Posted On: Jul 24, 2023
Today, AWS CloudFormation StackSets launches a new API ListStackInstanceResourceDrifts, and adds a new filter in ListStackInstances to improve visibility to resource and stack instance drift information. A resource or stack instance is considered drifted when it’s actual configuration differs from its expected configuration. You can now use ListStackInstanceResourceDrifts to list and filter resources in a stack instance according to drift status. Similarly, you can use the drift status filter in ListStackInstances to check for stack instance drift in a stack set. With this launch, you can access these aggregated drift information through your management or delegated administrator AWS account.
Customers use CloudFormation StackSets to provision and manage stacks in multiple AWS accounts and Regions in a single operation. However, resources might get modified or deleted which causes them to differ from their initial template configurations. Previously, customers had to individually sign in to target AWS accounts to access this drift information. This launch reduces the number of clicks, and gives the same information in your management or delegated administrator AWS account. For example, you can identify drifted stack instances for target accounts by Regions such as us-east-1 and eu-west-2 with ListStackInstances. You can use ListStackInstanceResourceDrifts to list drifted resources for these AWS accounts in us-east-1 and eu-west-2 for planning next steps.
You can use these features via AWS Management Console, AWS Command Line Interface, and AWS Software Development Kits (SDKs). These features are available in AWS Regions where AWS CloudFormation StackSets is available. Refer to the AWS Region table to see AWS Regions where StackSets is available. To learn more about these features, visit CloudFormation StackSets documentation.