AWS CloudFormation

2018/11/12 - AWS CloudFormation - 4 new 5 updated api methods

Changes  The Drift Detection feature enables customers to detect whether a stack's actual configuration differs, or has drifted, from its expected configuration as defined within AWS CloudFormation.

DescribeStackResourceDrifts (new) Link ¶

Returns drift information for the resources that have been checked for drift in the specified stack. This includes actual and expected configuration values for resources where AWS CloudFormation detects configuration drift.

For a given stack, there will be one StackResourceDrift for each stack resource that has been checked for drift. Resources that have not yet been checked for drift are not included. Resources that do not currently support drift detection are not checked, and so not included. For a list of resources that support drift detection, see Resources that Support Drift Detection .

Use DetectStackResourceDrift to detect drift on individual resources, or DetectStackDrift to detect drift on all supported resources for a given stack.

See also: AWS API Documentation

Request Syntax

client.describe_stack_resource_drifts(
    StackName='string',
    StackResourceDriftStatusFilters=[
        'IN_SYNC'|'MODIFIED'|'DELETED'|'NOT_CHECKED',
    ],
    NextToken='string',
    MaxResults=123
)
type StackName

string

param StackName

[REQUIRED]

The name of the stack for which you want drift information.

type StackResourceDriftStatusFilters

list

param StackResourceDriftStatusFilters

The resource drift status values to use as filters for the resource drift results returned.

  • DELETED : The resource differs from its expected template configuration in that the resource has been deleted.

  • MODIFIED : One or more resource properties differ from their expected template values.

  • IN_SYNC : The resources's actual configuration matches its expected template configuration.

  • NOT_CHECKED : AWS CloudFormation does not currently return this value.

  • (string) --

type NextToken

string

param NextToken

A string that identifies the next page of stack resource drift results.

type MaxResults

integer

param MaxResults

The maximum number of results to be returned with a single call. If the number of available results exceeds this maximum, the response includes a NextToken value that you can assign to the NextToken request parameter to get the next set of results.

rtype

dict

returns

Response Syntax

{
    'StackResourceDrifts': [
        {
            'StackId': 'string',
            'LogicalResourceId': 'string',
            'PhysicalResourceId': 'string',
            'PhysicalResourceIdContext': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ],
            'ResourceType': 'string',
            'ExpectedProperties': 'string',
            'ActualProperties': 'string',
            'PropertyDifferences': [
                {
                    'PropertyPath': 'string',
                    'ExpectedValue': 'string',
                    'ActualValue': 'string',
                    'DifferenceType': 'ADD'|'REMOVE'|'NOT_EQUAL'
                },
            ],
            'StackResourceDriftStatus': 'IN_SYNC'|'MODIFIED'|'DELETED'|'NOT_CHECKED',
            'Timestamp': datetime(2015, 1, 1)
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • StackResourceDrifts (list) --

      Drift information for the resources that have been checked for drift in the specified stack. This includes actual and expected configuration values for resources where AWS CloudFormation detects drift.

      For a given stack, there will be one StackResourceDrift for each stack resource that has been checked for drift. Resources that have not yet been checked for drift are not included. Resources that do not currently support drift detection are not checked, and so not included. For a list of resources that support drift detection, see Resources that Support Drift Detection .

      • (dict) --

        Contains the drift information for a resource that has been checked for drift. This includes actual and expected property values for resources in which AWS CloudFormation has detected drift. Only resource properties explicitly defined in the stack template are checked for drift. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources .

        Resources that do not currently support drift detection cannot be checked. For a list of resources that support drift detection, see Resources that Support Drift Detection .

        Use DetectStackResourceDrift to detect drift on individual resources, or DetectStackDrift to detect drift on all resources in a given stack that support drift detection.

        • StackId (string) --

          The ID of the stack.

        • LogicalResourceId (string) --

          The logical name of the resource specified in the template.

        • PhysicalResourceId (string) --

          The name or unique identifier that corresponds to a physical instance ID of a resource supported by AWS CloudFormation.

        • PhysicalResourceIdContext (list) --

          Context information that enables AWS CloudFormation to uniquely identify a resource. AWS CloudFormation uses context key-value pairs in cases where a resource's logical and physical IDs are not enough to uniquely identify that resource. Each context key-value pair specifies a unique resource that contains the targeted resource.

          • (dict) --

            Context information that enables AWS CloudFormation to uniquely identify a resource. AWS CloudFormation uses context key-value pairs in cases where a resource's logical and physical IDs are not enough to uniquely identify that resource. Each context key-value pair specifies a resource that contains the targeted resource.

            • Key (string) --

              The resource context key.

            • Value (string) --

              The resource context value.

        • ResourceType (string) --

          The type of the resource.

        • ExpectedProperties (string) --

          A JSON structure containing the expected property values of the stack resource, as defined in the stack template and any values specified as template parameters.

          For resources whose StackResourceDriftStatus is DELETED , this structure will not be present.

        • ActualProperties (string) --

          A JSON structure containing the actual property values of the stack resource.

          For resources whose StackResourceDriftStatus is DELETED , this structure will not be present.

        • PropertyDifferences (list) --

          A collection of the resource properties whose actual values differ from their expected values. These will be present only for resources whose StackResourceDriftStatus is MODIFIED .

          • (dict) --

            Information about a resource property whose actual value differs from its expected value, as defined in the stack template and any values specified as template parameters. These will be present only for resources whose StackResourceDriftStatus is MODIFIED . For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources .

            • PropertyPath (string) --

              The fully-qualified path to the resource property.

            • ExpectedValue (string) --

              The expected property value of the resource property, as defined in the stack template and any values specified as template parameters.

            • ActualValue (string) --

              The actual property value of the resource property.

            • DifferenceType (string) --

              The type of property difference.

              • ADD : A value has been added to a resource property that is an array or list data type.

              • REMOVE : The property has been removed from the current resource configuration.

              • NOT_EQUAL : The current property value differs from its expected value (as defined in the stack template and any values specified as template parameters).

        • StackResourceDriftStatus (string) --

          Status of the resource's actual configuration compared to its expected configuration

          • DELETED : The resource differs from its expected template configuration because the resource has been deleted.

          • MODIFIED : One or more resource properties differ from their expected values (as defined in the stack template and any values specified as template parameters).

          • IN_SYNC : The resources's actual configuration matches its expected template configuration.

          • NOT_CHECKED : AWS CloudFormation does not currently return this value.

        • Timestamp (datetime) --

          Time at which AWS CloudFormation performed drift detection on the stack resource.

    • NextToken (string) --

      If the request doesn't return all of the remaining results, NextToken is set to a token. To retrieve the next set of results, call DescribeStackResourceDrifts again and assign that token to the request object's NextToken parameter. If the request returns all results, NextToken is set to null .

DetectStackResourceDrift (new) Link ¶

Returns information about whether a resource's actual configuration differs, or has drifted , from it's expected configuration, as defined in the stack template and any values specified as template parameters. This information includes actual and expected property values for resources in which AWS CloudFormation detects drift. Only resource properties explicitly defined in the stack template are checked for drift. For more information about stack and resource drift, see Detecting Unregulated Configuration Changes to Stacks and Resources .

Use DetectStackResourceDrift to detect drift on individual resources, or DetectStackDrift to detect drift on all resources in a given stack that support drift detection.

Resources that do not currently support drift detection cannot be checked. For a list of resources that support drift detection, see Resources that Support Drift Detection .

See also: AWS API Documentation

Request Syntax

client.detect_stack_resource_drift(
    StackName='string',
    LogicalResourceId='string'
)
type StackName

string

param StackName

[REQUIRED]

The name of the stack to which the resource belongs.

type LogicalResourceId

string

param LogicalResourceId

[REQUIRED]

The logical name of the resource for which to return drift information.

rtype

dict

returns

Response Syntax

{
    'StackResourceDrift': {
        'StackId': 'string',
        'LogicalResourceId': 'string',
        'PhysicalResourceId': 'string',
        'PhysicalResourceIdContext': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        'ResourceType': 'string',
        'ExpectedProperties': 'string',
        'ActualProperties': 'string',
        'PropertyDifferences': [
            {
                'PropertyPath': 'string',
                'ExpectedValue': 'string',
                'ActualValue': 'string',
                'DifferenceType': 'ADD'|'REMOVE'|'NOT_EQUAL'
            },
        ],
        'StackResourceDriftStatus': 'IN_SYNC'|'MODIFIED'|'DELETED'|'NOT_CHECKED',
        'Timestamp': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    • StackResourceDrift (dict) --

      Information about whether the resource's actual configuration has drifted from its expected template configuration, including actual and expected property values and any differences detected.

      • StackId (string) --

        The ID of the stack.

      • LogicalResourceId (string) --

        The logical name of the resource specified in the template.

      • PhysicalResourceId (string) --

        The name or unique identifier that corresponds to a physical instance ID of a resource supported by AWS CloudFormation.

      • PhysicalResourceIdContext (list) --

        Context information that enables AWS CloudFormation to uniquely identify a resource. AWS CloudFormation uses context key-value pairs in cases where a resource's logical and physical IDs are not enough to uniquely identify that resource. Each context key-value pair specifies a unique resource that contains the targeted resource.

        • (dict) --

          Context information that enables AWS CloudFormation to uniquely identify a resource. AWS CloudFormation uses context key-value pairs in cases where a resource's logical and physical IDs are not enough to uniquely identify that resource. Each context key-value pair specifies a resource that contains the targeted resource.

          • Key (string) --

            The resource context key.

          • Value (string) --

            The resource context value.

      • ResourceType (string) --

        The type of the resource.

      • ExpectedProperties (string) --

        A JSON structure containing the expected property values of the stack resource, as defined in the stack template and any values specified as template parameters.

        For resources whose StackResourceDriftStatus is DELETED , this structure will not be present.

      • ActualProperties (string) --

        A JSON structure containing the actual property values of the stack resource.

        For resources whose StackResourceDriftStatus is DELETED , this structure will not be present.

      • PropertyDifferences (list) --

        A collection of the resource properties whose actual values differ from their expected values. These will be present only for resources whose StackResourceDriftStatus is MODIFIED .

        • (dict) --

          Information about a resource property whose actual value differs from its expected value, as defined in the stack template and any values specified as template parameters. These will be present only for resources whose StackResourceDriftStatus is MODIFIED . For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources .

          • PropertyPath (string) --

            The fully-qualified path to the resource property.

          • ExpectedValue (string) --

            The expected property value of the resource property, as defined in the stack template and any values specified as template parameters.

          • ActualValue (string) --

            The actual property value of the resource property.

          • DifferenceType (string) --

            The type of property difference.

            • ADD : A value has been added to a resource property that is an array or list data type.

            • REMOVE : The property has been removed from the current resource configuration.

            • NOT_EQUAL : The current property value differs from its expected value (as defined in the stack template and any values specified as template parameters).

      • StackResourceDriftStatus (string) --

        Status of the resource's actual configuration compared to its expected configuration

        • DELETED : The resource differs from its expected template configuration because the resource has been deleted.

        • MODIFIED : One or more resource properties differ from their expected values (as defined in the stack template and any values specified as template parameters).

        • IN_SYNC : The resources's actual configuration matches its expected template configuration.

        • NOT_CHECKED : AWS CloudFormation does not currently return this value.

      • Timestamp (datetime) --

        Time at which AWS CloudFormation performed drift detection on the stack resource.

DetectStackDrift (new) Link ¶

Detects whether a stack's actual configuration differs, or has drifted , from it's expected configuration, as defined in the stack template and any values specified as template parameters. For each resource in the stack that supports drift detection, AWS CloudFormation compares the actual configuration of the resource with its expected template configuration. Only resource properties explicitly defined in the stack template are checked for drift. A stack is considered to have drifted if one or more of its resources differ from their expected template configurations. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources .

Use DetectStackDrift to detect drift on all supported resources for a given stack, or DetectStackResourceDrift to detect drift on individual resources.

For a list of stack resources that currently support drift detection, see Resources that Support Drift Detection .

DetectStackDrift can take up to several minutes, depending on the number of resources contained within the stack. Use DescribeStackDriftDetectionStatus to monitor the progress of a detect stack drift operation. Once the drift detection operation has completed, use DescribeStackResourceDrifts to return drift information about the stack and its resources.

When detecting drift on a stack, AWS CloudFormation does not detect drift on any nested stacks belonging to that stack. Perform DetectStackDrift directly on the nested stack itself.

See also: AWS API Documentation

Request Syntax

client.detect_stack_drift(
    StackName='string',
    LogicalResourceIds=[
        'string',
    ]
)
type StackName

string

param StackName

[REQUIRED]

The name of the stack for which you want to detect drift.

type LogicalResourceIds

list

param LogicalResourceIds

The logical names of any resources you want to use as filters.

  • (string) --

rtype

dict

returns

Response Syntax

{
    'StackDriftDetectionId': 'string'
}

Response Structure

  • (dict) --

    • StackDriftDetectionId (string) --

      The ID of the drift detection results of this operation.

      AWS CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of drift results AWS CloudFormation retains for any given stack, and for how long, may vary.

DescribeStackDriftDetectionStatus (new) Link ¶

Returns information about a stack drift detection operation. A stack drift detection operation detects whether a stack's actual configuration differs, or has drifted , from it's expected configuration, as defined in the stack template and any values specified as template parameters. A stack is considered to have drifted if one or more of its resources have drifted. For more information on stack and resource drift, see Detecting Unregulated Configuration Changes to Stacks and Resources .

Use DetectStackDrift to initiate a stack drift detection operation. DetectStackDrift returns a StackDriftDetectionId you can use to monitor the progress of the operation using DescribeStackDriftDetectionStatus . Once the drift detection operation has completed, use DescribeStackResourceDrifts to return drift information about the stack and its resources.

See also: AWS API Documentation

Request Syntax

client.describe_stack_drift_detection_status(
    StackDriftDetectionId='string'
)
type StackDriftDetectionId

string

param StackDriftDetectionId

[REQUIRED]

The ID of the drift detection results of this operation.

AWS CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of drift results AWS CloudFormation retains for any given stack, and for how long, may vary.

rtype

dict

returns

Response Syntax

{
    'StackId': 'string',
    'StackDriftDetectionId': 'string',
    'StackDriftStatus': 'DRIFTED'|'IN_SYNC'|'UNKNOWN'|'NOT_CHECKED',
    'DetectionStatus': 'DETECTION_IN_PROGRESS'|'DETECTION_FAILED'|'DETECTION_COMPLETE',
    'DetectionStatusReason': 'string',
    'DriftedStackResourceCount': 123,
    'Timestamp': datetime(2015, 1, 1)
}

Response Structure

  • (dict) --

    • StackId (string) --

      The ID of the stack.

    • StackDriftDetectionId (string) --

      The ID of the drift detection results of this operation.

      AWS CloudFormation generates new results, with a new drift detection ID, each time this operation is run. However, the number of reports AWS CloudFormation retains for any given stack, and for how long, may vary.

    • StackDriftStatus (string) --

      Status of the stack's actual configuration compared to its expected configuration.

      • DRIFTED : The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.

      • NOT_CHECKED : AWS CloudFormation has not checked if the stack differs from its expected template configuration.

      • IN_SYNC : The stack's actual configuration matches its expected template configuration.

      • UNKNOWN : This value is reserved for future use.

    • DetectionStatus (string) --

      The status of the stack drift detection operation.

      • DETECTION_COMPLETE : The stack drift detection operation has successfully completed for all resources in the stack that support drift detection. (Resources that do not currently support stack detection remain unchecked.) If you specified logical resource IDs for AWS CloudFormation to use as a filter for the stack drift detection operation, only the resources with those logical IDs are checked for drift.

      • DETECTION_FAILED : The stack drift detection operation has failed for at least one resource in the stack. Results will be available for resources on which AWS CloudFormation successfully completed drift detection.

      • DETECTION_IN_PROGRESS : The stack drift detection operation is currently in progress.

    • DetectionStatusReason (string) --

      The reason the stack drift detection operation has its current status.

    • DriftedStackResourceCount (integer) --

      Total number of stack resources that have drifted. This is NULL until the drift detection operation reaches a status of DETECTION_COMPLETE . This value will be 0 for stacks whose drift status is IN_SYNC .

    • Timestamp (datetime) --

      Time at which the stack drift detection operation was initiated.

DescribeStackResource (updated) Link ¶
Changes (response)
{'StackResourceDetail': {'DriftInformation': {'LastCheckTimestamp': 'timestamp',
                                              'StackResourceDriftStatus': 'IN_SYNC '
                                                                          '| '
                                                                          'MODIFIED '
                                                                          '| '
                                                                          'DELETED '
                                                                          '| '
                                                                          'NOT_CHECKED'}}}

Returns a description of the specified resource in the specified stack.

For deleted stacks, DescribeStackResource returns resource information for up to 90 days after the stack has been deleted.

See also: AWS API Documentation

Request Syntax

client.describe_stack_resource(
    StackName='string',
    LogicalResourceId='string'
)
type StackName

string

param StackName

[REQUIRED]

The name or the unique stack ID that is associated with the stack, which are not always interchangeable:

  • Running stacks: You can specify either the stack's name or its unique stack ID.

  • Deleted stacks: You must specify the unique stack ID.

Default: There is no default value.

type LogicalResourceId

string

param LogicalResourceId

[REQUIRED]

The logical name of the resource as specified in the template.

Default: There is no default value.

rtype

dict

returns

Response Syntax

{
    'StackResourceDetail': {
        'StackName': 'string',
        'StackId': 'string',
        'LogicalResourceId': 'string',
        'PhysicalResourceId': 'string',
        'ResourceType': 'string',
        'LastUpdatedTimestamp': datetime(2015, 1, 1),
        'ResourceStatus': 'CREATE_IN_PROGRESS'|'CREATE_FAILED'|'CREATE_COMPLETE'|'DELETE_IN_PROGRESS'|'DELETE_FAILED'|'DELETE_COMPLETE'|'DELETE_SKIPPED'|'UPDATE_IN_PROGRESS'|'UPDATE_FAILED'|'UPDATE_COMPLETE',
        'ResourceStatusReason': 'string',
        'Description': 'string',
        'Metadata': 'string',
        'DriftInformation': {
            'StackResourceDriftStatus': 'IN_SYNC'|'MODIFIED'|'DELETED'|'NOT_CHECKED',
            'LastCheckTimestamp': datetime(2015, 1, 1)
        }
    }
}

Response Structure

  • (dict) --

    The output for a DescribeStackResource action.

    • StackResourceDetail (dict) --

      A StackResourceDetail structure containing the description of the specified resource in the specified stack.

      • StackName (string) --

        The name associated with the stack.

      • StackId (string) --

        Unique identifier of the stack.

      • LogicalResourceId (string) --

        The logical name of the resource specified in the template.

      • PhysicalResourceId (string) --

        The name or unique identifier that corresponds to a physical instance ID of a resource supported by AWS CloudFormation.

      • ResourceType (string) --

        Type of resource. ((For more information, go to AWS Resource Types Reference in the AWS CloudFormation User Guide.)

      • LastUpdatedTimestamp (datetime) --

        Time the status was updated.

      • ResourceStatus (string) --

        Current status of the resource.

      • ResourceStatusReason (string) --

        Success/failure message associated with the resource.

      • Description (string) --

        User defined description associated with the resource.

      • Metadata (string) --

        The content of the Metadata attribute declared for the resource. For more information, see Metadata Attribute in the AWS CloudFormation User Guide.

      • DriftInformation (dict) --

        Information about whether the resource's actual configuration differs, or has drifted , from its expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources .

        • StackResourceDriftStatus (string) --

          Status of the resource's actual configuration compared to its expected configuration

          • DELETED : The resource differs from its expected configuration in that it has been deleted.

          • MODIFIED : The resource differs from its expected configuration.

          • NOT_CHECKED : AWS CloudFormation has not checked if the resource differs from its expected configuration. Any resources that do not currently support drift detection have a status of NOT_CHECKED . For more information, see Resources that Support Drift Detection .

          • IN_SYNC : The resources's actual configuration matches its expected configuration.

        • LastCheckTimestamp (datetime) --

          When AWS CloudFormation last checked if the resource had drifted from its expected configuration.

DescribeStackResources (updated) Link ¶
Changes (response)
{'StackResources': {'DriftInformation': {'LastCheckTimestamp': 'timestamp',
                                         'StackResourceDriftStatus': 'IN_SYNC '
                                                                     '| '
                                                                     'MODIFIED '
                                                                     '| '
                                                                     'DELETED '
                                                                     '| '
                                                                     'NOT_CHECKED'}}}

Returns AWS resource descriptions for running and deleted stacks. If StackName is specified, all the associated resources that are part of the stack are returned. If PhysicalResourceId is specified, the associated resources of the stack that the resource belongs to are returned.

Note

Only the first 100 resources will be returned. If your stack has more resources than this, you should use ListStackResources instead.

For deleted stacks, DescribeStackResources returns resource information for up to 90 days after the stack has been deleted.

You must specify either StackName or PhysicalResourceId , but not both. In addition, you can specify LogicalResourceId to filter the returned result. For more information about resources, the LogicalResourceId and PhysicalResourceId , go to the AWS CloudFormation User Guide .

Note

A ValidationError is returned if you specify both StackName and PhysicalResourceId in the same request.

See also: AWS API Documentation

Request Syntax

client.describe_stack_resources(
    StackName='string',
    LogicalResourceId='string',
    PhysicalResourceId='string'
)
type StackName

string

param StackName

The name or the unique stack ID that is associated with the stack, which are not always interchangeable:

  • Running stacks: You can specify either the stack's name or its unique stack ID.

  • Deleted stacks: You must specify the unique stack ID.

Default: There is no default value.

Required: Conditional. If you do not specify StackName , you must specify PhysicalResourceId .

type LogicalResourceId

string

param LogicalResourceId

The logical name of the resource as specified in the template.

Default: There is no default value.

type PhysicalResourceId

string

param PhysicalResourceId

The name or unique identifier that corresponds to a physical instance ID of a resource supported by AWS CloudFormation.

For example, for an Amazon Elastic Compute Cloud (EC2) instance, PhysicalResourceId corresponds to the InstanceId . You can pass the EC2 InstanceId to DescribeStackResources to find which stack the instance belongs to and what other resources are part of the stack.

Required: Conditional. If you do not specify PhysicalResourceId , you must specify StackName .

Default: There is no default value.

rtype

dict

returns

Response Syntax

{
    'StackResources': [
        {
            'StackName': 'string',
            'StackId': 'string',
            'LogicalResourceId': 'string',
            'PhysicalResourceId': 'string',
            'ResourceType': 'string',
            'Timestamp': datetime(2015, 1, 1),
            'ResourceStatus': 'CREATE_IN_PROGRESS'|'CREATE_FAILED'|'CREATE_COMPLETE'|'DELETE_IN_PROGRESS'|'DELETE_FAILED'|'DELETE_COMPLETE'|'DELETE_SKIPPED'|'UPDATE_IN_PROGRESS'|'UPDATE_FAILED'|'UPDATE_COMPLETE',
            'ResourceStatusReason': 'string',
            'Description': 'string',
            'DriftInformation': {
                'StackResourceDriftStatus': 'IN_SYNC'|'MODIFIED'|'DELETED'|'NOT_CHECKED',
                'LastCheckTimestamp': datetime(2015, 1, 1)
            }
        },
    ]
}

Response Structure

  • (dict) --

    The output for a DescribeStackResources action.

    • StackResources (list) --

      A list of StackResource structures.

      • (dict) --

        The StackResource data type.

        • StackName (string) --

          The name associated with the stack.

        • StackId (string) --

          Unique identifier of the stack.

        • LogicalResourceId (string) --

          The logical name of the resource specified in the template.

        • PhysicalResourceId (string) --

          The name or unique identifier that corresponds to a physical instance ID of a resource supported by AWS CloudFormation.

        • ResourceType (string) --

          Type of resource. (For more information, go to AWS Resource Types Reference in the AWS CloudFormation User Guide.)

        • Timestamp (datetime) --

          Time the status was updated.

        • ResourceStatus (string) --

          Current status of the resource.

        • ResourceStatusReason (string) --

          Success/failure message associated with the resource.

        • Description (string) --

          User defined description associated with the resource.

        • DriftInformation (dict) --

          Information about whether the resource's actual configuration differs, or has drifted , from its expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources .

          • StackResourceDriftStatus (string) --

            Status of the resource's actual configuration compared to its expected configuration

            • DELETED : The resource differs from its expected configuration in that it has been deleted.

            • MODIFIED : The resource differs from its expected configuration.

            • NOT_CHECKED : AWS CloudFormation has not checked if the resource differs from its expected configuration. Any resources that do not currently support drift detection have a status of NOT_CHECKED . For more information, see Resources that Support Drift Detection .

            • IN_SYNC : The resources's actual configuration matches its expected configuration.

          • LastCheckTimestamp (datetime) --

            When AWS CloudFormation last checked if the resource had drifted from its expected configuration.

DescribeStacks (updated) Link ¶
Changes (response)
{'Stacks': {'DriftInformation': {'LastCheckTimestamp': 'timestamp',
                                 'StackDriftStatus': 'DRIFTED | IN_SYNC | '
                                                     'UNKNOWN | NOT_CHECKED'}}}

Returns the description for the specified stack; if no stack name was specified, then it returns the description for all the stacks created.

Note

If the stack does not exist, an AmazonCloudFormationException is returned.

See also: AWS API Documentation

Request Syntax

client.describe_stacks(
    StackName='string',
    NextToken='string'
)
type StackName

string

param StackName

The name or the unique stack ID that is associated with the stack, which are not always interchangeable:

  • Running stacks: You can specify either the stack's name or its unique stack ID.

  • Deleted stacks: You must specify the unique stack ID.

Default: There is no default value.

type NextToken

string

param NextToken

A string that identifies the next page of stacks that you want to retrieve.

rtype

dict

returns

Response Syntax

{
    'Stacks': [
        {
            'StackId': 'string',
            'StackName': 'string',
            'ChangeSetId': 'string',
            'Description': 'string',
            'Parameters': [
                {
                    'ParameterKey': 'string',
                    'ParameterValue': 'string',
                    'UsePreviousValue': True|False,
                    'ResolvedValue': 'string'
                },
            ],
            'CreationTime': datetime(2015, 1, 1),
            'DeletionTime': datetime(2015, 1, 1),
            'LastUpdatedTime': datetime(2015, 1, 1),
            'RollbackConfiguration': {
                'RollbackTriggers': [
                    {
                        'Arn': 'string',
                        'Type': 'string'
                    },
                ],
                'MonitoringTimeInMinutes': 123
            },
            'StackStatus': 'CREATE_IN_PROGRESS'|'CREATE_FAILED'|'CREATE_COMPLETE'|'ROLLBACK_IN_PROGRESS'|'ROLLBACK_FAILED'|'ROLLBACK_COMPLETE'|'DELETE_IN_PROGRESS'|'DELETE_FAILED'|'DELETE_COMPLETE'|'UPDATE_IN_PROGRESS'|'UPDATE_COMPLETE_CLEANUP_IN_PROGRESS'|'UPDATE_COMPLETE'|'UPDATE_ROLLBACK_IN_PROGRESS'|'UPDATE_ROLLBACK_FAILED'|'UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS'|'UPDATE_ROLLBACK_COMPLETE'|'REVIEW_IN_PROGRESS',
            'StackStatusReason': 'string',
            'DisableRollback': True|False,
            'NotificationARNs': [
                'string',
            ],
            'TimeoutInMinutes': 123,
            'Capabilities': [
                'CAPABILITY_IAM'|'CAPABILITY_NAMED_IAM',
            ],
            'Outputs': [
                {
                    'OutputKey': 'string',
                    'OutputValue': 'string',
                    'Description': 'string',
                    'ExportName': 'string'
                },
            ],
            'RoleARN': 'string',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ],
            'EnableTerminationProtection': True|False,
            'ParentId': 'string',
            'RootId': 'string',
            'DriftInformation': {
                'StackDriftStatus': 'DRIFTED'|'IN_SYNC'|'UNKNOWN'|'NOT_CHECKED',
                'LastCheckTimestamp': datetime(2015, 1, 1)
            }
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    The output for a DescribeStacks action.

    • Stacks (list) --

      A list of stack structures.

      • (dict) --

        The Stack data type.

        • StackId (string) --

          Unique identifier of the stack.

        • StackName (string) --

          The name associated with the stack.

        • ChangeSetId (string) --

          The unique ID of the change set.

        • Description (string) --

          A user-defined description associated with the stack.

        • Parameters (list) --

          A list of Parameter structures.

          • (dict) --

            The Parameter data type.

            • ParameterKey (string) --

              The key associated with the parameter. If you don't specify a key and value for a particular parameter, AWS CloudFormation uses the default value that is specified in your template.

            • ParameterValue (string) --

              The input value associated with the parameter.

            • UsePreviousValue (boolean) --

              During a stack update, use the existing parameter value that the stack is using for a given parameter key. If you specify true , do not specify a parameter value.

            • ResolvedValue (string) --

              Read-only. The value that corresponds to a Systems Manager parameter key. This field is returned only for ` SSM parameter types <http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html#aws-ssm-parameter-types>`__ in the template.

        • CreationTime (datetime) --

          The time at which the stack was created.

        • DeletionTime (datetime) --

          The time the stack was deleted.

        • LastUpdatedTime (datetime) --

          The time the stack was last updated. This field will only be returned if the stack has been updated at least once.

        • RollbackConfiguration (dict) --

          The rollback triggers for AWS CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards.

          • RollbackTriggers (list) --

            The triggers to monitor during stack creation or update actions.

            By default, AWS CloudFormation saves the rollback triggers specified for a stack and applies them to any subsequent update operations for the stack, unless you specify otherwise. If you do specify rollback triggers for this parameter, those triggers replace any list of triggers previously specified for the stack. This means:

            • To use the rollback triggers previously specified for this stack, if any, don't specify this parameter.

            • To specify new or updated rollback triggers, you must specify all the triggers that you want used for this stack, even triggers you've specifed before (for example, when creating the stack or during a previous stack update). Any triggers that you don't include in the updated list of triggers are no longer applied to the stack.

            • To remove all currently specified triggers, specify an empty list for this parameter.

            If a specified trigger is missing, the entire stack operation fails and is rolled back.

            • (dict) --

              A rollback trigger AWS CloudFormation monitors during creation and updating of stacks. If any of the alarms you specify goes to ALARM state during the stack operation or within the specified monitoring period afterwards, CloudFormation rolls back the entire stack operation.

              • Arn (string) --

                The Amazon Resource Name (ARN) of the rollback trigger.

                If a specified trigger is missing, the entire stack operation fails and is rolled back.

              • Type (string) --

                The resource type of the rollback trigger. Currently, AWS::CloudWatch::Alarm is the only supported resource type.

          • MonitoringTimeInMinutes (integer) --

            The amount of time, in minutes, during which CloudFormation should monitor all the rollback triggers after the stack creation or update operation deploys all necessary resources.

            The default is 0 minutes.

            If you specify a monitoring period but do not specify any rollback triggers, CloudFormation still waits the specified period of time before cleaning up old resources after update operations. You can use this monitoring period to perform any manual stack validation desired, and manually cancel the stack creation or update (using CancelUpdateStack , for example) as necessary.

            If you specify 0 for this parameter, CloudFormation still monitors the specified rollback triggers during stack creation and update operations. Then, for update operations, it begins disposing of old resources immediately once the operation completes.

        • StackStatus (string) --

          Current status of the stack.

        • StackStatusReason (string) --

          Success/failure message associated with the stack status.

        • DisableRollback (boolean) --

          Boolean to enable or disable rollback on stack creation failures:

          • true : disable rollback

          • false : enable rollback

        • NotificationARNs (list) --

          SNS topic ARNs to which stack related events are published.

          • (string) --

        • TimeoutInMinutes (integer) --

          The amount of time within which stack creation should complete.

        • Capabilities (list) --

          The capabilities allowed in the stack.

          • (string) --

        • Outputs (list) --

          A list of output structures.

          • (dict) --

            The Output data type.

            • OutputKey (string) --

              The key associated with the output.

            • OutputValue (string) --

              The value associated with the output.

            • Description (string) --

              User defined description associated with the output.

            • ExportName (string) --

              The name of the export associated with the output.

        • RoleARN (string) --

          The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that is associated with the stack. During a stack operation, AWS CloudFormation uses this role's credentials to make calls on your behalf.

        • Tags (list) --

          A list of Tag s that specify information about the stack.

          • (dict) --

            The Tag type enables you to specify a key-value pair that can be used to store information about an AWS CloudFormation stack.

            • Key (string) --

              Required . A string used to identify this tag. You can specify a maximum of 128 characters for a tag key. Tags owned by Amazon Web Services (AWS) have the reserved prefix: aws: .

            • Value (string) --

              Required . A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value.

        • EnableTerminationProtection (boolean) --

          Whether termination protection is enabled for the stack.

          For nested stacks , termination protection is set on the root stack and cannot be changed directly on the nested stack. For more information, see Protecting a Stack From Being Deleted in the AWS CloudFormation User Guide .

        • ParentId (string) --

          For nested stacks--stacks created as resources for another stack--the stack ID of the direct parent of this stack. For the first level of nested stacks, the root stack is also the parent stack.

          For more information, see Working with Nested Stacks in the AWS CloudFormation User Guide .

        • RootId (string) --

          For nested stacks--stacks created as resources for another stack--the stack ID of the the top-level stack to which the nested stack ultimately belongs.

          For more information, see Working with Nested Stacks in the AWS CloudFormation User Guide .

        • DriftInformation (dict) --

          Information on whether a stack's actual configuration differs, or has drifted , from it's expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources .

          • StackDriftStatus (string) --

            Status of the stack's actual configuration compared to its expected template configuration.

            • DRIFTED : The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.

            • NOT_CHECKED : AWS CloudFormation has not checked if the stack differs from its expected template configuration.

            • IN_SYNC : The stack's actual configuration matches its expected template configuration.

            • UNKNOWN : This value is reserved for future use.

          • LastCheckTimestamp (datetime) --

            Most recent time when a drift detection operation was initiated on the stack, or any of its individual resources that support drift detection.

    • NextToken (string) --

      If the output exceeds 1 MB in size, a string that identifies the next page of stacks. If no additional page exists, this value is null.

ListStackResources (updated) Link ¶
Changes (response)
{'StackResourceSummaries': {'DriftInformation': {'LastCheckTimestamp': 'timestamp',
                                                 'StackResourceDriftStatus': 'IN_SYNC '
                                                                             '| '
                                                                             'MODIFIED '
                                                                             '| '
                                                                             'DELETED '
                                                                             '| '
                                                                             'NOT_CHECKED'}}}

Returns descriptions of all resources of the specified stack.

For deleted stacks, ListStackResources returns resource information for up to 90 days after the stack has been deleted.

See also: AWS API Documentation

Request Syntax

client.list_stack_resources(
    StackName='string',
    NextToken='string'
)
type StackName

string

param StackName

[REQUIRED]

The name or the unique stack ID that is associated with the stack, which are not always interchangeable:

  • Running stacks: You can specify either the stack's name or its unique stack ID.

  • Deleted stacks: You must specify the unique stack ID.

Default: There is no default value.

type NextToken

string

param NextToken

A string that identifies the next page of stack resources that you want to retrieve.

rtype

dict

returns

Response Syntax

{
    'StackResourceSummaries': [
        {
            'LogicalResourceId': 'string',
            'PhysicalResourceId': 'string',
            'ResourceType': 'string',
            'LastUpdatedTimestamp': datetime(2015, 1, 1),
            'ResourceStatus': 'CREATE_IN_PROGRESS'|'CREATE_FAILED'|'CREATE_COMPLETE'|'DELETE_IN_PROGRESS'|'DELETE_FAILED'|'DELETE_COMPLETE'|'DELETE_SKIPPED'|'UPDATE_IN_PROGRESS'|'UPDATE_FAILED'|'UPDATE_COMPLETE',
            'ResourceStatusReason': 'string',
            'DriftInformation': {
                'StackResourceDriftStatus': 'IN_SYNC'|'MODIFIED'|'DELETED'|'NOT_CHECKED',
                'LastCheckTimestamp': datetime(2015, 1, 1)
            }
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    The output for a ListStackResources action.

    • StackResourceSummaries (list) --

      A list of StackResourceSummary structures.

      • (dict) --

        Contains high-level information about the specified stack resource.

        • LogicalResourceId (string) --

          The logical name of the resource specified in the template.

        • PhysicalResourceId (string) --

          The name or unique identifier that corresponds to a physical instance ID of the resource.

        • ResourceType (string) --

          Type of resource. (For more information, go to AWS Resource Types Reference in the AWS CloudFormation User Guide.)

        • LastUpdatedTimestamp (datetime) --

          Time the status was updated.

        • ResourceStatus (string) --

          Current status of the resource.

        • ResourceStatusReason (string) --

          Success/failure message associated with the resource.

        • DriftInformation (dict) --

          Information about whether the resource's actual configuration differs, or has drifted , from its expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources .

          • StackResourceDriftStatus (string) --

            Status of the resource's actual configuration compared to its expected configuration

            • DELETED : The resource differs from its expected configuration in that it has been deleted.

            • MODIFIED : The resource differs from its expected configuration.

            • NOT_CHECKED : AWS CloudFormation has not checked if the resource differs from its expected configuration. Any resources that do not currently support drift detection have a status of NOT_CHECKED . For more information, see Resources that Support Drift Detection . If you performed an ContinueUpdateRollback operation on a stack, any resources included in ResourcesToSkip will also have a status of NOT_CHECKED . For more information on skipping resources during rollback operations, see Continue Rolling Back an Update in the AWS CloudFormation User Guide.

            • IN_SYNC : The resources's actual configuration matches its expected configuration.

          • LastCheckTimestamp (datetime) --

            When AWS CloudFormation last checked if the resource had drifted from its expected configuration.

    • NextToken (string) --

      If the output exceeds 1 MB, a string that identifies the next page of stack resources. If no additional page exists, this value is null.

ListStacks (updated) Link ¶
Changes (response)
{'StackSummaries': {'DriftInformation': {'LastCheckTimestamp': 'timestamp',
                                         'StackDriftStatus': 'DRIFTED | '
                                                             'IN_SYNC | '
                                                             'UNKNOWN | '
                                                             'NOT_CHECKED'}}}

Returns the summary information for stacks whose status matches the specified StackStatusFilter. Summary information for stacks that have been deleted is kept for 90 days after the stack is deleted. If no StackStatusFilter is specified, summary information for all stacks is returned (including existing stacks and stacks that have been deleted).

See also: AWS API Documentation

Request Syntax

client.list_stacks(
    NextToken='string',
    StackStatusFilter=[
        'CREATE_IN_PROGRESS'|'CREATE_FAILED'|'CREATE_COMPLETE'|'ROLLBACK_IN_PROGRESS'|'ROLLBACK_FAILED'|'ROLLBACK_COMPLETE'|'DELETE_IN_PROGRESS'|'DELETE_FAILED'|'DELETE_COMPLETE'|'UPDATE_IN_PROGRESS'|'UPDATE_COMPLETE_CLEANUP_IN_PROGRESS'|'UPDATE_COMPLETE'|'UPDATE_ROLLBACK_IN_PROGRESS'|'UPDATE_ROLLBACK_FAILED'|'UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS'|'UPDATE_ROLLBACK_COMPLETE'|'REVIEW_IN_PROGRESS',
    ]
)
type NextToken

string

param NextToken

A string that identifies the next page of stacks that you want to retrieve.

type StackStatusFilter

list

param StackStatusFilter

Stack status to use as a filter. Specify one or more stack status codes to list only stacks with the specified status codes. For a complete list of stack status codes, see the StackStatus parameter of the Stack data type.

  • (string) --

rtype

dict

returns

Response Syntax

{
    'StackSummaries': [
        {
            'StackId': 'string',
            'StackName': 'string',
            'TemplateDescription': 'string',
            'CreationTime': datetime(2015, 1, 1),
            'LastUpdatedTime': datetime(2015, 1, 1),
            'DeletionTime': datetime(2015, 1, 1),
            'StackStatus': 'CREATE_IN_PROGRESS'|'CREATE_FAILED'|'CREATE_COMPLETE'|'ROLLBACK_IN_PROGRESS'|'ROLLBACK_FAILED'|'ROLLBACK_COMPLETE'|'DELETE_IN_PROGRESS'|'DELETE_FAILED'|'DELETE_COMPLETE'|'UPDATE_IN_PROGRESS'|'UPDATE_COMPLETE_CLEANUP_IN_PROGRESS'|'UPDATE_COMPLETE'|'UPDATE_ROLLBACK_IN_PROGRESS'|'UPDATE_ROLLBACK_FAILED'|'UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS'|'UPDATE_ROLLBACK_COMPLETE'|'REVIEW_IN_PROGRESS',
            'StackStatusReason': 'string',
            'ParentId': 'string',
            'RootId': 'string',
            'DriftInformation': {
                'StackDriftStatus': 'DRIFTED'|'IN_SYNC'|'UNKNOWN'|'NOT_CHECKED',
                'LastCheckTimestamp': datetime(2015, 1, 1)
            }
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    The output for ListStacks action.

    • StackSummaries (list) --

      A list of StackSummary structures containing information about the specified stacks.

      • (dict) --

        The StackSummary Data Type

        • StackId (string) --

          Unique stack identifier.

        • StackName (string) --

          The name associated with the stack.

        • TemplateDescription (string) --

          The template description of the template used to create the stack.

        • CreationTime (datetime) --

          The time the stack was created.

        • LastUpdatedTime (datetime) --

          The time the stack was last updated. This field will only be returned if the stack has been updated at least once.

        • DeletionTime (datetime) --

          The time the stack was deleted.

        • StackStatus (string) --

          The current status of the stack.

        • StackStatusReason (string) --

          Success/Failure message associated with the stack status.

        • ParentId (string) --

          For nested stacks--stacks created as resources for another stack--the stack ID of the direct parent of this stack. For the first level of nested stacks, the root stack is also the parent stack.

          For more information, see Working with Nested Stacks in the AWS CloudFormation User Guide .

        • RootId (string) --

          For nested stacks--stacks created as resources for another stack--the stack ID of the the top-level stack to which the nested stack ultimately belongs.

          For more information, see Working with Nested Stacks in the AWS CloudFormation User Guide .

        • DriftInformation (dict) --

          Summarizes information on whether a stack's actual configuration differs, or has drifted , from it's expected configuration, as defined in the stack template and any values specified as template parameters. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources .

          • StackDriftStatus (string) --

            Status of the stack's actual configuration compared to its expected template configuration.

            • DRIFTED : The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.

            • NOT_CHECKED : AWS CloudFormation has not checked if the stack differs from its expected template configuration.

            • IN_SYNC : The stack's actual configuration matches its expected template configuration.

            • UNKNOWN : This value is reserved for future use.

          • LastCheckTimestamp (datetime) --

            Most recent time when a drift detection operation was initiated on the stack, or any of its individual resources that support drift detection.

    • NextToken (string) --

      If the output exceeds 1 MB in size, a string that identifies the next page of stacks. If no additional page exists, this value is null.