Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[cli] Change sets that consist only of `removalPolicy` changes cannot be executed
See original GitHub issueIf the only change to an s3.Bucket object that’s already been deployed is to change its removalPolicy, that change appears in cdk diff, but cdk deploy says (no changes) for that stack, and the change is not made to the bucket.
If you deploy another change, such as to the versioned property, along with the removalPolicy change, the change to removalPolicy is made.
This broke the “Your First AWS CDK app” topic in the developer guide, which updated the removalPolicy to allow cdk destroy to delete the bucket. The user could still complete the tutorial, but the bucket would remain when it should have been deleted. (I have updated this topic to make an additional change with the removalPolicy one, which has the added benefit of showing an IAM policy in the diff, which has the side effect of deploying the removalPolicy change.)
Unmodified version of this topic can be seen here: http://jkindall.aka.corp.amazon.com/snapshot/1605908585/hello_world.html
Reproduction Steps
mkdir hello-cdk
cd hello-cdk
cdk init --language typescript
npm install @aws-cdk/aws-s3
Edit lib/hello-cdk-stack.ts to read:
import * as cdk from '@aws-cdk/core';
import * as s3 from '@aws-cdk/aws-s3';
export class HelloCdkStack extends cdk.Stack {
constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
super(scope, id, props);
new s3.Bucket(this, 'TheBucket', {
versioned: false,
// removalPolicy: cdk.RemovalPolicy.DESTROY
});
}
}
Then:
npm run build
cdk synth
cdk deploy
Uncomment the removalPolicy definiiton.
Save, build, and cdk diff. Note that the change to the removal policy appears in the diff output.
Now cdk deploy and note that it says HelloCdkStack (no changes). Another cdk diff will reveal that there’s still a difference between the new synthesized template and the deployed one, indicating the change to removalPolicy was not deployed.
Finally change versioned to true, then cdk deploy and watch both changes be deployed. cdk diff afterward to be sure.
Environment
- CDK CLI Version : 1.74.0
- Framework Version: 1.74.0
- Node.js Version: 12.16.3
- OS : Windows 10
- Language (Version): TypeScript 3.9.7
This is 🐛 Bug Report
Issue Analytics
- State:
- Created 3 years ago
- Reactions:3
- Comments:17 (14 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Add a WaitConditionHandle. Doesn’t do or cost anything, but does change the template
I reached out to support about this and they mentioned that there’s an internal feature request (“Add support for policy change through ChangeSets”) that has been opened and accepted by the CloudFormation team. Maybe the CDK team could add their +1 internally to help move that along (cc @rix0rrr)?