Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(core): RemovalPolicies.of(scope) #32283

Open
wants to merge 14 commits into
base: main
Choose a base branch
from

Conversation

watany-dev
Copy link
Contributor

@watany-dev watany-dev commented Nov 26, 2024

Issue # (if applicable)

N/A - New feature proposal

Reason for this change

Currently, applying removal policies to multiple resources requires setting them individually or using Tags as a workaround. This change introduces a new RemovalPolicies module that provides a more intuitive and type-safe way to manage removal policies across multiple resources, similar to the existing Tags API.

Description of changes

Added a new RemovalPolicies module that provides:

  • A similar interface to Tags.of() for managing removal policies

  • Type-safe resource type specifications using CloudFormation resource type strings

  • Ability to include or exclude specific resource types

  • Convenient methods for common removal policies (destroy, retain, snapshot, retainOnUpdateOrDelete)

Example usage:

// Using CloudFormation resource type strings
RemovalPolicies.of(scope).retain({
  applyToResourceTypes: ['AWS::S3::Bucket', 'AWS::DynamoDB::Table']
});

const bucket = new s3.Bucket(scope, 'bucket')

// Using CDK resource classes (type-safe)
RemovalPolicies.of(scope).retain({
  applyToResourceTypes: [
       bucket.cfnResourceType,
       CfnTable.CFN_RESOURCE_TYPE_NAME,
  ]
});

// Mixed usage
RemovalPolicies.of(scope).retain({
  applyToResourceTypes: [bucket.cfnResourceType, 'AWS::DynamoDB::Table']
});

Description of how you validated changes

TBD

Checklist

[x] My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@watany-dev watany-dev requested a review from a team as a code owner November 26, 2024 04:05
@aws-cdk-automation aws-cdk-automation requested a review from a team November 26, 2024 04:05
@github-actions github-actions bot added p2 distinguished-contributor [Pilot] contributed 50+ PRs to the CDK labels Nov 26, 2024
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

Copy link

codecov bot commented Nov 26, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 79.47%. Comparing base (0153da4) to head (5f6197c).
Report is 148 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main   #32283      +/-   ##
==========================================
+ Coverage   77.46%   79.47%   +2.00%     
==========================================
  Files         105      108       +3     
  Lines        7168     7158      -10     
  Branches     1314     1320       +6     
==========================================
+ Hits         5553     5689     +136     
+ Misses       1433     1285     -148     
- Partials      182      184       +2     
Flag Coverage Δ
suite.unit 79.47% <ø> (+2.00%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
packages/aws-cdk 79.47% <ø> (+2.00%) ⬆️

@watany-dev watany-dev changed the title feat(core): RemovalPolicys.of(scope) feat(core): RemovalPolicys.of(scope) Nov 26, 2024
@aws-cdk-automation
Copy link
Collaborator

This PR has been in the CHANGES REQUESTED state for 3 weeks, and looks abandoned. To keep this PR from being closed, please continue work on it. If not, it will automatically be closed in a week.

@aws-cdk-automation aws-cdk-automation dismissed their stale review December 19, 2024 11:52

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Dec 20, 2024
* or a class that extends CfnResource (e.g., TestBucketResource).
* @default - apply to all resources
*/
readonly applyToResourceTypes?: (string | typeof CfnResource)[];
Copy link
Contributor

@go-to-k go-to-k Dec 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This feature is very helpful for me (or us)!

But I'm not sure if we should use an Enum-Like (Union-Like) class instead of an union type in order to generate a public interface for other languages using a jsii transformation, what do you think?

Copy link
Contributor Author

@watany-dev watany-dev Dec 21, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After much deliberation, I decided on string[]. because I thought it would work well enough.

RemovalPolicies.of(parent).retain({
  applyToResourceTypes: [
    'AWS::DynamoDB::Table',
    bucket.cfnResourceType, // 'AWS::S3::Bucket'
  ],
});

Copy link
Contributor

@go-to-k go-to-k Dec 21, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm OK! Could you please change the description (Type-safe resource type ...) and examples in this PR?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We might want to fix that example as cfnResourceType appears to be a static method. (I often read the PR description to understand its feature, so correcting it would be more useful)

RemovalPolicies.of(scope).retain({
  applyToResourceTypes: [
       CfnBucket.cfnResourceType,
       CfnTable.cfnResourceType,
  ]
});

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have made the correct Usage.

@watany-dev watany-dev requested a review from go-to-k December 21, 2024 13:56
Comment on lines +81 to +90
try {
cfnResource.applyRemovalPolicy(this.policy);
} catch (error) {
// Check if the error is an instance of the built-in Error class
if (error instanceof Error) {
throw new Error(`Failed to apply removal policy to resource type ${resourceType}: ${error.message}`);
} else {
// If it's not an Error instance, convert it to a string for the message
throw new Error(`Failed to apply removal policy to resource type ${resourceType}: ${String(error)}`);
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this try/catch necessary? Are there any (bad) effects of not having it?
(IMO, I don't think we need this one.)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought about it, and it might not be necessary, so I removed it.

Comment on lines +6 to +9
/**
* Properties for applying a removal policy
*/
export interface RemovalPolicyProps {
Copy link
Contributor

@go-to-k go-to-k Dec 21, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be good to add a property priority to RemovalPolicyProps? (ref: https://github.com/aws/aws-cdk/blob/v2.172.0/packages/aws-cdk-lib/core/lib/aspect.ts#L45)

(* The priority was introduced in v2.172.0: https://dev.to/aws-heroes/aws-cdk-aspects-specifications-have-changed-3i75.)

And the apply method will be changed like:

  public apply(policy: RemovalPolicy, props: RemovalPolicyProps = {}) {
    Aspects.of(this.scope).add(new RemovalPolicyAspect(policy, props), {
      priority: props.priority ?? AspectPriority.MUTATING,
    });
  }

Since the RemovalPolicy change is a kind of resource update, I think it is good that the default value should be MUTATING. (It is the same with the add and remove method of the Tags class.)

packages/aws-cdk-lib/core/README.md Outdated Show resolved Hide resolved
packages/aws-cdk-lib/core/lib/removal-policys.ts Outdated Show resolved Hide resolved
Copy link
Contributor

@go-to-k go-to-k left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've only seen halfway through, but I'll leave you with my comments so far.

@aws-cdk-automation aws-cdk-automation removed the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Dec 21, 2024
Comment on lines +1696 to +1709
#### `RemovalPolicyProps` Interface

Additional configuration options for applying removal policies.

- **`applyToResourceTypes?`**: _(optional)_
Array of CloudFormation resource types (e.g., `'AWS::S3::Bucket'`) to which the removal policy should be applied.
Defaults to applying to all resources.

- **`excludeResourceTypes?`**: _(optional)_
Array of CloudFormation resource types to exclude from applying the removal policy.
Defaults to no exclusions.

- **`overwrite?`**: _(optional)_
If `true`, the removal policy will overwrite any existing policy already set on the resource. Defaults to `false`.
Copy link
Contributor

@go-to-k go-to-k Dec 21, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't it be difficult to maintain if all properties were listed on the README? (Because all of them are also in JSDoc...)

@watany-dev watany-dev changed the title feat(core): RemovalPolicys.of(scope) feat(core): RemovalPolicies.of(scope) Dec 22, 2024
Comment on lines +11 to +18
new s3.Bucket(stack, 'TestBucket');
new dynamodb.Table(stack, 'TestTable', {
partitionKey: { name: 'id', type: dynamodb.AttributeType.STRING },
});
new iam.User(stack, 'TestUser');

// Apply different removal policies to demonstrate functionality
RemovalPolicies.of(stack).destroy();
Copy link
Contributor

@go-to-k go-to-k Dec 22, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about creating a custom construct that attaches a retain method? The following situation can be realized:

  • Stack (with a destroy method)
    • Resource A: DESTROY
    • Resource B: DESTROY
    • RetainConstruct (with a retain method)
      • X: RETAIN

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 5f6197c
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
distinguished-contributor [Pilot] contributed 50+ PRs to the CDK p2
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants