search

mlevit / aws-auto-cleanup

Programmatically delete AWS resources based on an allowlist and time to live (TTL) settings
MIT License
496 stars 55 forks source link

Cloudformation resources do not get whitelisted #94

Closed guidodobboletta closed 2 years ago

guidodobboletta commented 2 years ago

Describe the bug The debug logs say that resources within a cloudformation stack are whitelist but when you look at the whitelist itself those resources are not there.

To Reproduce Steps to reproduce the behavior: Run the app and have cloudformation deletion enabled.

Expected behavior Resources within cloudformation stacks should be whitelist and they are not

Screenshots

Screenshot from 2021-10-12 13-48-11

Screenshot from 2021-10-12 13-48-28

Versions (please complete the following information):

AWS (please complete the following information):

Additional notes

When I invoke again it shows the same "adding to whitelist" message so this confirms that on the initial run it says it is adding them but it's not doing it.

mlevit commented 2 years ago

Hey @guidodobboletta, the resources are actually added to the whitelist array within the Lambda function when Auto Cleanup executes. This then ensures all CloudFormation resources are technically "whitelisted" for the duration of that run. I don't populate the actual whitelist table as this will quickly fill it full of resources.

Just know once you whitelist the CloudFormation Stack all AWS resources within that Stack are now whitelisted.

guidodobboletta commented 2 years ago

Ah I see that makes sense now. Thank you for clarifying things for me!