Is it possible to re-create AWS resources using CloudFormation?

3
votes

Lets say an AWS stack was created using CloudFormation. Now one of those resources was modified outside CloudFormation.

1) Is it possible to have CloudFormation specifically create those resources? Based on my understanding, we can't do that because CloudFormation does not identify a difference, and so does not create the modified resources. Is my observation correct?

2) Also, what options do I have to revert a stack to its original state, if modified outside CloudFormation?

3
amazon-web-servicesamazon-cloudformation
@helloV, why did you add amazon-ec2 as a tag... my questions applies to all AWS resources - not just EC2?GreenDroid

3 Answers

2
votes

Unfortunately the answer for both your questions is NO.

  1. If you modify the resources in the stack after stack creation status is COMPLETE, there is nothing CF can do since it doesn't keep track of modification to resources
  2. You have no option other than deleting the current stack and create a new one
1
votes

First, beware that modifying CloudFormation-created resources outside of CloudFormation is explicitly discouraged, according to AWS CloudFormation Best Practices:

Manage All Stack Resources Through AWS CloudFormation

After you launch a stack, use the AWS CloudFormation console, API, or AWS CLI to update resources in your stack. Do not make changes to stack resources outside of AWS CloudFormation. Doing so can create a mismatch between your stack's template and the current state of your stack resources, which can cause errors if you update or delete the stack.

However, if you've modified a CloudFormation-managed resource accidentally and need to recover, you may have some limited options beyond simply deleting and re-creating the stack altogether (which may not be an acceptable option):

  1. It is not possible for CloudFormation to automatically update its internal state based on the current state of an externally-modified resource.

    However, depending on the exact resource type, in some cases you can manually update CloudFormation afterwards by applying a stack update that matches the current state of the resource.

  2. Similarly, it is not possible for CloudFormation to automatically revert an externally-modified resource back to its original unmodified CloudFormation state.

    However, depending on the exact resource type, in some cases you can either:

    • Revert a resource by manually updating the resource back to its original state;
    • Update the resource by applying a stack update, bringing both the CloudFormation stack and the managed resource to an altogether new state that will once again be in sync.
0
votes

This is one possible hack you could use without deleting the entire stack.

  1. From the template remove the specific resource which got deleted accidentally.
  2. Now update the stack which makes your stack and resources in your account in sync.
  3. Revert the template to its state before step1 and update again which will create the resource which got deleted accidentally.