AWS CloudFormation Deletion Policy

Deleting a stack on CloudFormation also removes all the provisioned resources in it. In some cases, you want some resources to be retained even after deleting its stack. The good thing is that you can do this by defining its DeletionPolicy.

This is pretty straightforward – you just need to define DeletionPolicy with Retain value and for the resources that support snapshot, (like RDS databases) you can set Snapshot as its value. With DeletionPolicy: Snapshot, a snapshot is created before a resource is deleted. This allows you to have a backup of the resource that’s been deleted from the stack.

Let’s say for example that you want to delete a deployed application. This app uses S3 for storing its object and RDS as its database, and you want to keep a copy of this resource as your reference. You may want to update its stack and add DeletionPolicy: Retain for S3 and DeletionPolicy: Snapshot for RDS before deleting it.

By default, deleting a stack will also delete its provisioned resources like the AWS::S3::Bucket that was launched using the below CloudFormation template.

IT Certification Category (English)728x90

This is an example of a CloudFormation stack template in YAML format:

AWSTemplateFormatVersion: 2010-09-09
Resources:
SampleBucket:
Type: AWS::S3::Bucket
Outputs:
BucketName:
Value: !Ref ‘SampleBucket’
 Description: This is a sample bucket

awscloudformation deletionpolicy1

Retain

Adding DeletionPolicy: Retain on the template will retain the provisioned resources even after deleting its stack.

AWSTemplateFormatVersion: 2010-09-09
Resources:
SampleBucket:
Type: AWS::S3::Bucket
   DeletionPolicy: Retain
Outputs:
BucketName:
Value: !Ref ‘SampleBucket’
Description: This is a sample bucket

aws cloudformation deletionpolicy2

Snapshot

DeletionPolicy: Snapshot can be added on resources that support snapshots like the following:

AWS::EC2::Volume

AWS::ElastiCache::CacheCluster

AWS::ElastiCache::ReplicationGroup

AWS::Neptune::DBCluster

AWS::RDS::DBCluster

AWS::RDS::DBInstance

AWS::Redshift::Cluster

In this example, we have here a Volume created along with an EC2 instance. Because Snapshot is defined as its DeletionPolicy, we expect this to create a snapshot when the stack is deleted.

AWSTemplateFormatVersion: 2010-09-09
Resources:
Ec2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-0615132a0f36d24f4
TestVolume:
Type: AWS::EC2::Volume
DeletionPolicy: Snapshot
Properties:
Size: 10
AvailabilityZone: !GetAtt Ec2Instance.AvailabilityZone

You can see from the Resources tab that an EC2 instance and a separate Volume was created.

aws cloudformation deletionpolicy3

aws cloudformation deletionpolicy4

We have two volumes here, volume mounted on the EC2 instance and the volume that was defined on the CloudFormation template.

aws cloudformation deletionpolicy5

After deleting its stack, the provisioned EC2 instance and volumes are deleted as well.

aws cloudformation deletionpolicy6

aws cloudformation deletionpolicy7

But because of the deletion policy defined as “DeletionPolicy: Snapshot” on the YAML file, a snapshot was created before the volume was deleted.

aws cloudformation deletionpolicy8

Sources

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html

Pass your AWS Certifications on your First Try with the Tutorials Dojo Portal

Tutorials Dojo portal

Our Bestselling AWS Certified Solutions Architect Associate Practice Exams

AWS Certified Solutions Architect Associate Practice Exams

Enroll Now – Our AWS Practice Exams with 95% Passing Rate

AWS Practice Exams Tutorials Dojo

Tutorials Dojo Study Guide and Cheat Sheets eBooks

Tutorials Dojo Study Guide and Cheat Sheets-2

FREE Intro to Cloud Computing for Beginners

FREE AWS Practice Test Samplers

Browse Other Courses

Generic Category (English)300x250

Recent Posts