Provides a CDK example for automated CloudFormation StackSet drift detection. This event-driven solution allows teams to proactively identify configuration drift across AWS accounts and receive alerts when a StackSet instance(s) drifted from the desired state.
Bellow is an example for how to use the StacksetDriftDetectionStack stack.
app = aws_cdk.App()
StacksetDriftDetectionStack(
app,
"StacksetDriftDetectionStack",
env=Environment(
account=os.environ["CDK_DEFAULT_ACCOUNT"],
region=os.environ["CDK_DEFAULT_REGION"],
),
props=StacksetDriftDetectionStackProps(
stackset_names=["ExampleStackSetName"],
schedule_expression="cron(0 5 ? * 2 *)",
notification_email_endpoints=["[email protected]"],
notification_https_endpoints=["security.webhook.examplecorp.com"],
),
)
-
EventBridge schedule triggers CloudFormation StackSet drift detection based on the provided schedule expression. EventBridge Schedulers support
cronandrateexpressions. -
CloudFormation publishes "StackSet Operation Status Change" events to the default EventBridge bus.
-
A custom EventBridge rule captures the relevant event and forwards it to the Lambda function.
-
The Lambda function fetches the StackSet operation details from CloudFormation and evaluates the its status.
-
If the StackSet operation discovered a DRIFT in one or more of StackSet instances, it will send an alert through the SNS topic.