I was able to add a SecretsManager rotation schedule resource to two different stacks for the same secret. When I removed the duplicate resource from one one of the stacks it deleted the schedule from the secret. 1. This seems like a bug in Cloudformation/Secrets Manager. I'd expect them to prevent creating the same resource in two different stacks. 2. Any advice on getting the schedule back in sync with the remaining stack resource?

Hi, AWS-User-1437729 You're right, I'm not seeing a do not duplicate check in the [API doc for AWS::SecretsManager::RotationSchedule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-rotationschedule.html) properties. What do your CFN templates look like, are you doing nested stack or export-import with your resource creations?

AWS::SecretsManager::RotationSchedule doesn't check for existing schedule

I was able to add a SecretsManager rotation schedule resource to two different stacks for the same secret. When I removed the duplicate resource from one one of the stacks it deleted the schedule from the secret.

This seems like a bug in Cloudformation/Secrets Manager. I'd expect them to prevent creating the same resource in two different stacks.
Any advice on getting the schedule back in sync with the remaining stack resource?

トピック

管理とガバナンスセキュリティ、アイデンティティ、コンプライアンス

タグ

AWS CloudFormation AWS Secrets Manager

言語

English

AWS-User-1437729

質問済み 3ヶ月前120ビュー

1回答