AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.
[ aws . cloudformation ]
Returns drift information for resources in a stack instance.
ListStackInstanceResourceDrifts
returns drift information for the most recent drift detection operation. If an operation is in progress, it may only return partial results.See also: AWS API Documentation
list-stack-instance-resource-drifts
--stack-set-name <value>
[--next-token <value>]
[--max-results <value>]
[--stack-instance-resource-drift-statuses <value>]
--stack-instance-account <value>
--stack-instance-region <value>
--operation-id <value>
[--call-as <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
--stack-set-name
(string)
The name or unique ID of the stack set that you want to list drifted resources for.
--next-token
(string)
If the previous paginated request didn't return all of the remaining results, the response object'sNextToken
parameter value is set to a token. To retrieve the next set of results, call this action again and assign that token to the request object'sNextToken
parameter. If there are no remaining results, the previous response object'sNextToken
parameter is set tonull
.
--max-results
(integer)
The maximum number of results to be returned with a single call. If the number of available results exceeds this maximum, the response includes aNextToken
value that you can assign to theNextToken
request parameter to get the next set of results.
--stack-instance-resource-drift-statuses
(list)
The resource drift status of the stack instance.
DELETED
: The resource differs from its expected template configuration in that the resource has been deleted.MODIFIED
: One or more resource properties differ from their expected template values.IN_SYNC
: The resource's actual configuration matches its expected template configuration.NOT_CHECKED
: CloudFormation doesn't currently return this value.(string)
Syntax:
"string" "string" ...
Where valid values are:
IN_SYNC
MODIFIED
DELETED
NOT_CHECKED
--stack-instance-account
(string)
The name of the Amazon Web Services account that you want to list resource drifts for.
--stack-instance-region
(string)
The name of the Region where you want to list resource drifts.
--operation-id
(string)
The unique ID of the drift operation.
--call-as
(string)
[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.
By default,
SELF
is specified. UseSELF
for stack sets with self-managed permissions.
- If you are signed in to the management account, specify
SELF
.- If you are signed in to a delegated administrator account, specify
DELEGATED_ADMIN
. Your Amazon Web Services account must be registered as a delegated administrator in the management account. For more information, see Register a delegated administrator in the CloudFormation User Guide .Possible values:
SELF
DELEGATED_ADMIN
--cli-input-json
(string)
Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
--debug
(boolean)
Turn on debug logging.
--endpoint-url
(string)
Override command's default URL with the given URL.
--no-verify-ssl
(boolean)
By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.
--no-paginate
(boolean)
Disable automatic pagination. If automatic pagination is disabled, the AWS CLI will only make one call, for the first page of results.
--output
(string)
The formatting style for command output.
--query
(string)
A JMESPath query to use in filtering the response data.
--profile
(string)
Use a specific profile from your credential file.
--region
(string)
The region to use. Overrides config/env settings.
--version
(string)
Display the version of this tool.
--color
(string)
Turn on/off color output.
--no-sign-request
(boolean)
Do not sign requests. Credentials will not be loaded if this argument is provided.
--ca-bundle
(string)
The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.
--cli-read-timeout
(int)
The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.
--cli-connect-timeout
(int)
The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.
Summaries -> (list)
A list of
StackInstanceResourceDriftsSummary
structures that contain information about the specified stack instances.(structure)
The structure containing summary information about resource drifts for a stack instance.
StackId -> (string)
The ID of the stack instance.LogicalResourceId -> (string)
The logical name of the resource specified in the template.PhysicalResourceId -> (string)
The name or unique identifier that corresponds to a physical instance ID of a resource supported by CloudFormation.PhysicalResourceIdContext -> (list)
Context information that enables CloudFormation to uniquely identify a resource. CloudFormation uses context key-value pairs in cases where a resource's logical and physical IDs aren't enough to uniquely identify that resource. Each context key-value pair specifies a unique resource that contains the targeted resource.
(structure)
Context information that enables CloudFormation to uniquely identify a resource. CloudFormation uses context key-value pairs in cases where a resource's logical and physical IDs aren't enough to uniquely identify that resource. Each context key-value pair specifies a resource that contains the targeted resource.
Key -> (string)
The resource context key.Value -> (string)
The resource context value.ResourceType -> (string)
Type of resource. For more information, see Amazon Web Services resource and property types reference in the CloudFormation User Guide .PropertyDifferences -> (list)
Status of the actual configuration of the resource compared to its expected configuration. These will be present only for resources whose
StackInstanceResourceDriftStatus
isMODIFIED
.(structure)
Information about a resource property whose actual value differs from its expected value, as defined in the stack template and any values specified as template parameters. These will be present only for resources whose
StackResourceDriftStatus
isMODIFIED
. For more information, see Detect unmanaged configuration changes to stacks and resources with drift detection .PropertyPath -> (string)
The fully-qualified path to the resource property.ExpectedValue -> (string)
The expected property value of the resource property, as defined in the stack template and any values specified as template parameters.ActualValue -> (string)
The actual property value of the resource property.DifferenceType -> (string)
The type of property difference.
ADD
: A value has been added to a resource property that's an array or list data type.REMOVE
: The property has been removed from the current resource configuration.NOT_EQUAL
: The current property value differs from its expected value (as defined in the stack template and any values specified as template parameters).StackResourceDriftStatus -> (string)
The drift status of the resource in a stack instance.
DELETED
: The resource differs from its expected template configuration in that the resource has been deleted.MODIFIED
: One or more resource properties differ from their expected template values.IN_SYNC
: The resource's actual configuration matches its expected template configuration.NOT_CHECKED
: CloudFormation doesn't currently return this value.Timestamp -> (timestamp)
Time at which the stack instance drift detection operation was initiated.
NextToken -> (string)
If the previous paginated request didn't return all of the remaining results, the response object'sNextToken
parameter value is set to a token. To retrieve the next set of results, call this action again and assign that token to the request object'sNextToken
parameter. If there are no remaining results, the previous response object'sNextToken
parameter is set tonull
.