Updated on 2024-11-22 GMT+08:00

Updating a Stack Set

Function

UpdateStackSet

This API updates stack set attributes based on the information provided by the user. One or more of the following attributes can be updated: stack_set_description, initial_stack_description, permission_model, administration_agency_name, and managed_agency_name.

This API updates only the fields contained in the information provided by the user.

Note:

  • Note: All attributes are overwritten once updated. New parameters will overwrite original attributes of a stack.

  • administration_agency_name and managed_agency_name can be updated only when permission_model is set to self_managed.

  • Currently, only SELF_MANAGED permissions can be updated.

  • If the stack set is in the OPERATION_IN_PROGRESS state, the stack set cannot be updated.

URI

PATCH /v1/stack-sets/{stack_set_name}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

stack_set_name

Yes

String

Stack set name. The name is unique within its domain (domain_id) and region. Only letters, digits, underscores (_), and hyphens (-) are allowed. The name is case-sensitive and must start with a letter.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

Client-Request-Id

Yes

String

Unique request ID. It is specified by a user and is used to locate a request. UUID is recommended.

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

stack_set_id

No

String

Unique ID of a stack set.

It is a UUID generated by RFS when a stack is created.

Stack set names are unique only at one specific time, so you can create a stack set named HelloWorld and another stack set with the same name after deleting the first one.

For parallel development in a team, users may want to ensure that the stack set they operate is the one created by themselves, not the one with the same name created by other teammates after deleting the previous one. Therefore, they can use this ID for strong matching.

RFS ensures that the ID of each stack set is different and does not change with updates. If the stack_set_id value is different from the current stack set ID, 400 is returned.

stack_set_description

No

String

Description of a stack set. It can be used by customers to identify their own stack sets.

initial_stack_description

No

String

Description of stacks that is being initialized. It can be used to identify stacks managed by a stack set.

This description is used for stacks in the stack set only when they are created. To update the description of stacks that is being initialized, call the UpdateStackSet API.

If the stack set description is updated later, the managed stack description will not be updated synchronously.

administration_agency_name

No

String

Administration agency names.

RFS uses this agency to obtain permissions that a member account grants to a management account.

This agency must contain the iam:tokens:assume permission to subsequently obtain the managed agency credentials. If it is not included, adding or deploying instances will fail.

When you define SELF_MANAGED permissions, you must specify either administration_agency_name or administration_agency_urn, but not both.

You are advised to specify administration_agency_urn when using a trust agency. administration_agency_name only receives agency names. If trust agency names are assigned to administration_agency_name, template fails to be deployed.

Do not specify this parameter when SERVICE_MANAGED permissions are used. Otherwise, error code 400 is returned.

managed_agency_name

No

String

Name of the managed agency.

RFS uses this agency to obtain the permissions required for deploying resources.

The names of the agencies that different member accounts grants to the management account must be the same. Currently, different agency permissions cannot be defined based on different providers.

This parameter must be specified when SELF_MANAGED permissions are defined. Do not specify this parameter when SERVICE_MANAGED permissions are used. Otherwise, error code 400 is returned.

administration_agency_urn

No

String

Administration agency URNs.

RFS uses this agency to obtain permissions that a member account grants to a management account.

This agency must contain the sts:tokens:assume permission to subsequently obtain the managed agency credentials. If it is not included, adding or deploying instances will fail.

When you define SELF_MANAGED permissions, you must specify either administration_agency_name or administration_agency_urn, but not both.

You are advised to specify administration_agency_urn when using a trust agency. administration_agency_name only receives agency names. If trust agency names are assigned to administration_agency_name, template fails to be deployed.

Do not specify this parameter when SERVICE_MANAGED permissions are used. Otherwise, error code 400 is returned.

managed_operation

No

managed_operation object

A set of properties used to manage the stack set operation.

call_identity

No

String

This parameter is only supported when the stack set permission model is SERVICE_MANAGED. Specify whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. By default, SELF is specified.

Use SELF for stack sets with self-managed permissions.

  • No matter what call identity is specified, the stack set involved in request is always belonging to management account.*

    • SELF - Invoked as to the management account.

    • DELEGATED_ADMIN - Invoked as a delegated administrator account. User account must be registered as a delegated administrator in the management account.

Table 4 managed_operation

Parameter

Mandatory

Type

Description

enable_parallel_operation

No

Boolean

This parameter indicates whether the stack set can create multiple stack set operations concurrently. As an attribute of the stack set, this parameter can be specified by using CreateStackSet API and updated by using UpdateStackSet API.

When false (default), the stack set performs one operation at a time in request order. To be specific, at a time, only one stack set operation in QUEUE_IN_PROGRESS or OPERATION_IN_PROGRESS status can be processed.

When true, the stack set can create operations concurrently, handle non-conflicting operations, and queue conflicting operations. When the conflicting operation is completed, the stack set continues to perform queuing operations in the order of requests. Currently, a maximum of 10 concurrent stack set operations are allowed to be created under the same stack set.

Note: When the stack set allows multiple operations to be created at the same time, if more than one operation deploys same stack instances, these operations are called conflicting operations.

When the stack set is in OPERATION_IN_PROGRESS status, this parameter is not allowed to be modified by UpdateStackSet API.

Currently, a maximum of 10 stack set operations in QUEUE_IN_PROGRESS or OPERATION_IN_PROGRESS status can exist in one stack set.

Response Parameters

Status code: 400

Table 5 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 6 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 401

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 8 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 403

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 10 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 404

Table 11 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 12 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 409

Table 13 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 14 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 429

Table 15 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 16 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 500

Table 17 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 18 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Example Requests

  • Update the description of a stack set.

    PATCH https://{endpoint}/v1/stack-sets/{stack_set_name}
    
    {
      "stack_set_description" : "my hello world stack set",
      "stack_set_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b4"
    }
  • Update the description of the stack that is being initialized in the stack set.

    PATCH https://{endpoint}/v1/stack-sets/{stack_set_name}
    
    {
      "initial_stack_description" : "my initial stack description",
      "stack_set_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b4"
    }
  • Update the administration agency name of a stack set.

    PATCH https://{endpoint}/v1/stack-sets/{stack_set_name}
    
    {
      "administration_agency_name" : "my administration agency name",
      "stack_set_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b4"
    }
  • Update the managed agency name of the stack set.

    PATCH https://{endpoint}/v1/stack-sets/{stack_set_name}
    
    {
      "managed_agency_name" : "my managed agency name",
      "stack_set_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b4"
    }

Example Responses

None

Status Codes

Status Code

Description

204

Stack set updated.

400

Invalid request.

401

Authentication failed.

403

  1. Invalid stack set status.

  2. The user does not have the permission to call this API.

404

The stack set does not exist.

409

Request conflict. Another request is being processed on the current stack set.

429

Too frequent requests.

500

Internal server error.