We have many AWS accounts and I want to detect drift in an automated way and put the alert on a main as monitoring dashboard.
Unable to find any solution
Did you look at AWS Config? I haven’t used it yet but my understanding is that it can do these things. If you evaluated it and decided against it I would be interested in knowing more about why.
Are you using cloudformation? It has drift detection as well
Yes using cloudformatiom. But I want to automate it and need to sent alert and maintain at centralized aws
That solution am not getting . How I can do. I know the individual account level.
You could create a lambda that runs periodically, send the result to an SNS topic, parse it into a dynamo table.
Pretty bespoke though
Thank you so much
Looks like AWS has built an AWS Config rule for this too, which may simplify the first part. https://docs.aws.amazon.com/config/latest/developerguide/cloudformation-stack-drift-detection-check.html
Yes I already visited this one. And nice docs
I haven’t tried it yet, but using SSM OpsCenter to create OpsItems from Config rules and then creating a multi account SSM Explorer Dashboard should be able to achieve this.
