name created by other teammates after deleting the previous one. Therefore, they can use this ID for strong matching.

RFS ensures that the ID of each stack set is different and does not change with updates. If the stack_set_id value is different from the current stack set ID, 400 is returned.

Minimum: 36

Maximum: 36

Status code: 400

Table 4 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Status code: 401

Table 5 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Status code: 409

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Status code: 429

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Status code: 500

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Example Requests

  • Use the signed URL of OBS to transfer the template and administration agency names for creating a stack set.

    POST https://{endpoint}/v1/stack-sets

{
  "stack_set_name" : "my_first_stack_set",
  "template_uri" : "https://my_hello_world_bucket.{region}.myhuaweicloud.com/vpc.tf",
  "managed_agency_name" : "my_managed_agency_name",
  "administration_agency_name" : "my_administration_agency_name"
}

  • Use the template and administration agency URNs for creating a stack set.

    POST https://{endpoint}/v1/stack-sets

{
  "stack_set_name" : "my_second_stack_set",
  "managed_agency_name" : "my_managed_agency_name",
  "administration_agency_urn" : "iam::my-domain-id:agency:my-agency-name",
  "template_body" : "terraform {\n    required_providers {\n      huaweicloud = {\n        source = \"huawei.com/provider/huaweicloud\"\n        version = \"1.41.0\"\n        }\n    }\n}\nprovider \"huaweicloud\"{\n    insecure = true\n    cloud = \"{cloud_name}\"\n    region = \"{region}\"\n    endpoints = {\n        iam = \"{iam_endpoint}\",\n    }\n}\n\nresource \"huaweicloud_vpc\" \"vpc\" {\n  cidr = \"172.16.0.0/16\"\n  name = \"my_vpc\"\n}"
}

Example Responses

Status code: 201

Stack set created successfully

{
  "stack_set_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b3"
}

Status Codes

Status Code

Description

201

Stack set created successfully

400

Invalid request.

401

Authentication failed.

403

  1. The user does not have the permission to call this API.

  2. The maximum number of stack sets has been reached.

409

Creation requests conflict. The stack set with the same name already exists.

429

Too frequent requests.

500

Internal server error.
Parent topic: Stack Sets