How do I prevent the resources in my AWS CloudFormation stack from getting deleted or updated?
Last updated: 2019-04-16
I want to prevent the resources in my AWS CloudFormation stack from getting deleted or updated. How can I do this?
To prevent deletion or updates to resources in an AWS CloudFormation stack, you can:
- Set the DeletionPolicy attribute to prevent the deletion of an individual resource at the stack level.
- Use AWS Identity and Access Management (IAM) policies to restrict the ability of users to delete or update a stack and its resources.
- Assign a stack policy to prevent updates to stack resources.
- Enable termination protection to prevent users from deleting the stack from the AWS CloudFormation console or AWS Command Line Interface (AWS CLI).