Name of the resource
AWS::RDS::DBProxyTargetGroup
Resource Name
No response
Issue Description
CloudFormation drift detection fails on AWS::RDS::DBProxyTargetGroup with a validation error indicating DBProxyName is null. This occurs even when the resource is correctly defined in the template and the stack deployed successfully. The error indicates that during the drift detection read operation, CloudFormation is passing a null DBProxyName to the RDS API rather than resolving the Ref to the proxy resource first.
The proxy resource itself (AWS::RDS::DBProxy) passes drift detection without issue — only the target group resource fails.
Expected Behavior
Drift detection runs successfully on AWS::RDS::DBProxyTargetGroup. CloudFormation resolves the Ref on DBProxyName and calls DescribeDBProxyTargetGroups with the correct proxy name, returning a drift status of IN_SYNC or MODIFIED.
Observed Behavior
Drift detection fails with:
The entire stack drift detection call exits with a non-zero error code, making it impossible to run drift detection on any stack containing this resource type.
Test Cases
Deploy the following minimal CloudFormation template, then run aws cloudformation detect-stack-drift on the stack:
Expected result: drift detection completes and returns a status for MyProxyTargetGroup.
Observed result:
Failed to detect drift on resources [MyProxyTargetGroup]
1 validation error detected: Value null at 'dBProxyName' failed to satisfy constraint:
Member must not be null (Service: Rds, Status Code: 400)
Other Details
Link to re:Post question about this issue https://repost.aws/questions/QUrE7SLmEzQAaYWi1oKDYUNA/cloud-formation-drift-detection-fails-for-aws-rds-db-proxy-target-group-with-d-b-proxy-name-must-not-be-null
Name of the resource
AWS::RDS::DBProxyTargetGroup
Resource Name
No response
Issue Description
CloudFormation drift detection fails on AWS::RDS::DBProxyTargetGroup with a validation error indicating DBProxyName is null. This occurs even when the resource is correctly defined in the template and the stack deployed successfully. The error indicates that during the drift detection read operation, CloudFormation is passing a null DBProxyName to the RDS API rather than resolving the Ref to the proxy resource first.
The proxy resource itself (AWS::RDS::DBProxy) passes drift detection without issue — only the target group resource fails.
Expected Behavior
Drift detection runs successfully on AWS::RDS::DBProxyTargetGroup. CloudFormation resolves the Ref on DBProxyName and calls DescribeDBProxyTargetGroups with the correct proxy name, returning a drift status of IN_SYNC or MODIFIED.
Observed Behavior
Drift detection fails with:
The entire stack drift detection call exits with a non-zero error code, making it impossible to run drift detection on any stack containing this resource type.
Test Cases
Deploy the following minimal CloudFormation template, then run aws cloudformation detect-stack-drift on the stack:
Expected result: drift detection completes and returns a status for MyProxyTargetGroup.
Observed result:
Other Details
Link to re:Post question about this issue https://repost.aws/questions/QUrE7SLmEzQAaYWi1oKDYUNA/cloud-formation-drift-detection-fails-for-aws-rds-db-proxy-target-group-with-d-b-proxy-name-must-not-be-null