empire icon indicating copy to clipboard operation
empire copied to clipboard
verified publisher icon remind101

Custom Empire* CloudFormation resources should wait until stabilized

Open ejholmes opened this issue 9 years ago • 0 comments

CloudFormation has a couple distinct phases:

  1. Update: Existing resources are updated, or, if a replacement is required, created.
  2. Cleanup: Any irrelevant resources are cleaned up.

Say, for example, you're creating an AWS::IAM::AccessKey and using the Custom::EmpireEnvironment to set some AWS_* environment variables. At the moment, if you wanted to roll the access key, the old access key may still be in use when it's removed. Because Custom::EmpireEnvironment doesn't wait for the stack update to stabilize, the cleanup phase is entered too soon.

The Custom::EmpireEnvironment resources should wait for the stack update to stabilize, like emp deploy -s.

ejholmes avatar Nov 23 '16 00:11 ejholmes