Check

aws cloudformation list-stacks --output yaml

aws cloudformation describe-stacks --output yaml

If you have forgotten the name of your stack, use this command to help find it...

aws cloudformation describe-stacks --output yaml | grep StackName

For further stack information use...

aws cloudformation describe-stacks --stack-name ${mystack}

aws cloudformation describe-stack-resources --stack-name ${mystack} --output table

Template

Stack Template Components

• Template Version (Optional)

• Description (Optional)

• Metadata (Optional)

• Parameters (Optional)

• Mappings (Optional)

• Conditions (Optional)

• Transform (Optional)

• Resources (Required)

• Outputs (Optional)

Stack Template Notes

AllowedPattern

The idea is to validate correct formatting of parameters using regular expressions. Some examples include...

• Basic email address structure...

^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$

• A valid IPv4 IP Address structure...

^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$

• Valid CIDR Block for use with AWS VPC and associated resources...

^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\\/([1-2][6-9]|3[0-2]))?$

• Passphrase Complexity Check (must start with a letter and minimum length of 12 alphanumeric characters including special characters)...

^[A-Za-z][a-zA-Z0-9@%$_-]{12,}$

• Valid cron schedule...

^\s*($|#|\w+\s*=|(\?|\*|(?:[0-5]?\d)(?:(?:-|\/|\,)(?:[0-5]?\d))?(?:,(?:[0-5]?\d)(?:(?:-|\/|\,)(?:[0-5]?\d))?)*)\s+(\?|\*|(?:[0-5]?\d)(?:(?:-|\/|\,)(?:[0-5]?\d))?(?:,(?:[0-5]?\d)(?:(?:-|\/|\,)(?:[0-5]?\d))?)*)\s+(\?|\*|(?:[01]?\d|2[0-3])(?:(?:-|\/|\,)(?:[01]?\d|2[0-3]))?(?:,(?:[01]?\d|2[0-3])(?:(?:-|\/|\,)(?:[01]?\d|2[0-3]))?)*)\s+(\?|\*|(?:0?[1-9]|[12]\d|3[01])(?:(?:-|\/|\,)(?:0?[1-9]|[12]\d|3[01]))?(?:,(?:0?[1-9]|[12]\d|3[01])(?:(?:-|\/|\,)(?:0?[1-9]|[12]\d|3[01]))?)*)\s+(\?|\*|(?:[1-9]|1[012])(?:(?:-|\/|\,)(?:[1-9]|1[012]))?(?:L|W)?(?:,(?:[1-9]|1[012])(?:(?:-|\/|\,)(?:[1-9]|1[012]))?(?:L|W)?)*|\?|\*|(?:JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC)(?:(?:-)(?:JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC))?(?:,(?:JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC)(?:(?:-)(?:JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC))?)*)\s+(\?|\*|(?:[0-6])(?:(?:-|\/|\,|#)(?:[0-6]))?(?:L)?(?:,(?:[0-6])(?:(?:-|\/|\,|#)(?:[0-6]))?(?:L)?)*|\?|\*|(?:MON|TUE|WED|THU|FRI|SAT|SUN)(?:(?:-)(?:MON|TUE|WED|THU|FRI|SAT|SUN))?(?:,(?:MON|TUE|WED|THU|FRI|SAT|SUN)(?:(?:-)(?:MON|TUE|WED|THU|FRI|SAT|SUN))?)*)(|\s)+(\?|\*|(?:|\d{4})(?:(?:-|\/|\,)(?:|\d{4}))?(?:,(?:|\d{4})(?:(?:-|\/|\,)(?:|\d{4}))?)*))$

Troubleshooting Stack Updates

Check the Status reason column in the Events tab of your Stack

Example: Incorrectly formatted cron schedule...

Status reason shows...

Parameter ScheduleExpression is not valid. (Service: AmazonCloudWatchEvents; Status Code: 400; Error Code: ValidationException; Request ID: 21d36604-8adb-4773-a0b2-d69b59cae404)

Entered string matched template AllowedPattern (validated at regex101).

Google search revealed that "You cannot use * in both the Day-of-month and Day-of-week fields. If you use it in one, you must use ? in the other." In fact one or the other must always be ?. Initial setting was 5 9 * * 4 * working setting is 5 9 ? * 4 * 

Delete Stack

From the Cloudformation console...

From the AWS CLI...

aws cloudformation delete-stack --stack-name mystack

To delete a stack with dependencies that can't be deleted...

From the Cloudformation console...

From the AWS CLI...

aws cloudformation delete-stack --stack-name my-stack --retain-resources myresource1 myresource2

Drift Detection

aws cloudformation detect-stack-drift --stack-name mystack

Bibliography