CloudFormation Deletion Policy Should Be in Use
A deletion policy, implemented with the DeletionPolicy attribute, should be used for your Amazon CloudFormation stacks in order preserve or backup AWS resources when the stacks are deleted.
A deletion policy, implemented with the DeletionPolicy attribute, should be used for your Amazon CloudFormation stacks in order preserve or backup AWS resources when the stacks are deleted.
Your AWS CloudFormation stacks should not be drifted from their expected template configuration. A CloudFormation stack is considered to have drifted from its configuration if one or more of its resources have been drifted.
Amazon CloudFormation should be used within your AWS account to automate your cloud infrastructure management and deployment.
None of your Amazon CloudFormation stacks should be in Failed mode for more than 6 hours. Any failed CloudFormation stacks that are not fixed on time can lead to application downtime, security issues or unexpected costs on your AWS bill.
Your AWS CloudFormation stacks should be using policies as a fail-safe mechanism in order to prevent accidental updates to stack resources.
The IAM service role associated with your Amazon CloudFormation stack should adhere to the principle of least privilege in order avoid unwanted privilege escalation.
All your AWS CloudFormation stacks should be using Simple Notification Service (AWS SNS) in order to receive notifications when an event occurs.
Amazon CloudFormation stacks should have Termination Protection feature enabled in order to protect them from being accidentally deleted.
If you are not yet convinced to sign up with Cloudanix, that's not a problem. We recommend you use a comprehensive checklist which your team can use to perform a manual assessment of your workload.