Detects whether a stack's actual configuration differs, or has drifted
, from it's expected configuration, as defined in the stack template and any values specified as template parameters. For each resource in the stack that supports drift detection, AWS CloudFormation compares the actual configuration of the resource with its expected template configuration. Only resource properties explicitly defined in the stack template are checked for drift. A stack is considered to have drifted if one or more of its resources differ from their expected template configurations. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources
to detect drift on all supported resources for a given stack, or DetectStackResourceDrift
to detect drift on individual resources.
For a list of stack resources that currently support drift detection, see Resources that Support Drift Detection
can take up to several minutes, depending on the number of resources contained within the stack. Use DescribeStackDriftDetectionStatus
to monitor the progress of a detect stack drift operation. Once the drift detection operation has completed, use DescribeStackResourceDrifts
to return drift information about the stack and its resources.
When detecting drift on a stack, AWS CloudFormation does not detect drift on any nested stacks belonging to that stack. Perform
directly on the nested stack itself.