[ aws . cloudformation ]

describe-stack-drift-detection-status

Description

Returns information about a stack drift detection operation. A stack drift detection operation detects whether a stack’s actual configuration differs, or has drifted , from it’s expected configuration, as defined in the stack template and any values specified as template parameters. A stack is considered to have drifted if one or more of its resources have drifted. For more information on stack and resource drift, see Detecting Unregulated Configuration Changes to Stacks and Resources .

Use DetectStackDrift to initiate a stack drift detection operation. DetectStackDrift returns a StackDriftDetectionId you can use to monitor the progress of the operation using DescribeStackDriftDetectionStatus . Once the drift detection operation has completed, use DescribeStackResourceDrifts to return drift information about the stack and its resources.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  describe-stack-drift-detection-status
--stack-drift-detection-id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--stack-drift-detection-id (string)

The ID of the drift detection results of this operation.

CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of drift results CloudFormation retains for any given stack, and for how long, may vary.

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Examples

To check a drift detection operation’s status

The following describe-stack-drift-detection-status example displays the status of a drift detection operation. Get the by ID running the detect-stack-drift command.

aws cloudformation describe-stack-drift-detection-status \
    --stack-drift-detection-id 1a229160-e4d9-xmpl-ab67-0a4f93df83d4

Output:

{
    "StackId": "arn:aws:cloudformation:us-west-2:123456789012:stack/my-stack/d0a825a0-e4cd-xmpl-b9fb-061c69e99204",
    "StackDriftDetectionId": "1a229160-e4d9-xmpl-ab67-0a4f93df83d4",
    "StackDriftStatus": "DRIFTED",
    "DetectionStatus": "DETECTION_COMPLETE",
    "DriftedStackResourceCount": 1,
    "Timestamp": "2019-10-02T05:54:30.902Z"
}

Output

StackId -> (string)

The ID of the stack.

StackDriftDetectionId -> (string)

The ID of the drift detection results of this operation.

CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of reports CloudFormation retains for any given stack, and for how long, may vary.

StackDriftStatus -> (string)

Status of the stack’s actual configuration compared to its expected configuration.

  • DRIFTED : The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.

  • NOT_CHECKED : CloudFormation hasn’t checked if the stack differs from its expected template configuration.

  • IN_SYNC : The stack’s actual configuration matches its expected template configuration.

  • UNKNOWN : This value is reserved for future use.

DetectionStatus -> (string)

The status of the stack drift detection operation.

  • DETECTION_COMPLETE : The stack drift detection operation has successfully completed for all resources in the stack that support drift detection. (Resources that don’t currently support stack detection remain unchecked.) If you specified logical resource IDs for CloudFormation to use as a filter for the stack drift detection operation, only the resources with those logical IDs are checked for drift.

  • DETECTION_FAILED : The stack drift detection operation has failed for at least one resource in the stack. Results will be available for resources on which CloudFormation successfully completed drift detection.

  • DETECTION_IN_PROGRESS : The stack drift detection operation is currently in progress.

DetectionStatusReason -> (string)

The reason the stack drift detection operation has its current status.

DriftedStackResourceCount -> (integer)

Total number of stack resources that have drifted. This is NULL until the drift detection operation reaches a status of DETECTION_COMPLETE . This value will be 0 for stacks whose drift status is IN_SYNC .

Timestamp -> (timestamp)

Time at which the stack drift detection operation was initiated.