DeletePolicy Protection for Secrets and Keys
ChrisPates opened this issue · 0 comments
ChrisPates commented
Is your feature request related to a problem? Please describe.
Currently the Secrets and Keys, created by the template for SSOSync have the default DeletionPolicy of Delete, but this risks loosing these secrets or access to the secrets when switch a deployment between one that contains secrets and one that does not.
Describe the solution you'd like
- Improve Guidance, for switching from the classic deployment single stack pattern to any of the split stack options.
- Add a Parameter for DeletionPolicy so end user can make their own choice, with a default value of
RetainExceptOnCreate.
Describe alternatives you've considered
Simply configuring DeletionPolicy to Retain or RetainExceptOnCreate would address this is you but then disrupt automated deployments as the retained resources would need to be cleaned up manual or manually import into a new stack.
Additional context
Issue was highlighted by Leny1996 in issue #181