Guided Walkthroughs
Step-by-step configuration wizards for your environment
Dedicated Security Account
AWS Backup Strategy
VPC Connectivity Setup
Automated Patching
All Guides
A config rule that checks whether an AWS CloudFormation stack's actual configuration differs, or has drifted, from it's expected configuration. A stack is considered to have drifted if one or more of its resources differ from their expected configuration. The rule and the stack are COMPLIANT when the stack drift status is IN_SYNC. The rule and the stack are NON_COMPLIANT when the stack drift status is DRIFTED.
Also available is the following configuration package which includes this config rule and the required IAM role (as well as optional notification settings).
AWSTemplateFormatVersion: "2010-09-09"
Description: ""
Resources:
ConfigRule:
Type: "AWS::Config::ConfigRule"
Properties:
ConfigRuleName: "cloudformation-stack-drift-detection-check"
Scope:
ComplianceResourceTypes:
- "AWS::CloudFormation::Stack"
Description: "A config rule that checks whether an AWS CloudFormation stack's actual configuration differs, or has drifted, from it's expected configuration. A stack is considered to have drifted if one or more of its resources differ from their expected configurati..."
Source:
Owner: "AWS"
SourceIdentifier: "CLOUDFORMATION_STACK_DRIFT_DETECTION_CHECK"
MaximumExecutionFrequency: "TwentyFour_Hours"
Parameters: {}
Metadata: {}
Conditions: {}