terraform-provider-aws icon indicating copy to clipboard operation
terraform-provider-aws copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Feature Request: Add support for Cloudformation Stack Termination Protection

Open petewilcock opened this issue 7 years ago • 9 comments

Affected Resource(s)

  • aws_cloudformation_stack

Background

AWS released Termination protection for Cloudformation Stacks in August 2017:

https://aws.amazon.com/about-aws/whats-new/2017/09/aws-cloudformation-provides-stack-termination-protection/ https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-protect-stacks.html

Feature Request

Addition of a termination_protection attribute in the aws_cloudformation_stack resource definition.

petewilcock avatar Feb 23 '18 12:02 petewilcock

+1!

Although I wonder if termination protection should be a separate resource from the stack itself? This is how it's modelled in the AWS API, and it would allow us to enable it for stacks which aren't managed themselves within Terraform using a data provider + termination protection resource.

mwarkentin avatar Mar 28 '18 16:03 mwarkentin

See https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateTerminationProtection.html

mwarkentin avatar Aug 09 '18 19:08 mwarkentin

Any idea if this enhancement is coming? It will be really helpful having termination_protection attribute in Terraform aws_cloudformation_stack.

ksrisurapaneni avatar Mar 19 '20 19:03 ksrisurapaneni

:+1:

marinpurgar avatar Oct 28 '21 12:10 marinpurgar

I see the issue is closed but there still isn't an parameter for updating termination protection on stacks in the cloudformation resource. Is this forthcoming?

macgruber99 avatar Jul 28 '22 18:07 macgruber99

Agree

Rishang avatar Nov 03 '23 07:11 Rishang

Any news on this one?

brianluisgomez avatar Apr 25 '24 15:04 brianluisgomez

I noticed this limitation when trying to delete a cloudformation stack with this flag enabled. I noticed terraform applied successfully but failed to delete the stack. I see a ticket already exists for this https://github.com/hashicorp/terraform-provider-aws/issues/33960.

Can the PR for this be reopened https://github.com/hashicorp/terraform-provider-aws/pull/10148 ? cc @bflad @justinretzolk

nitrocode avatar Mar 24 '25 21:03 nitrocode

Looking at it now, looks like EnableTerminationProtection is a property of a CloudFormation stack, so perhaps it makes sense to have it as an attribute on a CloudFormation Stack rather than a separate resource.

However, it is modeled as a separate API call for Update, but part of the Stack Creation:

Update: https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateTerminationProtection.html Stack Creation: https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateStack.html

https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_Stack.html

jsonpr avatar Jun 17 '25 18:06 jsonpr

I just bumped into this when attempting to delete a stack-set. Is there currently no way to control this with Terraform?

jmreicha avatar Nov 18 '25 19:11 jmreicha