Comments (6)
cgswong
commented on August 15, 2024
2
Yes, we use that attribute in the custom function (which controls stack creation) in exactly the same manner,. i.e. to ensure a parent stack exists before the child is created.
from aws-control-tower-customizations.
cgswong
commented on August 15, 2024
CloudFormation will actually create resources in parallel to the extent possible. But sometimes, certain resources must be created or deleted prior to another. The DependsOn attribute is used in cases where creation of a specific resource must follow another, and this dependency is not obvious as in the case of an implicit reference from the child (call this resource 'B') to a parent resource (call this resource 'A'. So resource A is created before B. While this serialized execution order will be slower than parallel, it is required in some cases as I have previously mentioned. For example, an EC2 instance with a public IP depends on an existing Internet Gateway attachment, so to ensure CloudFormation is aware of the dependency and executes in a consistent manner the DependsOn attribute is used in the EC2 instance resource to reference the IGW attachment resource.
If the resources or stacks are in fact independent of each other, the attribute should not be used and the default CloudFormation behavior used.
from aws-control-tower-customizations.
mikkelramlov
commented on August 15, 2024
Thanks @cgswong!
Sorry I probably wasn't clear enough in my questioning. I was refering to the stacksets creation coming from the manifest.yaml file. Specifically the order of which the stacks in the cloudformation_resource gets deployed by the codepipeline. I was hoping for something like this would be an option:
...
cloudformation_resources:
- name: EnableConfig
template_file: templates/config.template
parameter_file: parameters/config.template
deploy_method: stack_set
regions:
- some-region-not-available-yet-in-guardrails
deploy_to_ou:
- Custom
- name: EnableConfigRules
template_file: templates/config-rules.template
parameter_file: parameters/config-rules.template
deploy_method: stack_set
regions:
- some-region-not-available-yet-in-guardrails
deploy_to_ou:
- Custom
depends_on:
- EnableConfig
...
In this examble it makes sense to enable Config before adding Config rules.
Hope it makes better sense.
from aws-control-tower-customizations.
mikkelramlov
commented on August 15, 2024
Ok. I just don't see the attribute depends_on in the manifest.py file.
But I did a test and saw that the stacksets are created in order and each stackset is first applied when the previous succeeds. That's great, so we avoid race conditions.
from aws-control-tower-customizations.
groverlalit
commented on August 15, 2024
Correct, the StackSets under cloudformation_resources are deployed in sequence.
Thanks Stuart (@cgswong) for helping out.
Mikkel (@miqueloi), if your question has been answered, shall we close this issue? Please advise.
Thanks.
from aws-control-tower-customizations.
mikkelramlov
commented on August 15, 2024
My questions have been answered, thanks!
from aws-control-tower-customizations.
Related Issues (20)
- CAPABILITY_NAMED_IAM Error
- It is desirable that not only createManagedAccount, but also the CFCT pipeline starts even when a moveAccount action occurs HOT 4
- Slowness in deploying stacksets for organization with 800+ accounts HOT 2
- Frequent ConcurrentModificationException on running SCP updates HOT 7
- Service Catalog portolfios/products management
- Stacksets concurrency HOT 1
- Remove stacksets from an account in reverse order HOT 2
- Support for Israel(Tel Aviv) Region "il-central-1" HOT 1
- Update CHANGELOG HOT 1
- build-s3-dist.sh fails with pip error HOT 3
- Solution fails [StepFunctions.1] Security Hub control HOT 3
- control-tower-customizations relies on outdated libraries & runtimes and looks abandoned HOT 4
- Running test or build fails HOT 1
- CloudFormation Lambda S3 Error HOT 1
- FeatureRequest: Add External SourceControls - e.g. Github, Gitlab, bitbucket.... HOT 2
- Would like logging added to the stepfunction HOT 1
- IndexError: list index out of range in CustomControlTowerStateMachineLambda lambda function HOT 2
- Python 3.8 End-Of-Life HOT 4
- Enable "Server Access Logging" on the CloudTrail S3 bucket or have an option to enable it HOT 1
- Inspector high severity findings on this solution's Lambdas HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-control-tower-customizations.