Question 19415 in Amazon Web Sevices Question posted in
The official Amazon Web Services documentation can be found here.

Does cdk diff comment actually read from AWS to compare with file generated in cdk.out?

I have read the AWS doc that CDK diff Compares the specified stack and its dependencies with the deployed stacks or a local CloudFormation template, I can see that my local CFN template are generated under cdk.out folder but where is the "deployed stacks" it compares with to show me the diff? Does it actually read from cloud to get that or it also somewhere has a local copy of latest deployed CFN?

if it reads from the cloud to do the diff, does it mean if I change anything manually through aws console, then the diff will be differently each time?

Thanks

Tags:

2

Answers


  1. 0

    As per command documentation cdk diff can either compare your cdk.out with the actual CloudFormation stack or with another template stored locally.

    Does it actually read from cloud to get that or it also somewhere has a local copy of latest deployed CFN?

    If you are running cdk diff against actual CloudFormation stack, then yes command will fetch template from the cloud (AWS CloudFormation) and compare two templates.

    If you are running cdk diff against locally stored template (for example, if you did a backup of previous cdk.out result), then it won’t fetch anything from the cloud and will do a local comparison only.

    if it reads from the cloud to do the diff, does it mean if I change anything manually through aws console, then the diff will be differently each time?

    Depends on what you mean by manual changes. If you make manual changes to the
    CloudFormation template, then cdk diff will see that and adjust difference accordingly. If, however, you make manual change to the actual AWS resource (ex: S3 bucket), then cdk diff won’t see that because your actual CloudFormation template will not change. To find differences between CloudFormation template and actual AWS resources you can use CloudFormation drift detection feature

    Login or Signup to reply.
  2. 0

    💻 Local Template <–cdk diff–> ☁️ Deployed Template <–Drift–> ☁️ AWS resources

    cdk diff compares two templates. By default, it compares your locally synth-ed template with the currently deployed cloud-side template in CloudFormation. You can instead compare two local templates by passing the --template flag.

    Does it actually read from cloud to get that?

    Yes. When your run cdk diff, the CDK CLI calls the CloudFormation DescribeStacks API to retrieve the cloud-side template.

    If I change anything manually through aws console, then the diff will be differently each time?

    No. cdk diff compares two templates. Differences between the intended configuration (the deployed template) and actual configuration (what resources actually exist) can arise if changes are made to a stack’s resources via the console or APIs. These differences are called drift. CloudFormation can detect some of these deviations with the DescribeStackResourceDrifts API.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search