CloudFormation Drift Remediation - Use Cloud Control API to remediate drift that was detected on a CloudFormation stack

Related tags

Third-party APIs Wrapperscfn-drift-remediation
Overview

CloudFormation Drift Remediation

Installation

This package is available on pypi, you can for example use on of these commands (pipx is recommended)

pipx install cfn-drift-remediation
pip install cfn-drift-remediation

Usage

  1. Run drift detection on a stack, and verify that you want to remediate it by changing the provisioned resource (using the stack as the source of truth).
  2. run one of the commands below
  3. Run drift detection again to verify that everything is in sync again.
# Default usage
cfn-drift-remediation stack_name
# Using a different profile
AWS_DEFAULT_PROFILE=profile-name cfn-drift-remediation stack_name
# Using a third party tool like aws-vault
aws-vault exec profile-name -- cfn-drift-remediation stack_name

How this works

This tool will read the existing drift of a stack, iterate through the drifted resources and construct a patch document to change the actual (detected) property values to the expected (stack) values.

Caveats

  • Changes are done with CloudControl API. This does mean that if the drifted resources do not support Cloud Control API, they will be skipped.
  • For some resources the order in a list does not matter, this might lead to a failure to apply changes, because Cloud Control API will assume the resource is not in the drifted state it expects.
  • We do not support creating resources that were completely deleted from the stack. The drift detection api does not return enough information to construct the replacement resource.

Development

We use poetry to manage this project

  1. Clone this repository
  2. Run poetry install
  3. Activate the virtualenvironment with poetry shell (you can also use poetry run $command)

Releasing a new version to pypi

  1. Edit pyproject.toml to update the version number
  2. Edit cfn_drift_remediation/_init.py to update the version number
  3. Commit the version number bump
  4. Run tests poetry run pytest (you might have to install dependencies with poetry install --dev)
  5. Run poetry publish --build
  6. Push to GitHub
  7. Create a new release in GitHub

Using poetry in Visual Studio Code

If you want to use poetry in Visual Studio Code, it works best if the virtual environment is created inside the project folder. Once the virtual environment is created, you can run the "Python: Select interpreter" command in Visual Studio Code, and point to the .venv folder.

poetry config virtualenvs.in-project true

If you already created the virtual environment, you have to recreate it

# from within the project folder
poetry env remove $(poetry env list)
poetry install
You might also like...
A python to scratch API connector. Can fetch data from the API and send it back in cloud variables.

Scratch2py Scratch2py or S2py is a easy to use, versatile tool to communicate with the Scratch API Based of scratchclient by Raihan142857 Installation

null 20 Jun 18, 2022
Ditch Xiaomi's cloud and use a Telegram bot instead
Ditch Xiaomi's cloud and use a Telegram bot instead

Yi-Home_Telegram_Bot_Interface Ditch Xiaomi's cloud and use a Telegram bot instead Features Motion detection Works by monitoring a tmp file that is cr

Erli 10 Aug 18, 2022
We’re releasing an open-source tool you can use now, which we developed as a homemade Just-In-Time database access control tool for our sensitive database. This tool syncs with our directory service, slack, SIEM, and finally, our Apache Cassandra database.

Cassandra Access Control By Aner Izraeli - Intezer Security Manager ([email protected]) We’re releasing an open-source tool you can use now, which

Intezer Labs 6 Mar 31, 2022
A listener for RF = 4.0 that prints a Stack Trace to console to faster find the code section where the failure appears.

robotframework-stacktrace A listener for RF = 4.0 that prints a Stack Trace to console to faster find the code section where the failure appears. Ins

marketsquare 16 Nov 24, 2022
A Serverless Application Model stack that persists the $XRP price to the XRPL every minute as a TrustLine. There are no servers, it is effectively a "smart contract" in Python for the XRPL.

xrpl-price-persist-oracle-sam This is a XRPL Oracle that publishes external data into the XRPL. This Oracle was inspired by XRPL-Labs/XRPL-Persist-Pri

Joseph Chiocchi 11 Dec 17, 2022
Simulation artifacts, core components and configuration files to integrate AWS DeepRacer device with ROS Navigation stack.
Simulation artifacts, core components and configuration files to integrate AWS DeepRacer device with ROS Navigation stack.

AWS DeepRacer Overview The AWS DeepRacer Evo vehicle is a 1/18th scale Wi-Fi enabled 4-wheel ackermann steering platform that features two RGB cameras

AWS DeepRacer 31 Nov 21, 2022
A multi-tenant multi-client scalable product categorising demo stack
A multi-tenant multi-client scalable product categorising demo stack

Better Categories 4All: A multi-tenant multi-client product categorising stack The steps to reproduce training and inference are in the end of this fi

null 7 Feb 15, 2022
A part of HyRiver software stack for accessing hydrology data through web services
A part of HyRiver software stack for accessing hydrology data through web services

Package Description Status PyNHD Navigate and subset NHDPlus (MR and HR) using web services Py3DEP Access topographic data through National Map's 3DEP

Taher Chegini 51 Dec 10, 2022
Please Do Not Throw Sausage Pizza Away - Side Scrolling Up The OSI Stack

Please Do Not Throw Sausage Pizza Away - Side Scrolling Up The OSI Stack

John Capobianco 2 Jan 25, 2022
Releases(0.3.1)
Owner
Cloudar
Cloudar
GitHub Repository
PESU Academy Discord Bot built for PESsants and PESts of PES University

PESU Academy Bot PESU Academy Discord Bot built for PESsants and PESts of PES University You can add the bot to your Discord Server using this link. O

Aditeya Baral 0 Nov 16, 2021
An asyncio Python wrapper around the Discord API, forked off of Rapptz's Discord.py.

Novus A modern, easy to use, feature-rich, and async ready API wrapper for Discord written in Python. A full fork of Rapptz's Discord.py library, with

Voxel Fox 60 Jan 03, 2023
A discord bot that can detect Nitro Scam Links and delete them to protect other users

A discord bot that can detect Nitro Scam Links and delete them to protect other users. Add it to your server from here.

Kanak Mittal 9 Oct 20, 2022
Get your Pixiv token (for running upbit/pixivpy)

gppt: get-pixivpy-token Get your Pixiv token (for running upbit/pixivpy) Refine pixiv_auth.py + its fork Install ❭ pip install gppt Run Note: In advan

haruna 58 Jan 04, 2023
A head unit UI designed to replace the RTx/SMEG/RNEG/NG4/RCC/NAC

HeadUnit UI (Come discuss about it on our Discord!) Intro This is the UI part of a headunit project from OpenLeo, based on python and kivy, it looks l

OpenLeo 6 Nov 23, 2022
:lock: Python 2.7/3.X client for HashiCorp Vault

hvac HashiCorp Vault API client for Python 3.x Tested against the latest release, HEAD ref, and 3 previous minor versions (counting back from the late

hvac 1k Dec 29, 2022
OpenVisionAPI client

OpenVisionAPI Client 🚀 Getting Started Prerequisites Installing Install the dependencies $ make setup Usage $ source .venv/bin/activate $ ./ova_clie

Open Vision API 40 Nov 11, 2022
A Telegram Video Watermark Adder Bot

Watermark-Bot A Telegram Video Watermark Adder Bot by @VideosWaterMarkRobot Features: Save Custom Watermark Image. Auto Resize Watermark According to

5 Jun 17, 2022
Use an air-gapped Raspberry Pi Zero to sign for Bitcoin transactions! (and do other cool stuff)

Hello World! Build your own offline, airgapped Bitcoin transaction signing device for less than $35! Also generate seed word 24 or generate a seed phr

371 Dec 31, 2022
A simple Discord bot that can fetch definitions and post them in chat.

A simple Discord bot that can fetch definitions and post them in chat. If you are connected to a voice channel, the bot will also read out the definition to you.

Tycho Bellers 4 Sep 29, 2022
Discord-RAID-Tool - Hacks/tools

How to use Python must be installed run install-config If you dont have python installed, download python 3.7.6 and make sure you click on the 'ADD TO

1 Jan 01, 2022
Savecontentbot - Telegram Save Content Bot With Same more Features

Save Restricted Content Bot A simple telegram bot to save restricted content wit

Group Dc Bots 3 Jan 26, 2022
Script to automatically book a vaccine slot on Doctolib for today or tomorrow, following rules from the French Government.

DOCTOSHOTGUN This script lets you automatically book a vaccine slot on Doctolib for today or tomorrow, following rules from the French Government. Pyt

Romain Bignon 560 Dec 19, 2022
Check your accounts/tokens fast with our checker!

Discord_Account_Checker How to use? Installing library's pip install -r reqs.txt Loading accounts Load your accounts to accounts.txt file. Launch pyth

1 Jan 11, 2022
Discord-Bot - Bot using nextcord for beginners

Discord-Bot Bot using nextcord for beginners! Requirements: 1 :- Install nextcord by typing "pip install nextcord" Thats it! You can use this code any

INFINITE_. 3 Jan 10, 2022
A Python client for the Softcite software mention recognizer server

Softcite software mention recognizer client Python client for using the Softcite software mention recognition service. It can be applied to individual

4 Feb 02, 2022
AWS Blog post code for running feature-extraction on images using AWS Batch and Cloud Development Kit (CDK).

Batch processing with AWS Batch and CDK Welcome This repository demostrates provisioning the necessary infrastructure for running a job on AWS Batch u

AWS Samples 7 Oct 18, 2022
MAASTA is a wrapper to create an Ansible inventory for MAAS instances that are provisioned by Terraform.

MAASTA is a wrapper to create an Ansible inventory for MAAS instances that are provisioned by Terraform.

Saeid Bostandoust 144 Dec 16, 2022
Spodcast is a caching Spotify podcast to RSS proxy

Spodcast Spodcast is a caching Spotify podcast to RSS proxy. Using Spodcast you can follow Spotify-hosted netcasts/podcasts using any player which sup

Frank de Lange 260 Jan 01, 2023
Using AWS Batch jobs to bulk copy/sync files in S3

Using AWS Batch jobs to bulk copy/sync files in S3

AWS Samples 14 Sep 19, 2022