Class: CfnGuardian::Drift

Inherits:
Object
  • Object
show all
Defined in:
lib/cfnguardian/drift.rb

Instance Method Summary collapse

Constructor Details

#initialize(stack) ⇒ Drift

Returns a new instance of Drift.

[View source]

6
7
8
9
 
# File 'lib/cfnguardian/drift.rb', line 6

def initialize(stack)
  @stack = stack
  @client = Aws::CloudFormation::Client.new()
end

Instance Method Details

#detect_drift(stack) ⇒ Object

[View source]

24
25
26
27
28
29
 
# File 'lib/cfnguardian/drift.rb', line 24

def detect_drift(stack)
  resp = @client.detect_stack_drift({
    stack_name: stack
  })
  wait_for_dirft_detection(resp.stack_drift_detection_id)
end

#find_nested_stacksObject

[View source]

11
12
13
14
15
16
17
18
19
20
21
22
 
# File 'lib/cfnguardian/drift.rb', line 11

def find_nested_stacks
  stacks = []
  resp = @client.describe_stack_resources({
    stack_name: @stack
  })
  resp.stack_resources.each do |r|
    if r.resource_type == 'AWS::CloudFormation::Stack'
      stacks << r.physical_resource_id
    end
  end
  return stacks
end

#get_drift(stack) ⇒ Object

[View source]

42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
# File 'lib/cfnguardian/drift.rb', line 42

def get_drift(stack)
  rows = []
  resp = @client.describe_stack_resource_drifts({
    stack_name: stack,
    stack_resource_drift_status_filters: ["MODIFIED", "DELETED"]
  })
  
  if resp.stack_resource_drifts.any?
    resp.stack_resource_drifts.each do |drift|
      next if drift.resource_type != 'AWS::CloudWatch::Alarm'
      
      if drift.stack_resource_drift_status == 'MODIFIED'
        drift.property_differences.each do |diff|
          rows << [
            drift.physical_resource_id,
            diff.property_path,
            diff.expected_value,
            diff.actual_value,
            diff.difference_type
          ]
        end
      elsif drift.stack_resource_drift_status == 'DELETED'
        rows << [
          drift.physical_resource_id.red,
          "",
          "",
          "",
          drift.stack_resource_drift_status.red
        ]
      end
    end
  end
  
  return rows
end

#wait_for_dirft_detection(id, count = 0) ⇒ Object

[View source]

31
32
33
34
35
36
37
38
39
40
 
# File 'lib/cfnguardian/drift.rb', line 31

def wait_for_dirft_detection(id,count=0)
  resp = @client.describe_stack_drift_detection_status({
    stack_drift_detection_id: id
  })
  if resp.detection_status == 'DETECTION_IN_PROGRESS' && count < 10
    sleep(2)
    count += 1
    wait_for_dirft_detection(id,count)
  end
end