Sanjan611
commented
4 months ago Hi @alexey-makarevich-clearscale , could you clarify what you mean by "old" and "new" account in your feature request description?
Open alexey-makarevich-clearscale opened 4 months ago
Sanjan611
commented
4 months ago Hi @alexey-makarevich-clearscale , could you clarify what you mean by "old" and "new" account in your feature request description?
alexey-makarevich-clearscale
commented
4 months ago Hi @Sanjan611
Old account means already deployed and onboarded already. New means when we adding new account to ControlTower
Describe the outcome you'd like
We would like to have checks if resources been destroyed by account provisioning framework
Is your feature request related to a problem you are currently experiencing? If so, please describe.
We have face some issues during account provisioning. When a new account added to account customizations some parameters were copied from previous account without modifications. In that case resources of old account were destroyed by CodePipeline. In order to prevent such behavior we have set a check in pre_build section if resources will be destroyed in CodeBuild Project
- | terraform_plan_output=$(terraform plan) if [[ $terraform_plan_output =~ "1 resource(s) to be destroyed." ]]; then echo "ERROR: There are resources marked for destroy. Aborting apply." exit 1 fiThis allowed to check if terraform will destroy any resources and abort CodeBuild executionBelow is a repo were we have made changes forked from main repo https://github.com/alexey-makarevich-clearscale/terraform-aws-control_tower_account_factory
Additional context
Add any other context or screenshots about the feature request here.