Posted On: Jun 5, 2023
Today, Amazon CloudFormation StackSets provides customers with three new APIs to activate, deactivate, and describe Amazon Organization trust access needed to get started with service-managed StackSets. You can use service-managed StackSets to centrally manage stack deployments to Amazon Web Services accounts in one or more organizational units (OUs). With this launch, you can programmatically manage trust access for your management or delegated administrator accounts. Activating trust access provides the necessary permissions for your management or delegated administrator accounts to create and manage service-managed stack sets for your Amazon Organizations. In addition to providing this trust access in Amazon CloudFormation via Amazon Web Services Management Console, you can now choose to manage trust access with these newly launched APIs.
Customers who have built services such as Landing Zones using StackSets can use these APIs to simplify the customer experience of their services. For example, you can use these APIs to automatically activate and deactivate trust access directly via your service instead of making your customer continuously switch between StackSets and your service.
You can use these APIs via Amazon Command Line Interface (CLI), and Amazon Software Development Kits (SDK). These APIs are available in the Amazon Web Services China (Beijing) Region, operated by Sinnet, and the Amazon Web Services China (Ningxia) Region, operated by NWCD. To learn more, visit CloudFormation StackSets documentation.