CloudFormation stack notifications are disabled

ID

aws_cloudformation_stack_notification

Severity

low

Vendor

AWS

Resource

Logging

Tags

non-reachable

Description

CloudFormation stack notifications are disabled. Ensure all your AWS CloudFormation stacks are using Simple Notification Service (AWS SNS) in order to receive notifications when an event occurs.

To fix it you must configure notification_arns property.

Learn more about this topic at AWS CloudFormation stack notification.

Examples

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: Stack
      amazon.aws.cloudformation:
        stack_name: "ansible-cloudformation"
        state: "present"
        region: "us-east-1"
        disable_rollback: true
        template: "files/cloudformation-example.json"
        template_parameters:
          KeyName: "jmartin"
          DiskType: "ephemeral"
          InstanceType: "m1.small"
          ClusterSize: 3
        tags:
          Stack: "ansible-cloudformation"

Mitigation / Fix

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: Stack
      amazon.aws.cloudformation:
        stack_name: "ansible-cloudformation"
        state: "present"
        region: "us-east-1"
        disable_rollback: true
        notification_arns: "notifications:arns"
        template: "files/cloudformation-example.json"
        template_parameters:
          KeyName: "jmartin"
          DiskType: "ephemeral"
          InstanceType: "m1.small"
          ClusterSize: 3
        tags:
          Stack: "ansible-cloudformation"