(aws-ecr): Default RemovalPolicy for ECR is RETAIN

[eickler]

Reference: https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_core.RemovalPolicy.html

The reference states that the default removal policy is DESTROY, but an ECR Repository is actually retained during the destroy phase. I created a repository using

new ecr.Repository(this, 'repository', { imageScanOnPush: true, repositoryName: ... } })

and the generated template is

repository9F1A3F0B:
  Type: AWS::ECR::Repository
    Properties:
      RepositoryName: td000-repo
    UpdateReplacePolicy: Retain
    DeletionPolicy: Retain
    Metadata:
      aws:cdk:path: td000/repository/Resource

There should be probably a statement that RETAIN is the default policy for services XYZ and DESTROY for services ABC but I am not sure how to properly phrase this and what actually the defaults are outside of ECR.

---

This is a 📕 documentation issue

[davivcgarcia]

Do we have any update on this issue?

[MrArnoldPalmer]

@davivcgarcia I haven't looked into this yet. I'm not quite sure what to do because basically in this spot, its not incorrect, just confusing. Since this doc is on the RemovalPolicy enum type, what it means is if no removal policy is specified in CFN then the default usually is "DESTROY". However as the issue author points out, when creating an ECR repository using the L2 the default is "RETAIN", which is documented here.

The RemovalPolicy type itself has no knowledge of the resources basically and the L2's defaults are documented alongside the L2s. I'm not quite sure what the solution is but if you're interested in investigating and giving some suggestions and possible submitting a PR that would be great.

[nohack]

@MrArnoldPalmer @davivcgarcia

I have tested some of these assumptions and have the below points

• In cloudformation, the default deletion policy is DESTROY.
  Through CF if create a stack with an s3 bucket in it and delete the stack
  a) Empty Bucket: The stack is deleted with associated s3 bucket.(Assume we did not explicitly specify DeletionPolicy)
  b) Non Empty Bucket: If we don't specify the deletion or even if specify the DeletionPolicy as delete, cdk destroy will
  fail with DELETE_FAILED status.We have to empty the bucket for the stack deletion to be successful.

  The same with ecr.

• From cdk docs

  Many stateful resources in the AWS Construct Library will accept a removalPolicy as a property, typically defaulting it to
  RETAIN.

  So L2 constructs for S3, ECR and RDS can have removal policy as RETAIN as they are stateful.

There are some related issues which I pointed at the end.
One thing that is confusing from the docs here and as pointed out is that the RemovalPolicy in itself cannot have a default value as as its just a standalone enum.The resource with which a RemovalPolicy is associated can have a default removal policy.
So I think its better to remove that statement from the docs.Can create a pr if that is fine.

Refs:
aws/aws-cdk-rfcs#23

#3297

[github-actions]

This issue has not received any attention in 1 year. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.