Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is CloudFormation idempotent?

Tags:

amazon-web-services

amazon-cloudformation

I read in many places on internet that CloudFormation is not idempotent, but I cannot find any example that proves this fact.

Could you please provide me an example that runs a resource to prove that CloudFormation is not idempotent ?

like image 527
Tk421 Avatar asked Jul 07 '15 22:07

Tk421

People also ask

Is Cloud Formation idempotent?

The CloudFormation steps are designed to be idempotent, which means you can run them multiple times and the result will be the same. This means that Octopus will create the stack if it doesn't exist, update the stack if it does exist, and ignore cases where the stack has no updates.

What is Idempotency in AWS?

In programming, idempotency refers to the capacity of an application or component to identify repeated events and prevent duplicated, inconsistent, or lost data. Making your AWS Lambda function idempotent requires designing your function logic to treat duplicated events correctly.

What is AWS CloudFormation?

General. Q: What is AWS CloudFormation? AWS CloudFormation is a service that gives developers and businesses an easy way to create a collection of related AWS and third-party resources, and provision and manage them in an orderly and predictable fashion.

Is CloudFormation secure?

Cloud security at AWS is the highest priority. As an AWS customer, you benefit from data centers and network architectures that are built to meet the requirements of the most security-sensitive organizations.

2 Answers

I am not sure whether this answer will be useful as the question has been posted 2 years ago. Better late than never.

AWS CloudFormation has changed a lot in these 2 years. Right now, I can say for sure that it's API calls are idempotent.

Have a look at these API calls:

  1. CreateStack
  2. UpdateStack
  3. DeleteStack

You will find that there is an optional parameter called ClientRequestToken. This provides idempotency to the API calls. It's the token that client provides to tell the CloudFormation service that it is not making a new API call. As long as you use the same token and keep making the call with rest of the parameters same, CloudFormation knows that you are only retrying the call.

like image 125
Will_of_fire Avatar answered Sep 28 '22 10:09

Will_of_fire

The definition of idempotent according to Wikipedia is as follows:

In computer science, the term idempotent is used more comprehensively to describe an operation that will produce the same results if executed once or multiple times.

CloudFormation is considered not idempotent in several aspects of its behavior:

  • Calling the create API for a stack that already exists will result in an error
  • Calling the update API with an unchanged CloudFormation stack results in an error
  • Creating and deleting the same stack again will result in creating resources with different ARNs for IAM Users, Security Group IDs, EC2 Instance IDs, VPC IDs, etc...
  • Resources modified outside of CloudFormation will not be changed back to original values if existing stack is updated with existing content

However, from a high level one of the main reasons to use CloudFormation is so you represent your infrastructure as code so you can use it to produce the same infrastructure repeatedly. That is almost identical to the original definition of idempotent, but the distinction is on the multiple times part here. As listed above when using the same stack and applying on top of it or deleting a stack and recreating it, technically you are not getting the exact same results, but from a practical standpoint this is completely understandable and often perfectly acceptable.

like image 30
JaredHatfield Avatar answered Sep 28 '22 08:09

JaredHatfield
Sign in to Comment

Related questions

R and data.table on AWS
What is the recommended way to remove data type descriptors from a DynamoDB response?
How to install PostgeSQL 11 on AWS Amazon Linux AMI 2?
Can you have an async handler in Lambda Python 3.6?
AWS DynamoDB - combining multiple query filters on a single non-key attribute in java
AWS S3: Trigger multiple targets via S3 Notification upon file receipt
How to resolve error in AWS Route 53 - import zone file error : Multiple Distinct TTL values?
Lambda creating ENI everytime it is invoked: Hitting limit
How to return a list when unit testing DynamoDB PaginatedQueryList
How to accommodate Amazon FIFO SQS in Laravel queue?
AWS Error : None of these Availability Zones contains a healthy target. Requests are being routed to all targets. in AWS
Is it possible to stop nodes in AWS ElastiCache cluster
.net Core - HTTPS with AWS Load Balancer and Elastic Beanstalk doesn't work
How can I call Amazon's AWS kms decrypt function without using a binary file?
List of external schemas and tables from Amazon Redshift
AWS EC2 Placement Groups: Partition vs Spread
AWS CDK VS SDK for IaC
AWS CDK: how do I reference cross-stack resources in same app?
Amazon EC2 AutoScaling CPUUtilization Alarm- INSUFFICIENT DATA
How to download data from Amazon's requester pay buckets?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!