我希望有一个AWS Config规则来通知手动创建资源,但忽略CloudFormation模板创建的资源。
作为第一步,列出所有手动创建的资源就足够了。
我是否可以使用任何AWS功能以最小的努力实现这一目标?
答案 0 :(得分:1)
CloudFormation uses tags which are reserved for AWS use only, cannot be added by regular users and are created automatically:
In addition to any tags you define, AWS CloudFormation automatically creates the following stack-level tags with the prefix aws::
- aws:cloudformation:logical-id
- aws:cloudformation:stack-id
- aws:cloudformation:stack-name
You could use AWS Config required-tags to check for the lack of presence of the reserved one(s) and that will give you non-CF created resources.