cloudformation-coverage-roadmap icon indicating copy to clipboard operation
cloudformation-coverage-roadmap copied to clipboard

Published 20 hours ago verified publisher icon aws-cloudformation

False Drift Detection on AWS::Lambda::Function PackageType property

Open scotliu opened this issue 3 years ago • 0 comments

Name of the resource

AWS::Lambda::Function

Resource Name

No response

Issue Description

If an AWS::Lambda::Function resource has the PackageType Property, Drift Detection would not see the actual PackageType applied to the function. Thus gives false alarm.

Expected Behavior

Drift Detection should be able to detect the actual PackageType applied to the function.

Observed Behavior

$ aws cloudformation describe-stack-resource-drifts --stack-name packagetypedrift

"StackResourceDrifts": [ { ... "LogicalResourceId": "TestLambda", "PhysicalResourceId": "TestLambda", "ResourceType": "AWS::Lambda::Function", "ExpectedProperties": "{"FunctionName":"TestLambda","MemorySize":128,"PackageType":"Image","Role":"arn:aws:iam:::role/lambdaExecutionRole"}", "ActualProperties": "{"FunctionName":"TestLambda","MemorySize":128,"Role":"arn:aws:iam:::role/lambdaExecutionRole"}", "PropertyDifferences": [ { "PropertyPath": "/PackageType", "ExpectedValue": "Image", "ActualValue": "null", "DifferenceType": "REMOVE" } ], "StackResourceDriftStatus": "MODIFIED", "Timestamp": "2022-07-14T19:34:17.464000+00:00" } ] }

Test Cases

Create an AWS::Lambda::Function resource with PackageType Property and then try drift detection. This applies to both value Zip and Image values.

Other Details

No response

scotliu avatar Jul 14 '22 19:07 scotliu