AWScloud~5 mins

Nested stacks for modularity in AWS - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

When building cloud resources, managing many parts in one big file can get confusing. Nested stacks let you break your setup into smaller pieces that fit together, making it easier to organize and update your cloud resources.

When you want to reuse common parts like networking or security settings across multiple projects.

When your cloud setup grows large and you want to keep files simple and easy to understand.

When different teams manage different parts of the cloud setup and you want to separate their work.

When you want to update one part without touching the whole setup.

When you want to share standard resource setups as templates for new projects.

Config File - parent-stack.yaml

parent-stack.yaml

AWSTemplateFormatVersion: '2010-09-09'
Description: Parent stack that includes nested stacks for modular resources
Resources:
  NetworkStack:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: https://s3.amazonaws.com/example-bucket/network-stack.yaml
  ComputeStack:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: https://s3.amazonaws.com/example-bucket/compute-stack.yaml

This is the main template called the parent stack. It includes two nested stacks: NetworkStack and ComputeStack.

Each nested stack is a separate template stored in S3, referenced by TemplateURL. This setup helps organize resources into smaller, reusable parts.

Commands

This command creates the parent stack which includes the nested stacks. The capability flag allows creating IAM roles if needed.

Terminal

aws cloudformation create-stack --stack-name my-parent-stack --template-body file://parent-stack.yaml --capabilities CAPABILITY_NAMED_IAM

Expected OutputExpected

A stack with id arn:aws:cloudformation:us-east-1:123456789012:stack/my-parent-stack/abcd1234-5678-90ef-ghij-klmnopqrstuv was created

→

--capabilities CAPABILITY_NAMED_IAM - Allows the stack to create IAM resources

This command checks the status and details of the parent stack and its nested stacks to confirm they are created successfully.

Terminal

aws cloudformation describe-stacks --stack-name my-parent-stack

Expected OutputExpected

{ "Stacks": [ { "StackName": "my-parent-stack", "StackStatus": "CREATE_COMPLETE", "StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/my-parent-stack/abcd1234-5678-90ef-ghij-klmnopqrstuv" } ] }

This command lists all resources in the parent stack, including the nested stacks, showing how the modular parts are included.

Terminal

aws cloudformation list-stack-resources --stack-name my-parent-stack

Expected OutputExpected

StackResourceSummaries: - LogicalResourceId: NetworkStack ResourceType: AWS::CloudFormation::Stack ResourceStatus: CREATE_COMPLETE - LogicalResourceId: ComputeStack ResourceType: AWS::CloudFormation::Stack ResourceStatus: CREATE_COMPLETE

Key Concept

If you remember nothing else from this pattern, remember: nested stacks let you split big cloud setups into smaller, reusable parts that work together smoothly.

Common Mistakes

Using local file paths in TemplateURL instead of an accessible S3 URL

CloudFormation requires nested stack templates to be accessible via a URL, usually in S3, so it can fetch them during deployment.

Upload nested stack templates to an S3 bucket and use the HTTPS URL in TemplateURL.

Not including the CAPABILITY_NAMED_IAM flag when the nested stacks create IAM roles

CloudFormation will reject the stack creation without this flag if IAM resources are involved.

Always add --capabilities CAPABILITY_NAMED_IAM when creating stacks that include IAM resources.

Summary

Create a parent CloudFormation template that references smaller nested stack templates stored in S3.

Use AWS CLI to create the parent stack, which deploys all nested stacks together.

Check stack status and resources to confirm successful deployment of modular parts.