The template is analyzed for the correct syntax and, if the syntax is correct, the parameters are verified against the AWS account. If any of these are not correct, the CloudFormation service will throw an error before it begins the deployment of resources. If the syntax and parameter check passes, the service will initiate creation. 

In the creation process, the CloudFormation service will call up other AWS services via their corresponding APIs and initiate the creation of resources. We can control the permissions that CloudFormation has over the environment with the different predefined and custom CloudFormation service roles. This way, we also have the ability to create a granular definition of which users, groups, and roles initiate CloudFormation and what resources they can create.

During stack creation, a status will be displayed in the management console or when listing the stack details via the CLI. For the sake of simplicity, we will discuss the following end states of a stack creation process:

• CREATE_IN_PROGRESS: The stack is being created. By default, a stack creation process does not have a timeout defined and will run indefinitely as it waits for the resources to be completed. It is always useful to define a timeout in the template itself, as providing the timeout gives ample time for the creation of all the resources in the stack. Note that a stack creation can run several minutes to several hours.
• CREATE_COMPLETE: A stack creation has completed successfully. When a stack creation has completed successfully, then a CREATE_COMPLETE will be displayed and all of the sources will be operational. We will be aiming for all of our stacks to end in a CREATE_COMPLETE status.
• CREATE_FAILED: A stack creation has failed. There's always the possibility of errors being introduced through the template (wrong name, ID, and so on) or errors in the backend services that can cause our stack creation to fail. Any error in any of the resources defined in our stack will cause the stack to fail and push a rollback action. The rollback action will either delete the resources that were newly created or roll back the resources to the previous versions (when an update of a stack with a change set fails).

Other intermediate states and states during updates and deletion not described in this chapter can be found by following the link for CloudFormation Stack States in the Further reading section of this chapter.