Skip to content

Commit 58ad451

Browse files
authored
fix: Allow disabling of dynamodb deletion protection (#23)
1 parent 42ab697 commit 58ad451

File tree

2 files changed

+29
-11
lines changed

2 files changed

+29
-11
lines changed

pkg/config/config.go

+1
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,7 @@ type DisableDeletionProtection struct {
4848
CloudformationStack bool `yaml:"CloudformationStack"`
4949
ELBv2 bool `yaml:"ELBv2"`
5050
QLDBLedger bool `yaml:"QLDBLedger"`
51+
DynamoDBTable bool `yaml:"DynamoDBTable"`
5152
}
5253

5354
type PresetDefinitions struct {

resources/dynamodb-tables.go

+28-11
Original file line numberDiff line numberDiff line change
@@ -4,13 +4,17 @@ import (
44
"github.com/aws/aws-sdk-go/aws"
55
"github.com/aws/aws-sdk-go/aws/session"
66
"github.com/aws/aws-sdk-go/service/dynamodb"
7+
"github.com/rebuy-de/aws-nuke/v2/pkg/config"
78
"github.com/rebuy-de/aws-nuke/v2/pkg/types"
89
)
910

1011
type DynamoDBTable struct {
11-
svc *dynamodb.DynamoDB
12-
id string
13-
tags []*dynamodb.Tag
12+
svc *dynamodb.DynamoDB
13+
id string
14+
deletionProtection bool
15+
tags []*dynamodb.Tag
16+
17+
featureFlags config.FeatureFlags
1418
}
1519

1620
func init() {
@@ -27,23 +31,35 @@ func ListDynamoDBTables(sess *session.Session) ([]Resource, error) {
2731

2832
resources := make([]Resource, 0)
2933
for _, tableName := range resp.TableNames {
30-
tags, err := GetTableTags(svc, tableName)
34+
table, tags, err := GetDynamoDBTable(svc, tableName)
3135

3236
if err != nil {
3337
continue
3438
}
3539

3640
resources = append(resources, &DynamoDBTable{
37-
svc: svc,
38-
id: *tableName,
39-
tags: tags,
41+
svc: svc,
42+
id: *tableName,
43+
deletionProtection: *table.DeletionProtectionEnabled,
44+
tags: tags,
4045
})
4146
}
4247

4348
return resources, nil
4449
}
4550

4651
func (i *DynamoDBTable) Remove() error {
52+
if i.deletionProtection && i.featureFlags.DisableDeletionProtection.DynamoDBTable {
53+
modifyParams := &dynamodb.UpdateTableInput{
54+
TableName: aws.String(i.id),
55+
DeletionProtectionEnabled: aws.Bool(false),
56+
}
57+
_, err := i.svc.UpdateTable(modifyParams)
58+
if err != nil {
59+
return err
60+
}
61+
}
62+
4763
params := &dynamodb.DeleteTableInput{
4864
TableName: aws.String(i.id),
4965
}
@@ -56,29 +72,30 @@ func (i *DynamoDBTable) Remove() error {
5672
return nil
5773
}
5874

59-
func GetTableTags(svc *dynamodb.DynamoDB, tableName *string) ([]*dynamodb.Tag, error) {
75+
func GetDynamoDBTable(svc *dynamodb.DynamoDB, tableName *string) (*dynamodb.TableDescription, []*dynamodb.Tag, error) {
6076
result, err := svc.DescribeTable(&dynamodb.DescribeTableInput{
6177
TableName: aws.String(*tableName),
6278
})
6379

6480
if err != nil {
65-
return make([]*dynamodb.Tag, 0), err
81+
return nil, make([]*dynamodb.Tag, 0), err
6682
}
6783

6884
tags, err := svc.ListTagsOfResource(&dynamodb.ListTagsOfResourceInput{
6985
ResourceArn: result.Table.TableArn,
7086
})
7187

7288
if err != nil {
73-
return make([]*dynamodb.Tag, 0), err
89+
return nil, make([]*dynamodb.Tag, 0), err
7490
}
7591

76-
return tags.Tags, nil
92+
return result.Table, tags.Tags, nil
7793
}
7894

7995
func (i *DynamoDBTable) Properties() types.Properties {
8096
properties := types.NewProperties()
8197
properties.Set("Identifier", i.id)
98+
properties.Set("Deletion Protection", i.deletionProtection)
8299

83100
for _, tag := range i.tags {
84101
properties.SetTag(tag.Key, tag.Value)

0 commit comments

Comments
 (0)