堆栈内存溢出
  简体   繁体   English

CloudFormation:阻止删除资源

[英]CloudFormation: Block deleting resources

 原文  2018-05-14 03:50:10       amazon-web-services/ amazon-cloudformation

问题描述

A spinoff from this question . 这个问题衍生出来的。 Trying to make a cloudformation template safe during changes. 尝试在更改期间使cloudformation模板安全。

Is there a way to actually block the deletion of the role and table? 有没有一种方法实际上阻止删除角色和表? Would adding a policy help? 添加政策帮助吗?

Given the following template excerpt: 给出以下模板摘录: 

{
  ...

  "Parameters" : {
    "ShouldCreateTable" : {
      ...
      "Description" : "If true then the underlying DynamoDB table will be created with the CloudFormation stack."
    },  
    ...
  },

  "Conditions" : {
    "CreateDynamoTable" : {"Fn::Equals" : [{"Ref" : "ShouldCreateTable"}, "true"]},
    ...
  },

  "Resources" : {

    "Get" : {
      "Type" : "AWS::Serverless::Function",
      "Properties": {
        ...
        "Role": {"Fn::If" : ["CreateRole", {"Fn::GetAtt":["LambdaRole", "Arn"]}, {"Ref":"RoleARN"}]},
        "Environment" : {
          "Variables" : {
            "AppDynamoTable" : { "Fn::If" : ["CreateDynamoTable", {"Ref":"DynamoTable"}, { "Ref" : "TableName" } ] }
          }
        },
        ...
      }
    },

    "LambdaRole":{
        "Type":"AWS::IAM::Role",
         ...
    },

    "DynamoTable" : {
        "Type" : "AWS::DynamoDB::Table",
        ...
    }
  },

}

1 个解决方案

解决方案1
 2 已采纳  2018-05-14 04:40:28

The solution could be to use DeletionPolicy Attribute . 解决方案可能是使用DeletionPolicy Attribute You can easily add "DeletionPolicy" : "Retain" to your resources where you want to "block" the deletion. 您可以轻松地在要“阻止”删除的资源中添加"DeletionPolicy" : "Retain"

AWS CloudFormation keeps the resource without deleting the resource or its contents when its stack is deleted. 删除堆栈时,AWS CloudFormation保留资源而不删除资源或其内容。 You can add this deletion policy to any resource type. 您可以将此删除策略添加到任何资源类型。

This would look in your given example like this: 在给定的示例中,这看起来像这样: 

"LambdaRole":{
  "Type":"AWS::IAM::Role",
  "DeletionPolicy" : "Retain",
  ...
},
"DynamoTable" : {
  "Type" : "AWS::DynamoDB::Table",
  "DeletionPolicy" : "Retain",
  ...
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Cloudformation 模板更新而不删除现有堆栈和资源? - Cloudformation template update without deleting the existing stack and resources? 依赖和Cloudformation定制资源 - DependsOn and Cloudformation Custom Resources 标记CloudFormation和基础资源 - Tag CloudFormation and underlying resources Cloudformation定制资源 - Cloudformation Custom Resources 将 StackName 添加到 Cloudformation 资源 - Prepend StackName to Cloudformation resources AWS CloudFormation删除资源 - AWS CloudFormation delete resources CloudFormation 堆栈资源 - CloudFormation Stack resources 使用 CloudFormation 引用资源中的标签 - Referencing tags in resources with CloudFormation CloudFormation S3 Bucket/BucketPolicy 创建 - 模板的 Resources 块中未解析的资源依赖关系 [Environment] - CloudFormation S3 Bucket/BucketPolicy creation - Unresolved resource dependencies [Environment] in the Resources block of the template AWS CloudFormation 模板格式错误:未解决的资源依赖项<s3 bucket>在模板的资源块中 - AWS CloudFormation Template format error: Unresolved resource dependencies <s3 bucket> in the Resources block of the template
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM