You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We'd like to replace our use of the CDK's autoDeleteObjects feature with a custom CDK resource implementation with the correct permissions for the bucket.
Analysis
This should be similar to our custom resources for the VPC check and saving instance properties, in VpcStack and PropertiesStack. These use lambdas implemented in the cdk-custom-resources module.
If we link the lambda to the bucket it needs to be able to delete from, that should set up the dependency between the resources to ensure the object deletion happens before the bucket is deleted.
The text was updated successfully, but these errors were encountered:
Background
In an AWS account with locked down permissions, the CDK feature to auto-delete objects in an S3 bucket may not always work, see the following issue:
autoDeleteObjects
aws/aws-cdk#17198Description
We'd like to replace our use of the CDK's autoDeleteObjects feature with a custom CDK resource implementation with the correct permissions for the bucket.
Analysis
This should be similar to our custom resources for the VPC check and saving instance properties, in VpcStack and PropertiesStack. These use lambdas implemented in the cdk-custom-resources module.
If we link the lambda to the bucket it needs to be able to delete from, that should set up the dependency between the resources to ensure the object deletion happens before the bucket is deleted.
The text was updated successfully, but these errors were encountered: