aws-control-tower-customizations
aws-control-tower-customizations copied to clipboard
aws-solutions
Support for configurable Tags on Stack/StackSets on manifest file
When it comes to creation of StackSets in the CfCT manifest file, when there's an AWS Organization's SCP applied that prevents the creation of resources with non-compliant tagging (e.g. CloudFormation resources (Stack/StackSets). It's difficult to implement these compliant tags.
Possible workarounds:
- Reverse engineer the CfCT implementation and add the required tags on the source code of the CfCT itself
- Disable the organization's SCP tagging compliance to allow the deployment of the Stacks/StackSets defined in the manifest file of the CfCT temporarily.
- Implement WrapperTemplates to implement stack/stackset level tags. Reference link to StackOverFlow discussion
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "WrapperTemplate",
"Resources": {
"WrappedStackWithStackLevelTags": {
"Type" : "AWS::CloudFormation::Stack",
"Properties" : {
"Tags" : [ { "Key" : "Stage", "Value" : "QA" } ],
"TemplateURL" : "your-original-template-s3-url"
}
}
}
}
Configurable Tags at the StackSet level A code snippet of the proposed feature request.
- name: new-cool-stackset
resource_file: templates/my-cool-stackset.yaml
deploy_method: stack_set
deployment_targets:
organizational_units:
- Sandbox
# custom tagging implem here that will be applied to the my-cool-stackset stackset
tags:
- key: RequiredTagKey1
value: RequiredTagValue1
- key: RequiredTagKey2
value: RequiredTagValue2
Thank you. AWS CfCT Team. I hope my feature request will be accommodated.
Thank you for the feature request @nd-at-globetel!
I've gone ahead and made a backlog to discuss this with the team.
Hi Team, it's been almost a year since this was first discussed. Is there any update or ETA?
We also need this 🙏
