taimos / cfn-tail Goto Github PK
View Code? Open in Web Editor NEWTail for AWS CloudFormation stack events
License: MIT License
Tail for AWS CloudFormation stack events
License: MIT License
Occasionally when performing an update, cfn-tail will run into API throttling with its CloudFormation DescribeStackEvents calls. This happens most often when deploying multiple projects at the same time. The current behavior is that cfn-tail terminates with a failure message. We want to be able to recover from this issue so we can continue to receive output of the stack events until the stack create/update is complete and also to reduce noise from failed CI jobs.
I commonly use nested stacks to strike a balance between modular code and built-in references and dependencies in CloudFormation templates. When using cfn-tail
, only events on the AWS::CloudFormation::Stack
resource will show. This is because CloudFormation shows the child stack's events under its own resource.
I'd like cfn-tail
to recursively perform describeStackEvents
calls if it detects an event.ResourceType === "AWS::CloudFormation::Stack"
.
I would like to be able to use this tool to tail CloudFormation stack sets. For basic implementation, I would like to just get the stack operation status and not the more detailed stack events from each underlying stack instance.
When I install cfn-tail I get some warnings about critical vulnerabilities in some dependencies.
The recommended npm audit fix --force
action seems to fix it.
$ npm install cfn-tail
npm WARN deprecated [email protected]: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
added 115 packages, and audited 191 packages in 12s
14 packages are looking for funding
run `npm fund` for details
6 vulnerabilities (4 high, 2 critical)
To address all issues, run:
npm audit fix
Run `npm audit` for details.
$ npm audit fix
up to date, audited 191 packages in 974ms
14 packages are looking for funding
run `npm fund` for details
# npm audit report
degenerator <3.0.1
Severity: high
Code Injection in pac-resolver - https://github.com/advisories/GHSA-9j49-mfvp-vmhm
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/degenerator
pac-resolver <=4.2.0
Depends on vulnerable versions of degenerator
Depends on vulnerable versions of netmask
node_modules/pac-resolver
pac-proxy-agent <=4.1.0
Depends on vulnerable versions of pac-resolver
node_modules/pac-proxy-agent
proxy-agent 1.1.0 - 4.0.1
Depends on vulnerable versions of pac-proxy-agent
node_modules/proxy-agent
cfn-tail >=1.6.0
Depends on vulnerable versions of proxy-agent
node_modules/cfn-tail
netmask <=2.0.0
Severity: critical
Improper parsing of octal bytes in netmask - https://github.com/advisories/GHSA-4c7m-wxvm-r7gc
netmask npm package vulnerable to octal input data - https://github.com/advisories/GHSA-pch5-whg9-qr2r
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/netmask
pac-resolver <=4.2.0
Depends on vulnerable versions of degenerator
Depends on vulnerable versions of netmask
node_modules/pac-resolver
pac-proxy-agent <=4.1.0
Depends on vulnerable versions of pac-resolver
node_modules/pac-proxy-agent
proxy-agent 1.1.0 - 4.0.1
Depends on vulnerable versions of pac-proxy-agent
node_modules/proxy-agent
cfn-tail >=1.6.0
Depends on vulnerable versions of proxy-agent
node_modules/cfn-tail
pac-resolver <=4.2.0
Severity: critical
Code Injection in pac-resolver - https://github.com/advisories/GHSA-9j49-mfvp-vmhm
Depends on vulnerable versions of degenerator
Depends on vulnerable versions of netmask
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/pac-resolver
pac-proxy-agent <=4.1.0
Depends on vulnerable versions of pac-resolver
node_modules/pac-proxy-agent
proxy-agent 1.1.0 - 4.0.1
Depends on vulnerable versions of pac-proxy-agent
node_modules/proxy-agent
cfn-tail >=1.6.0
Depends on vulnerable versions of proxy-agent
node_modules/cfn-tail
6 vulnerabilities (4 high, 2 critical)
To address all issues (including breaking changes), run:
npm audit fix --force
$ npm audit fix --force
npm WARN using --force Recommended protections disabled.
npm WARN audit Updating cfn-tail to 1.5.1,which is a SemVer major change.
added 1 package, removed 67 packages, changed 2 packages, and audited 125 packages in 2s
14 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
The tabular output is interrupted by a deprecation warning for the AWS SDK for JavaScript v2.
$ aws cloudformation wait stack-exists --stack-name teststack && AWS_DEFAULT_REGION=eu-central-1 npm exec cfn-tail teststack
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
| Stack: teststack |
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
(node:138490) NOTE: We are formalizing our plans to enter AWS SDK for JavaScript (v2) into maintenance mode in 2023.
Please migrate your code to use AWS SDK for JavaScript (v3).
For more information, check the migration guide at https://a.co/7PzMCcy
(Use `node --trace-warnings ...` to show where the warning was created)
| 2023-04-06T15:24:14.468Z | teststack | REVIEW_IN_PROGRESS | User Initiated |
| 2023-04-06T15:24:25.224Z | teststack | CREATE_IN_PROGRESS | User Initiated |
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.