diff --git a/.changelog/22440.txt b/.changelog/22440.txt
new file mode 100644
index 00000000000..30d505e89f0
--- /dev/null
+++ b/.changelog/22440.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/aws_cloudformation_stack_set: Add `call_as` argument
+```
\ No newline at end of file
diff --git a/internal/service/cloudformation/stack_set.go b/internal/service/cloudformation/stack_set.go
index 1b41374ca3a..c2039730a3c 100644
--- a/internal/service/cloudformation/stack_set.go
+++ b/internal/service/cloudformation/stack_set.go
@@ -67,6 +67,12 @@ func ResourceStackSet() *schema.Resource {
 					},
 				},
 			},
+			"call_as": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validation.StringInSlice(cloudformation.CallAs_Values(), false),
+				Default:      cloudformation.CallAsSelf,
+			},
 			"capabilities": {
 				Type:     schema.TypeSet,
 				Optional: true,
@@ -171,6 +177,10 @@ func resourceStackSetCreate(d *schema.ResourceData, meta interface{}) error {
 		input.PermissionModel = aws.String(v.(string))
 	}
 
+	if v, ok := d.GetOk("call_as"); ok {
+		input.CallAs = aws.String(v.(string))
+	}
+
 	if len(tags) > 0 {
 		input.Tags = Tags(tags.IgnoreAWS())
 	}
@@ -286,6 +296,10 @@ func resourceStackSetUpdate(d *schema.ResourceData, meta interface{}) error {
 		input.PermissionModel = aws.String(v.(string))
 	}
 
+	if v, ok := d.GetOk("call_as"); ok {
+		input.CallAs = aws.String(v.(string))
+	}
+
 	if len(tags) > 0 {
 		input.Tags = Tags(tags.IgnoreAWS())
 	}
diff --git a/internal/service/cloudformation/stack_set_test.go b/internal/service/cloudformation/stack_set_test.go
index 4aebd9a3061..b384f86d426 100644
--- a/internal/service/cloudformation/stack_set_test.go
+++ b/internal/service/cloudformation/stack_set_test.go
@@ -36,6 +36,7 @@ func TestAccCloudFormationStackSet_basic(t *testing.T) {
 					resource.TestCheckResourceAttrPair(resourceName, "administration_role_arn", iamRoleResourceName, "arn"),
 					acctest.MatchResourceAttrRegionalARN(resourceName, "arn", "cloudformation", regexp.MustCompile(`stackset/.+`)),
 					resource.TestCheckResourceAttr(resourceName, "capabilities.#", "0"),
+					resource.TestCheckResourceAttr(resourceName, "call_as", "SELF"),
 					resource.TestCheckResourceAttr(resourceName, "description", ""),
 					resource.TestCheckResourceAttr(resourceName, "execution_role_name", "AWSCloudFormationStackSetExecutionRole"),
 					resource.TestCheckResourceAttr(resourceName, "name", rName),
@@ -52,6 +53,7 @@ func TestAccCloudFormationStackSet_basic(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -107,6 +109,7 @@ func TestAccCloudFormationStackSet_administrationRoleARN(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -145,6 +148,7 @@ func TestAccCloudFormationStackSet_description(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -183,6 +187,7 @@ func TestAccCloudFormationStackSet_executionRoleName(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -238,6 +243,7 @@ func TestAccCloudFormationStackSet_name(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -277,6 +283,7 @@ func TestAccCloudFormationStackSet_parameters(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -337,6 +344,7 @@ func TestAccCloudFormationStackSet_Parameters_default(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -389,6 +397,7 @@ func TestAccCloudFormationStackSet_Parameters_noEcho(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -439,6 +448,7 @@ func TestAccCloudFormationStackSet_PermissionModel_serviceManaged(t *testing.T)
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -470,6 +480,7 @@ func TestAccCloudFormationStackSet_tags(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -525,6 +536,7 @@ func TestAccCloudFormationStackSet_templateBody(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
@@ -564,6 +576,7 @@ func TestAccCloudFormationStackSet_templateURL(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
+					"call_as",
 					"template_url",
 				},
 			},
diff --git a/website/docs/r/cloudformation_stack_set.html.markdown b/website/docs/r/cloudformation_stack_set.html.markdown
index beaec1caf5b..15a92117d8b 100644
--- a/website/docs/r/cloudformation_stack_set.html.markdown
+++ b/website/docs/r/cloudformation_stack_set.html.markdown
@@ -95,6 +95,7 @@ The following arguments are supported:
 * `execution_role_name` - (Optional) Name of the IAM Role in all target accounts for StackSet operations. Defaults to `AWSCloudFormationStackSetExecutionRole` when using the `SELF_MANAGED` permission model. This should not be defined when using the `SERVICE_MANAGED` permission model.
 * `parameters` - (Optional) Key-value map of input parameters for the StackSet template. All template parameters, including those with a `Default`, must be configured or ignored with `lifecycle` configuration block `ignore_changes` argument. All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.
 * `permission_model` - (Optional) Describes how the IAM roles required for your StackSet are created. Valid values: `SELF_MANAGED` (default), `SERVICE_MANAGED`.
+* `call_as` - (Optional) Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: `SELF` (default), `DELEGATED_ADMIN`.
 * `tags` - (Optional) Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider [`default_tags` configuration block](/docs/providers/aws/index.html#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
 * `template_body` - (Optional) String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with `template_url`.
 * `template_url` - (Optional) String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with `template_body`.