AWScloud~30 mins

Stack drift detection in AWS - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Stack drift detection

📖 Scenario: You manage cloud resources using AWS CloudFormation stacks. Sometimes, manual changes happen outside CloudFormation, causing your stack to drift from its original setup. Detecting this drift helps keep your infrastructure reliable and consistent.

🎯 Goal: Build a simple AWS CloudFormation stack drift detection setup using AWS CLI commands. You will create a stack, configure drift detection, and check the drift status.

📋 What You'll Learn

Create a CloudFormation stack named MyTestStack with a simple resource

Configure drift detection for the stack

Detect drift on the stack using AWS CLI

Check and output the drift detection status

💡 Why This Matters

🌍 Real World

Cloud engineers use stack drift detection to ensure infrastructure matches the declared configuration, preventing unexpected issues.

💼 Career

Understanding stack drift detection is essential for roles in cloud operations, DevOps, and infrastructure management to maintain reliable cloud environments.

Progress0 / 4 steps

Create a CloudFormation stack named MyTestStack

Use the AWS CLI command aws cloudformation create-stack to create a stack named MyTestStack with a simple template that creates an S3 bucket named my-test-bucket-12345.

AWS

# Use AWS CLI to create the stack
# Your code here

Need a hint?

Use a JSON template inline with --template-body to define the S3 bucket resource.

Start drift detection on the stack MyTestStack

Use the AWS CLI command aws cloudformation detect-stack-drift with the stack name MyTestStack to start drift detection.

AWS

aws cloudformation create-stack --stack-name MyTestStack --template-body '{"Resources":{"MyBucket":{"Type":"AWS::S3::Bucket","Properties":{"BucketName":"my-test-bucket-12345"}}}}'
# Start drift detection on MyTestStack
# Your code here

Need a hint?

Use detect-stack-drift with the exact stack name to start detection.

Check the drift detection status for MyTestStack

Use the AWS CLI command aws cloudformation describe-stack-drift-detection-status with the StackDriftDetectionId returned from the previous step to check the drift detection status.

AWS

aws cloudformation detect-stack-drift --stack-name MyTestStack
# Use describe-stack-drift-detection-status with the detection ID
# Your code here

Need a hint?

Replace <StackDriftDetectionId> with the actual ID from the detect-stack-drift command output.

Retrieve and display the drift status of MyTestStack

Use the AWS CLI command aws cloudformation describe-stack-resource-drifts with the stack name MyTestStack to get detailed drift information about each resource.

AWS

aws cloudformation describe-stack-drift-detection-status --stack-drift-detection-id 
# Get detailed resource drift info for MyTestStack
# Your code here

Need a hint?

This command shows which resources have drifted and how.