DeletionPolicy attribute in CloudFormation
In AWS CloudFormation, all resource types have a DeletionPolicy attribute with possible values of Delete
, Retain
and Snapshot
. Setting it to Retain
would save the resource from being deleted by mistake.
1 min readJan 14, 2021
If no deletion policy is specified for a resource, the default value is Delete
. It means the resource will be removed as part of the CloudFormation stack removal.
For resources with a Retain
deletion policy, when the stack is deleted, AWS CloudFormation leaves the resource without deleting it.
However, it does NOT stop the resource from being deleted directly:
- Programmatically, i.e. using AWS CLI tool.
- Manually, i.e. using the AWS web console.
With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. Resources that support Snapshot
deletion policy include:
AWS::EC2::Volume
AWS::ElastiCache::CacheCluster
AWS::ElastiCache::ReplicationGroup
AWS::Neptune::DBCluster
AWS::RDS::DBCluster
AWS::RDS::DBInstance
AWS::Redshift::Cluster
More information about Deletion Policy can be found at AWS documentation.
A example showing how to specify DeletionPolicy
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Resources" : {
"myS3Bucket" : {
"Type" : "AWS::S3::Bucket",
"DeletionPolicy" : "Retain"
}
}
}