cloudformation-coverage-roadmap icon indicating copy to clipboard operation
cloudformation-coverage-roadmap copied to clipboard

Published 20 hours ago verified publisher icon aws-cloudformation

AWS::ECR::Repository- [BUG] - EmptyOnDelete does not work in CloudControl API

Open corymhall opened this issue 9 months ago • 1 comments

Name of the resource

AWS::ECR::Repository

Resource Name

No response

Issue Description

EmptyOnDelete was added to CloudFormation, but it doesn't work in CloudControl.

Expected Behavior

I would expect for a repository with EmptyOnDelete=true to be successfully deleted when it contains images.

Observed Behavior

The delete fails with

The repository with name 'testrepository' in registry with id '111111111111' cannot be deleted because it still contains images

Test Cases

Step1 - Create a repository with EmptyOnDelete=true

$ aws cloudcontrol create-resource \
    --type-name AWS::ECR::Repository \
    --desired-state "{\"EmptyOnDelete\": true, \"RepositoryName\": \"testrepository\"}"

Step2 - Push an image

$ export AWS_REGION=us-east-2
$ export AWS_ACCOUNT=$(aws sts get-caller-identity --query 'Account' --output text)

$ aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com docker pull alpine:latest
$ docker tag alpine:latest $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com/testrepository:latest
$ docker push $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com/testrepository:latest

Step3 - Delete resource

$ aws cloudcontrol delete-resource --identifier testrepository --type-name 'AWS::ECR::Repository'

Step4 - Look for error message

$ aws cloudcontrol list-resource-requests  --resource-request-status-filter Operations=DELETE,OperationStatuses=FAILED --query 'ResourceRequestStatusSummaries[?Identifier==`testrepository`]'

Other Details

No response

corymhall avatar May 17 '24 19:05 corymhall