ALIYUN::ROS::ResourceCleaner - Resource Orchestration Service

ALIYUN::ROS::ResourceCleaner is used to create a resource cleaner.

Resource types that can be cleaned up

Note

Resource Orchestration Service (ROS) continues to support more resource types that can be cleaned up. You can call the GetFeatureDetails operation to query resources that can be cleaned up.

Alibaba Cloud service	Resource type
Application Configuration Management	ACM:Namespace
ActionTrail	ACTIONTRAIL:Trail
Application Load Balancer (ALB)	ALB:Acl ALB:HealthCheckTemplate ALB:LoadBalancer ALB:SecurityPolicy ALB:ServerGroup




API Gateway	ApiGateway:App ApiGateway:Group ApiGateway:Instance ApiGateway:LogConfig ApiGateway:Plugin ApiGateway:Signature ApiGateway:TrafficControl






Application Real-Time Monitoring Service (ARMS)	ARMS:AlertContact ARMS:AlertContactGroup ARMS:RetcodeApp


Service Mesh (ASM)	ASM:ServiceMesh
Certificate Management Service	CAS:Certificate
ApsaraDB MyBase	CDDC:DedicatedHostGroup
Alibaba Cloud CDN (CDN)	CDN:Domain
ApsaraDB for ClickHouse	ClickHouse:DBCluster
Elastic Cloud Phone (ECP)	CloudPhone:InstanceGroup
CloudMonitor	CMS:Contact CMS:ContactGroup CMS:MetricRuleTemplate CMS:MonitorGroup CMS:SiteMonitor




Container Service for Kubernetes (ACK)	CS:Cluster
Container Registry	CR:Instance
DataHub	DATAHUB:Project
Dynamic Route for CDN (DCDN)	DCDN:Domain
Apsara File Storage for HDFS	DFS:AccessGroup DFS:FileSystem
Apsara File Storage for HDFS	DFS:AccessGroup DFS:FileSystem
Direct Mail	DirectMail:Domain DirectMail:Ipfilter
Direct Mail	DirectMail:Domain DirectMail:Ipfilter
Alibaba Cloud DNS (DNS)	DNS:Domain DNS:DomainGroup
Alibaba Cloud DNS (DNS)	DNS:Domain DNS:DomainGroup
PolarDB-X 1.0	DRDS:DrdsInstance
Elastic Container Instance	ECI:ContainerGroup ECI:ImageCache
Elastic Container Instance	ECI:ContainerGroup ECI:ImageCache
Elastic Compute Service (ECS)	ECS:AutoProvisioningGroup ECS:AutoSnapshotPolicy ECS:Command ECS:CustomImage ECS:DedicatedHost ECS:DeploymentSet ECS:Disk ECS:HpcCluster ECS:Instance ECS:LaunchTemplate ECS:NetworkInterface ECS:PrefixList ECS:SSHKeyPair ECS:SecurityGroup ECS:Snapshot
Virtual Private Cloud (VPC)	VPC:AnycastEIP VPC:CommonBandwidthPackage VPC:DhcpOptionsSet VPC:EIP VPC:EipSegment VPC:FlowLog VPC:HaVip VPC:Ipv6Gateway VPC:NatGateway VPC:NetworkAcl VPC:RouteTable VPC:VPC VPC:VSwitch
Resource Access Management (RAM)	RAM:Group RAM:ManagedPolicy RAM:Role RAM:SAMLProvider RAM:User
ApsaraDB RDS	RDS:DBInstance
ROS	ROS:Template
Server Load Balancer (SLB)	SLB:AccessControl SLB:Certificate SLB:LoadBalancer
Edge Node Service (ENS)	ENS:Instance
Auto Scaling	ESS:AlarmTask ESS:ScalingGroup ESS:ScheduledTask
Elastic Container Instance	ECI:ContainerGroup ECI:ImageCache
Serverless Workflow (SWF)	FNF:Flow
AnalyticDB for PostgreSQL	GPDB:DBInstance
Key Management Service (KMS)	KMS:Key KMS:Secret
ApsaraMQ for Kafka	KAFKA:Instance
ApsaraDB for MongoDB	MONGODB:Instance
ApsaraDB for Memcache (OCS)	Memcache:Instance
Microservices Engine (MSE)	MSE:Cluster MSE:Gateway
Message Service (MNS)	MNS:Topic MNS:Queue
ApsaraDB for Redis	REDIS:Instance
Log Service	SLS:Project
Function Compute	FC:Service
Apsara File Storage NAS (NAS)	NAS:AccessGroup NAS:FileSystem
Network Load Balancer (NLB)	NLB:LoadBalancer NLB:ServerGroup
Tablestore	OTS:Instance
Object Storage Service (OSS)	OSS:Bucket
CloudOps Orchestration Service (OOS)	OOS:Execution OOS:Template OOS:PatchBaseline OOS:Parameter OOS:SecretParameter
PolarDB	POLARDB:DBCluster
PrivateLink	PrivateLink:VpcEndpoint PrivateLink:VpcEndpointService
PolarDB-X 1.0	DRDS:DrdsInstance
ApsaraMQ for RocketMQ	ROCKETMQ:Instance
AnalyticDB for MySQL	ADB:DBCluster
Enterprise Distributed Application Service (EDAS)	EDAS:Application EDAS:Cluster
E-MapReduce (EMR)	EMR:Cluster
Elasticsearch	ElasticSearch:Instance
Hybrid Backup Recovery (HBR)	HBR:DBVault
Alibaba Cloud DNS PrivateZone	PVTZ:Zone
Serverless App Engine (SAE)	SAE:Application SAE:Namespace
Serverless App Engine (SAE)	SAE:Application SAE:Namespace
Smart Access Gateway (SAG)	SAG:ACL SAG:Qos
Time Series Database (TSDB)	TSDB:HiTSDBInstance
Web Application Firewall (WAF)	WAF:Domain

Syntax

{
  "Type": "ALIYUN::ROS::ResourceCleaner",
  "Properties": {
    "Action": String,
    "ResourceFilters": List,
    "Resources": List,
    "Mode": String,
    "FailureOption": String,
    "CleanUpRetryCount": Integer,
    "CleanUpTimeout": Number,
    "ExcludedResources": List,
    "CleanUpAlgorithm": String,
    "ResourceTypeOrder": List,
    "DisabledSideEffects": List
  }
}

Properties

Property	Type	Required	Editable	Description	Constraint
Action	String	Yes	Yes	The operation that is performed by the resource cleaner.	Valid values: Scan: scans resources to retrieve the resources that you want to clean up. CleanUp: cleans up the resources that are retrieved after the scan operation. When you create a resource cleaner, you cannot set Action to CleanUp. You can set Action to Action only when you update a resource cleaner. Scan+CleanUp: scans resources and cleans up resources. ScanWhenCreatingAndUpdating+CleanUpWhenDeleting: scans resources when you create or update a resource cleaner and cleans up resources when you delete a resource cleaner.
ResourceFilters	List	No	Yes	The list of filters. The resource cleaner uses filters to scan the resources that you want to clean up.	You can specify up to 100 filters. You can specify only one of ResourceFilters and Resources. If filters are changed when you update a resource cleaner, the resource cleaner restarts the scan operation. In this case, if Action is set to CleanUp, the cleanup operation fails. The Allow and Deny effects are supported for filters. The following values are valid for the effects. A smaller value indicates a higher priority. Resources that match a filter only of the Deny type are retained. Resources that match at least a filter only of the Allow type are cleaned up. For more information, see ResourceFilters properties.
Resources	List	No	Yes	The list of resources that you want to clean up.	You can specify 1 to 1,000 resources. You can specify only one of ResourceFilters and Resources. For more information, see Resources properties.
Mode	String	No	Yes	The working mode of the resource cleaner.	Valid values: Strict: A resource scan failure or resource cleanup failure causes the resource cleaner to fail. Loose (default): A small number of resource scan failures or resource cleanup failures cause the resource cleaner to fail. Most scan failures are ignored. You can view the details of the failures in ScanErrors or ResourceDetails of the Outputs section. Most cleanup failures are ignored. You can view the details of the failures in ResourceDetails of the Outputs section.
FailureOption	String	No	Yes	The option to determine whether the dependencies are affected when a resource fails to be cleaned up.	Valid values: Normal (default): When a resource fails to be cleaned up, the cleanup operation on the dependencies is not affected. Fast: When a resource fails to be cleaned up, the cleanup operation fails to be performed on the dependencies. Note The option is supported for the cleanup operation, but not for the creation operation on dependencies.
CleanUpRetryCount	Integer	No	Yes	The maximum number of retries that are allowed for a failed cleanup.	Valid values: 1 to 6. Default value: 1. A value of 1 specifies that the cleanup operation is not retried. When you specify a value other than 1, the cleanup operation is retried if one of the following conditions are met: A resource fails to be cleaned up. A resource cleanup operation times out.
CleanUpTimeout	Number	No	Yes	The timeout period that is allowed for the cleanup operation.	Valid values: 60 to 14400. Unit: seconds. Default value: 3600.
ExcludedResources	List	No	Yes	The list of resources to be excluded from the resources that you want to clean up.	You can specify 1 to 1000 resources. The system excludes only one resource based on each list item that you specify. If a list item is mapped to multiple resources, a failure occurs. In this case, you must specify more properties for the list item to eliminate ambiguity. For more information, see ExcludedResources properties.
CleanUpAlgorithm	String	No	Yes	The algorithm that you want to use to clean up resources.	Valid values: ResourceDependency (default): cleans up resources in the order of dependencies. ResourceTypeOrder: cleans up resources in ascending order of resource types. You can use ResourceTypeOrder to specify the order of resource types. If you leave ResourceTypeOrder empty, all supported resource types are sorted in the default order.
ResourceTypeOrder	List	No	Yes	The order in which you want to clean up resource types.	You can specify 1 to 1000 resource types. This property takes effect when CleanUpAlgorithm is set to ResourceTypeOrder. The system does not scan or clean up the resources whose resource types are not specified. For more information about supported resource types, see the Resource types that can be cleaned up section of this topic.
DisabledSideEffects	List	No	Yes	The list of side effects that you want to disable.	You can specify 1 to 50 side effects. The list item can contain letters, digits, and wildcard characters (* and ?). The list item must be 1 to 100 characters in length. You can use only asterisks (`*`) and question marks (`?`) as wildcard characters to perform fuzzy match. The cleanup operation may have side effects for specific resources. You can call the GetFeatureDetails operation to query the side effects.

ResourceFilters syntax

"ResourceFilters": [
  {
    "IncludeDeletionProtection": Boolean,
    "ResourceTypePatterns": List,
    "ResourceIds": List,
    "RegionIds": List,
    "ResourceGroupIds": List,
    "Effect": String,
    "ResourceNamePatterns": List,
    "Tags": List
  }
]

ResourceFilters properties

Property	Type	Required	Editable	Description	Constraint
IncludeDeletionProtection	Boolean	No	Yes	Specifies whether to filter the resources for which deletion protection is enabled.	Valid values: false true (default)
ResourceTypePatterns	List	No	Yes	The list of resource types based on which you want to filter resources. Fuzzy match is supported. For more information about resource types, see the Resource types that can be cleaned up section of this topic.	You can specify 1 to 100 resource types. If the resource type of the resource matches a specified resource type, the resource is filtered. You can use only asterisks (``) and question marks (`?`) as wildcard characters to perform fuzzy match. A list item must be in the `Service:Type` format. The list item must be 3 to 100 characters in length. The value of `Service` can contain letters and wildcard characters ( and ?). The value of `Type` can contain letters, digits, and wildcard characters (* and ?).
ResourceIds	List	No	Yes	The list of resource IDs based on which you want to filter resources.	You can specify 1 to 100 resource IDs. If the ID of a resource matches a specified resource ID, the resource is filtered. The list item must be 1 to 256 characters in length.
RegionIds	List	No	Yes	The list of region IDs based on which you want to filter resources.	You can specify 1 to 100 region IDs. If the region ID of a resource matches a specified region ID, the resource is filtered. The list item must be 1 to 64 characters in length.
ResourceGroupIds	List	No	Yes	The list of resource groups based on which you want to filter resources.	You can specify 1 to 100 resource groups. If the resource group of a resource matches a specified resource group, the resource is filtered. The list item must be 1 to 256 characters in length.
Effect	String	No	Yes	The effect on filtered resources.	Valid values: Deny: Resources that match all filters only of the Deny type are retained. Allow: Resources that match all filters only of the Allow type are cleaned up. Note If a resource matches filters of the Allow and Deny types, the resource is retained.
ResourceNamePatterns	List	No	Yes	The list of resource names based on which you want to filter resources. Fuzzy match is supported.	You can specify 1 to 100 resource names. If the name of a resource matches a specified resource name, the resource is filtered. You can use only asterisks (``) and question marks (`?`) as wildcard characters to perform fuzzy match. The resource name can contain only letters, digits, spaces, underscores (`_`), hyphens (`-`), and wildcard characters ( and ?). The list item must be 1 to 100 characters in length.
Tags	List	No	Yes	The list of tags based on which you want to filter resources. Custom tags and system tags are supported.	You can specify 1 to 100 tags. The following rules apply: If you specify a tag key and a tag value, a resource whose tag key and tag value match the specified tag key and tag value is filtered. Note If you specify a tag key and multiple tag values, a resource whose tag key matches the specified tag key and whose tag value matches one of the specified tag values is filtered. If you specify a tag key but do not specify a tag value, a resource whose tag key matches the specified tag key is filtered. If you specify multiple tag keys and tag values, a resource whose tag keys and tag values match the specified tag keys and tag values is filtered. For more information, see Tags properties.

Tags syntax

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags properties

Property	Type	Required	Editable	Description	Constraint
Value	String	No	Yes	The value of the tag.	The tag value can be up to 256 characters in length. Note Different results are returned if you leave this property empty and if the value is an empty string.
Key	String	Yes	Yes	The key of the tag.	The tag key must be 1 to 256 characters in length.

Resources syntax

"Resources": [
  {
    "ResourceId": String,
    "ResourceType": String,
    "RegionId": String
  }
]

Resources properties

Property	Type	Required	Editable	Description	Constraint
ResourceId	String	Yes	Yes	The ID of the resource that you want to clean up.	The resource ID must be 1 to 256 characters in length.
ResourceType	String	Yes	Yes	The resource type of the resource that you want to clean up.	For more information, see the Resource types that can be cleaned up section of this topic.
RegionId	String	Yes	Yes	The region ID of the resource that you want to clean up.	The region ID must be 1 to 64 characters in length.

ExcludedResources syntax

"ExcludedResources": [
  {
    "ResourceId": String,
    "ResourceType": String,
    "RegionId": String
  }
]

ExcludedResources properties

Property	Type	Required	Editable	Description	Constraint
ResourceId	String	Yes	Yes	The ID of the resource that you want to exclude.	The resource ID must be 1 to 256 characters in length.
ResourceType	String	No	Yes	The resource type of the resource that you want to exclude.	For more information, see the Resource types that can be cleaned up section of this topic.
RegionId	String	No	Yes	The region ID of the resource that you want to exclude.	The region ID must be 1 to 64 characters in length.

Return values

Fn::GetAtt

ResourceDetails: details of the resources that you want to clean up. The value is a dict that consists of the following fields.

Field	Type	Description
ResourceType	String	The resource type.
RegionId	String	The region ID of the resource.
ResourceId	String	The resource ID.
ResourceName	String	The resource name.
CleanupType	String	The cleanup type of the resource. Valid values: Normal: The resource is cleaned up as expected. DeleteWithInstance: When the resource is cleaned up, the dependencies of the resource are cleaned up. If the dependencies are filtered or excluded, the cleanup operation may fail. For more information, see the "CleanupTypeReasons" field of this topic. UnableToDelete: The resource cannot be cleaned up. For more information, see the "CleanupTypeReasons" field of this topic.
CleanupTypeReasons	List	The list of reasons for cleanup types.
ResourceStatus	String	The state of the resource. Valid values: Deleting: The resource is being cleaned up. Failure: The resource fails to be cleaned up. Success: The resource is cleaned up. Skipped: The resource is excluded from the cleanup operation. Pending: The resource is pending to be cleaned up.
ResourceStatusReason	String	The reason why the resource is in the current state.
Dependencies	List	The dependencies of the resource. The value is a dict that consists of the following fields: ResourceType: the resource type of the dependency. RegionId: the region ID of the dependency. ResourceId: the dependency ID.

ResourcePartialDetails: a simplified version of ResourceDetails. ResourcePartialDetails consists only of the ResourceType, RegionId, ResourceId, ResourceName, ResourceStatus, and ResourceStatusReason fields.
NoCleanupResourceDetails: details of resources that are scanned but are not cleaned up. The value format is the same as the value format of ResourceDetails.
NoCleanupResourcePartialDetails: a simplified version of NoCleanupResourceDetails. NoCleanupResourcePartialDetails consists only of the ResourceType, RegionId, ResourceId, ResourceName, ResourceStatus, and ResourceStatusReason fields.

ResourceSummary: the summary of the resources that you want to clean up. The value is a dict that consists of the following fields.

Field	Type	Description
ResourceType	String	The resource type.
DeletingCount	Integer	The number of resources that are being cleaned up.
SuccessCount	Integer	The number of resources that are cleaned up.
FailureCount	Integer	The number of resources that fail to be cleaned up.
SkippedCount	Integer	The number of resources that are excluded from the cleanup operation.
PendingCount	Integer	The number of resources that are pending to be cleaned up.
OtherCount	Integer	The number of resources that are not in the preceding types of states.
TotalCount	Integer	The total number of resources.

ScanErrors: the errors occur during the scan operation. This field is returned only if Mode is set to Loose. The value is a dict that consists of the following fields.
Field
Type
Description
ResourceType
String
The resource type.
RegionId
String
The region ID.
ErrorMessage
String
The error message returned after the region and resource type are scanned.
CleanResult: The result of the cleanup operation. Valid values:
- Success: All resources are cleaned up.
- ResourceFailure: Specific resources fail to be cleaned up.
- Timeout: The cleanup operation times out.
- CheckFailure: A precheck failure occurs during the cleanup operation.
- UnknownFailure: An unknown error occurs.
- UserCancelled: The cleanup operation is canceled by you.
- None: The cleanup operation is not triggered.

Examples

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Parameters: {}
Resources:
  ResourceCleaner:
    Type: ALIYUN::ROS::ResourceCleaner
    Properties:
      FailureOption: Normal
      Action: Scan
      ResourceFilters:
        - ResourceIds:
            - i-bp1h09ipy0atb4kq****
      CleanUpRetryCount: 1
      CleanUpTimeout: 3600
      ExcludedResources:
        - ResourceId: i-bp1h09ipy0atb4kq****
          ResourceType: ECS:Instance
Outputs: {}

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
  },
  "Resources": {
    "ResourceCleaner": {
      "Type": "ALIYUN::ROS::ResourceCleaner",
      "Properties": {
        "FailureOption": "Normal",
        "Action": "Scan",
        "ResourceFilters": [
          {
            "ResourceIds": [
              "i-bp1h09ipy0atb4kq****"
            ]
          }
        ],
        "CleanUpRetryCount": 1,
        "CleanUpTimeout": 3600,
        "ExcludedResources": [
          {
            "ResourceId": "i-bp1h09ipy0atb4kq****",
            "ResourceType": "ECS:Instance"
          }
        ]
      }
    }
  },
  "Outputs": {
  }
}