DEV Community

A Comprehensive Guide to Various Sceptre Commands

Sceptre Commands

Introduction

Sceptre provides various commands that cater to different aspects of managing CloudFormation stacks and interacting with AWS resources. In this article, we’ll explore the various Sceptre commands and how they can streamline your cloud infrastructure management.

Sceptre CLI (Version 4.2.2)

Please consult the official Sceptre documentation or the documentation specific to version 4.2.2 for the most accurate and up-to-date information on commands and their usage.

Usage

Usage: sceptre [OPTIONS] COMMAND [ARGS]...
Enter fullscreen mode Exit fullscreen mode

Sceptre serves as a command-line tool, and if you run it without a sub-command, it will display helpful information by showing a list of the available commands.

sceptre 
sceptre --help
Enter fullscreen mode Exit fullscreen mode

output of sceptre or sceptre — help commands

Various Sceptre Commands

1.) create



    sceptre create --help
    Usage: sceptre create [OPTIONS] PATH [CHANGE_SET_NAME]

      Creates a stack for a given config PATH. Or if CHANGE_SET_NAME is specified
      creates a change set for stack in PATH.

    Options:
      -y, --yes                       Assume yes to all questions.
      --disable-rollback / --enable-rollback
                                      Disable or enable the cloudformation
                                      automatic rollback
      --help                          Show this message and exit.


Enter fullscreen mode Exit fullscreen mode

Create a stack

usage: sceptre create [options] PATH

sceptre create -y s3-bucket-config.yaml 
Enter fullscreen mode Exit fullscreen mode

Create a changeset

Using changesets is a best practice when managing CloudFormation stacks, especially in production and other controlled environments. It promotes a well-defined and cautious approach to making changes, reducing the risk of disruptions and ensuring the stability of your cloud infrastructure.

For additional details on changesets, please check this page.

usage: sceptre create [options] PATH [CHANGE_SET_NAME]

sceptre create -y --enable-rollback s3-bucket-config.yaml updatename
Enter fullscreen mode Exit fullscreen mode

The command creates changeset called “updatename” stack based on the provided configuration file “s3-bucket-config.yaml.” The “-y” option skips confirmation prompts, and “ — enable-rollback” enables automatic rollback in case of stack creation failures.

2.) delete

sceptre delete --help
Usage: sceptre delete [OPTIONS] PATH [CHANGE_SET_NAME]

  Deletes a stack for a given config PATH. Or if CHANGE_SET_NAME is specified
  deletes a change set for stack in PATH.

Options:
  -y, --yes  Assume yes to all questions.
  --help     Show this message and exit.
Enter fullscreen mode Exit fullscreen mode

Delete a stack

usage: sceptre delete [options] PATH

sceptre delete -y s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

Delete a changeset

usage: sceptre delete [options] PATH [CHANGE_SET_NAME]

sceptre delete -y s3-bucket-config.yaml updatename
Enter fullscreen mode Exit fullscreen mode

3.) describe

sceptre describe --help
Usage: sceptre describe [OPTIONS] COMMAND [ARGS]...

  Commands for describing attributes of stacks.

Options:
  --help  Show this message and exit.

Commands:
  change-set  Describes the change set.
  policy      Displays the stack policy used.

 sceptre describe change-set  s3-bucket-config.yaml updatename
Enter fullscreen mode Exit fullscreen mode

Describe Changeset

The above output suggests that the change set “updatename” includes a modification to the existing AWS S3 bucket resource named “MyS3Bucket” within the “my-s3-bucket-stack” CloudFormation stack. The change involves updating the properties of the bucket. Additionally, the resource is marked for **replacement, indicating that a new physical resource will be created to apply the update.

Change sets can also be examined through the AWS CloudFormation console, providing a user-friendly graphical interface to visualize the alterations made to stack resources.

 sceptre describe policy  s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

Describe the policy

4.) diff

sceptre diff --help               
Usage: sceptre diff [OPTIONS] PATH

  Indicates the difference between the currently DEPLOYED stacks in the
  command path and the stacks configured in Sceptre right now. This command
  will compare both the templates as well as the subset of stack
  configurations that can be compared. By default, only stacks that would be
  launched via the launch command will be diffed, but you can diff ALL stacks
  relevant to the passed command path if you pass the --all flag.

  Some settings (such as sceptre_user_data) are not available in a
  CloudFormation stack description, so the diff will not be indicated.
  Currently compared stack configurations are:

    * parameters
    * notifications
    * cloudformation_service_role
    * stack_tags

  Important: There are resolvers (notably !stack_output) that rely on other
  stacks to be already deployed when they are resolved. When producing a diff
  on Stack Configs that have such resolvers that point to non-deployed stacks,
  this presents a challenge, since this means those resolvers cannot be
  resolved. This particularly applies to stack parameters and when a stack's
  template uses sceptre_user_data with resolvers in it. In order to continue
  to be useful when producing a diff in these conditions, this command will do
  the following:

  1. If the resolver CAN be resolved, it will be resolved and the resolved
  value will be in the diff results. 2. If the resolver CANNOT be resolved, it
  will be replaced with a string that represents the resolver and its
  arguments. For example: !stack_output my_stack.yaml::MyOutput will resolve
  in the parameters to "{ !StackOutput(my_stack.yaml::MyOutput) }".

  Particularly in cases where the replaced value doesn't work in the template
  as the template logic requires and causes an error, there is nothing further
  Sceptre can do and diffing will fail.

Options:
  -t, --type [deepdiff|difflib]  The type of differ to use. Use "deepdiff" for
                                 recursive key/value comparison. "difflib"
                                 produces a more traditional "diff" result.
                                 Defaults to deepdiff.
  -s, --show-no-echo             If set, will display the unmasked values of
                                 NoEcho parameters generated LOCALLY (NoEcho
                                 parameters for deployed stacks will always be
                                 masked when retrieved from CloudFormation.).
                                 If not set (the default), parameters
                                 identified as NoEcho on the local template
                                 will be masked when presented in the diff.
  -n, --no-placeholders          If set, no placeholder values will be
                                 supplied for resolvers that cannot be
                                 resolved.
  -a, --all                      If set, will perform diffing on ALL stacks,
                                 including ignored and obsolete ones;
                                 Otherwise, it will diff only stacks that
                                 would be created or updated when running the
                                 launch command.
  --help                         Show this message and exit.

sceptre diff s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

sceptre diff

The detected difference reveals that the “bucketname” parameter within the CloudFormation stack has been modified, changing from “first-secptre-bucket-20230728” to “first-secptre-bucket-20230729.” Notably, the CloudFormation template itself remains unchanged during this update.

5.) drift

A “drift” refers to a situation where the actual state of a stack’s resources deviates from the expected state defined in the CloudFormation template. In other words, a drift occurs when there are resource changes made directly in the AWS environment, outside of CloudFormation’s control(via Sceptre).

sceptre drift --help
Usage: sceptre drift [OPTIONS] COMMAND [ARGS]...

  Commands for calling drift detection.

Options:
  --help  Show this message and exit.

Commands:
  detect  Run detect stack drift on running stacks.
  show    Shows stack drift on running stacks.
Enter fullscreen mode Exit fullscreen mode

detect drift

 sceptre drift detect s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

Drift detection results

The above output indicates that the “my-s3-bucket-stack” CloudFormation stack is in good condition and does not have any drifted resources. The drift detection process has been completed, and all the resources in the stack are in sync with the defined CloudFormation template.

show drift

 sceptre drift show s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

Show drift results

The output indicates that the specific AWS S3 Bucket resource with the logical ID “MyS3Bucket” within the “my-s3-bucket-stack” CloudFormation stack is in sync with the expected state defined in the template. There are no property differences, and the resource’s properties match those defined in the CloudFormation template, ensuring that it is in the desired state.

6.) dump

 sceptre dump --help
Usage: sceptre dump [OPTIONS] COMMAND [ARGS]...

  Commands for dumping attributes of stacks.

Options:
  --help  Show this message and exit.

Commands:
  all       Dumps both the rendered (post-Jinja) Stack Configs and the...
  config    Dump the rendered (post-Jinja) Stack Configs.
  template  Prints the template used for stack in PATH.

sceptre dump template s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

Prints theTemplate

sceptre dump config  s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

Prints the Config

sceptre dump all  s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

Prints both template and config

7.) estimate-cost

sceptre estimate-cost --help
Usage: sceptre estimate-cost [OPTIONS] PATH

  Prints a URI to STOUT that provides an estimated cost based on the resources
  in the stack. This command will also attempt to open a web browser with the
  returned URI.

Options:
  --help  Show this message and exit.

sceptre estimate-cost  s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

Estimated cost from S3 Pricing Calculator

8.) execute

sceptre execute --help
Usage: sceptre execute [OPTIONS] PATH CHANGE_SET_NAME

  Executes a Change Set.

Options:
  -y, --yes                       Assume yes to all questions.
  --disable-rollback / --enable-rollback
                                  Disable or enable the cloudformation
                                  automatic rollback
  --help                          Show this message and exit.

sceptre execute -y --enable-rollback s3-bucket-config.yaml updatename
Enter fullscreen mode Exit fullscreen mode

Prior to executing the changeset, it’s advisable to thoroughly review its contents. As demonstrated in the ‘describe changeset’ command above, taking this precaution is essential because the changes applied by the changeset can be irreversible and may not have a straightforward rollback mechanism.

Executing changeset via Sceptre

As per the above output;

  • The AWS S3 bucket “MyS3Bucket” within the “s3-bucket-config” stack is being updated.

  • Since the bucket update requires the creation of a new physical resource(as the bucket name has been modified) , it indicates that CloudFormation is replacing the existing bucket with a new one. This suggests that the “Delete” deletion policy is applied to the bucket and the new bucket is created, and the old one is deleted.

9.) fetch-remote-template

sceptre fetch-remote-template --help
Usage: sceptre fetch-remote-template [OPTIONS] PATH

  Prints the remote template used for stack in PATH.

Options:
  --help  Show this message and exit.

 sceptre fetch-remote-template s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

Fetch-Remote-Template

10.) generate

sceptre generate --help
Usage: sceptre generate [OPTIONS] PATH

  Prints the template used for stack in PATH.

  This command is aliased to the dump template command for legacy support
  reasons. It's the same as running `sceptre dump template`.

Options:
  -n, --no-placeholders  If True, no placeholder values will be supplied for
                         resolvers that cannot be resolved.
  --help                 Show this message and exit.

 sceptre generate s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

sceptre generate (obsolete)

11.) launch

sceptre launch --help                 
Usage: sceptre launch [OPTIONS] PATH

  Launch a Stack or StackGroup for a given config PATH. This command is
  intended as a catch-all command that will apply any changes from Stack
  Configs indicated via the path.

  * Any Stacks that do not exist will be created
  * Any stacks that already exist will be updated (if there are any changes)
  * If any stacks are marked with "ignore: True", those stacks will neither be created nor updated
  * If any stacks are marked with "obsolete: True", those stacks will neither be created nor updated.
  * Furthermore, if the "-p"/"--prune" flag is used, these stacks will be deleted prior to any
    other launch commands

Options:
  -y, --yes                       Assume yes to all questions.
  -p, --prune                     If set, will delete all stacks in the
                                  command path marked as obsolete.
  --disable-rollback / --enable-rollback
                                  Disable or enable the cloudformation
                                  automatic rollback
  --help                          Show this message and exit.\

sceptre launch -y s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

sceptre launch stack

According to the provided output, since the stack is already present, the “launch” procedure has brought about modifications to the resources (specifically, the S3 bucket) within the stack. These alterations align with the adjustments introduced in the CloudFormation template or the configuration of the stack (in our case, the stack configuration has been modified to update the bucket name).

12.) list

sceptre list --help
Usage: sceptre list [OPTIONS] COMMAND [ARGS]...

  Commands for listing attributes of stacks.

Options:
  --help  Show this message and exit.

Commands:
  change-sets  List change sets for stack.
  outputs      List outputs for stack.
  resources    List resources for stack or stack_group.
  stacks       List sceptre stack config attributes,

sceptre list change-sets s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

a list of change sets associated with a stack

sceptre list outputs  s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

a list of outputs associated with a stack

sceptre list resources  s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

a list of resources associated with a stack

sceptre list stacks  s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

a list of sceptre stack config attributes

13.) new

 sceptre new --help
Usage: sceptre new [OPTIONS] COMMAND [ARGS]...

  Commands for initialising Sceptre projects.

Options:
  --help  Show this message and exit.

Commands:
  group    Creates a new Stack Group directory in a project.
  project  Creates a new project.
Enter fullscreen mode Exit fullscreen mode

sceptre new command has been comprehensively explained with an example in a previous article within the section titled “Setting Up the Directory Structure for a New Sceptre Project.”

14.). prune

sceptre prune --help
Usage: sceptre prune [OPTIONS] [PATH]

  This command deletes all obsolete stacks in the project. Only obsolete
  stacks can be deleted via prune; If any non-obsolete stacks depend on
  obsolete stacks, an error will be raised and this command will fail.

Options:
  -y, --yes  Assume yes to all questions.
  --help     Show this message and exit.

 sceptre prune s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

prune stacks

How to make a stack “obselete” ? By setting the obsolete parameter to True, you are indicating that this stack is no longer actively managed and is considered obsolete. This helps communicate the status of the stack to the team, making it clear that this stack is not intended for further updates or maintenance.

template:
  path: s3-bucket-template.yaml
  type: file

stack_name: my-s3-bucket-stack
obsolete: True

parameters:
  bucketname: first-secptre-bucket-20230730
  deletionpolicy: Delete
Enter fullscreen mode Exit fullscreen mode

What will be the outcome if you execute the prune command at this moment? The stack will be deleted as it is marked as “obselete”

Deleting obsolete stack

15.) set-policy

sceptre set-policy --help
Usage: sceptre set-policy [OPTIONS] PATH [POLICY_FILE]

  Sets a specific Stack policy for either a file or using a built-in policy.

Options:
  -b, --built-in [deny-all|allow-all]
                                  Specify a built in stack policy.
  --help                          Show this message and exit.Specifies the resources you wish to safeguard against accidental modifications during a stack update

sceptre set-policy -b allow-all  s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

The purpose of using this command is to establish a standardized policy that governs what types of changes can be made to the stack resources. The “allow-all” policy, as implied by its name, allows all possible updates to the stack. This can be useful in scenarios where you want to enable unrestricted updates to the stack resources.

set-policy

Let’s run the describe policy command and see the output now;

describe policy

Let’s define a custom stack policy in JSON format that you can use to deny updates to all resources within a CloudFormation stack:

config/policies/deny-policy.json

{
    "Statement" : [
      {
        "Effect" : "Deny",
        "Action" : "Update:*",
        "Principal": "*",
        "Resource" : "*"
      }
    ]
  }

sceptre set-policy s3-bucket-config.yaml config/policies/deny-policy.json
Enter fullscreen mode Exit fullscreen mode

Setting a custom policy

Let’s evaluate the impact of the “deny” stack policy on the stack by trying to perform a stack update.

Updating the stack which is associated with a deny policy

As anticipated, the update operation failed due to the stack policy that prohibits any updates on all resources.

Remember that creating and applying policies should be done carefully, as they significantly impact the actions that can be performed on your stack resources. Always test policies in a controlled environment before applying them to production stacks

16.) update

sceptre update --help 
Usage: sceptre update [OPTIONS] PATH

  Updates a stack for a given config PATH. Or perform an update via change-set
  when the change-set flag is set.

Options:
  -c, --change-set                Create a change set before updating.
  -v, --verbose                   Display verbose output.
  -y, --yes                       Assume yes to all questions.
  --disable-rollback / --enable-rollback
                                  Disable or enable the cloudformation
                                  automatic rollback
  --help                          Show this message and exit.

sceptre update s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

sceptre update

Updating stack with a changeset

sceptre update --change-set s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

update a stack using changeset

It’s worth observing that while “Update Change Set” and “Create Change Set” might appear similar, they actually serve distinct purposes. Despite their eventual outcomes being similar, these two operations are applied in different scenarios. “Create Change Set” is typically used when making significant changes to an existing stack, while “Update Change Set” is used for incremental changes to an existing stack. Both operations provide a safety net by allowing you to review changes before they are applied, reducing the risk of unintended consequences.

17.) validate

sceptre validate --help
Usage: sceptre validate [OPTIONS] PATH

  Validates the template used for stack in PATH.

Options:
  -n, --no-placeholders  If True, no placeholder values will be supplied for
                         resolvers that cannot be resolved.
  --help                 Show this message and exit.

sceptre validate s3-bucket-config.yaml
Enter fullscreen mode Exit fullscreen mode

Validating a stack

Conclusion

As we explored various Sceptre commands, we learned how they help create, update, and manage cloud infrastructure effortlessly. With its command-line toolkit, Sceptre becomes a dependable companion for modern cloud enthusiasts, making cloud deployment efficient and automated.

Whether you’re experienced in cloud engineering or new to Infrastructure as Code, learning Sceptre commands will surely boost your cloud management skills and speed up your path to cloud expertise. Embrace Sceptre’s capabilities and enter a new phase of managing cloud infrastructure.

By understanding and utilizing these Sceptre commands, you’ll be well-equipped to optimize your cloud infrastructure and ensure the scalability, reliability, and security of your applications.

(Note: This article offers a broad look at Sceptre commands and what they can do. For more detailed and up-to-date information, readers are advised to consult the official Sceptre documentation and additional resources.)

Top comments (0)