The CloudFormation team made a forum announcement on the 31st may detailing the latest enhancements . In the list was the feature I’d been waiting on which was the introduction of resource deletion policies. Up until the introduction of this feature I had been loath to use CloudFormation to create certain resources .
Why was I concerned well it boils down to the fact we are subject to human error really. You can just imagine the poor person who makes the decision to remove a stack for valid reasons such as they were doing rolling upgrades so have brought up a replacement stack and want to remove the existing stack but have forgotten about the fact that when they deployed their original stack oh so many months ago this also created their initial database infrastructure ( I’m using RDS to illustrate the point here but it could have just as easily have been a NOSQL deployment on an ec2 instance) and it would be goodbye all my data.
So how does it work.
The DeletionPolicy is an attribute that you can add to the creation of your resources which basically tells CloudFormation how to handle the deletion of that resource. The default behaviour is to just delete it.
The three states that a DeletionPolicy can have are:
Delete – which is the default behaviour but it may be prudent to add this attribute as part of your self documentation to all your resources
Retain – This directs CloudFormation to keep the resource and any associated data/content after stack completion
The above two states are applicable to any resource .
Snapshot –This is only applicable for resources that support snapshots namely EBS volumes and RDS. The actual resource will be deleted but the snapshots will exist after the Stack has been deleted
A quick mention of some of the other new features released that have caught my eye :
Parameter validation pretty self evident why this was must have feature 🙂
Wait condition – This provides the ability to pause the stack creation until some predefined action or time out has occurred. This could be used as an example to fully automate the creation of a master slave set up where the master IP address say is needed to allow the slaves to join the party
Ability to create S3 buckets and S3 hosted websites – I love the idea of creating your S3 hosted website via a simple script