aws-cloudformation
(AWS::EC2::LaunchTemplate ) - allow to set any VersionNumber as Default of an LaunchTemplate using CFN
Name of the resource
AWS::EC2::LaunchTemplate
Resource name
No response
Description
summary/impact
For debugging reasons, sometimes people check details of the currently "Configuration-In-Use" of an LaunchTemplate via AWS Console. If you click on a existing Launch template via Console you will always get the details of the Default Version - which is "hard-coded" always Version 1. Details below:
To begin with I tested the scenario by creating a Launch Template via CFN in eu-central-1 region. The launch template with version 1 (default) was created successfully along with the description as specified in the stack template. I then updated the stack which resulted in creation of a new version 2, but the default was still set to 1 and the new version 2 did not have any description. Thus, I can conclude that the default version of a launch template cannot be specified in AWS CloudFormation. The same is given in CloudFormation Documentation. Regarding the description issue, I've added #1517
is-state
The default version of a launch template cannot be specified in AWS CloudFormation.
(Hence, it's always 1)
target state
We are able to flag a version as default using CDK/CFN.
Other Details
The AWS CLI command "modify-launch-template" supports setting the default version, hence CloudFormation could do so as well.
+1
My use case actually more for security hub remediation actions. it's easy for me to make the adjustment but the pain point is Security hubs check use "Default" version and any changes i made to fix does not update on security up because the Default version never changed.
I wish there is a flag like "UseLatestVersionAsDefault" or something like that
