Applicable when
- You need to check if the CloudFormation stack has been created correctly on the deployment
- You need to check if changes have been made to the CloudFormation stack after the initial deployment
Implementation
The difference between the expected and actual states of the CloudFormation stack is called "drift". The possible reasons why the stack drifts are:
- The stack resources and links haven't been properly propagated by AWS at the deployment time. This is a rare case but it is possible.
- The resources or links were changed manually or programmatically after the initial stack creation.
To detect the drift, AWS CloudFormation service has a built-in operation "Detect drift".
To run it you need to open AWS console, go to the CloudFormation service, and then:
The analysis will take some time, for small stacks it takes around 10-15 seconds.
After this time you need to check the results:
The page will show if your resources are in sync, or modified.
To see what exactly was changed for the resource:
Limitations
Drift detection works only for the selected stack. I.e. it doesn't detect the drifts for the nested stacks if the root stack is selected.
Comments
0 comments
Please sign in to leave a comment.