Table: aws_cloudformation_stack - Query AWS CloudFormation Stack using SQL
The AWS CloudFormation Stack is a service that allows you to manage and provision AWS resources in an orderly and predictable fashion. You can use AWS CloudFormation to leverage AWS products such as Amazon EC2, Amazon Elastic Block Store, Amazon SNS, Elastic Load Balancing, and Auto Scaling to build highly reliable, highly scalable, cost-effective applications without creating or configuring the underlying AWS infrastructure. With CloudFormation, you describe your desired resources in a template, and AWS CloudFormation takes care of provisioning and configuring those resources for you.
Table Usage Guide
The aws_cloudformation_stack
table in Steampipe provides you with information about stacks within AWS CloudFormation. This table enables you as a DevOps engineer to query stack-specific details, including stack name, status, creation time, and associated tags. You can utilize this table to gather insights on stacks, such as stack status, stack resources, stack capabilities, and more. The schema outlines the various attributes of the CloudFormation stack for you, including stack ID, stack name, creation time, stack status, and associated tags.
Examples
Find the status of each cloudformation stack
Explore the current status of each AWS CloudFormation stack to monitor the health and progress of your infrastructure deployments. This can help in identifying any potential issues or failures in your stack deployments.
select name, id, statusfrom aws_cloudformation_stack;
select name, id, statusfrom aws_cloudformation_stack;
List of cloudformation stack where rollback is disabled
Discover the segments that have disabled rollback in their AWS CloudFormation stacks. This can be useful for identifying potential risk areas, as these stacks will not automatically revert to a previous state if an error occurs during stack operations.
select name, disable_rollbackfrom aws_cloudformation_stackwhere disable_rollback;
select name, disable_rollbackfrom aws_cloudformation_stackwhere disable_rollback = 1;
List of stacks where termination protection is not enabled
Discover the segments that have not enabled termination protection in their stacks. This is crucial to identify potential risk areas and ensure the safety of your resources.
select name, enable_termination_protectionfrom aws_cloudformation_stackwhere not enable_termination_protection;
select name, enable_termination_protectionfrom aws_cloudformation_stackwhere enable_termination_protection = 0;
Rollback configuration info for each cloudformation stack
Explore the settings of your AWS CloudFormation stacks to understand their rollback configurations, including how long they monitor for signs of trouble and what triggers a rollback. This can help optimize your stack management by adjusting these settings based on your operational needs.
select name, rollback_configuration ->> 'MonitoringTimeInMinutes' as monitoring_time_in_min, rollback_configuration ->> 'RollbackTriggers' as rollback_triggersfrom aws_cloudformation_stack;
select name, json_extract( rollback_configuration, '$.MonitoringTimeInMinutes' ) as monitoring_time_in_min, json_extract(rollback_configuration, '$.RollbackTriggers') as rollback_triggersfrom aws_cloudformation_stack;
Resource ARNs where notifications about stack actions will be sent
Determine the areas in which notifications related to stack actions will be sent. This is useful for managing and tracking changes in your AWS CloudFormation stacks.
select name, jsonb_array_elements_text(notification_arns) as resource_arnsfrom aws_cloudformation_stack;
select name, json_extract( json_each.value, ') as resource_arnsfrom aws_cloudformation_stack, json_each(notification_arns);
Schema for aws_cloudformation_stack
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The AWS Account ID in which the resource is located. |
akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
capabilities | jsonb | The capabilities allowed in the stack. | |
change_set_id | text | The unique ID of the change set. | |
creation_time | timestamp with time zone | The time at which the stack was created. | |
deletion_time | timestamp with time zone | The time the stack was deleted. | |
description | text | A user-defined description associated with the stack. | |
detailed_status | text | The detailed status of the resource or stack. | |
disable_rollback | boolean | Boolean to enable or disable rollback on stack creation failures. | |
enable_termination_protection | boolean | Specifies whether termination protection is enabled for the stack. | |
id | text | Unique identifier of the stack. | |
last_updated_time | timestamp with time zone | The time the stack was last updated. This field will only be returned if the stack has been updated at least once. | |
name | text | = | The name associated with the stack. |
notification_arns | jsonb | SNS topic ARNs to which stack related events are published. | |
outputs | jsonb | A list of output structures. | |
parameters | jsonb | A list of Parameter structures. | |
parent_id | text | ID of the direct parent of this stack. | |
partition | text | The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov). | |
region | text | The AWS Region in which the resource is located. | |
resources | jsonb | A list of Stack resource structures. | |
retain_except_on_create | boolean | When set to true , newly created resources are deleted when the operation rolls back. | |
role_arn | text | The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that is associated with the stack. | |
rollback_configuration | jsonb | The rollback triggers for AWS CloudFormation to monitor during stack creation and updating operations, and for the specified monitoring period afterwards. | |
root_id | text | ID of the top-level stack to which the nested stack ultimately belongs. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
stack_drift_status | text | Status of the stack's actual configuration compared to its expected template configuration. | |
stack_status_reason | text | Success/failure message associated with the stack status. | |
status | text | Current status of the stack. | |
tags | jsonb | A map of tags for the resource. | |
tags_src | jsonb | A list of tags associated with stack. | |
template_body | text | Structure containing the template body. | |
template_body_json | jsonb | Structure containing the template body. Parsed into json object for better readability. | |
timeout_in_minutes | bigint | The amount of time within which stack creation should complete. | |
title | text | Title of the resource. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws
You can pass the configuration to the command with the --config
argument:
steampipe_export_aws --config '<your_config>' aws_cloudformation_stack