AWS::SageMaker::Domain does not delete EFS share on stack delete

[jfamestad]

Name of the resource

AWS::SageMaker::Domain

Resource Name

No response

Issue Description

SageMaker Studio Domains deploy an EFS share as part of its resource provisioning. When deleting a stack that contains AWS::SageMaker::Domain CloudFormation does not delete the EFS share associated with the domain.

Expected Behavior

When a stack containing a domain is deleted, the EFS share that was implicitly created with the domain should be deleted as well.

Observed Behavior

The EFS share was not deleted. If the subnet is in the same Stack, the stack will enter a failed state because the network will fail to delete due to the EFS network adapter still being attached.

Test Cases

• Create a SageMaker Studio Domain using CloudFormation
• Delete the Stack
• Check EFS, the share will still exist

Other Details

Some users may wish to preserve their data which could be supported using the RetentionPolicy parameter to the delete_domain() call as done in this example that uses a custom resource to manage the SageMaker Domain.

https://github.com/aws-samples/cloudformation-studio-domain/blob/main/domain_function.py

RetentionPolicy={ 'HomeEfsFileSystem': 'Delete' }

[javydekoning]

Where is this shipped? I couldn't find where this is, and https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-sagemaker/blob/main/aws-sagemaker-domain/aws-sagemaker-domain.json doesn't have any efs:Delete* permissions?

[spssmn-aws]

+1 why has this been closed - the feature does not exist ?

[SGhotra1]

+1 Please reopen this!