Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(kms): Allow opting out of "Retain" deletion policy #1685

Merged
merged 6 commits into from
Feb 13, 2019
Merged

feat(kms): Allow opting out of "Retain" deletion policy #1685

merged 6 commits into from
Feb 13, 2019

Conversation

RomainMuller
Copy link
Contributor

Gives the user control over whether the key should be retained or
scheduled for deletion when it is removed from the stack (or the stack
is deleted). This is convenient in particular for integration tests, to
avoid accumulating garbage over successive runs.

Pull Request Checklist

  • Testing
    • Unit test added
    • CLI change?: coordinate update of integration tests with team
    • cdk-init template change?: coordinated update of integration tests with team
  • Docs
    • jsdocs: All public APIs documented
    • README: README and/or documentation topic updated
  • Title and Description
    • Change type: title prefixed with fix, feat will appear in changelog
    • Title: use lower-case and doesn't end with a period
    • Breaking?: last paragraph: "BREAKING CHANGE: <describe what changed + link for details>"
    • Issues: Indicate issues fixed via: "Fixes #xxx" or "Closes #xxx"
  • Sensitive Modules (requires 2 PR approvers)
    • IAM Policy Document (in @aws-cdk/aws-iam)
    • EC2 Security Groups and ACLs (in @aws-cdk/aws-ec2)
    • Grant APIs (only if not based on official documentation with a reference)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license.

@RomainMuller
feat(kms): Allow opting out of "Retain" deletion policy
ccb805f 
Gives the user control over whether the key should be retained or
scheduled for deletion when it is removed from the stack (or the stack
is deleted). This is convenient in particular for integration tests, to
avoid accumulating garbage over successive runs.
@RomainMuller RomainMuller requested a review from a team as a code owner February 6, 2019 10:06
eladb
eladb reviewed Feb 6, 2019
View reviewed changes
packages/@aws-cdk/aws-kms/lib/key.ts Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-kms/test/test.key.ts Outdated Show resolved Hide resolved
eladb
eladb reviewed Feb 10, 2019
View reviewed changes
packages/@aws-cdk/aws-kms/test/integ.key-sharing.lit.expected.json
@@ -46,7 +46,7 @@
"Version": "2012-10-17"
}
},
"DeletionPolicy": "Retain"
"DeletionPolicy": "Delete"
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As a good practice it is usually preferable not to modify existing tests but rather add new tests

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well... technically I'm only touching here because I want to stop littering the account with one-off keys that we'll never use again... 😅

@RomainMuller RomainMuller merged commit 7706302 into master Feb 13, 2019
@RomainMuller RomainMuller deleted the rmuller/control-kms-key-deletion-policy branch February 13, 2019 09:08
@NGL321 NGL321 added the contribution/core This is a PR that came from AWS. label Sep 27, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eladb eladb eladb approved these changes

@rix0rrr rix0rrr rix0rrr approved these changes

Assignees
No one assigned
Labels
contribution/core This is a PR that came from AWS.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@RomainMuller @rix0rrr @eladb @NGL321