When creating a DMS Endpoint via CloudFormation, with tags defined at the stack level, the resource is created correctly with the defined tags; but if the stack is updated to change the tags, the user-defined tags are REMOVED and new tags are not added.
This breaks reporting and tag compliance policies.
Expected Behavior
CloudFormation should maintain resource tags correctly.
Observed Behavior
CloudFormation deletes removed tags but does not add new tags
Test Cases
create a stack with a single DMS endpoint (see template below) using the command-line aws cloudformation deploy --template-file template.yml --stack-name dms-endpoint-test --tags mytag:something=other
Check the endpoint resource tags -- in addition to the standard CloudFormation tags (stack-id, stack-name, logical-id) you will see the user-defined tag
update the same stack in place, making no other changes to the template, using the command line aws cloudformation deploy --template-file template.yml --stack-name dms-endpoint-test --tags mynewtag:beeps=eggplant
After the stack update, the Endpoint will only have the CloudFormation tags -- both the original user-defined tag and the new one are missing. The first tag should be missing, the second tag should not.
Subsequent updates to the resource don't add back ANY user-defined tags.
Setting tags explicitly in the template does work, but this is core functionality that is clearly broken.
Name of the resource
AWS::DMS::Endpoint
Resource Name
No response
Issue Description
When creating a DMS Endpoint via CloudFormation, with tags defined at the stack level, the resource is created correctly with the defined tags; but if the stack is updated to change the tags, the user-defined tags are REMOVED and new tags are not added.
This breaks reporting and tag compliance policies.
Expected Behavior
CloudFormation should maintain resource tags correctly.
Observed Behavior
CloudFormation deletes removed tags but does not add new tags
Test Cases
aws cloudformation deploy --template-file template.yml --stack-name dms-endpoint-test --tags mytag:something=otherstack-id,stack-name,logical-id) you will see the user-defined tagaws cloudformation deploy --template-file template.yml --stack-name dms-endpoint-test --tags mynewtag:beeps=eggplantAfter the stack update, the Endpoint will only have the CloudFormation tags -- both the original user-defined tag and the new one are missing. The first tag should be missing, the second tag should not.
Subsequent updates to the resource don't add back ANY user-defined tags.
Setting tags explicitly in the template does work, but this is core functionality that is clearly broken.
Other Details