Skip to content
/ cfn-template-audit Public

Read all the CloudFormation templates in an AWS account

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

NikolaBravo/cfn-template-audit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.eslintrc
.eslintrc
 
 
index.js
index.js
 
 
package.json
package.json
 
 
readme.md
readme.md
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

cfn-template-audit

Read all the CloudFormation templates in an AWS account

Usage

Which statuses are you interested in?

Specify the stack statuses you are interested in auditing as an array. If you don't care, then don't bother. The following statuses will be included in your results:

[
  'CREATE_IN_PROGRESS',
  'CREATE_FAILED',
  'CREATE_COMPLETE',
  'ROLLBACK_IN_PROGRESS',
  'ROLLBACK_FAILED',
  'ROLLBACK_COMPLETE',
  'DELETE_IN_PROGRESS',
  'DELETE_FAILED',
  'UPDATE_IN_PROGRESS',
  'UPDATE_COMPLETE_CLEANUP_IN_PROGRESS',
  'UPDATE_COMPLETE',
  'UPDATE_ROLLBACK_IN_PROGRESS',
  'UPDATE_ROLLBACK_FAILED',
  'UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS',
  'UPDATE_ROLLBACK_COMPLETE',
  'REVIEW_IN_PROGRESS'
]

What are you looking for inside the templates?

Write a function that accepts a single template as a string, and then returns true or false indicating that it should or should not be included in your results. If you want everything, don't bother with this step.

const templateFilter = template =>
  JSON.parse(template).Resources.SomeResourceName.Type === 'AWS::SNS::Topic';

If you need to do any asynchronous I/O to determine which templates to include in the results, simply return a Promise that resolves to a boolean value.

const templateFilter = template =>
  new Promise((resolve, reject) =>
    asynchronousCheck(template, (err, accept) => {
      if (err) return reject(err);
      return resolve(accept); // accept is `true` or `false`
    })
  );

Roll it up into a script

const audit = require('@mapbox/cfn-template-audit');
const conditions = {
  statuses: ['CREATE_COMPLETE'],
  templateFilter: template =>
    JSON.parse(template).Resources.SomeResourceName.Type === 'AWS::SNS::Topic'
};

audit.getWorldWideTemplates(conditions).then(data =>
  console.log(
    data.map(stack => `${stack.Summary.StackName} ${stack.Region}`)
  );
);

If you don't have any conditions (you want to see everything), then just go for it:

audit.getWorldWideTemplates().then(data =>
  console.log(
    data.map(stack => `${stack.Summary.StackName} ${stack.Region}`)
  );
);

If you're only interested in a single region, there's a function for that:

audit.getTemplates('us-east-1', conditions).then(data => ...);

What do I get out of this?

You get back an array of objects with the following properties:

{
  Summary: {
    StackId: 'Unique stack identifier',
    StackName: 'The name associated with the stack',
    TemplateDescription: 'The description of the template used to create the stack',
    CreationTime: 'The time the stack was created',
    LastUpdatedTime: 'The time the stack was last updated',
    DeletionTime: 'The time the stack was deleted',
    StackStatus: 'The current status of the stack',
    StackStatusReason: 'Success/Failure message associated with the stack status'
  },
  TemplateBody: 'The template itself as a string',
  Region: 'The AWS region the template is in'
}

The array will be sorted alphabetically by stack name.

About

Read all the CloudFormation templates in an AWS account

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

No packages published

Languages