CloudFormation Drift Remediation - Use Cloud Control API to remediate drift that was detected on a CloudFormation stack

Related tags

Third-party APIs Wrapperscfn-drift-remediation
Overview

CloudFormation Drift Remediation

Installation

This package is available on pypi, you can for example use on of these commands (pipx is recommended)

pipx install cfn-drift-remediation
pip install cfn-drift-remediation

Usage

  1. Run drift detection on a stack, and verify that you want to remediate it by changing the provisioned resource (using the stack as the source of truth).
  2. run one of the commands below
  3. Run drift detection again to verify that everything is in sync again.
# Default usage
cfn-drift-remediation stack_name
# Using a different profile
AWS_DEFAULT_PROFILE=profile-name cfn-drift-remediation stack_name
# Using a third party tool like aws-vault
aws-vault exec profile-name -- cfn-drift-remediation stack_name

How this works

This tool will read the existing drift of a stack, iterate through the drifted resources and construct a patch document to change the actual (detected) property values to the expected (stack) values.

Caveats

  • Changes are done with CloudControl API. This does mean that if the drifted resources do not support Cloud Control API, they will be skipped.
  • For some resources the order in a list does not matter, this might lead to a failure to apply changes, because Cloud Control API will assume the resource is not in the drifted state it expects.
  • We do not support creating resources that were completely deleted from the stack. The drift detection api does not return enough information to construct the replacement resource.

Development

We use poetry to manage this project

  1. Clone this repository
  2. Run poetry install
  3. Activate the virtualenvironment with poetry shell (you can also use poetry run $command)

Releasing a new version to pypi

  1. Edit pyproject.toml to update the version number
  2. Edit cfn_drift_remediation/_init.py to update the version number
  3. Commit the version number bump
  4. Run tests poetry run pytest (you might have to install dependencies with poetry install --dev)
  5. Run poetry publish --build
  6. Push to GitHub
  7. Create a new release in GitHub

Using poetry in Visual Studio Code

If you want to use poetry in Visual Studio Code, it works best if the virtual environment is created inside the project folder. Once the virtual environment is created, you can run the "Python: Select interpreter" command in Visual Studio Code, and point to the .venv folder.

poetry config virtualenvs.in-project true

If you already created the virtual environment, you have to recreate it

# from within the project folder
poetry env remove $(poetry env list)
poetry install
You might also like...
A python to scratch API connector. Can fetch data from the API and send it back in cloud variables.

Scratch2py Scratch2py or S2py is a easy to use, versatile tool to communicate with the Scratch API Based of scratchclient by Raihan142857 Installation

null 20 Jun 18, 2022
Ditch Xiaomi's cloud and use a Telegram bot instead
Ditch Xiaomi's cloud and use a Telegram bot instead

Yi-Home_Telegram_Bot_Interface Ditch Xiaomi's cloud and use a Telegram bot instead Features Motion detection Works by monitoring a tmp file that is cr

Erli 10 Aug 18, 2022
We’re releasing an open-source tool you can use now, which we developed as a homemade Just-In-Time database access control tool for our sensitive database. This tool syncs with our directory service, slack, SIEM, and finally, our Apache Cassandra database.

Cassandra Access Control By Aner Izraeli - Intezer Security Manager ([email protected]) We’re releasing an open-source tool you can use now, which

Intezer Labs 6 Mar 31, 2022
A listener for RF = 4.0 that prints a Stack Trace to console to faster find the code section where the failure appears.

robotframework-stacktrace A listener for RF = 4.0 that prints a Stack Trace to console to faster find the code section where the failure appears. Ins

marketsquare 16 Nov 24, 2022
A Serverless Application Model stack that persists the $XRP price to the XRPL every minute as a TrustLine. There are no servers, it is effectively a "smart contract" in Python for the XRPL.

xrpl-price-persist-oracle-sam This is a XRPL Oracle that publishes external data into the XRPL. This Oracle was inspired by XRPL-Labs/XRPL-Persist-Pri

Joseph Chiocchi 11 Dec 17, 2022
Simulation artifacts, core components and configuration files to integrate AWS DeepRacer device with ROS Navigation stack.
Simulation artifacts, core components and configuration files to integrate AWS DeepRacer device with ROS Navigation stack.

AWS DeepRacer Overview The AWS DeepRacer Evo vehicle is a 1/18th scale Wi-Fi enabled 4-wheel ackermann steering platform that features two RGB cameras

AWS DeepRacer 31 Nov 21, 2022
A multi-tenant multi-client scalable product categorising demo stack
A multi-tenant multi-client scalable product categorising demo stack

Better Categories 4All: A multi-tenant multi-client product categorising stack The steps to reproduce training and inference are in the end of this fi

null 7 Feb 15, 2022
A part of HyRiver software stack for accessing hydrology data through web services
A part of HyRiver software stack for accessing hydrology data through web services

Package Description Status PyNHD Navigate and subset NHDPlus (MR and HR) using web services Py3DEP Access topographic data through National Map's 3DEP

Taher Chegini 51 Dec 10, 2022
Please Do Not Throw Sausage Pizza Away - Side Scrolling Up The OSI Stack

Please Do Not Throw Sausage Pizza Away - Side Scrolling Up The OSI Stack

John Capobianco 2 Jan 25, 2022
Releases(0.3.1)
Owner
Cloudar
Cloudar
GitHub Repository
A Python library for the Buildkite API

PyBuildkite A Python library and client for the Buildkite API. Usage To get the package, execute: pip install pybuildkite Then set up an instance of

Peter Yasi 29 Nov 30, 2022
Python3 program to control Elgato Ring Light on your local network without Elgato's Control Center software

Elgato Light Controller I'm really happy with my Elgato Key Light from an illumination perspective. However, their control software has been glitchy f

Jeff Tarr 14 Nov 16, 2022
Creates Spotify playlists from Spinitron playlists.

spin2spot Creates Spotify playlists from Spinitron playlists. Quick Start You can use spin2spot as a command-line tool: Erik Didriksen 1 Aug 28, 2021

TORNADO CASH Proxy Pancakeswap Sniper BOT 2022-V1 (MAC WINDOWS ANDROID LINUX)

TORNADO CASH Pancakeswap Sniper BOT 2022-V1 (MAC WINDOWS ANDROID LINUX) ⭐️ A ful

Crypto Trader 1 Jan 06, 2022
Telegram bot to stream videos in telegram voicechat for both groups and channels.

Telegram bot to stream videos in telegram voicechat for both groups and channels. Supports live streams, YouTube videos and telegram media. With record stream support, Schedule streams, and many more

SOCIAL MECHANIC 4 Nov 13, 2022
Aws-cidr-finder - A Python CLI tool for finding unused CIDR blocks in AWS VPCs

aws-cidr-finder Overview An Example Installation Configuration Contributing Over

Cooper Walbrun 18 Jul 31, 2022
Automatic login to Microsoft Teams conferences

Automatic login to Microsoft Teams conferences

Xhos 1 Jan 24, 2022
A simple python script for rclone. Use multiple Google Service Accounts and cycle through them.

About GSAclone GSAclone is a simple python script for rclone, written with the purpose of using multiple Google service accounts on Google Drive and "

Shiro39 6 Feb 25, 2022
CryptoApp - Python code to pull wallet balances from a variety of different chains through nothing other than your public key.

CryptoApp - Python code to pull wallet balances from a variety of different chains through nothing other than your public key.

Zach Frank 4 Dec 13, 2022
The Most advanced and User-Friendly Google Collab NoteBook to download Torrent directly to Google Drive with File or Magnet Link support and with added protection of Timeout Preventer.

Torrent To Google Drive (UI Added! 😊 ) A Simple and User-Friendly Google Collab Notebook with UI to download Torrent to Google Drive using (.Torrent)

Dr.Caduceus 33 Aug 16, 2022
A powerfull Zee5 Downloader Bot With Permeneant Thumbnail Support 💯 With Love From NexonHex

Zᴇᴇ5 DL A ᴘᴏᴡᴇʀғᴜʟʟ Zᴇᴇ5 Dᴏᴡɴʟᴏᴀᴅᴇʀ Bᴏᴛ Wɪᴛʜ Pᴇʀᴍᴇɴᴇᴀɴᴛ Tʜᴜᴍʙɴᴀɪʟ Sᴜᴘᴘᴏʀᴛ 💯 Wɪᴛʜ Lᴏᴠᴇ Fʀᴏᴍ NᴇxᴏɴHᴇx Wʜᴀᴛ Cᴀɴ I Dᴏ ? • ɪ ᴄᴀɴ Uᴘʟᴏᴀᴅ ᴀs ғɪʟᴇ/ᴠɪᴅᴇᴏ ғʀᴏᴍ

Psycharmers 4 Jan 19, 2022
WhatSender is a python package that allows you to send Whatsapp messages at a given time.

WhatSender is a python package that allows you to send Whatsapp messages at a given time.

IdoBarel 0 Apr 21, 2022
Send SMS text messages via email with as many accounts as you want :)

SMS-Spammer Send SMS text messages via email with as many accounts as you want :) Example Set Up Guide! To start log into the gmail account you would

Riceblades11 10 Oct 25, 2022
🔮 A usefull set of scripts to dig into your Discord data package.

Discord DataExtractor 🔮 Discord DataExtractor is a set of scripts that allows you to dig into your Discord Data package. Repository guide ☕ Coffee_Ga

3 Dec 29, 2021
Python Twitter API

Python Twitter Tools The Minimalist Twitter API for Python is a Python API for Twitter, everyone's favorite Web 2.0 Facebook-style status updater for

Mike Verdone 2.9k Jan 03, 2023
TwitchAccountMaker - Twitch Account Maker with python

Twitch Account Creator A Twitch Account Creator, Requires Capmonster.cloud Verif

vanis / 1800 0 Jan 20, 2022
NFT which pays royalties to its creator each time it is sold.

Chialisp NFT with Perpetual Creator Royalties This is a chialisp NFT in which the creator/minter defines a puzzle hash which will capture a fixed perc

Geoff Walmsley 20 Jun 28, 2022
VaccineAlarm is a simple python script that allows user to get notified when their desired vaccine doses are available at vaccine centers near them.

Introduction VaccineAlarm is a simple python script that allows user to get notified when their desired vaccine doses are available at vaccine centers

Ankit Tripathi 5 Nov 26, 2021
Script que realiza a identificação de todos os logins e senhas dos wifis conectados em uma máquina e envia os dados para um e-mail especificado.

getWIFIConnection Script que realiza a identificação de todos os logins e senhas dos wifis conectados em uma máquina e envia os dados para um e-mail e

Vinícius Azevedo 3 Nov 27, 2022
📈 A Discord bot for displaying the download stats of a repository made with Python, the Hikari API and PostgreSQL.

📈 axyl-stats axyl-stats is a Discord bot made with Python (with the Hikari API wrapper) and PostgreSQL, used as a download counter for a GitHub repo.

Angelo-F 2 May 14, 2022