Posted On: Apr 16, 2024
AWS CloudFormation enhances ChangeSets to provide a detailed preview of the actions that CloudFormation will take in a deployment. This launch helps improve your ability to assess whether a deployment will cause unintended changes to running resources.
Today, ChangeSets show the resources that CloudFormation will create, update, replace, or delete in a deployment. You can review ChangeSets to detect unintended resource-level changes, such as replacement of a database. Now, ChangeSets will additionally show the before-and-after values of resource properties and attributes, such as deletion policies, for impacted resources. This will allow you to detect unintended property-level changes, such as removal of S3 bucket encryption, during ChangeSet reviews.
CloudFormation offers intrinsic functions such as Ref and GetAtt for referencing resource properties within templates. Further, CloudFormation supports inline references to AWS Secrets Manager and Parameter Store, a capability of AWS Systems Manager. References allow you to build dynamic templates that can be deployed across multiple environments. Today, ChangeSets cannot resolve references during preview calculations and make conservative assumptions about changes such as resource replacement. Now, ChangeSets will resolve references when the referenced value is available before deployment and hence preview changes with additional precision.
To get started, open an existing stack in the CloudFormation Console and select “Create ChangeSet” from the Stack Actions dropdown. To access enhanced ChangeSets from the AWS CLI or SDK, include the --include-property-values parameter during calls to the DescribeChangeSet API. Enhanced ChangeSets are available in AWS Regions where CloudFormation is available. Refer to the AWS Region table to learn more.