Skip to main content

Configure AWS Cloudformation Stacks should have Termination Protection enabled

  1. Configure AWS Cloudformation Stacks should have Termination Protection enabled
  2. Use Case for AWS Cloudformation Stacks should have Termination Protection enabled
  3. Triage Guides by Violation Type
    1. Triage AWS Cloudformation Stacks should have Termination Protection enabled STACK_TERMINATION_PROTECTION_NOT_ENABLED

How do I enable this policy?

Signature:
Type: Pyrae::Policy::PolicyDocument::Signatory
Properties:
SignatureTeamUrn: { "PyRef": "PyraeTeam" }
PolicyUrn: "urn:pyrae:policy:us-west-2:sAutx4ZxiqTJUzJdvky2km:policy/cfnStackTerminationProtectionPolicy"

What permissions does this policy require in my AWS account?

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"cloudformation:DescribeStacks"
],
"Resource": "*"
}
]
}

What resources match this policy?

Type: Pyrae::Observer::MatchingRule
Properties:
MatchAccountType: aws
MatchUrnService: cloudformation
MatchUrnResourceType: stack