DEV Community

AWS Community Builders profile image Revathi Joshi
Revathi Joshi for AWS Community Builders

Posted on

How DeletionPolicy works differently with AWS resources and snapshots of AWS resources

#s3 #rds #cloudformation #aws

In this article, I am going to show you how to keep the resources and the snapshots alive even after you delete the CloudFormation stacks.

By default, AWS CloudFormation deletes all stack resources, and the data that was stored in your stack (unless you take manual snapshots). For example, data stored in Amazon EC2 Volumes, Amazon RDS DBInstances, and Amazon Redshift Cluster resources.

But what if you want to retain your data for you may need your data to be migrated to another stack or you do not want anyone to delete your data unintentionally. In that case, you can specify a DeletionPolicy for that particular resource you want to retain, in your CloudFormation template. This will preserve your data even after your stack is deleted.

The behaviour of the DeletionPolicy is different with the resources and the resources with a snapshot. I am going to show you how for both the cases.

Please visit my GitHub Repository for RDS articles on various topics being updated on constant basis.

Let’s get started!

1. Resources with a DeletionPolicy (S3bucket)

  • When you launch a CloudFormation stack with this template snippet, it creates an Amazon S3 bucket.

  • However when the stack is deleted, the CloudFormation will delete the stack and all the stack resources except for the S3 bucket.

  • You have to delete S3 bucket manually to avoid any costs being billed if you do not need that bucket for later use.

  • You can specify retain with any AWS resource with such a template.

Objectives:

1. Create a AWS CloudFormation Sample Template File -
S3_Bucket_With_Retain_On_Delete.yaml

2. Create an AWS CloudFormation Stack mys3stack with that template file

3. Go to S3 Dashboard to see the bucket

4. Delete the stack mys3stack

5. Check to see S3 bucket still retained

Pre-requisites:

  • AWS user account with admin access, not a root account to AWS Management Console

Resources Used:

CloudFormation Documentation

Steps for implementation to this project:

1. Create a AWS CloudFormation Sample Template File

S3_Bucket_With_Retain_On_Delete.yaml

AWSTemplateFormatVersion: '2010-09-09'
Metadata: 
  License: Apache-2.0
Description: 'AWS CloudFormation Sample Template S3_Bucket_With_Retain_On_Delete: Sample template showing how to create a publicly accessible S3 bucket with a deletion policy of retain on delete. It will create an S3 bucket that will NOT be deleted when the stack is deleted. You have to delete the S3 bucket from the S3 dashboard after the Template is deleted in order to save costs.'
Resources:
  S3Bucket:
    Type: AWS::S3::Bucket
    Properties:
      AccessControl: PublicRead
      WebsiteConfiguration:
        IndexDocument: index.html
        ErrorDocument: error.html
    DeletionPolicy: Retain
Outputs:
  WebsiteURL:
    Value: !GetAtt [S3Bucket, WebsiteURL]
    Description: URL for website hosted on S3
  S3BucketSecureURL:
    Value: !Join ['', ['https://', !GetAtt [S3Bucket, DomainName]]]
    Description: Name of S3 bucket to hold website content
Enter fullscreen mode Exit fullscreen mode

2. Create an AWS CloudFormation Stack mys3stack with that template file

  • On CloudFormation Dashboard / Create stack

Image description

  • Create Stack / Specify template / Prerequisite - Prepare template / Check Upload a Template file / Upload S3_Bucket_With_Retain_On_Delete.yaml

Next

Image description

  • Specify stack details / Stack name /

Stack name - mys3stack

Next

Image description

  • Take all the defaults, review the details for mys3stack and

Submit

3. Go to S3 Dashboard to see the bucket

After the CloudFormation Stack is completed, Go to the S3 Dashboard to see the bucket

Image description

Image description

4. Delete the stack

mys3stack

  • From the CloudFormation Dashboard, Delete the stack mys3stack

Image description

5. Check to see S3 bucket still retained

However S3 bucket is not deleted automatically, you have to delete it manually

Image description

2. Resources with a snapshot DeletionPolicy (RDS DBInstance)

  • When you launch a CloudFormation stack with this template snippet, it creates a RDS DBInstance and an Amazon S3 bucket.

  • However when the stack is deleted, the CloudFormation will create a snapshot of the RDS DBInstance and then deletes the stack and all the stack resources (RDS DBInstance) except for snapshot and the S3 bucket.

  • The name of the snapshot will include the stack name, the logical ID of the database instance, and other identifying information.

  • You have to delete snapshot and S3 bucket manually to avoid any costs being billed if you do not need them for later use.

  • You can only create snapshots of resources that support snapshots, such as the AWS::EC2::Volume, AWS::RDS::DBInstance, and AWS::Redshift::Cluster resources with such a template.

Objectives:

1. Create an AWS CloudFormation Sample Template File -
RDS_Snapshot_On_Delete.yaml

2. Create an AWS CloudFormation Stack myrdsstack with that template file

3. Go to RDS Dashboard to see the RDS DBInstance and the snapshot

4. Go to S3 Dashboard to see the S3 bucket

5. Delete the stack myrdsstack

6. Check to see the snapshot still retained and delete it manually

7. Check to see the S3 bucket still retained and delete it manually

Pre-requisites:

  • AWS user account with admin access, not a root account to AWS Management Console

Resources Used:

CloudFormation Documentation

Steps for implementation to this project:

1. Create an AWS CloudFormation Sample Template File

RDS_Snapshot_On_Delete.yaml

AWSTemplateFormatVersion: '2010-09-09'
Metadata: 
  License: Apache-2.0
Description: 'AWS CloudFormation Sample Template RDS_Snapshot_On_Delete: Sample template
  showing how to create an RDS DBInstance and upon deletion keeps the snapshot alive from stack deletion. 
  You have to delete the snapshot manually to save costs.'
Resources:
  MyDB:
    Type: AWS::RDS::DBInstance
    Properties:
      DBName: MyDatabase
      AllocatedStorage: '5'
      DBInstanceClass: db.t2.small
      Engine: MySQL
      MasterUsername: myName
      MasterUserPassword: myPassword
    DeletionPolicy: Snapshot
Outputs:
  JDBCConnectionString:
    Description: JDBC connection string for the database
    Value: !Join ['', ['jdbc:mysql://', !GetAtt [MyDB, Endpoint.Address], ':', !GetAtt [
          MyDB, Endpoint.Port], /MyDatabase]]
Enter fullscreen mode Exit fullscreen mode

2. Create an AWS CloudFormation Stack myrdsstack with that template file

  • On CloudFormation Dashboard / Create stack

Image description

  • Create Stack / Specify template / Prerequisite - Prepare template / Check Upload a Template file / Upload RDS_Snapshot_On_Delete.yaml

Next

Image description

  • Specify stack details / Stack name /

Stack name - myrdsstack

Next

Image description

Take all the defaults, review the details for myrdsstack and

Submit

  • It takes 4-5 min to create a RDS Database Instance and the snapshot

3. Go to RDS Dashboard to see the RDS DBInstance and the snapshot

  • After the CloudFormation Stack is completed, Go to the RDS Dashboard to see the instance and the snapshot

Image description

Image description

Image description

4. Go to S3 Dashboard to see the S3 bucket

  • It will also create a s3 bucket, because when I have uploaded a template file, it will create a S3 URL where it is stored

Image description

5. Delete the stack myrdsstack

  • From the CloudFormation Dashboard, delete the myrdsstack

  • You have to wait 4-5 min to see it's completion.

Image description

Image description

6. Check to see the snapshot still retained and delete it manually

However, RDS Instance is deleted automatically. The snapshot is still alive, you have to delete it manually

Image description

7. Check to see the S3 bucket still retained and delete it manually

S3 bucket also should be deleted manually

Image description

Cleanup

  • Delete the CloudFormation stacks

  • Delete S3 Bucket

  • Delete RDS DBInstance

  • Delete Snapshot

What we have done so far

Demonstrated how a DeletionPolicy behaves differently with AWS resources and AWS resources with a snapshot. It is a great way to preserve your data after a CloudFormation stack is deleted.

Top comments (0)

Read next

jjoc007 profile image

Practice AWS Certification Question: AWS Solutions Architect Professional — Lambda — ECR

juan jose orjuela -

ken2026 profile image

Deploy a Docker Image to ECS with Auto Scaling Using AWS CDK in Minutes

Ken Yip -

jjoc007 profile image

Analysis of AWS Certification Question: AWS Solutions Architect Professional — VPC Flow Logs — Kinesis Data Firehose

juan jose orjuela -

vijay431 profile image

Streamlining AWS Secret Management: A Bash Script for Efficient onboarding of secrets into pipeline

Vijay Gangatharan -