Help Center> Resource Formation Service> API Reference> Resource Formation Service> Stack Sets> Updating a Stack Set
Updated on 2024-03-07 GMT+08:00
View PDF

Updating a Stack Set

Function

UpdateStackSet

This API updates stack set attributes based on the information provided by the user. One or more of the following attributes can be updated: stack_set_description, initial_stack_description, permission_model, administration_agency_name, and managed_agency_name.

This API updates only the fields contained in the information provided by the user.

Note:

  • Note: All attributes are overwritten once updated. New parameters will overwrite original attributes of a stack.

  • administration_agency_name and managed_agency_name can be updated only when permission_model is set to self_managed.

  • Currently, only SELF_MANAGED permissions can be updated.

  • If the stack set is in the OPERATION_IN_PROGRESS state, the stack set cannot be updated.

URI

PATCH /v1/stack-sets/{stack_set_name}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

stack_set_name

Yes

String

Stack set name. The name is unique within its domain (domain_id) and region. Only letters, digits, underscores (_), and hyphens (-) are allowed. The name is case-sensitive and must start with a letter.

Minimum: 1

Maximum: 128

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

Client-Request-Id

Yes

String

Unique request ID. It is specified by a user and is used to locate a request. UUID is recommended.

Minimum: 36

Maximum: 128
Table 3 Request body parameters

Parameter

Mandatory

Type

Description

stack_set_id

No

String

Unique ID of a stack set.

It is a UUID generated by RFS when a stack is created.

Stack set names are unique only at one specific time, so you can create a stack set named HelloWorld and another stack set with the same name after deleting the first one.

For parallel development in a team, users may want to ensure that the stack set they operate is the one created by themselves, not the one with the same name created by other teammates after deleting the previous one. Therefore, they can use this ID for strong matching.

RFS ensures that the ID of each stack set is different and does not change with updates. If the stack_set_id value is different from the current stack set ID, 400 is returned.

Minimum: 36

Maximum: 36

stack_set_description

No

String

Description of a stack set. It can be used by customers to identify their own stack sets.

Minimum: 0

Maximum: 1024

initial_stack_description

No

String

Description of stacks that is being initialized. It can be used to identify stacks managed by a stack set.

This description is used for stacks in the stack set only when they are created. To update the description of stacks that is being initialized, call the UpdateStackSet API.

If the stack set description is updated later, the managed stack description will not be updated synchronously.

Minimum: 0

Maximum: 1024

permission_model

No

String

Permission model. It defines the creation mode of the agency required for RFS to operate stack sets. The permission model can be: * SERVICE_MANAGED: You can use this model to create stack sets only after setting RFS as a trustworthy service in your organization. You do not need to manually create agencies. RFS automatically creates agencies for you based on the organization. Only an organization administrator or a delegated administrator can create stack sets using SERVICE_MANAGED permissions. * SELF_MANAGED: For deployment, you manually create agencies in advance, including the agency created by the management account for RFS and the agency created by the member account for the management account. The stack set creation will not fail even if the agency does not exist or is incorrect. An error is reported only when the stack set or stack instance is deployed.

Default: SELF_MANAGED

Enumeration values:

  • SELF_MANAGED

administration_agency_name

No

String

Administration agency names.

RFS uses this agency to obtain permissions that a member account grants to a management account.

This agency must contain the iam:tokens:assume permission to subsequently obtain the managed agency credentials. If it is not included, adding or deploying instances will fail.

When you define SELF_MANAGED permissions, you must specify either administration_agency_name or administration_agency_urn, but not both.

You are advised to specify administration_agency_urn when using a trust agency. administration_agency_name only receives agency names. If trust agency names are assigned to administration_agency_name, template fails to be deployed.

Do not specify this parameter when SERVICE_MANAGED permissions are used. Otherwise, error code 400 is returned.

Minimum: 0

Maximum: 64

managed_agency_name

No

String

Name of the managed agency.

RFS uses this agency to obtain the permissions required for deploying resources.

The names of the agencies that different member accounts grants to the management account must be the same. Currently, different agency permissions cannot be defined based on different providers.

This parameter must be specified when SELF_MANAGED permissions are defined. Do not specify this parameter when SERVICE_MANAGED permissions are used. Otherwise, error code 400 is returned.

Minimum: 0

Maximum: 64

administration_agency_urn

No

String

Administration agency URNs.

RFS uses this agency to obtain permissions that a member account grants to a management account.

This agency must contain the sts:tokens:assume permission to subsequently obtain the managed agency credentials. If it is not included, adding or deploying instances will fail.

When you define SELF_MANAGED permissions, you must specify either administration_agency_name or administration_agency_urn, but not both.

You are advised to specify administration_agency_urn when using a trust agency. administration_agency_name only receives agency names. If trust agency names are assigned to administration_agency_name, template fails to be deployed.

Do not specify this parameter when SERVICE_MANAGED permissions are used. Otherwise, error code 400 is returned.

Response Parameters

Status code: 400

Table 4 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Status code: 401

Table 5 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Status code: 403

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Status code: 404

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Status code: 409

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Status code: 429

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Status code: 500

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

Minimum: 11

Maximum: 11

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

Example Requests

  • Update the description of a stack set.

    PATCH https://{endpoint}/v1/stack-sets/{stack_set_name}

{
  "stack_set_description" : "my hello world stack set",
  "stack_set_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b4"
}

  • Update the description of the stack that is being initialized in the stack set.

    PATCH https://{endpoint}/v1/stack-sets/{stack_set_name}

{
  "initial_stack_description" : "my initial stack description",
  "stack_set_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b4"
}

  • Update the stack set permission model.

    PATCH https://{endpoint}/v1/stack-sets/{stack_set_name}

{
  "permission_model" : "SELF_MANAGED",
  "stack_set_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b4"
}

  • Update the administration agency name of a stack set.

    PATCH https://{endpoint}/v1/stack-sets/{stack_set_name}

{
  "administration_agency_name" : "my administration agency name",
  "stack_set_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b4"
}

  • Update the managed agency name of the stack set.

    PATCH https://{endpoint}/v1/stack-sets/{stack_set_name}

{
  "managed_agency_name" : "my managed agency name",
  "stack_set_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b4"
}

Example Responses

None

Status Codes

Status Code

Description

204

Stack set updated.

400

Invalid request.

401

Authentication failed.

403

  1. Invalid stack set status.

  2. The user does not have the permission to call this API.

404

The stack set does not exist.

409

Request conflict. Another request is being processed on the current stack set.

429

Too frequent requests.

500

Internal server error.
Parent topic: Stack Sets