Stack notifications disabled

This product is not supported for your selected Datadog site. ().
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Metadata

Id: b72d0026-f649-4c91-a9ea-15d8f681ac09

Cloud Provider: aws

Framework: Terraform

Severity: Medium

Category: Observability

Learn More

Description

Enabling stack notifications in AWS CloudFormation ensures that administrators are promptly informed about critical events such as stack creation, updates, or failures. Without specifying the notification_arns attribute in the Terraform resource, as shown below, important operational or security changes may go unnoticed, potentially delaying response to incidents or failures:

resource "aws_cloudformation_stack" "example" {
  name = "networking-stack"
  parameters = {
    VPCCidr = "10.0.0.0/16"
  }
  notification_arns = ["arn:aws:sns:us-east-1:123456789012:my-sns-topic"]
}

Missing notifications can lead to undetected application outages or misconfigurations, increasing the risk to your cloud infrastructure.

Compliant Code Examples

resource "aws_cloudformation_stack" "negative1" {

  name = "networking-stack"

  parameters = {
    VPCCidr = "10.0.0.0/16"
  }


  notification_arns = ["a","b"]

}

Non-Compliant Code Examples

resource "aws_cloudformation_stack" "positive1" {

  name = "networking-stack"

  parameters = {
    VPCCidr = "10.0.0.0/16"
  }


}