CloudFormation Drift Remediation - Use Cloud Control API to remediate drift that was detected on a CloudFormation stack

Last update: Dec 11, 2022

Overview

CloudFormation Drift Remediation

Installation

This package is available on pypi, you can for example use on of these commands (pipx is recommended)

pipx install cfn-drift-remediation
pip install cfn-drift-remediation

Usage

Run drift detection on a stack, and verify that you want to remediate it by changing the provisioned resource (using the stack as the source of truth).
run one of the commands below
Run drift detection again to verify that everything is in sync again.

# Default usage
cfn-drift-remediation stack_name
# Using a different profile
AWS_DEFAULT_PROFILE=profile-name cfn-drift-remediation stack_name
# Using a third party tool like aws-vault
aws-vault exec profile-name -- cfn-drift-remediation stack_name

How this works

This tool will read the existing drift of a stack, iterate through the drifted resources and construct a patch document to change the actual (detected) property values to the expected (stack) values.

Caveats

Changes are done with CloudControl API. This does mean that if the drifted resources do not support Cloud Control API, they will be skipped.
For some resources the order in a list does not matter, this might lead to a failure to apply changes, because Cloud Control API will assume the resource is not in the drifted state it expects.
We do not support creating resources that were completely deleted from the stack. The drift detection api does not return enough information to construct the replacement resource.

Development

We use poetry to manage this project

Clone this repository
Run poetry install
Activate the virtualenvironment with poetry shell (you can also use poetry run $command)

Releasing a new version to pypi

Edit pyproject.toml to update the version number
Edit cfn_drift_remediation/_init.py to update the version number
Commit the version number bump
Run tests poetry run pytest (you might have to install dependencies with poetry install --dev)
Run poetry publish --build
Push to GitHub
Create a new release in GitHub

Using poetry in Visual Studio Code

If you want to use poetry in Visual Studio Code, it works best if the virtual environment is created inside the project folder. Once the virtual environment is created, you can run the "Python: Select interpreter" command in Visual Studio Code, and point to the .venv folder.

poetry config virtualenvs.in-project true

If you already created the virtual environment, you have to recreate it

# from within the project folder
poetry env remove $(poetry env list)
poetry install

Releases(0.3.1)

0.3.1(Mar 7, 2022)

Source code(tar.gz)
Source code(zip)
cfn-drift-remediation-0.3.1.tar.gz(5.65 KB)
cfn_drift_remediation-0.3.1-py3-none-any.whl(7.32 KB)
0.3.0(Jan 26, 2022)
Simplify and support more things

Simplify code by parsing the drift instead of using the CloudFormation Resource Schemas

Support values that were added or removed (very useful for stack-level tags)

Skip resources that are not supported, instead of failing

Improve documentation

Source code(tar.gz)
Source code(zip)
0.2.0(Jan 26, 2022)

Source code(tar.gz)
Source code(zip)

A python to scratch API connector. Can fetch data from the API and send it back in cloud variables.

Scratch2py Scratch2py or S2py is a easy to use, versatile tool to communicate with the Scratch API Based of scratchclient by Raihan142857 Installation

20 Jun 18, 2022

Ditch Xiaomi's cloud and use a Telegram bot instead

Yi-Home_Telegram_Bot_Interface Ditch Xiaomi's cloud and use a Telegram bot instead Features Motion detection Works by monitoring a tmp file that is cr

10 Aug 18, 2022

We’re releasing an open-source tool you can use now, which we developed as a homemade Just-In-Time database access control tool for our sensitive database. This tool syncs with our directory service, slack, SIEM, and finally, our Apache Cassandra database.

Cassandra Access Control By Aner Izraeli - Intezer Security Manager ([email protected]) We’re releasing an open-source tool you can use now, which

6 Mar 31, 2022

A listener for RF = 4.0 that prints a Stack Trace to console to faster find the code section where the failure appears.

robotframework-stacktrace A listener for RF = 4.0 that prints a Stack Trace to console to faster find the code section where the failure appears. Ins

16 Nov 24, 2022

A Serverless Application Model stack that persists the $XRP price to the XRPL every minute as a TrustLine. There are no servers, it is effectively a "smart contract" in Python for the XRPL.

xrpl-price-persist-oracle-sam This is a XRPL Oracle that publishes external data into the XRPL. This Oracle was inspired by XRPL-Labs/XRPL-Persist-Pri

11 Dec 17, 2022

Simulation artifacts, core components and configuration files to integrate AWS DeepRacer device with ROS Navigation stack.

AWS DeepRacer Overview The AWS DeepRacer Evo vehicle is a 1/18th scale Wi-Fi enabled 4-wheel ackermann steering platform that features two RGB cameras

31 Nov 21, 2022

A multi-tenant multi-client scalable product categorising demo stack

CloudFormation Drift Remediation - Use Cloud Control API to remediate drift that was detected on a CloudFormation stack

Related tags

Overview

CloudFormation Drift Remediation

Installation

Usage

How this works

Caveats

Development

Releasing a new version to pypi

Using poetry in Visual Studio Code

You might also like...

A python to scratch API connector. Can fetch data from the API and send it back in cloud variables.

Ditch Xiaomi's cloud and use a Telegram bot instead

We’re releasing an open-source tool you can use now, which we developed as a homemade Just-In-Time database access control tool for our sensitive database. This tool syncs with our directory service, slack, SIEM, and finally, our Apache Cassandra database.

A listener for RF = 4.0 that prints a Stack Trace to console to faster find the code section where the failure appears.

A Serverless Application Model stack that persists the $XRP price to the XRPL every minute as a TrustLine. There are no servers, it is effectively a "smart contract" in Python for the XRPL.

Simulation artifacts, core components and configuration files to integrate AWS DeepRacer device with ROS Navigation stack.

A multi-tenant multi-client scalable product categorising demo stack

A part of HyRiver software stack for accessing hydrology data through web services

Please Do Not Throw Sausage Pizza Away - Side Scrolling Up The OSI Stack

Releases(0.3.1)

0.3.1(Mar 7, 2022)

0.3.0(Jan 26, 2022)

Simplify and support more things

0.2.0(Jan 26, 2022)

Owner

Cloudar

A python tool to Automate Whatsapp through Whatsapp web

A simple tool which automate commands of discord economy bots

🎵 RythmReloaded 🎵 A bot that can play music on Telegram Group and Channel Voice Chats

Super Fast Telegram UserBot Made With Python.

GBSLocalLauncher - A script to compose ENV file for Local Compose

A Telegram bot to index Chinese and Japanese group contents, works with @lilydjwg/luoxu.

Multi-purpose bot made with discord.py

A Phyton script working for stream twits from twitter by tweepy to mongoDB

Easy-apply-bot - A LinkedIn Easy Apply bot to help with my job search.

This repository is used to provide data to zzhack,

Queen Zellie is a chat bot for Telegram.

Telegram music & video bot direct play music

Github action for automatically determine the version for next release by using repository tags

Baota-docker - Deploying baota panel via docker

Bearer API client for Python

提供火币网交易接口API最简封装，提供现货买入、卖出、huobi币安查询账户余额等接口,数字货币，虚拟货币，BTC量化交易框架，自动交易，轻量便携，不用安装，即开即用

Change the name and pfp of ur accounts, uses tokens.txt for ur tokens.

Official implementation of DeepSportLab (a fork of OpenPifPaf)

Contrastive Language-Audio Pretraining

Change your discord avatar every x h/d based on a list of images