Class: CfnGuardian::Drift

Inherits:
Object
  • Object
show all
Defined in:
lib/cfnguardian/drift.rb

Instance Method Summary collapse

Constructor Details

#initialize(stack) ⇒ Drift

Returns a new instance of Drift.



6
7
8
9
 
# File 'lib/cfnguardian/drift.rb', line 6

def initialize(stack)
  @stack = stack
  @client = Aws::CloudFormation::Client.new()
end

Instance Method Details

#detect_drift(stack) ⇒ Object 



24
25
26
27
28
29
 
# File 'lib/cfnguardian/drift.rb', line 24

def detect_drift(stack)
  resp = @client.detect_stack_drift({
    stack_name: stack
  })
  wait_for_dirft_detection(resp.stack_drift_detection_id)
end

#find_nested_stacksObject 



11
12
13
14
15
16
17
18
19
20
21
22
 
# File 'lib/cfnguardian/drift.rb', line 11

def find_nested_stacks
  stacks = []
  resp = @client.describe_stack_resources({
    stack_name: @stack
  })
  resp.stack_resources.each do |r|
    if r.resource_type == 'AWS::CloudFormation::Stack'
      stacks << r.physical_resource_id
    end
  end
  return stacks
end

#get_drift(stack) ⇒ Object 



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
# File 'lib/cfnguardian/drift.rb', line 42

def get_drift(stack)
  rows = []
  resp = @client.describe_stack_resource_drifts({
    stack_name: stack,
    stack_resource_drift_status_filters: ["MODIFIED", "DELETED"]
  })
  
  if resp.stack_resource_drifts.any?
    resp.stack_resource_drifts.each do |drift|
      next if drift.resource_type != 'AWS::CloudWatch::Alarm'
      
      if drift.stack_resource_drift_status == 'MODIFIED'
        drift.property_differences.each do |diff|
          rows << [
            drift.physical_resource_id,
            diff.property_path,
            diff.expected_value,
            diff.actual_value,
            diff.difference_type
          ]
        end
      elsif drift.stack_resource_drift_status == 'DELETED'
        rows << [
          drift.physical_resource_id.red,
          "",
          "",
          "",
          drift.stack_resource_drift_status.red
        ]
      end
    end
  end
  
  return rows
end

#wait_for_dirft_detection(id, count = 0) ⇒ Object 



31
32
33
34
35
36
37
38
39
40
 
# File 'lib/cfnguardian/drift.rb', line 31

def wait_for_dirft_detection(id,count=0)
  resp = @client.describe_stack_drift_detection_status({
    stack_drift_detection_id: id
  })
  if resp.detection_status == 'DETECTION_IN_PROGRESS' && count < 10
    sleep(2)
    count += 1
    wait_for_dirft_detection(id,count)
  end
end