search

aws-cloudformation / cloudformation-coverage-roadmap

The AWS CloudFormation Public Coverage Roadmap
https://aws.amazon.com/cloudformation/
Creative Commons Attribution Share Alike 4.0 International
1.1k stars 53 forks source link

[AWS::DynamoDB::Table] - [BUG] - resources don't receive the aws:cloudformation built-in tags / default service-managed auto-tags #2065

Open rgoltz opened 3 weeks ago

rgoltz commented 3 weeks ago

Name of the resource

AWS::DynamoDB::Table

Resource Name

No response

Issue Description

To find the right CloudFormation Stack, where a AWS resource is defined/maintained aws:cloudformation:* built-in tags are needed. This is an important function in day-to-day business.

Expected Behavior

Resources with type AWS::DynamoDB::Table, which are managed as CloudFormations Stacks, should automatically receive the aws:cloudformation:* built-in tags / automatic default CFN AutoTags.

Furthermore those aws:cloudformation: built-in tags must be handled by CloudFormation Drift-Detection correctly (hence, aws:cloudformation: tags are not a drift)

Observed Behavior

When you have an AWS::DynamoDB::Table resource in your stack, it does not get the built-in tags assigned: aws:cloudformation:stack-name, aws:cloudformation:logical-id and aws:cloudformation:stack-id

Test Cases

Deploy a CloudFormation stack containing this resource named above (e.g. using the example stack below) and check the tags on the console. You can't see aws:cloudformation:* built-in tags.

---
AWSTemplateFormatVersion: '2010-09-09'
Description: CFN - create a new DynamoDB and check aws cloudformation tags

Resources:
  DDBTable:
    Type: AWS::DynamoDB::Table
    Properties:
      AttributeDefinitions:
        -
          AttributeName: "ArtistId"
          AttributeType: "S"
        -
          AttributeName: "Concert"
          AttributeType: "S"
        -
          AttributeName: "TicketSales"
          AttributeType: "S"
      KeySchema:
        -
          AttributeName: "ArtistId"
          KeyType: "HASH"
        -
          AttributeName: "Concert"
          KeyType: "RANGE"
      GlobalSecondaryIndexes:
        -
          IndexName: "GSI"
          KeySchema:
            -
              AttributeName: "TicketSales"
              KeyType: "HASH"
          Projection:
            ProjectionType: "KEYS_ONLY"
          ProvisionedThroughput:
            ReadCapacityUnits: 5
            WriteCapacityUnits: 5
      ProvisionedThroughput:
        ReadCapacityUnits: 5
        WriteCapacityUnits: 5
      Tags:
      - Key: ThisIsATagFromTemplate
        Value: yes

I've re-tested it right now in eu-central-1 region. No tags aws:cloudformation:* are added to the resource (just the tags defined via Template-Resource-Level or via Stack-Level).

Below the screenshot of the deployed resource of DynamoDB: image image

Other Details

It's the same issue for AWS::DynamoDB::GlobalTable, please see #2066