/cdk-self-destruct

Effortlessly create temporary CDK stacks

Primary LanguageTypeScriptApache License 2.0Apache-2.0

cdk-self-destruct

npm version Pipeline

A cdk construct for destroying CDK environments, which may be used in automated testing.

All resources in the stack may be set to be destroyed regardless of their RemovalPolicy or they may be retained.

With its scheduling feature for stack destruction, you can easily set a time and date or generate a url for the automatic removal of unnecessary stacks, freeing up resources and optimizing the testing workflow. It also removes resources that are impeding stack deletion, such as non-empty S3 buckets.

Inspired by cdk-time-bomb, rewritten with aws-cdk v2 and the new AWS EventBridge Scheduler.

Installing

requires aws-cdk: "^2.51.0"

npm install cdk-self-destruct

# or

yarn add cdk-self-destruct

Usage

Include it at the end of your stack. Behind the scenes it uses CDK Aspects to capture all resources automatically.

import { type StackProps, Stack, Duration } from 'aws-cdk-lib'
import { type Construct } from 'constructs'
import { SelfDestruct } from 'cdk-self-destruct'

export class AwesomeStack extends Stack {
  public constructor(scope: Construct, id: string, props: StackProps) {
    super(scope, id, props)

    new SelfDestruct(this, 'SelfDestruct', {
      defaultBehavior: {
        destoryAllResources: true,
        purgeResourceDependencies: true,
      },
      trigger: {
        scheduled: {
          afterDuration: Duration.days(1),
          enabled: true,
        },
      },
    })
  }
}

Features

  1. Set RemovalPolicy for all resources inside a stack
  2. Destroy resource dependencies that are blocking the stack deletion
    • Purge S3 buckets before deletion
    • Stop all running state-machine executions
    • Delete automatically generated cloudwatch logs for lambda functions
    • more coming soon
  3. Schedule stack deletions after a given duration or at a given timestamp
  4. Create a Lambda function URL to delete the stack easily from the pipeline

Options

Select per individual resource

A list of all available options can be found here

new SelfDestruct(this, 'SelfDestruct', {
  // ...
  byResource: {
    resourcesToDestroy: ['AWS::S3::Bucket'],
    resourcesToRetain: ['AWS::DynamoDB::Table'],
  },
})

Schedule for a given Date

Stack deletion may be scheduled for a given UTC timestamp.

new SelfDestruct(this, 'SelfDestruct', {
  // ...
  trigger: {
    scheduled: {
      atTimestamp: new Date('2023-01-01T00:00:00Z').getTime(),
      enabled: true,
    },
  },
})

Invoke via a lambda function url

Function urls allow to start the stack deletion manually via an http request. Authentication is available via IAM or via unauthenticated requests.

new SelfDestruct(this, 'SelfDestruct', {
  // ...
  trigger: {
    addFunctionUrl: {
      cloudformationOutput: {
        description: 'URL to invoke the self-destruct function',
        exportName: 'SelfDestructUrl',
      },
      enabled: true,
      options: {
        // Allow unauthenticated requests
        authType: FunctionUrlAuthType.NONE,
      },
    },
  },
})

Perform additional cleanup

Remove additional resources created by AWS services that are not included in the cdk stack.

Currently supported:

  • Cloudwatch log groups implicitly created by aws lambda functions
new SelfDestruct(this, 'SelfDestruct', {
  // ...
  additionalCleanup: {
    cleanupLambdaLogGroups: true,
  },
})