How do I use CloudFormation to provision my resources from one account to another account?

Short description

To use CloudFormation to create resources in your destination account, you must have a CloudFormation template in a YAML or JSON format that defines your specified resources. When the CloudFormation template is ready, use the template in your destination account to create a stack and provision the specified resources.

For manually provisioned resources in your source account, use the CloudFormation IaC generator to generate a source account template. Then, use the template to define the resources of your destination account's stack template.

Resolution

Use the IaC generator to create the source account template

Note: The following steps are for manually provisioned resources that the IaC generator supports. The IaC generator supports only the resource types that support AWS Cloud Control API in your AWS Region.

Complete the following steps:

1. Open the CloudFormation console from your source account.
2. In the navigation pane, choose IaC generator. Then, choose Start a new scan.
   Note: The scan time depends on the number of resources that you have and can take up to 10 minutes for 1,000 resources.
3. Choose Create template.
4. On the Specify template details page, under Prerequisite - Prepare template section, choose Start from a new template, and then update the Provide template details section.
5. Choose Next.
6. On the Add scanned resources page, select the resources that you want to copy, and then choose Next.
7. On the Add related resources page, add the related resources that you want to copy, and then choose Next.
8. On the Review and Create page, choose Create template, and then choose Download.

Create the destination account template

Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.

After you generate the source account template, use the template as a reference to create the destination account template. Make sure that you copy the common resources' properties of the source account template to the destination account template.

When you reference the source account template to create the destination account template, take the following actions:

• The template might consist of globally unique ARNs from your source account and property values. Modify the ARNs or properties from the template, and then define them based on your destination account use case.
• Modify the template's attributes, such as resource properties and logical IDs, and create parameters for your use case.
• For resources that the IaC generator doesn't support, run the resources' AWS CLI commands to view the resource details. In the output, identify your resource configuration properties, and then use the CloudFormation resource type reference to define your resource.

Create a CloudFormation stack in the destination account

When your CloudFormation template is ready to use with your specified resources' configuration properties, create a stack in your destination account to provision the resources. To better manage your resources, group your resources into multiple stacks.