Cloudformation AWS CLI Query ALL Stack resources with multiple nested stacks

4
votes

I know i can get at a stacks resources with:-

aws cloudformation describe-stack-resources \
                    --stack-name MYSTACKNAME \
                    --query 'StackResources[*].{Type:ResourceType,LogicalID:LogicalResourceId}' \
                    --output table

If my stack only consists of NESTED STACKS how can i get at the resources of all the nested stacks of my stack within Cloudformation?

I can see how to query for all the stacks of my parent stack.

aws cloudformation list-stacks \
                    --query 'StackSummaries[?contains(StackName, `MYSTACKNAME`) && (StackStatus==`CREATE_COMPLETE`||StackStatus==`UPDATE_COMPLETE`)].{Stack:StackName}' \
                    --output json

I cant work out how to use this to feed describe-stack-resources which only appears to take an individual value.

I could build this into a python script but thought i would check before i do.

Thanks

2
amazon-web-servicesamazon-cloudformation

2 Answers

5
votes

You can not achieve this one command. Instead get the list of all the resources that belong to the parent stack (nested stack details) and then describe stack resources by iterating through the list. Below is the command I wrote to get all the resources:

for stack in $(aws cloudformation list-stacks --output text --query 'StackSummaries[?contains(StackName, `MYSTACKNAME`) && (StackStatus==`CREATE_COMPLETE`||StackStatus==`UPDATE_COMPLETE`)].[StackName]') ; do aws cloudformation describe-stack-resources --stack-name $stack --query 'StackResources[*].{Type:ResourceType,LogicalID:LogicalResourceId}' --output table ; done
0
votes

A more general solution would need to handle variable levels of nesting. In our case many (but not all) of our s3 buckets are created using a standard encrypted bucket template called from our child templates.

We use a script somewhat like the following when searching for buckets that need emptying before dropping a stack:

findBuckets() {
    aws cloudformation describe-stack-resources \
        --stack-name $1 \
        --query "StackResources[][ResourceType, PhysicalResourceId]" \
        --output text | 
    while read type value; do 
        if [[ $type == 'AWS::CloudFormation::Stack' ]]; then 
            findBuckets $value
        else
            echo $type $value
        fi
    done
}

then this can be called with, for instance:

findBuckets my-stack-dev