search

aws-cloudformation / cloudformation-coverage-roadmap

The AWS CloudFormation Public Coverage Roadmap
https://aws.amazon.com/cloudformation/
Creative Commons Attribution Share Alike 4.0 International
1.11k stars 54 forks source link

Drift detection false positive on MixedInstancesPolicy.LaunchTemplate.Overrides.LaunchTemplateSpecification #1785

Open phs opened 1 year ago

phs commented 1 year ago

Name of the resource

AWS::AutoScaling::AutoScalingGroup

Resource Name

No response

Issue Description

Mixed instance policies that use launch template specifications in overrides, such as to use a different AMI in the override, trigger false drifts.

The LaunchTemplateSpecification in the override is absent from the drift's detected "Actual".

Consider this gently abridged example:

{
  "Type": "AWS::AutoScaling::AutoScalingGroup",
  "Properties": {
    "AutoScalingGroupName": "name",
    "MaxSize": "0",
    "MinSize": "0",
    "MixedInstancesPolicy": {
      "InstancesDistribution": {
        "OnDemandPercentageAboveBaseCapacity": "0",
        "SpotAllocationStrategy": "price-capacity-optimized"
      },
      "LaunchTemplate": {
        "LaunchTemplateSpecification": {
          "LaunchTemplateId": {
            "Ref": "NodeLaunchTemplateX8664"
          },
          "Version": {
            "Fn::GetAtt": [
              "NodeLaunchTemplateX8664",
              "LatestVersionNumber"
            ]
          }
        },
        "Overrides": [
          {
            "InstanceType": "m6g.medium",
            "LaunchTemplateSpecification": {
              "LaunchTemplateId": {
                "Ref": "NodeLaunchTemplateArm64"
              },
              "Version": {
                "Fn::GetAtt": [
                  "NodeLaunchTemplateArm64",
                  "LatestVersionNumber"
                ]
              }
            },
            "WeightedCapacity": "1"
          }
        ]
      }
    },
    "VPCZoneIdentifier": { "Fn::Split": [",", { "Fn::ImportValue": "SubnetIds" }] }
  }
}

After applying the stack and detecting drift, the drift reports that the override launch template (here referencing NodeLaunchTemplateArm64) is spurious and should be removed.

Expected Behavior

The auto scaling group, using mixed instance policy that involved overriding the launch template, should pass drift detection after being applied.

Observed Behavior

The launch template within the overrides of the mixed instance policy are not observed by drift detection in the stack template, causing it to report drift when it sees them in the live resources.

Test Cases

Apply a AWS::AutoScaling::AutoScalingGroup similar to the one above, which includes overridden launch templates (for example to change AMI and cater to different processor architectures.) Then trigger drift detection.

Other Details

No response

tatianaschaefer0815 commented 10 months ago

We have the same problem, we would appreciate any help