Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(core): RemovalPolicies.of(scope) #32283

Open
wants to merge 19 commits into
base: main
Choose a base branch
from

Conversation

watany-dev
Copy link
Contributor

@watany-dev watany-dev commented Nov 26, 2024

Issue # (if applicable)

N/A - New feature proposal

Reason for this change

Currently, applying removal policies to multiple resources requires setting them individually or using Tags as a workaround. This change introduces a new RemovalPolicies module that provides a more intuitive and type-safe way to manage removal policies across multiple resources, similar to the existing Tags API.

Description of changes

Added a new RemovalPolicies module that provides:

  • A similar interface to Tags.of() for managing removal policies

  • Type-safe resource type specifications using CloudFormation resource type strings

  • Ability to include or exclude specific resource types

  • Convenient methods for common removal policies (destroy, retain, snapshot, retainOnUpdateOrDelete)

Example usage:

// Using CloudFormation resource type strings
RemovalPolicies.of(scope).retain({
  applyToResourceTypes: ['AWS::S3::Bucket', 'AWS::DynamoDB::Table']
});

const bucket = new s3.Bucket(scope, 'bucket')

// Using CDK resource classes (type-safe)
RemovalPolicies.of(scope).retain({
  applyToResourceTypes: [
       bucket.cfnResourceType,
       CfnTable.CFN_RESOURCE_TYPE_NAME,
  ]
});

// Mixed usage
RemovalPolicies.of(scope).retain({
  applyToResourceTypes: [bucket.cfnResourceType, 'AWS::DynamoDB::Table']
});

Description of how you validated changes

TBD

Checklist

[x] My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@watany-dev watany-dev requested a review from a team as a code owner November 26, 2024 04:05
@aws-cdk-automation aws-cdk-automation requested a review from a team November 26, 2024 04:05
@github-actions github-actions bot added p2 distinguished-contributor [Pilot] contributed 50+ PRs to the CDK labels Nov 26, 2024
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

Copy link

codecov bot commented Nov 26, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 80.64%. Comparing base (0731095) to head (467ebbd).
Report is 1 commits behind head on main.

Additional details and impacted files
@@           Coverage Diff           @@
##             main   #32283   +/-   ##
=======================================
  Coverage   80.64%   80.64%           
=======================================
  Files         107      107           
  Lines        6996     6996           
  Branches     1290     1290           
=======================================
  Hits         5642     5642           
  Misses       1175     1175           
  Partials      179      179           
Flag Coverage Δ
suite.unit 80.64% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
packages/aws-cdk 80.64% <ø> (ø)

@watany-dev watany-dev changed the title feat(core): RemovalPolicys.of(scope) feat(core): RemovalPolicys.of(scope) Nov 26, 2024
@aws-cdk-automation
Copy link
Collaborator

This PR has been in the CHANGES REQUESTED state for 3 weeks, and looks abandoned. To keep this PR from being closed, please continue work on it. If not, it will automatically be closed in a week.

@aws-cdk-automation aws-cdk-automation dismissed their stale review December 19, 2024 11:52

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Dec 20, 2024
@watany-dev watany-dev requested a review from go-to-k December 21, 2024 13:56
Comment on lines 81 to 90
try {
cfnResource.applyRemovalPolicy(this.policy);
} catch (error) {
// Check if the error is an instance of the built-in Error class
if (error instanceof Error) {
throw new Error(`Failed to apply removal policy to resource type ${resourceType}: ${error.message}`);
} else {
// If it's not an Error instance, convert it to a string for the message
throw new Error(`Failed to apply removal policy to resource type ${resourceType}: ${String(error)}`);
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this try/catch necessary? Are there any (bad) effects of not having it?
(IMO, I don't think we need this one.)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought about it, and it might not be necessary, so I removed it.

Comment on lines +6 to +9
/**
* Properties for applying a removal policy
*/
export interface RemovalPolicyProps {
Copy link
Contributor

@go-to-k go-to-k Dec 21, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be good to add a property priority to RemovalPolicyProps? (ref: https://github.com/aws/aws-cdk/blob/v2.172.0/packages/aws-cdk-lib/core/lib/aspect.ts#L45)

(* The priority was introduced in v2.172.0: https://dev.to/aws-heroes/aws-cdk-aspects-specifications-have-changed-3i75.)

And the apply method will be changed like:

  public apply(policy: RemovalPolicy, props: RemovalPolicyProps = {}) {
    Aspects.of(this.scope).add(new RemovalPolicyAspect(policy, props), {
      priority: props.priority ?? AspectPriority.MUTATING,
    });
  }

Since the RemovalPolicy change is a kind of resource update, I think it is good that the default value should be MUTATING. (It is the same with the add and remove method of the Tags class.)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks.
dec21e2

Copy link
Contributor

@go-to-k go-to-k Dec 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the change.

If multiple aspects apply conflicting settings, the one with the higher priority wins.

I found the words "the higher priority" and "wins" a little confusing.

The higher priority (lower numeric value) is applied first, and the lower priority (higher numeric value) is applied later. (Complicated explanation...)

In other words, the removal policy will be the value by the former if overwrite is false, and the value by the latter if true, right?

Can we explain that well?

packages/aws-cdk-lib/core/README.md Outdated Show resolved Hide resolved
packages/aws-cdk-lib/core/lib/removal-policys.ts Outdated Show resolved Hide resolved
Copy link
Contributor

@go-to-k go-to-k left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've only seen halfway through, but I'll leave you with my comments so far.

@aws-cdk-automation aws-cdk-automation removed the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Dec 21, 2024
Comment on lines 1696 to 1709
#### `RemovalPolicyProps` Interface

Additional configuration options for applying removal policies.

- **`applyToResourceTypes?`**: _(optional)_
Array of CloudFormation resource types (e.g., `'AWS::S3::Bucket'`) to which the removal policy should be applied.
Defaults to applying to all resources.

- **`excludeResourceTypes?`**: _(optional)_
Array of CloudFormation resource types to exclude from applying the removal policy.
Defaults to no exclusions.

- **`overwrite?`**: _(optional)_
If `true`, the removal policy will overwrite any existing policy already set on the resource. Defaults to `false`.
Copy link
Contributor

@go-to-k go-to-k Dec 21, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't it be difficult to maintain if all properties were listed on the README? (Because all of them are also in JSDoc...)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

clean up this doc.
da6b4c5

@watany-dev watany-dev changed the title feat(core): RemovalPolicys.of(scope) feat(core): RemovalPolicies.of(scope) Dec 22, 2024
Comment on lines 11 to 18
new s3.Bucket(stack, 'TestBucket');
new dynamodb.Table(stack, 'TestTable', {
partitionKey: { name: 'id', type: dynamodb.AttributeType.STRING },
});
new iam.User(stack, 'TestUser');

// Apply different removal policies to demonstrate functionality
RemovalPolicies.of(stack).destroy();
Copy link
Contributor

@go-to-k go-to-k Dec 22, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about creating a custom construct that attaches a retain method? The following situation can be realized:

  • Stack (with a destroy method)
    • Resource A: DESTROY
    • Resource B: DESTROY
    • RetainConstruct (with a retain method)
      • X: RETAIN

Copy link
Contributor

@go-to-k go-to-k Dec 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I looked at the integ code now; 467ebbd

Bucket and Table default to RETAIN, so with the current stack, all resources are RETAIN. So it would be nice to have a resource that would be DESTROY.
Sorry for repeating.

@@ -220,4 +220,18 @@ describe('removal-policys', () => {
expect(bucket.cfnOptions.deletionPolicy).toBe('Retain');
expect(table.cfnOptions.deletionPolicy).toBe('RetainExceptOnCreate');
});

test('higher priority removal policy overrides lower priority removal policy', () => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be good to add a new test using priority and overwrite with true.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 467ebbd
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
distinguished-contributor [Pilot] contributed 50+ PRs to the CDK p2
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants