[Feature] Support -f option for deletion of Retain resources #485
Description
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is.
It may be worth adding an option to remove resources with removal policy "Retain".
Describe the solution you'd like
A clear and concise description of what you want to happen.
The -f option?
approach 1
Collect DELETE_SKIPPED resources after normal CFn deletion, and delete them with existing delstack operations and Cloud control API? Is it difficult to detect the identifier for the resources? Does it equal to PhysicalResourceId?
But some resources are not yet supported in CC API, so this approach might not be good.
aws cloudcontrol list-resources --type-name AWS::IAM::Policy
An error occurred (UnsupportedActionException) when calling the ListResources operation: The resource AWS::IAM::Policy is not yet supported via Cloud Control API
But it might be good to only support resources that are currently supported by delstack with CC API? If some resources are not supported by the CC API, maybe it would be ok to just not support those resources?
In that case, I noticed that there is no need to use the CC API. So this would be approach 3.
approach 2
Update templates directly to remove the policy.
This approach is the most reliable. It can handle all resource types. However, we have to get the template, rewrite the Deletion Policy, and call the stack update API with the template. There is a slight concern that this might cause some problems.
aws cloudformation get-template --stack-name arn:aws:cloudformation:us-east-1:123456789012:stack/MySampleStack/123456789-1234-1234-abcd-123456789012
{
"TemplateBody": {
"Resources": {
"MyConstructMyTopic1B6239A80": {
"Type": "AWS::SNS::Topic",
"Properties": {
...
approach 3
Implement deletion logic for each resource type.
It is impossible that all resources are supported, but it might be good to support the resources that are currently supported by delstack. (But this may be difficult to explain to the tool. For example, if a KMS key that is Retain is to be deleted even when skipped, it cannot be said to be subject to forced deletion because it is not the type that normally fails on deletion. However, it may be fair to say that these resource types are supported for forced deletion?)
Additional context
Add any other context or screenshots about the feature request here.
I had originally thought that resources with "Retain" policies should not be removed, but there may be use cases that make it tempting to remove them. For this reason, I have come up with this proposal.
Related issue: #475