hto/example_stackset.yml

## example_stackset.yml
AWSTemplateFormatVersion: '2010-09-09'
Description: Example StackSet

Resources:
  DynamoDBGlobalTable:
    Type: AWS::DynamoDB::GlobalTable
    Properties:
      AttributeDefinitions:
        - AttributeName: id
          AttributeType: S
      KeySchema:
        - AttributeName: id
          KeyType: HASH
      BillingMode: 'PAY_PER_REQUEST'
      StreamSpecification:
        StreamViewType: 'NEW_AND_OLD_IMAGES'
      Replicas:
        - Region: eu-central-1
        - Region: ap-south-1
        - Region: us-east-1

  StackSet:
    Type: AWS::CloudFormation::StackSet
    DependsOn:
      - DynamoDBGlobalTable
      - StackSetAdministrationRole
      - StackSetExecutionRole
    Properties:
      Description: Example StackSet
      PermissionModel: SELF_MANAGED
      StackInstancesGroup:
        - DeploymentTargets:
            Accounts:
              - !Ref "AWS::AccountId"
          Regions:
            - eu-central-1
            - ap-south-1
            - us-east-1
            - ap-southeast-1
            - us-west-1
            - me-south-1
      StackSetName: ExampleStackSet
      Capabilities:
        - CAPABILITY_IAM
        - CAPABILITY_NAMED_IAM
        - CAPABILITY_AUTO_EXPAND
      Parameters:
        - ParameterKey: DynamoTableName
          ParameterValue: !Ref DynamoDBGlobalTable
      TemplateURL: https://XXXXXXXXXX.s3.eu-central-1.amazonaws.com/XXXXXXXXXX/example_stack.yml

  StackSetAdministrationRole:
    Type: AWS::IAM::Role
    Properties:
      RoleName: AWSCloudFormationStackSetAdministrationRole
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Principal:
              Service: cloudformation.amazonaws.com
            Action:
              - sts:AssumeRole
      Path: /
      Policies:
        - PolicyName: AssumeRole-AWSCloudFormationStackSetExecutionRole
          PolicyDocument:
            Version: 2012-10-17
            Statement:
              - Effect: Allow
                Action:
                  - sts:AssumeRole
                Resource:
                  - "arn:*:iam::*:role/AWSCloudFormationStackSetExecutionRole"

  StackSetExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      RoleName: AWSCloudFormationStackSetExecutionRole
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Principal:
              AWS:
                - Ref: AWS::AccountId
            Action:
              - sts:AssumeRole
      Path: /
      ManagedPolicyArns:
        - !Sub arn:${AWS::Partition}:iam::aws:policy/AdministratorAccess
	AWSTemplateFormatVersion: '2010-09-09'
	Description: Example StackSet

	Resources:
	DynamoDBGlobalTable:
	Type: AWS::DynamoDB::GlobalTable
	Properties:
	AttributeDefinitions:
	- AttributeName: id
	AttributeType: S
	KeySchema:
	- AttributeName: id
	KeyType: HASH
	BillingMode: 'PAY_PER_REQUEST'
	StreamSpecification:
	StreamViewType: 'NEW_AND_OLD_IMAGES'
	Replicas:
	- Region: eu-central-1
	- Region: ap-south-1
	- Region: us-east-1

	StackSet:
	Type: AWS::CloudFormation::StackSet
	DependsOn:
	- DynamoDBGlobalTable
	- StackSetAdministrationRole
	- StackSetExecutionRole
	Properties:
	Description: Example StackSet
	PermissionModel: SELF_MANAGED
	StackInstancesGroup:
	- DeploymentTargets:
	Accounts:
	- !Ref "AWS::AccountId"
	Regions:
	- eu-central-1
	- ap-south-1
	- us-east-1
	- ap-southeast-1
	- us-west-1
	- me-south-1
	StackSetName: ExampleStackSet
	Capabilities:
	- CAPABILITY_IAM
	- CAPABILITY_NAMED_IAM
	- CAPABILITY_AUTO_EXPAND
	Parameters:
	- ParameterKey: DynamoTableName
	ParameterValue: !Ref DynamoDBGlobalTable
	TemplateURL: https://XXXXXXXXXX.s3.eu-central-1.amazonaws.com/XXXXXXXXXX/example_stack.yml

	StackSetAdministrationRole:
	Type: AWS::IAM::Role
	Properties:
	RoleName: AWSCloudFormationStackSetAdministrationRole
	AssumeRolePolicyDocument:
	Version: 2012-10-17
	Statement:
	- Effect: Allow
	Principal:
	Service: cloudformation.amazonaws.com
	Action:
	- sts:AssumeRole
	Path: /
	Policies:
	- PolicyName: AssumeRole-AWSCloudFormationStackSetExecutionRole
	PolicyDocument:
	Version: 2012-10-17
	Statement:
	- Effect: Allow
	Action:
	- sts:AssumeRole
	Resource:
	- "arn::iam:::role/AWSCloudFormationStackSetExecutionRole"

	StackSetExecutionRole:
	Type: AWS::IAM::Role
	Properties:
	RoleName: AWSCloudFormationStackSetExecutionRole
	AssumeRolePolicyDocument:
	Version: 2012-10-17
	Statement:
	- Effect: Allow
	Principal:
	AWS:
	- Ref: AWS::AccountId
	Action:
	- sts:AssumeRole
	Path: /
	ManagedPolicyArns:
	- !Sub arn:${AWS::Partition}:iam::aws:policy/AdministratorAccess