This message was deleted Pulumi Community #general

Join Slack

This message was deleted.

# general

sparse-intern-71089

05/26/2022, 1:53 AM

This message was deleted.

little-cartoon-10569

05/26/2022, 2:29 AM

It's not odd, and it's fairly common. I don't think there's a built-in way to handle it, and that's to be expected, I think. Even if it's not deliberate, it would probably be a deliberate design decision not to change it. Parent projects should not have reference to child projects, even to protect against this sort of dependency-misalignment.

little-cartoon-10569

05/26/2022, 2:30 AM

Instead, you should design safety into the parent stack. The easiest way to do this in Pulumi is to set deletion protection to all shared resources. Things like VPC, subnets, RDS instances all qualify for this.

little-cartoon-10569

05/26/2022, 2:31 AM

And you should add documentation to those deletion protection opts to explain what child projects are dependent on this, so that anyone who goes into the code to remove the protection will see it and can check that all the child projects have had all their stacks destroyed.

little-cartoon-10569

05/26/2022, 2:33 AM

If you're using automation api, you could easily wrap the parent stack in checks for child stack resources.. that would safer, and wouldn't really be breaking encapsulation...

prehistoric-london-9917

05/26/2022, 2:42 AM

Thanks- that’s good advice. I’ll have a look through the stack and start adding the deletion protection. We’re on our way to the automation API- we’re using it in some test workflows, and it’s pretty nice. Good idea to move this concern there when we get more mature.

👍 1

5 Views

Open in Slack

Previous Next