AWS CloudFormation is an infrastructure as code (IaC) service that helps you scale your cloud infrastructure development by provisioning AWS resources. It also helps you manage those resources throughout their lifecycle, across AWS accounts and AWS Regions. In CloudFormation, you define templates, which act as a blueprint for a set of resources. You then provision those resources by creating and deploying a stack, which is a group of related resources that you manage as a single unit. You can also use CloudFormation to deploy stack sets, which are groups of stacks that you can create, update, and delete across multiple accounts and AWS Regions with a single operation. This guide provides an overview of how you can implement least-privilege permissions for AWS CloudFormation and resources provisioned through CloudFormation.
