How resources are provisioned (through CloudFormation or Manually or Coding) ?

0

Any method/code/tool can help to find out

[1] What are the resources are provisioned with AWS CloudFormation templates (IaC/Automated way)

[2] What are the resources are created/provisioned manually through AWS Management Console (UI) ? And

[3] Any changes made to those resources after successfully provisioned (either through UI or services) ?

1 Answer
0

Resources created via CloudFormation are not automatically tagged with anything to show that they've been created via CFN. A Best Practice is to ensure that if you are creating those resources via some kind of IaC, that you had specific tags to the resources themselves, for just this reason. I generally recommend adding a tag that shows which version of code this resource was instantiated by, for troubleshooting purposes later. This goes for all IaC resources - not just ones created by CloudFormation.

Since there aren't tags added by CFN (automatically), there's no immediate difference between a resource created by CloudFormation and one created by hand, whether that's AWS CLI, programatically, or through the console. Again - it's always a good idea to add tags to those resources - at least to ensure you can capture who created the resoruce, why, who's paying for it, and perhaps other Operational needs (like if it needs to be backed up, or has a specific lifetime associated).

As far as resources changing after provisioning, you can use CFN drift detection, or you can enable Config. Drift Detection will tell yo uspecifically which resources have changed from the time you originally instantiated them (with CloudFormation), vs. Config - which will tell you specifically what changes have happened, who made those changes and what the previous configuration was, in case you need to roll-back. Make sure to enable Config Recorder BEFORE you initially instantiate anything, so it can record those changes as you make them.

Paul_B
answered 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions