Demo: Detecting Drifts on a CloudFormation Stack
Understand infrastructure drift by manually updating services.
Infrastructure drift is a fundamental concept to understand and ensure that it doesn’t happen in our environments.
Infrastructure drift
Imagine we developed a template and provisioned a set of services for our application using AWS CloudFormation. Later, it was found that one of the provisioned services had an incorrect configuration. To address it, a team member launched the service from the AWS Console and fixed it manually. Though this seems like a day-to-day process, it must be avoided when we provision infrastructure using AWS CloudFormation. Because of the incremental manual change, the desired state mentioned in the template and the current state of the infrastructure are out of sync. This difference in the state is called infrastructure drift. Any future updates using the template will result in an error.
Provisioning resources using AWS CloudFormation
The screenshot below shows an EC2 instance and a corresponding security group provisioned using AWS CloudFormation.
Get hands-on with 1200+ tech skills courses.