2 Risposte
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
For CloudFormation based stacks, you could run a drift-detection and emit a custom metric and alert should drift be found. To automate the process, you could set up a custom AWS Config rule to run the drift detection.
con risposta 2 anni fa
0
I meant not tracking drift status
terraform was introduced relatively recently in our infrastructure, before that it was deployed through a self-written platform on nodejs
Right now we want to monitor security group and vpc for manual changes (someone went into the console and changed it manually) in the eventbridge solution, we tracked userAgent through exclusions (we excluded terraform, our deployment platform)
as I wrote above, the solutions of eventbridge and cloudwatch alarm are not suitable for us
con risposta 2 anni fa
Contenuto pertinente
- AWS UFFICIALEAggiornata 3 anni fa
This does not work. Solution is not stable and can not see differences.