AWS Config Rule: CloudFormation Stack Notification Check
CLOUDFORMATION_STACK_NOTIFICATION_CHECK
Ryan Ware
Last Update 10 months ago
Description: Checks if your CloudFormation stacks send event notifications to an Amazon SNS topic. Optionally checks if specified Amazon SNS topics are used. The rule is NON_COMPLIANT if CloudFormation stacks do not send notifications
Trigger type: Configuration changes
AWS Region: All supported AWS regions except Europe (Stockholm), Middle East (Bahrain), Europe (Paris), Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hong Kong), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Europe (Spain), Europe (Zurich) Region
How to Resolve Manually
This Config Rule will check if your CloudFormation Stacks have notification options enabled and set to an Amazon SNS Topic.
In order to set this up to make your CloudFormation Stack COMPLIANT with this particular Config Rule, head on over to your CloudFormation Stacks and within the Stack Info tab, scroll down to the bottom to see Notification Options.
Here you can choose an Amazon SNS Topic in which to send notifications to. Upon doing so will mark this particular resource COMPLIANT with this Config Rule.
Note: Most StackZone stacks will not have this enabled so will appear as NON-COMPLIANT for many resources.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
