widdix, a CLI tool to manage Free Templates for AWS CloudFormation
Switch branches/tags
Nothing to show
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
lib revert Jul 18, 2018
test fix test Jul 18, 2018
.eslintignore init Apr 19, 2018
.eslintrc.yml revert Jul 18, 2018
.gitignore added logging May 20, 2018
.travis.yml fix npm based install of the CLI Jul 24, 2018
CONTRIBUTING.md Docker image Dec 9, 2018
Dockerfile update dependencies Dec 9, 2018
LICENSE added license Jul 17, 2018
README.md Docker image Dec 9, 2018
cli.js fix CloudFormation rate limit errors Jul 27, 2018
cli.txt add ability to override latest version Jul 19, 2018
graph.png init Apr 19, 2018
index.js fix npm based install of the CLI Jul 24, 2018
package-lock.json update dependencies Dec 9, 2018
package.json update dependencies Dec 9, 2018


widdix CLI

widdix, a CLI tool to manage Free Templates for AWS CloudFormation.

The widdix CLI is compatible with templates >= v6.13.0


We provide three ways to install widdix. Via npm, Docker, or by downloading the binary manually.


If you have npm installed, run npm install -g widdix.


Docker image available on Ducker Hub widdix/widdix.

Usage: docker run -it --rm -v "$HOME/.aws:/root/.aws:ro" widdix/widdix list --all-profiles


Download the latest binary for your operating system: https://github.com/widdix/aws-cf-templates-cli/releases


chmod 755 widdix-macos
mv widdix-macos /usr/local/bin/widdix
widdix -v


chmod 755 widdix-linux
mv widdix-linux /usr/local/bin/widdix
widdix -v



AWS Authorization & Authentication (IAM)


If you append the --env parameter, the following environment variables are used: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN


If you append the --profile=<name> parameter, the profile is loaded from ~/.aws/credentials (MFA is supported).


If you append the --all-profiles parameter, all profiles from ~/.aws/credentials are loaded (MFA is supported).


If nothing is specified, the AWS SDK for Node.js default behavior applies.

Available Commands


To list all your stacks in an AWS account, run:

widdix list

A sample output looks like this:

| Stack Account | Stack Region | Stack Name              | Template ID                        | Template Version       | Template Drift |
| 123456789123  | eu-west-1    | operations-alert        | operations/alert                   | 6.14.0                 | false          |
| 123456789123  | eu-west-1    | jenkins-vpc-auth-proxy  | security/auth-proxy-ha-github-orga | 6.14.0                 | false          |
| 123456789123  | eu-west-1    | jenkins-ha-agents       | jenkins/jenkins2-ha-agents         | 6.13.0 (latest 6.14.0) | false          |
| 123456789123  | eu-west-1    | jenkins-vpc-ssh-bastion | vpc/vpc-ssh-bastion                | 6.14.0                 | false          |
| 123456789123  | eu-west-1    | jenkins-vpc-2azs        | vpc/vpc-2azs                       | 6.14.0                 | false          |

To filter a AWS single region, run:

widdix list --region=us-east-1


Column Description
Stack Account AWS account alias or ID.
Stack Region AWS region, like us-east-1.
Stack Name Name of AWS CloudFormation stack.
Template ID Template id, like vpc/vpc-2azs.
Template Version Current version of the template. If an update is available it is added in parentheses.
Template Drift If you modified the template drift is detected.



To generate a graph in DOT format of your stacks in an AWS account, run:

widdix graph

To filter a single AWS region, run:

widdix graph --region=us-east-1

Do visualize the graph in a png file, pipe stdout to dot:

widdix graph | dot -Tpng > graph.png

If you don't have dot installed, you can also use Docker:

widdix graph | docker run -i robhaswell/dot-docker -Tpng > graph.png


If a new version of the template is released, you can update your existing stacks. To update all stacks in interactive mode, run:

widdix update

The update behaves as follows:

  1. If no updates are available, an error is thrown.
  2. If template drift is detected we do not recommend to update! You have to confirm this potentially destructive action by typing yes.
  3. Planed changes (using AWS CloudFormation change sets) that are necessary to migrate to the new version are displayed.
  4. You have to confirm the changes by typing yes.
  5. Changes are applied and CloudWatch events are streamed to your screen.

You can filter AWS CloudFormation stacks based on region and/or AWS CloudFormation stack name like this:

widdix update --region=us-east-1 --stack-name=vpc

Future Commands


List all available templates that can be installed.

Not yet implemented!


Get information about a single stack.

Not yet implemented!


Create a new stack from a template in the catalogue. If the template needs connect to dependent stacks, you will be asked to select one of the existing stacks (if available) or to create the dependent stack as well.

Not yet implemented!


Not yet implemented!



The HTTPS_PROXY environment variable is used if set.


If something goes wrong, a log file (widdix.log) is written to the current working directory.

If you append the --debug parameter the log will be more verbose.