StackGroup Config

StackGroup config stores information related to the StackGroup, such as a particular profile to use, the name of the S3 bucket in which to store templates, and the target region in which to build resources. StackGroup config is stored in various files around the directory structure, all with the name config.yaml.

Structure

An StackGroup config file is a yaml object of key-value pairs configuring Sceptre. The available keys are listed below.

• project_code (required)

• region (required)

• profile optional

• required_version (optional)

• template_bucket_name (optional)

• template_key_prefix (optional)

• j2_environment (optional)

• http_template_handler (optional)

Sceptre will only check for and uses the above keys in StackGroup config files and are directly accessible from Stack(). Any other keys added by the user are made available via stack_group_config attribute on Stack().

profile

• Resolvable: No

• Inheritance strategy: Overrides parent if set by child

The name of the profile as defined in ~/.aws/config and ~/.aws/credentials. Use the aws configure –profile <profile_id> command form the AWS CLI to add profiles to these files.

For more information on this configuration, its implications, and its uses, see Sceptre and IAM: profile.

Reference: AWS_CLI_Configure

project_code

• Resolvable: No

• Inheritance strategy: Overrides parent if set by child

A string which is prepended to the Stack names of all Stacks built by Sceptre.

region

• Resolvable: No

• Inheritance strategy: Overrides parent if set by child

The AWS region to build Stacks in. Sceptre should work in any region which supports CloudFormation.

template_bucket_name

• Resolvable: Yes

• Inheritance strategy: Overrides parent if set by child

The name of an S3 bucket to upload CloudFormation Templates to. Note that S3 bucket names must be globally unique. If the bucket does not exist, Sceptre creates one using the given name, in the AWS region specified by region.

If this parameter is not added, Sceptre does not upload the template to S3, but supplies the template to Boto3 via the TemplateBody argument. Templates supplied in this way have a lower maximum length, so using the template_bucket_name parameter is recommended.

Warning

If you resolve template_bucket_name using the !stack_output resolver on a StackGroup, the stack that outputs that bucket name cannot be defined in that StackGroup. Otherwise, a circular dependency will exist and Sceptre will raise an error when attempting any Stack action. There are two ways to avoid this situation:

1. Set the template_bucket_name to !no_value in on the StackConfig that creates your template bucket. This will override the inherited value to prevent them from having dependencies on themselves.

2. Define all your project stacks inside a StackGroup and then your template bucket stack outside that StackGroup. Here’s an example project structure for something like this:

   config/
     - config.yaml           # This is the StackGroup Config for your whole project.
     - template-bucket.yaml  # The template for this stack outputs the bucket name
     - project/              # You can put all your other stacks in this StackGroup
         - config.yaml       # In this StackGroup Config is...
                             #  template_bucket_name: !stack_output template-bucket.yaml::BucketName
         - vpc.yaml          # Put all your other project stacks inside project/
         - other-stack.yaml
   

template_key_prefix

• Resolvable: No

• Inheritance strategy: Overrides parent if set by child

A string which is prefixed onto the key used to store templates uploaded to S3. Templates are stored using the key:

<template_key_prefix>/<region>/<stack_group>/<stack_name>-<timestamp>.<extension>

Template key prefix can contain slashes (“/”), which are displayed as directories in the S3 console.

Extension can be json or yaml.

Note that if template_bucket_name is not supplied, this parameter is ignored.

j2_environment

• Resolvable: No

• Inheritance strategy: Child configs will be merged with parent configs

A dictionary that is combined with the default jinja2 environment. It’s converted to keyword arguments then passed to [jinja2.Environment](https://jinja.palletsprojects.com/en/2.11.x/api/#jinja2.Environment). This will impact the templating of stacks by modifying the behavior of jinja.

j2_environment:
   extensions:
      - jinja2.ext.i18n
      - jinja2.ext.do
   lstrip_blocks: True
   trim_blocks: True
   newline_sequence: \n

http_template_handler

Options passed to the http template handler.

• retries - The number of retry attempts (default is 5)

• timeout - The timeout for the session in seconds (default is 5)

http_template_handler:
   retries: 10
   timeout: 20

require_version

A PEP 440 compatible version specifier. If the Sceptre version does not fall within the given version requirement it will abort.

Cascading Config

Using Sceptre, config files are cascaded. Given the following sceptre directory structure:

.
└── config
    ├── account-1
    │   ├── config.yaml
    │   └── dev
    │       └── config.yaml
    └── config.yaml

General configurations should be defined at a high level, and more specific configurations should be defined at a lower directory level.

YAML files that define configuration settings with conflicting keys, the child configuration file will usually take precedence (see the specific config keys as documented for the inheritance strategy employed).

In the above directory structure, config/config.yaml will be read in first, followed by config/account-1/config.yaml, followed by config/account-1/dev/config.yaml.

For example, if you wanted the dev StackGroup to build to a different region, this setting could be specified in the config/dev/config.yaml file, and would only be applied to builds in the dev StackGroup.

Setting Dependencies for StackGroups

There are a few pieces of AWS infrastructure that Sceptre can (optionally) use to support the needs and concerns of the project. These include:

• The S3 bucket where templates are uploaded to and then referenced from for stack actions (i.e. the template_bucket_name config key).

• The CloudFormation service role added to the stack(s) that CloudFormation uses to execute stack actions (i.e. the cloudformation_service_role config key).

• The role that Sceptre will assume to execute stack actions (i.e. the sceptre_role config key).

• SNS topics that cloudformation will notify with the results of stack actions (i.e. the notifications config key).

These sorts of dependencies CAN be defined in Sceptre and added at the StackGroup level, referenced using !stack_output. Doing so will make it so that every stack in the StackGroup will have those dependencies and get those values from Sceptre-managed stacks.

Beyond the above mentioned config keys, it is possible to set the dependencies config key in a StackGroup config to be inherited by all Stack configs in that group. All dependencies in child stacks will be added to their inherited StackGroup dependencies, so be careful how you structure dependencies.

Warning

You might have already considered that this might cause a circular dependency for those dependency stacks, the ones that output the template bucket name, role arn, sceptre_role, or topic arns. In order to avoid the circular dependency issue, you can either:

1. Set the value of those configurations to !no_value in the actual stacks that define those items so they don’t inherit a dependency on themselves.

2. Define those stacks outside the StackGroup you reference them in. Here’s an example project structure that would support doing this:

   config/
     - config.yaml               # This is the StackGroup Config for your whole project.
     - sceptre-dependencies.yaml # This stack defines your template bucket, iam role, topics, etc...
     - project/                  # You can put all your other stacks in this StackGroup
         - config.yaml           # In this StackGroup Config you can use !stack_output to
                                 # reference outputs from sceptre-dependencies.yaml.
         - vpc.yaml              # Put all your other project stacks inside project/
         - other-stack.yaml
   

Templating

Sceptre supports the use of templating in config files. Templating allows config files to be further configured using values from the command line, environment variables, files or parts of the command_path.

Internally, Sceptre uses Jinja2 for templating, so any valid Jinja2 syntax should work with Sceptre templating.

Templating can be used for any values in the config files, not just those that are used by Sceptre.

Var

User variables are used to replace the value of any item in a config file with a value defined by a CLI flag or in a YAML variable file:

profile: {{ var.profile }}
region: eu-west-1

This item can be set using either a command line flag:

sceptre --var "profile=<your profile>" <COMMAND>

Or from a YAML variable file:

sceptre --var-file=variables.yaml <COMMAND>

where variables.yaml contains:

profile: <your profile>

Both the --var and --var-file flags can be used multiple times. If multiple --var-file options are supplied, the variables from these files will be merged, with a higher precedence given to options specified later in the command. Values supplied using --var take the highest precedence and will overwrite any value defined in the variable files.

For example if we have the following variable files:

# default.yaml
region: eu-west-1
profile: dev
project_code: api

# prod.yaml
profile: prod

The following sceptre command:

sceptre --var-file=default.yaml --var-file=prod.yaml --var region=us-east-1 <COMMAND>

Will result in the following variables being available to the jinja templating:

region: us-east-1
profile: prod
project_code: api

Note that by default, dictionaries are not merged. If the variable appearing in the last variable file is a dictionary, and the same variable is defined in an earlier variable file, that whole dictionary will be overwritten. For example, this would not work as intended:

# default.yaml
tags: {"Env": "dev", "Project": "Widget"}

# prod.yaml
tags: {"Env": "prod"}

Rather, the final dictionary would only contain the Env key.

By using the --merge-vars option, these tags can be merged as intended:

sceptre --merge-vars --var-file=default.yaml --var-file=prod.yaml --var region=us-east-1 <COMMAND>

This will result in the following:

tags: {"Env": "prod", "Project": "Widget"}

For command line flags, Sceptre splits the string on the first equals sign “=”, and sets the key to be the first substring, and the value to be the second. Due to the large number of possible user inputs, no error checking is performed on the value of the –var flag, and it is the user’s responsibility to make sure that the value is correctly formatted.

All user variables are supplied to all config files, so users must be careful to make sure that user variable names do not unintentionally clash.

Environment Variables

Config item values can be replaced with environment variables:

profile: {{ environment_variable.PROFILE }}
region: eu-west-1

Where PROFILE is the name of an environment variable.

Command Path

Config item values can be replaced with parts of the command_path

region: {{ command_path.0 }}
profile: default

Where the value is taken from the first part of the command_path from the invoking sceptre command:

sceptre launch eu-west-1/dev/vpc.yaml

Template Defaults

Any templated value can be supplied with a default value with the syntax:

{{ var.value | default("default_value") }}

Examples

profile: profile
project_code: prj
region: eu-west-1
template_bucket_name: sceptre-artifacts
template_key_prefix: my/prefix

profile: {{ var.profile }}
project_code: {{ var.project_code | default("prj") }}
region: {{ command_path.2 }}
template_bucket_name: {{ environment_variable.TEMPLATE_BUCKET_NAME }}