AWS Quick Notes — CloudFormation Drift Detection

Drift is when your stacks actual configuration is changed and is now different from what CloudFormation expects, This can happen if adhoc or manual changes were made outside of CloudFormation.

CloudFormation will detect if resources have been modified, deleted, in sync or they could be in not checked status(CloudFormation has not checked status of the resource yet).

Cloudformation does not detect drift in nested stacks that belong to that stack.You can however initiate a drift detection to that particular nested stack separately.

The differences will be shown in the drift details on the AWS Console.

For a list of known cases where false positives can occur during drift detection, see the following .

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html