51

Can someone clearly explain to me difference and precedence between AWS CLI Cloudformation create-stack and deploy commands? For me it seems like they do same thing and deploy resources.

Why when you run the deploy command from the cli, the create stack has no executable change set, while the documenation says :

Deploys the specified AWS CloudFormation template by creating and then executing a change set. The command terminates after AWS CloudFormation executes the change set. If you want to view the change set before AWS CloudFormation executes it, use the --no-execute-changeset flag.

Improve this question

3 Answers 3

Reset to default
56

create-stack can only be used when you know you want to create a new stack. If you want to update a stack, you have to use a different command, etc. If you're writing (ug) batch files to help run your cloudformation, this can be a real pain.

The deploy is functionality to better take advantage of change sets - rather than having to know if a stack exists, you can simply run deploy and the tool will figure out what it needs to do. With the --no-execute-changeset, it will actually provide you the command needed if you decide you want to review the changes before applying them.

It looks like this was introduced in Nov. 2016, probably around the time change sets were released.

Improve this answer
1
  • Yes you are right, so what about my last question : Why when you run the deploy command from the cli, the create stack has no executable change set?
    – nixmind
    Apr 21, 2018 at 17:06
18

I assume that deploy is just 'syntactic sugar' around the CreateChangeSet, CreateStack, and UpdateStack api methods.

Note that although deploy is in the CLI, it is not in the API reference.

I assume that deploy is preferred outside of any need to explicitly review a change set. Without using deploy you would potentially need to create-change-set then decide whether to create or update a stack. In this case, deploy is like a stack "upsert".

I stopped being lazy and checked the code, and yes - deploy is ultimately a nicer way of using cloudformation from the CLI. The implementation is here and here. Note that as of today the ability to control rollback behaviour doesn't existing for deploy per this issue.

Improve this answer
1

Beware of a strange behavior of deploy command when you change parameter default value (LatestAmi in my case).

$ cat ec2.yaml 
AWSTemplateFormatVersion: "2010-09-09"

Parameters:
  LatestAmi: 
    Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
    Default: /aws/service/canonical/ubuntu/server/20.04/stable/current/amd64/hvm/ebs-gp2/ami-id
    
Resources:
  MyInstance:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: !Ref LatestAmi
      InstanceType: t2.micro
      Tags:
        - Key: Name
          Value: cfn-deploy
$ aws cloudformation deploy --template-file ec2.yaml --stack-name cfn-deploy

Waiting for changeset to be created..
Waiting for stack create/update to complete
Successfully created/updated stack - cfn-deploy
$ cat ec2.yaml 
AWSTemplateFormatVersion: "2010-09-09"

Parameters:
  LatestAmi: 
    Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
    Default: /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2

Resources:
  MyInstance:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: !Ref LatestAmi
      InstanceType: t2.micro
      Tags:
        - Key: Name
          Value: cfn-deploy
$ aws cloudformation deploy --template-file ec2.yaml --stack-name cfn-deploy

Waiting for changeset to be created..

No changes to deploy. Stack cfn-deploy is up to date
$ aws --version
aws-cli/2.5.2 Python/3.9.11 Linux/5.15.0-23-generic exe/x86_64.ubuntu.22 prompt/off

If you use update-stack command, the instance is replaced with requested AMI.

Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.