Drift Detection using AWS CloudFormation

November 17, 2022 | Comments(0) |

TABLE OF CONTENT

1. Overview
2. Working of CloudFormation
3. Step-by-Step Guide to Process Drift Detection using CloudFormation
4. Conclusion
5. About CloudThat
6. FAQs

 

Overview

CloudFormation enables us to create and provision its infrastructure deployments predictably and repeatedly. CloudFormation helps us leverage AWS products such as Elastic Load Balancing, Amazon Elastic Block Store, Amazon EC2, Amazon SNS, and Auto Scaling to build highly scalable, cost-effective, and highly reliable applications in the cloud without worrying about creating and configuring the underlying AWS infrastructure. AWS CloudFormation enables us to utilize a template file to create and delete a collection of resources together as a single unit (a stack).

This service helps us set up and model our AWS resources so that we can spend less time managing those resources and more time focusing on applications that run in AWS. We create a template that describes all the AWS resources that we want (like Amazon EC2 instances or Amazon RDS DB instances), and CloudFormation takes care of configuring and provisioning those resources for us. We do not need to individually create and configure AWS resources and figure out what is dependent on what; CloudFormation handles that.

The benefits of using CloudFormation

CloudFormation offers a variety of benefits, including:

  • Improved automation: The simplicity of the template allows you to declare what you want your resources to look like. This eliminates the need to rely on other scripting tools to create the resources.
  • Quick infrastructure replication: You can quickly replicate your infrastructure without affecting other resources that your template previously created. The template is used to create as many stacks as needed.
  • Infrastructure consistency: The declarative way of defining templates allows for consistency you can be assured that stacks created with the template will be identical.
  • Easy-to-read template: If you are in the web application or microservice space, you have used YAML or JSON at some point. They are both widely used, so making it easy to find resources on it or to understand.

Working of CloudFormation

There are three concepts we need to be aware of when using CloudFormation, these concepts are fundamental to how it works and those are,

  1. Template

It is a declarative way of defining resources as a JSON or YAML file. This template can then be used to deploy the resources either using the CLI or console.

  1. Stack

When deploying a template, it creates both resources (EC2 and EIP) as a stack. These resources are created as a unit; therefore, any deletion or update of resources will be applied to the stack.

  1. Change Set

When a stack needs to be updated, can simply run an update on the stack and let CloudFormation take care of replacing the necessary resources. It takes that further and gives the ability to see the impact of the modifications you are applying before they are applied.

Step-by-Step Guide to Process Drift Detection using CloudFormation

Step 1: Log in to AWS Console and create a key-pair as shown below

cf1

Step 2: Create a JSON/yml template file to create a stack. Give the EC2 name, KeyName which was created earlier, new security group name, and get ImageId, SubnetId, and VpcId from AWS services.  

Step 3: Go to CloudFormation, select the region in which you have chosen the VpcId region, click on Create Stack, and under that click on new resources(standard)

cf3

Step 4: Choose Template is ready, upload a template file, choose the file, upload the .yml file, and Click on Next.

cf4

Step 5: Give the name for the Stack and Click on Next.

cf5

Step 6: Scroll down and Click on Next.

cf6

Step 7: Scroll down and Click on Create Stack

cf7

cf7b

cf7c

EC2 instance

cf7d

Security Group

cf7e

Step 8: Click on Stack actions and choose to Detect Drift option.

cf8

cf8b

Step 9: Click on Stack actions and Choose View Drift results.

cf9

cf9b

Step 10: Go to the security group and select inbound rules and select port 80. Click on Edit inbound rules.

cf10

cf10b

Step 11: Go to CloudFormation and check drift detection as you can see it is drifted.

cf11

Conclusion

AWS CloudFormation offers an easy way to model the necessary AWS resources, allocate them and manage them throughout their lifecycle by working with them as code. CloudFormation so that you can create multiple infrastructures, troubleshoot your components, and recover your application’s resources whenever there is a failover.

About CloudThat

CloudThat is also the official AWS (Amazon Web Services) Advanced Consulting Partner and Training partner and Microsoft gold partner, helping people develop knowledge of the cloud and help their businesses aim for higher goals using best-in-industry cloud computing practices and expertise. We are on a mission to build a robust cloud computing ecosystem by disseminating knowledge on technological intricacies within the cloud space. Our blogs, webinars, case studies, and white papers enable all the stakeholders in the cloud computing sphere.

Drop a query if you have any questions regarding CloudFormation and I will get back to you quickly.

To get started, go through our Consultancy page and Managed Services Package that is CloudThat’s offerings.

FAQs

  1. How does CloudFormation handle drift?

A. CloudFormation displays an information bar stating that drift detection has been initiated for the selected stack. Wait until CloudFormation finishes the drift detection operation. When the drift detection operation completes, CloudFormation updates the Drift status and Last drift check time for the stack.

  1. How does CloudFormation detect changes?

A. A resource is considered to have drifted if one or more of its properties have been deleted, or had their value changed. It generates detailed information on each resource in the stack that has drifted. It detects drift on those AWS resources that support drift detection.

  1. Why is drift detection important?

A. Data drift is the main reason model accuracy decreases over time. Thus, monitoring the changes continuously in our model’s behavior is of utmost importance.


Leave a Reply