Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom CDK resource to auto-delete S3 objects #3368

Open
patchwork01 opened this issue Sep 26, 2024 · 0 comments · May be fixed by #3369
Open

Custom CDK resource to auto-delete S3 objects #3368

patchwork01 opened this issue Sep 26, 2024 · 0 comments · May be fixed by #3369
Assignees
@patchwork01
Labels
cdk-module
Milestone
0.26.0

Comments

@patchwork01
Copy link
Collaborator

patchwork01 commented Sep 26, 2024
edited
Loading

Background

In an AWS account with locked down permissions, the CDK feature to auto-delete objects in an S3 bucket may not always work, see the following issue:

Description

We'd like to replace our use of the CDK's autoDeleteObjects feature with a custom CDK resource implementation with the correct permissions for the bucket.

Analysis

This should be similar to our custom resources for the VPC check and saving instance properties, in VpcStack and PropertiesStack. These use lambdas implemented in the cdk-custom-resources module.

If we link the lambda to the bucket it needs to be able to delete from, that should set up the dependency between the resources to ensure the object deletion happens before the bucket is deleted.
@patchwork01 patchwork01 added this to the 0.26.0 milestone Sep 26, 2024
@patchwork01 patchwork01 self-assigned this Sep 26, 2024
@patchwork01 patchwork01 linked a pull request Sep 26, 2024 that will close this issue
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@patchwork01 patchwork01

Labels
cdk-module
Projects
None yet
Milestone
0.26.0
Development

Successfully merging a pull request may close this issue.

Issue 3368 - Custom resource to clear S3 buckets gchq/sleeper
1 participant
@patchwork01