If you are handling your infrastructure as code using CloudFormation stacks and is managed by multiple users, you could have run into a scenario where one of them might have run the stack or modified the stack and no one is aware of change. To track and get alert on those scenarios we now have support for CloudFormation events in the EventBridge which can be piped to SNS or custom alert system.
Let us create a sample event to track Changes to one of the stacks. Most of the steps are clearly described here but the JSON here have few additional fields and statuses.
JSON for our custom event
Below JSON will help us in creating an alert for different statuses like
- Creation Complete/Failed
- Update Complete/Failed
- Delete Failure
{
"source": ["aws.cloudformation"],
"detail-type": ["CloudFormation Resource Status Change"],
"resources": ["arn:stack_Arn_here"],
"detail": {
"stack-id": ["arn:stack_Arn_here"],
"status-details": {
"status": ["CREATE_COMPLETE", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED", "UPDATE_COMPLETE"]
}
}
}EventBridge Rule
Open AWS EventBridge and create a new rule with Custom Pattern as shown in the screenshot below
Select your target which has to be SNS if you need to receive a notification
Once done create a rule and we should be good to receive the alert whenever a stack has been modified.