search

aws-cloudformation / cloudformation-coverage-roadmap

The AWS CloudFormation Public Coverage Roadmap
https://aws.amazon.com/cloudformation/
Creative Commons Attribution Share Alike 4.0 International
1.11k stars 57 forks source link

( AWS::ApiGateway::Stage ) False-positive drift results caused by resource-level tags not being recognised #1297

Open greg5123334 opened 2 years ago

greg5123334 commented 2 years ago

Name of the resource

AWS::ApiGateway::Stage

Resource Name

No response

Issue Description

Cloudformation is not seeing tags added to AWS::ApiGateway::Stage resources, resulting in false-positive drift results.

Expected Behavior

Upon deploying the test stack, drift detection should report all resources IN_SYNC.

Observed Behavior

AWS::ApiGateway::Stage is immediately reported as drifted for a freshly-deployed stack.

Expected:

{
  "DeploymentId": "g38abc",
  "RestApiId": "dg3jabckj0dk",
  "StageName": "stageA",
  "Tags": [
    {
      "Key": "Name",
      "Value": "Liquid"
    },
    {
      "Key": "Note",
      "Value": "If-you-see-this-its-working"
    }
  ]
}

Actual:

{
  "DeploymentId": "g38abc",
  "RestApiId": "dg3jabckj0dk",
  "StageName": "stageA"
}

Test Cases

  1. Deploy stack

        api = apigateway.SpecRestApi(self, "ExampleRestApi",
                                 api_definition=apigateway.ApiDefinition.from_asset(
                                     "assets\petstore_api_definition.json"),
                                 )
    # https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-create-api-from-example.html

    CfnOutput(self, 'ApiGatewayNameOutput',
              value=api.rest_api_name,
              description='API Gataway Name',
              )
    CfnOutput(self, 'ApiGatewayIdOutput',
              value=api.rest_api_id,
              description='API Gataway Id',
              )

    deployment = apigateway.Deployment(self, 'Deployment',
                                       api=api,
                                       )
    api_stage = apigateway.Stage(self, 'Stage',
                                 deployment=deployment, stage_name='stageA',
                                 )
    api.deployment_stage = api_stage

    CfnOutput(self, 'ApiGatewayStageOutput',
              value=api_stage.stage_name,
              description='API Gataway Stage name',
              )
    CfnOutput(self, 'ApiGatewayStageArnOutput',
              value=api_stage.stage_arn,
              description='API Gataway Stage Arn',
              )

    Tags.of(api_stage).add("Name", "Liquid")
    Tags.of(api_stage).add("Note", "If-you-see-this-its-working")

  2. Detect Drift

  3. View Drift results

AWS::ApiGateway::Stage will be drifted.

Other Details

Sample API definition

Please note: Hard-coded to eu-west-1 region. petstore_api_definition.json

greg5123334 commented 2 years ago

Similar to #1296