search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.55k stars 3.87k forks source link

(core): Ability to set Stack termination protection on Stage level (and inherit by Stacks within it) #31449

Open aripalo opened 1 week ago

aripalo commented 1 week ago

Describe the feature

Add ability to define Stack (default) termination protection via (parent) Stage, as demonstrated by an example test scenario:

test('Stack inherits termination protection from Stage', () => {
    // GIVEN
    const app = new App();
    const stage = new Stage(app, 'Stage', {
      terminationProtection: true,
    });

    // WHEN
    const stack1 = new Stack(stage, 'Stack1');

    // THEN
    expect(stack1.terminationProtection).toEqual(true);
});

Additionally any inner Stage and/or Stack within the (parent) Stage scope can override the inherited value.

Use Case

Stages are a mechanism to "group" Stacks together. There are multiple use cases / reasons to group stacks using Stages, but one of them is to define an "application environment" (not to be confused with cdk.Environment) via a Stage: Think of development or production Stage etc.

The specific Stage use case / reason, doesn't matter that much, but often it would be handy to be able to define Termination Protection for all Stacks within the scope of specific Stage.

One could make the statement, that this is achievable via Aspects, but as stacks default to having terminationProtection: false, there is no reasonable way (at least AFAIK) to detect on a stack level if termination protection is set to false explicitly through props or implicitly by the stack constructor. Hence the idea of a feature where one can define (the default) termination protection on Stage level, which is then inherited by all its child Stages (if any) and finally by the stacks within that Stage scope; Additionally one should be able to override the Stage-level (inherited) termination protection on Stack level.

Proposed Solution

  1. Introduce optional terminationProtection into StageProps
  2. In Stage constructor, either use the termination protection value from its props (if set) or inherit from parent stage
  3. In Stack constructor, either use the termination protection value from its props (if set), or inherit from parent stage, or finally default to false (as before)

Basically, allow this:

new Stage(app, 'Stage', {
  terminationProtection: true,
});

See PR #31450.

Other Information

I think this feature counts as a "non-breaking new feature", as this has not been possible before.

Acknowledgements

CDK version used

v2.158.0

Environment details (OS name and version, etc.)

macOS 14.6.1

pahud commented 1 week ago

It seems to be a very handy feature. Thank you for your PR.