I have some cloudformation stacks created from a centralized CF template in multiple AWS Accounts. I have a need to sync the Cloudformation stacks in all such accounts based on any updates in the template. One possible solution is currently to periodically poll for updates in the template and sync them using a scheduled Lambda or so. But does AWS already provide a capability for this already or what would be the most elegant way to implement this ?
2
Answers
The use case you describe is covered by stack sets: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html.
It works best if your accounts are in an organisation: . because then you can manage everything through stacksets.
Outside an org you need to use "self-managed" permissions, which requires some manual setup. the main time consuming piece is going into each target account to make a role for you (example template)
This seems to be provided by CloudFormation Git Sync which monitors a git repository for changes and updates the stack accordingly.
User Guide