Triage and Remediation
Remediation
Using Console
Using Console
To remediate AWS CloudFormation Drift Detection, follow these steps:
- Log in to the AWS Management Console.
- Navigate to the CloudFormation service.
- Click on the stack that has drift detection enabled.
- Click on the “Drift” tab.
- Review the drift detection results to identify the resources that have drifted.
- Click on the “Resources” tab to see the current state of the resources.
- Select the resources that have drifted and click on the “Detect Drift” button.
- Wait for the drift detection process to complete.
- Review the drift detection results to confirm that the resources have been remediated.
- If necessary, make changes to the stack to remediate the drift.
- Update the stack to apply the changes.
- Repeat the drift detection process to confirm that the resources are no longer drifting.
Using CLI
Using CLI
AWS CloudFormation Drift Detection is a feature that helps you identify resources that have drifted away from their expected configurations. Once you have identified the resources that have drifted, you can use the AWS CLI to remediate the drift.Here are the steps to remediate AWS CloudFormation Drift Detection using AWS CLI:Replace This will show you the current configuration of the resources in the stack. If the resources have been remediated, the expected and actual configurations should match.
- Identify the stack that has drifted by running the following command:
- Once you have identified the resources that have drifted, you can generate a drift report by running the following command:
- Review the drift report to identify the resources that have drifted and the expected and actual configurations.
- To remediate the drift, update the stack with the expected configuration by running the following command:
<path-to-template> and <path-to-parameters> with the file paths to the updated CloudFormation template and parameters file.- Wait for the stack update to complete by running the following command:
- Verify that the stack has been remediated by running the following command:
Using Python
Using Python
To remediate AWS CloudFormation drift detection using Python, follow these steps:Note: Make sure to test the script thoroughly before running it in a production environment.
- Import the required libraries: boto3, json
- Create a boto3 client for AWS CloudFormation:
- Get the list of stacks:
- Loop through the stacks and check for drift:
- If a stack has drifted, remediate it by updating the stack: