AWS::Rbin::Rule
Creates a Recycle Bin retention rule. You can create two types of retention rules:
-
Tag-level retention rules - These retention rules use resource tags to identify the resources to protect. For each retention rule, you specify one or more tag key and value pairs. Resources (of the specified type) that have at least one of these tag key and value pairs are automatically retained in the Recycle Bin upon deletion. Use this type of retention rule to protect specific resources in your account based on their tags.
-
Region-level retention rules - These retention rules, by default, apply to all of the resources (of the specified type) in the Region, even if the resources are not tagged. However, you can specify exclusion tags to exclude resources that have specific tags. Use this type of retention rule to protect all resources of a specific type in a Region.
For more information, see Create Recycle Bin retention rules in the Amazon EBS User Guide.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::Rbin::Rule", "Properties" : { "Description" :
String
, "ExcludeResourceTags" :[ ResourceTag, ... ]
, "LockConfiguration" :UnlockDelay
, "ResourceTags" :[ ResourceTag, ... ]
, "ResourceType" :String
, "RetentionPeriod" :RetentionPeriod
, "Status" :String
, "Tags" :[ Tag, ... ]
} }
YAML
Type: AWS::Rbin::Rule Properties: Description:
String
ExcludeResourceTags:- ResourceTag
LockConfiguration:UnlockDelay
ResourceTags:- ResourceTag
ResourceType:String
RetentionPeriod:RetentionPeriod
Status:String
Tags:- Tag
Properties
Description
-
The retention rule description.
Required: No
Type: String
Maximum:
255
Update requires: No interruption
Property description not available.
Required: No
Type: Array of ResourceTag
Maximum:
5
Update requires: No interruption
LockConfiguration
-
Information about the retention rule lock configuration.
Required: No
Type: UnlockDelay
Update requires: No interruption
-
[Tag-level retention rules only] Information about the resource tags used to identify resources that are retained by the retention rule.
Required: No
Type: Array of ResourceTag
Maximum:
50
Update requires: No interruption
ResourceType
-
The resource type retained by the retention rule.
Required: Yes
Type: String
Allowed values:
EBS_SNAPSHOT | EC2_IMAGE
Update requires: Replacement
RetentionPeriod
-
Information about the retention period for which the retention rule is to retain resources.
Required: Yes
Type: RetentionPeriod
Update requires: No interruption
Status
-
The state of the retention rule. Only retention rules that are in the
available
state retain resources.Required: No
Type: String
Pattern:
pending|available
Update requires: No interruption
-
Information about the tags assigned to the retention rule.
Required: No
Type: Array of Tag
Maximum:
200
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the ID of the retention rule.
Fn::GetAtt
The Fn::GetAtt
intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt
intrinsic function, see Fn::GetAtt
.
Arn
-
The Amazon Resource Name (ARN) of the retention rule.
Identifier
-
The unique ID of the retention rule.
LockState
-
[Region-level retention rules only] The lock state for the retention rule.
-
locked
- The retention rule is locked and can't be modified or deleted. -
pending_unlock
- The retention rule has been unlocked but it is still within the unlock delay period. The retention rule can be modified or deleted only after the unlock delay period has expired. -
unlocked
- The retention rule is unlocked and it can be modified or deleted by any user with the required permissions. -
null
- The retention rule has never been locked. Once a retention rule has been locked, it can transition between thelocked
andunlocked
states only; it can never transition back tonull
.
-
Examples
Create a retention rule
This example creates a retention rule that retains EBS snapshots for 7 days after deletion.
JSON
"MyRule" : { "Type": "AWS::Rbin::Rule", "Properties": { "Description": "my new retention rule", "LockConfiguration": { "UnlockDelayUnit": "DAYS", "UnlockDelayValue": 15 }, "ResourceTags": [{ "Key": "environment", "Value": "testing" }], "ResourceType": "EBS_SNAPSHOT", "RetentionPeriod": { "RetentionPeriodUnit": "DAYS", "RetentionPeriodValue": 7 }, "Status": "available", "Tags": [{ "Key": "purpose", "Value": "testing" }] } }
YAML
MyRule: Type: AWS::Rbin::Rule Properties: Description: my new retention rule LockConfiguration: UnlockDelayUnit: DAYS UnlockDelayValue: 15 ResourceTags: - Key: environment Value: testing ResourceType: EBS_SNAPSHOT RetentionPeriod: RetentionPeriodUnit: DAYS RetentionPeriodValue: 7 Status: available Tags: - Key: purpose Value: testing