Stack drift detection in AWS - Time & Space Complexity

Stack drift detection checks if your cloud setup has changed outside your control.

We want to know how the time to detect drift grows as your stack gets bigger.

Analyze the time complexity of the following operation sequence.

aws cloudformation detect-stack-drift --stack-name MyStack
aws cloudformation describe-stack-drift-detection-status --stack-drift-detection-id detectionId
aws cloudformation describe-stack-resource-drifts --stack-name MyStack
    

This sequence starts drift detection, checks its status, and then lists resource drifts in the stack.

Identify the API calls, resource provisioning, data transfers that repeat.

• Primary operation: Checking drift status and listing resource drifts for each resource in the stack.
• How many times: Once to start detection, then once to list all resource drifts (not once per resource).

As the number of resources in the stack grows, the number of drift checks grows too.

Input Size (n)	Approx. Api Calls/Operations
10	About 10 resource drift checks plus detection start and status calls
100	About 100 resource drift checks plus detection start and status calls
1000	About 1000 resource drift checks plus detection start and status calls

Pattern observation: The number of operations grows roughly in direct proportion to the number of resources.

Time Complexity: O(n)

This means the time to detect drift grows linearly with the number of resources in your stack.

[X] Wrong: "Drift detection time stays the same no matter how many resources are in the stack."

[OK] Correct: Each resource must be checked, so more resources mean more work and longer time.

Understanding how drift detection scales helps you design stacks that stay manageable and predictable.

"What if drift detection only checked changed resources instead of all resources? How would the time complexity change?"