Stack refactoring - AWS CloudFormation (original) (raw)

Stack refactoring simplifies reorganizing the resources in your CloudFormation stacks while still preserving the existing resource properties and data. With stack refactoring, you can move resources between stacks, split monolithic stacks into smaller components, or consolidate multiple stacks into one.

How stack refactoring works

Take the steps below into consideration when planning your stack refactor:

1. Assess your current infrastructure: Review your existing CloudFormation stacks and resources to identify stack refactoring opportunities.
2. Plan your refactor: Define how resource should be organized. Consider your dependencies, naming conventions, and operational limits. These can affect the CloudFormation validation later.
   Determine the number of destination stacks you will be refactoring resources into. You can move resource between at least 2 stacks, and a maximum of 5 stacks. Resources can be moved between nested stacks.
3. Update your templates: Modify your CloudFormation templates to reflect the planned change, such as moving resource definitions between templates. You can rename logical IDs during refactoring.
4. Create the stack refactor: Provide a list of stack names and templates that you want to refactor.
5. Review the refactor impact on your infrastructure and resolve any conflicts: CloudFormation validates the templates you provide and checks cross-stack dependencies, resource types with tag update problems, and resource logical ID conflicts.
   If the validation succeeds, CloudFormation will generate a preview of the refactor actions that will happen after executing the refactor.
   If the validation fails, you can retry after resolving the issues found. If there are conflicts, you will need to provide a resource logical ID mapping that shows the source and destination of the resource in conflict.
6. Execute the refactor: After confirming the changes align with how you want to refactor your stacks, execute the stack refactor.
7. Monitor: See the ExecutionStatus for the status of the stack refactor to make sure it's successful.

Stack refactoring limitations

Consider the following limitations when planning your stack refactor:

• Refactor operations don't allow new resource creations, resource deletions, or changes to resource configurations.
• You can't change or add new parameters, conditions, or mappings during a stack refactor. A potential workaround is to update your stack before performing the refactor.
• You can't refactor the same resource into multiple stacks.
• You cannot refactor a resource to a new stack if that stack uses certain pseudo parameters (Example: AWS::StackName).
• CloudFormation does not support empty stacks. Prior to creating a stack refactor that would remove all existing resources from a stack, you must add a resource to that stack. This resource can be a simple one, like awaitCondition resource type.
• Stack refactor does not support stacks that contain stack policies, including policies allowing changes for resources.
• The following resources aren't available:
  • AWS::ACMPCA::Certificate
  • AWS::ACMPCA::CertificateAuthority
  • AWS::ACMPCA::CertificateAuthorityActivation
  • AWS::ApiGateway::BasePathMapping
  • AWS::ApiGateway::Method
  • AWS::AppConfig::ConfigurationProfile
  • AWS::AppConfig::Deployment
  • AWS::AppConfig::Environment
  • AWS::AppConfig::Extension
  • AWS::AppConfig::ExtensionAssociation
  • AWS::AppStream::DirectoryConfig
  • AWS::AppStream::StackFleetAssociation
  • AWS::AppStream::StackUserAssociation
  • AWS::AppStream::User
  • AWS::BackupGateway::Hypervisor
  • AWS::CodePipeline::CustomActionType
  • AWS::Cognito::UserPoolRiskConfigurationAttachment
  • AWS::Cognito::UserPoolUICustomizationAttachment
  • AWS::Cognito::UserPoolUserToGroupAttachment
  • AWS::Config::ConfigRule
  • AWS::DataBrew::Dataset
  • AWS::DataBrew::Job
  • AWS::DataBrew::Project
  • AWS::DataBrew::Recipe
  • AWS::DataBrew::Ruleset
  • AWS::DataBrew::Schedule
  • AWS::DataZone::DataSource
  • AWS::DataZone::Environment
  • AWS::DataZone::EnvironmentBlueprintConfiguration
  • AWS::DataZone::EnvironmentProfile
  • AWS::DataZone::Project
  • AWS::DataZone::SubscriptionTarget
  • AWS::DynamoDB::GlobalTable
  • AWS::EC2::LaunchTemplate
  • AWS::EC2::SpotFleet
  • AWS::EC2::VolumeAttachment
  • AWS::EC2::VPCDHCPOptionsAssociation
  • AWS::ElasticBeanstalk::ConfigurationTemplate
  • AWS::FIS::ExperimentTemplate
  • AWS::Glue::Schema
  • AWS::GuardDuty::IPSet
  • AWS::GuardDuty::PublishingDestination
  • AWS::GuardDuty::ThreatIntelSet
  • AWS::ImageBuilder::Component
  • AWS::IoTFleetWise::Campaign
  • AWS::IoTWireless::WirelessDeviceImportTask
  • AWS::Lambda::EventInvokeConfig
  • AWS::Lex::BotVersion
  • AWS::M2::Application
  • AWS::Maester::DocumentType
  • AWS::MediaTailor::Channel
  • AWS::MSK::Configuration
  • AWS::MSK::ServerlessCluster
  • AWS::NeptuneGraph::PrivateGraphEndpoint
  • AWS::Omics::AnnotationStore
  • AWS::Omics::ReferenceStore
  • AWS::Omics::SequenceStore
  • AWS::OpenSearchServerless::Collection
  • AWS::Panorama::PackageVersion
  • AWS::PCAConnectorAD::Connector
  • AWS::PCAConnectorAD::DirectoryRegistration
  • AWS::PCAConnectorAD::Template
  • AWS::PCAConnectorAD::TemplateGroupAccessControlEntry
  • AWS::QuickSight::Theme
  • AWS::RefactorSpaces::Environment
  • AWS::RefactorSpaces::Route
  • AWS::RefactorSpaces::Service
  • AWS::RoboMaker::RobotApplication
  • AWS::RoboMaker::SimulationApplication
  • AWS::SageMaker::InferenceComponen
  • AWS::ServiceCatalog::PortfolioPrincipalAssociation
  • AWS::ServiceCatalog::PortfolioProductAssociation
  • AWS::ServiceCatalog::PortfolioShare
  • AWS::ServiceCatalog::TagOptionAssociation
  • AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation
  • AWS::ServiceCatalogAppRegistry::ResourceAssociation
  • AWS::StepFunctions::StateMachineVersion
  • AWS::Synthetics::Canary
  • AWS::VoiceID::Domain
  • AWS::WAFv2::IPSet
  • AWS::WAFv2::RegexPatternSet
  • AWS::WAFv2::RuleGroup
  • AWS::WAFv2::WebACL

Refactoring a stack using the AWS Command Line Interface

The following commands are used for stack refactoring:

• create-stack-refactor
• describe-stack-refactor
• execute-stack-refactor
• list-stack-refactors
• list-stack-refactor-actions

Below is an example of how to refactor a stack using the AWS Command Line Interface (CLI).

1. To begin, you will need the CloudFormation template you wish to refactor. The following command retrieves the template:

aws cloudformation get-template --stack-name ExampleStack1  

Once you have the template, use the integrated development environment (IDE) of your choice to update it to use the desired structure and resource organization. 2. Create the stack refactor using the create-stack-refactor command, and provide the stack name and templates for each stack involved in refactoring:

aws cloudformation create-stack-refactor \  
  --stack-definitions \  
    StackName=MySns,TemplateBody@=file://afterSns.yaml \  
    StackName=MyLambdaSubscription,TemplateBody@=file://afterLambda.yaml \  
  --enable-stack-creation \  
  --resource-mappings file://refactor.json  

The --resource mappings parameter is optional, but it will be required if a conflict is detected during template validation. In addition to providing the Source and Destination stacks, you will also need to provide the LogicalResourceId. The following is an example refactor.json file.

[  
    {  
        "Source": {  
            "StackName": "MySns",  
            "LogicalResourceId": "MyFunction"  
        },  
        "Destination": {  
            "StackName": "MyLambdaSubscription",  
            "LogicalResourceId": "Function"  
        }  
    }  
]  

1. After creating the refactor, CloudFormation generates a refactor change preview, which allows you to preview the impact the proposed changes will have on your infrastructure. In this example, the StackRefactorId created isstack-refactor-1ab2-c34d-5ef6. Use the following command to preview the changes:

aws cloudformation list-stack-refactor-actions \  
  --stack-refactor-id stack-refactor-1ab2-c34d-5ef6  

1. After reviewing and confirming your changes, use theexecute-stack-refactor command to complete the refactoring process:

aws cloudformation execute-stack-refactor \  
  --stack-refactor-id stack-refactor-1ab2-c34d-5ef6  

1. After executing execute-stack-refactor, you can monitor the status of the operation using the following command:

aws cloudformation describe-stack-refactor \  
  --stack-refactor-id stack-refactor-1ab2-c34d-5ef6  

CloudFormation will automatically update the Status andExecutionStatus of the refactor operation.