如何强制删除启用版本控制的非空 S3 存储桶？

Question

我的CDK文件中有以下代码块：

\n

const artifactBucket = new s3.Bucket(this, "MyBucket", {\n  bucketName: "cdk-cws-pipeline-artifacts",\n  removalPolicy: cdk.RemovalPolicy.DESTROY,\n  versioned: true, // a bucket used as a source in CodePipeline must be versioned\n});\n\n// code omitted for brevity\n\nconst pipeline = new codepipeline.Pipeline(this, "Pipeline", {\n  artifactBucket: artifactBucket,\n  // code omitted for brevity\n});\n

\n

一切都工作正常，直到我尝试删除堆栈。我收到这个错误：

\n

Are you sure you want to delete: cdk-staging-CwsPipeline (y/n)? y\ncdk-staging-CwsPipeline: destroying...\n6:11:42 PM | DELETE_FAILED        | AWS::S3::Bucket             | MyBucketF68F3FF0\nThe bucket you tried to delete is not empty. You must delete all versions in the bucket. (Service: Amazon S3; Status Code: 409; Error Code: BucketNotEmpty; R\nequest ID: 1P2N8WFPFQ8R9J4W; S3 Extended Request ID: uQWJgUnsgxVAXoEM95L28jm8p0qGbX+F0oNzMt8BH6Bg5G4Vd6mbNenJdDmPIgtrhXJFUbveSpk=)\n\n    new Bucket (/Users/zulh/hg/cws-cdk/node_modules/@aws-cdk/aws-s3/lib/bucket.ts:1049:22)\n    \\_ new CiCdStack (/Users/zulh/hg/cws-cdk/lib/ci-cd-stack.ts:128:32)\n    \\_ Object.<anonymous> (/Users/zulh/hg/cws-cdk/bin/cws-cdk.ts:99:24)\n    \\_ Module._compile (internal/modules/cjs/loader.js:1200:30)\n    \\_ Module.m._compile (/Users/zulh/hg/cws-cdk/node_modules/ts-node/src/index.ts:858:23)\n    \\_ Module._extensions..js (internal/modules/cjs/loader.js:1220:10)\n    \\_ Object.require.extensions.<computed> [as .ts] (/Users/zulh/hg/cws-cdk/node_modules/ts-node/src/index.ts:861:12)\n    \\_ Module.load (internal/modules/cjs/loader.js:1049:32)\n    \\_ Function.Module._load (internal/modules/cjs/loader.js:937:14)\n    \\_ Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:71:12)\n    \\_ main (/Users/zulh/hg/cws-cdk/node_modules/ts-node/src/bin.ts:227:14)\n    \\_ Object.<anonymous> (/Users/zulh/hg/cws-cdk/node_modules/ts-node/src/bin.ts:513:3)\n    \\_ Module._compile (internal/modules/cjs/loader.js:1200:30)\n    \\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:1220:10)\n    \\_ Module.load (internal/modules/cjs/loader.js:1049:32)\n    \\_ Function.Module._load (internal/modules/cjs/loader.js:937:14)\n    \\_ Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:71:12)\n    \\_ /Users/zulh/.nvm/versions/node/v14.4.0/lib/node_modules/npm/node_modules/libnpx/index.js:268:14\n\n6:11:42 PM | DELETE_FAILED        | AWS::CloudFormation::Stack  | cdk-staging-CwsPipeline\nThe following resource(s) failed to delete: [MyBucketF68F3FF0].\n\n \xe2\x9d\x8c  cdk-staging-CwsPipeline: destroy failed Error: The stack named cdk-staging-CwsPipeline is in a failed state: DELETE_FAILED (The following resource(s) failed to delete: [MyBucketF68F3FF0]. )\n    at Object.waitForStack (/Users/zulh/.nvm/versions/node/v14.4.0/lib/node_modules/aws-cdk/lib/api/util/cloudformation.ts:266:11)\n    at processTicksAndRejections (internal/process/task_queues.js:97:5)\n    at Object.destroyStack (/Users/zulh/.nvm/versions/node/v14.4.0/lib/node_modules/aws-cdk/lib/api/deploy-stack.ts:365:28)\n    at CdkToolkit.destroy (/Users/zulh/.nvm/versions/node/v14.4.0/lib/node_modules/aws-cdk/lib/cdk-toolkit.ts:251:9)\n    at main (/Users/zulh/.nvm/versions/node/v14.4.0/lib/node_modules/aws-cdk/bin/cdk.ts:270:16)\n    at initCommandLine (/Users/zulh/.nvm/versions/node/v14.4.0/lib/node_modules/aws-cdk/bin/cdk.ts:185:9)\nThe stack named cdk-staging-CwsPipeline is in a failed state: DELETE_FAILED (The following resource(s) failed to delete: [MyBucketF68F3FF0]. )\n

\n

有没有办法在运行时使用 CDK TypeScript 代码强制删除 S3 存储桶cdk destroy stack-name？

\n

Answer 1

现在，您可以删除存储桶以及在 CloudFormation 的帮助下创建的存储桶的内容（即 cdk 部署）

您只需在创建 S3 对象时添加autoDeleteObjects: true参数即可。

这是示例 TypeScript 代码：

new s3.Bucket(this, 'MyFirstBucket', {
  versioned: true,
  removalPolicy: cdk.RemovalPolicy.DESTROY,
  autoDeleteObjects: true
});

以下是官方 AWS 文档的参考链接： https://docs.aws.amazon.com/cdk/api/latest/docs/aws-s3-readme.html#bucket-deletion

Answer 2

不幸的是你不能轻易做到这一点。正如您已经经历过的那样，您无法使用 CloudFormation 或 CDK删除非空存储桶。

如果您希望堆栈继续删除，而不是在存储桶上失败，最简单的选择是添加RemovalPolicyRETAIN。这将简单地跳过该存储桶。堆栈将被删除，但存储桶将保留。稍后您可以使用 CLI 或控制台将其删除。

如果您确实想通过 CDK 或 CloudFormation 完成所有操作，则必须为此开发自定义解决方案。这可以使用自定义资源来完成。该资源将基于您必须开发和部署的 lambda 函数。当堆栈被删除时，lambda 将能够清空存储桶。此处显示如何使用 boto3 删除存储桶中版本化对象的示例代码。

希望这可以帮助。

Answer 3

CDK 现在允许在删除时删除对象：

https://docs.aws.amazon.com/cdk/api/latest/docs/aws-s3-readme.html#bucket-deletion