cloudformation-coverage-roadmap icon indicating copy to clipboard operation
cloudformation-coverage-roadmap copied to clipboard
verified publisher icon aws-cloudformation

[Cloudformation] - [BUG] - change-set is not correctly reflected

Open mosestam97 opened this issue 1 year ago • 2 comments

Name of the resource

Other

Resource Name

AWS::CloudFormation::Stack

Issue Description

When we are updating the nested stack at the parent level, if I remove a resource or add a resource, it will trigger modifications for other child stacks within the changeset. For example: AWSTemplateFormatVersion: '2010-09-09' Description: An example template for a Step Functions state machine. Resources: StateMachineName: Type: AWS::CloudFormation::Stack Properties: TemplateURL: https://thisisas3.s3.amazonaws.com/state

thisiss3one: Type: AWS::CloudFormation::Stack Properties: TemplateURL: https://thisisas3.s3.amazonaws.com/s3one.yml

iamdummy: Type: AWS::CloudFormation::Stack Properties: TemplateURL: https://thisisas3.s3.amazonaws.com/iamdummy.yml

anotherone: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: codeguru-profiler.amazonaws.com Action: 'sts:AssumeRole' ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonS3FullAccess RoleName: anotherolequestionmark

In here, I will be removing the anotherone resource, but that will cause a modification to the other resources.

Expected Behavior

As we only removed the resource 'anotherone', I will expect that only the removed resource shows in the changeset.

Observed Behavior

When I removed one resource from the parent stack, it showed all the resources as modified even though they were not changed.

Test Cases

AWSTemplateFormatVersion: '2010-09-09' Description: An example template for a Step Functions state machine. Resources: StateMachineName: Type: AWS::CloudFormation::Stack Properties: TemplateURL: https://thisisas3.s3.amazonaws.com/state

thisiss3one: Type: AWS::CloudFormation::Stack Properties: TemplateURL: https://thisisas3.s3.amazonaws.com/s3one.yml

iamdummy: Type: AWS::CloudFormation::Stack Properties: TemplateURL: https://thisisas3.s3.amazonaws.com/iamdummy.yml

anotherone: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: codeguru-profiler.amazonaws.com Action: 'sts:AssumeRole' ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonS3FullAccess RoleName: anotherolequestionmark

Other Details

No response

mosestam97 avatar May 30 '24 03:05 mosestam97

Uploading Screenshot 2024-05-30 at 2.52.09 PM.png…

mosestam97 avatar May 30 '24 03:05 mosestam97

AWS::Cloudformation::S3 is not a proper resource name. Please add the correct resource name to the title and fix it in the ticket. Thanks.

nmeisen avatar May 30 '24 17:05 nmeisen