I don't quite see the advantage. If you update a stack it will only do the minim... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		openasocket on Dec 3, 2016 \| parent \| context \| favorite \| on: Amazon States Language – A JSON-based language to ... I don't quite see the advantage. If you update a stack it will only do the minimal required changes. So if you have an EC2 instance and a security group defined in one stack and you update the security group the EC2 instance won't be affected, it's not like it would be shut down and an identical one would be spun up. What does breaking it up like that give you?

jeletonskelly on Dec 6, 2016 [–]

Late reply, but mainly shared resources like security groups (like a specific security group for NTP or HTTP/S), IAM roles, DB's, Kinesis streams, etc. The other reason being the limit on template length. You can't spec out a 3-tier VPC with network ACLs and security groups in a single template.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact