AWS CloudFormation: How to handle manually-deleted resources

Question

I am new in AWS so have couple of AWS VPC creation using CloudFormation service questions.

1. Scenario: I have created the yaml file and executed that in the stack. the VPC, route table and all the subnets get created successfully. now I have deleted one of the subnet manually (through console). Now I want that subnet back, so I was trying to run the "update" stack using the "current template" (though I have not made any modification in the template). it is showing me that there is no modification in the template error.

Question 1: How to install the deleted resource through template stack without modifying it.

2. Scenario: When we create VPC, we get default route table and NACL created.

Question 2: Why can't we use the default route table and NACL through cloudformation.

Question 3: is there any command from where we can get the default route table and NACL ID in cloudformation. (for eg : there is command where we can associate the subnets to routetable. something like that).

Thanks in advance.

Answer 1

It can be tricky indeed when stuff has changed outside of cloudformations state. Unlike some other IaC tools, it doesn't 'correct' the state of resources when they have deviated from the given state.

1. Remove the subnet resource from the template, update the stack with the removed resource, add the subnet back and again update the stack.
2. It's actually best practice to create new route tables and NACLs and associate them with the corresponding subnets, so there is actually no need to modify the default resources.
3. You can create a cloudformation custom resource to query for the id's and pass them to other resources. However this is not recommended due to answer 2. Ask yourself: what am I trying to achieve here? Is it really necessary?