Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stack: terminationProtection prop not applying #29487

Closed
jlosito opened this issue Mar 14, 2024 · 5 comments
Closed

Stack: terminationProtection prop not applying #29487

jlosito opened this issue Mar 14, 2024 · 5 comments
Labels
@aws-cdk/aws-codebuild Related to AWS CodeBuild bug This issue is a bug. closing-soon This issue will automatically close in 4 days unless further comments are made. duplicate This issue is a duplicate.

Comments

@jlosito
Copy link

jlosito commented Mar 14, 2024

Describe the bug

When setting the terminationProtection property to true, the stack does not actually change its setting.

https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.Stack.html#terminationprotection

Expected Behavior

When setting the property to true, the stack enables termination protection.

Current Behavior

The stack continues to have termination protection set to disabled.

Reproduction Steps

Deploy a stack using the stack construct while having its terminationProtection property set to true.

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.131.0

Framework Version

No response

Node.js Version

default CodeBuild options

OS

default CodeBuild options

Language

TypeScript

Language Version

No response

Other information

No response
@jlosito jlosito added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Mar 14, 2024
@github-actions github-actions bot added the @aws-cdk/aws-codebuild Related to AWS CodeBuild label Mar 14, 2024
@nmussy
Copy link
Contributor

nmussy commented Mar 15, 2024

Partially confirmed, terminationProtection is applied on initial deployment, but it's not picked up by a cdk diff, or updatable:

const app = new App();
new TestStack(app, "TestStack", {
	env: { account, region },
	terminationProtection: true,
});

image

I'll look into it

@nmussy
Copy link
Contributor

nmussy commented Mar 15, 2024

Not sure what I did wrong the first time, but it seems to work fine now.
The lack of detection by cdk diff seems to be intended, but the terminationProtection update detection works fine, in both directions:

$ cdk deploy -vvv
[10:03:05] Updating termination protection from true to false for stack TestStack
[10:03:06] [AWS cloudformation 200 0.491s 0 retries] updateTerminationProtection({ StackName: 'TestStack', EnableTerminationProtection: false })
[10:03:06] Termination protection updated to false for stack TestStack
[10:03:06] No changes are to be performed on TestStack.

$ cdk deploy -vvv
[10:03:37] Updating termination protection from false to true for stack TestStack
[10:03:38] [AWS cloudformation 200 0.487s 0 retries] updateTerminationProtection({ StackName: 'TestStack', EnableTerminationProtection: true })
[10:03:38] Termination protection updated to true for stack TestStack
[10:03:38] No changes are to be performed on TestStack.

@jlosito Can you try to deploy in debug mode (-vvv flag) to see what the output is near the end?

@jlosito
Copy link
Author

jlosito commented Mar 15, 2024
edited
Loading

@nmussy You're probably correct. I did a little bit more digging and I think my scenario is more along these lines.

#17871

Was it ever finalized whether a warning was going to be added in the meantime? From what I understand, additional functionality would need to be added to the CloudFormation API.

@tim-finnigan tim-finnigan self-assigned this Mar 15, 2024
@tim-finnigan tim-finnigan added investigating This issue is being investigated and/or work is in progress to resolve the issue. and removed needs-triage This issue or PR still needs to be triaged. labels Mar 15, 2024
@tim-finnigan
Copy link

Thanks for reaching out - it looks like #17871 closed for staleness. I'll go ahead and reopen that issue to track the request to add a warning.

@tim-finnigan tim-finnigan added duplicate This issue is a duplicate. closing-soon This issue will automatically close in 4 days unless further comments are made. and removed investigating This issue is being investigated and/or work is in progress to resolve the issue. labels Mar 15, 2024
@tim-finnigan tim-finnigan removed their assignment Mar 15, 2024
@jlosito jlosito closed this as completed Mar 16, 2024
@github-actions GitHub Actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@github-actions github-actions bot mentioned this issue Mar 18, 2024
Closed
@github-actions github-actions bot mentioned this issue Apr 1, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-codebuild Related to AWS CodeBuild bug This issue is a bug. closing-soon This issue will automatically close in 4 days unless further comments are made. duplicate This issue is a duplicate.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nmussy @jlosito @tim-finnigan