Nested Stacks and Cross-Stack References

As your infrastructure grows, a single CloudFormation template can become unwieldy — thousands of lines, dozens of resources, and complex interdependencies. CloudFormation provides two powerful mechanisms for breaking large templates into manageable, reusable pieces: nested stacks and cross-stack references. In this lesson we will explore both approaches, understand when to use each, and see practical examples.

---

The Problem with Monolithic Templates

A monolithic template — one that defines every resource in a single file — presents several challenges:

• Size limits — CloudFormation templates have a hard limit of 1 MB (when stored in S3) and 500 resources per stack
• Blast radius — a single mistake can affect your entire infrastructure
• Reusability — you cannot reuse a VPC definition across multiple applications without copy-pasting
• Team collaboration — multiple teams editing the same file creates merge conflicts
• Testing — it is difficult to test a 3,000-line template in isolation

Both nested stacks and cross-stack references solve these problems, but in different ways.

---

Nested Stacks

A nested stack is a stack that is created as a resource within another stack. The parent stack includes a resource of type AWS::CloudFormation::Stack that points to a child template.

How Nested Stacks Work

1. You create separate templates for each component (VPC, database, application, etc.)
2. You upload the child templates to S3
3. The parent template references each child template as a AWS::CloudFormation::Stack resource
4. When you create the parent stack, CloudFormation automatically creates all the child stacks

Example: Parent Template

AWSTemplateFormatVersion: '2010-09-09'
Description: Parent stack that composes nested stacks

Parameters:
  Environment:
    Type: String
    Default: dev
    AllowedValues: [dev, staging, production]

Resources:
  NetworkStack:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: https://my-templates.s3.amazonaws.com/network.yaml
      Parameters:
        Environment: !Ref Environment
        VpcCidr: '10.0.0.0/16'

  DatabaseStack:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: https://my-templates.s3.amazonaws.com/database.yaml
      Parameters:
        VpcId: !GetAtt NetworkStack.Outputs.VpcId
        SubnetIds: !GetAtt NetworkStack.Outputs.PrivateSubnetIds
        Environment: !Ref Environment

  ApplicationStack:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: https://my-templates.s3.amazonaws.com/application.yaml
      Parameters:
        VpcId: !GetAtt NetworkStack.Outputs.VpcId
        SubnetIds: !GetAtt NetworkStack.Outputs.PublicSubnetIds
        DatabaseEndpoint: !GetAtt DatabaseStack.Outputs.DatabaseEndpoint
        Environment: !Ref Environment

Outputs:
  ApplicationURL:
    Value: !GetAtt ApplicationStack.Outputs.LoadBalancerDNS

Child Template: Network

AWSTemplateFormatVersion: '2010-09-09'
Description: Network stack — VPC, subnets, and gateways

Parameters:
  Environment:
    Type: String
  VpcCidr:
    Type: String

Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: !Ref VpcCidr
      Tags:
        - Key: Name
          Value: !Sub '${Environment}-vpc'

  PublicSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      CidrBlock: !Select [0, !Cidr [!Ref VpcCidr, 4, 8]]
      AvailabilityZone: !Select [0, !GetAZs '']

  PrivateSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      CidrBlock: !Select [2, !Cidr [!Ref VpcCidr, 4, 8]]
      AvailabilityZone: !Select [0, !GetAZs '']

Outputs:
  VpcId:
    Value: !Ref VPC
  PublicSubnetIds:
    Value: !Ref PublicSubnetA
  PrivateSubnetIds:
    Value: !Ref PrivateSubnetA

Key Points About Nested Stacks

• Child templates must be stored in S3 — you cannot inline them
• The parent stack passes parameters down to child stacks
• The parent stack accesses child outputs via !GetAtt ChildStack.Outputs.OutputName
• All child stacks are created, updated, and deleted with the parent
• Updating the parent triggers updates to any child stacks whose parameters or templates have changed

---

Cross-Stack References

Cross-stack references let independent stacks share values through exports and imports. Unlike nested stacks, cross-stack referenced stacks are managed independently.