Rebuild Specific Stack Resources Individually

[evanottinger]

Name of the resource

AWS::CloudFormation::Stack

Resource name

No response

Description

Summary

I would like to be able to mark the VPN instance as protected, with a feature that allows destroying and rebuilding all non-protected resources within the stack.

Situation

User desires the ability to reset a stack instance with the ability to retain the state of certain resources while rebuilding others from scratch in accordance with their template. This could be accomplished by allowing certain resources to be tagged as protected (with cascading effects to their dependencies) and functionality to allow all but the protected instances to be destroyed and rebuilt without completely destroying the stack instance.

Use Case

Using CloudFormation Stacks to facilitate user-driven lab environments for training purposes. A user is given a public VPN and a configuration file to access the generated network. Sometimes, the user may accidentally perform a destructive action on a lab machine, causing the lab to cease functioning properly. My current understanding of the CloudFormation functionality is that I must destroy the stack and build a new one in order to reset a single machine. This is okay, but not preferable because it requires the user of the lab environment to rebuild their VPN server. This requires them to replace their VPN configuration file, which is acceptable but not a preferred user experience.

Other Details

No response