The Stackery Agent provisions resources that link customer accounts to Stackery, enabling CloudFormation notifications for the Stackery UI and CLI.
In addition, it provisions an IAM role that enables Stackery to access resources required for fetching metric data and proposing CloudFormation change sets.
The Stackery Agent automatically enforces the “principle of least privilege” by generating AWS Identity and Access Management policies scoped only to actions that may be performed on resources within a deployment. This means serverless functions in one deployment can’t interfere with resources, such as databases and S3 buckets, from other deployments. Stackery’s privilege scoping prevents security intrusions from easily spreading from one application to others within your organization.
Stackery Agent Version
To update the Stackery Agent version, navigate to the Account page. If an update is needed, a button to “Update Stackery Version” will appear. Click this button to open the “Update Stack” page within the AWS CloudFormation console, then click through the following steps:
- Click “Next” at the bottom right of the Select Template page, which contains a pre-populated template URL
- Click “Next” at the bottom right of the Specify Details page, which contains a pre-populated (read-only) stack name
- Click “Next” at the bottom right of the Options page
- Click “Update” at the bottom right of the Review page
- Once the stack has updated successfully, close the AWS Console and refresh Stackery to confirm the update was successful
Check for updates to the Stackery Agent Version in the Account page to ensure agent permissions are in sync with the latest features.