ALIYUN::ROS::ResourceCleaner is used to create a resource cleaner.

Resource types that can be cleaned up

Alibaba Cloud service Resource type
Elastic Compute Service (ECS)
  • ECS:AutoProvisioningGroup
  • ECS:AutoSnapshotPolicy
  • ECS:Command
  • ECS:CustomImage
  • ECS:DedicatedHost
  • ECS:DeploymentSet
  • ECS:Disk
  • ECS:HpcCluster
  • ECS:Instance
  • ECS:LaunchTemplate
  • ECS:NetworkInterface
  • ECS:PrefixList
  • ECS:SSHKeyPair
  • ECS:SecurityGroup
  • ECS:Snapshot
Virtual Private Cloud (VPC)
  • VPC:AnycastEIP
  • VPC:CommonBandwidthPackage
  • VPC:DhcpOptionsSet
  • VPC:EIP
  • VPC:EipSegment
  • VPC:FlowLog
  • VPC:HaVip
  • VPC:Ipv6Gateway
  • VPC:NatGateway
  • VPC:NetworkAcl
  • VPC:RouteTable
  • VPC:VPC
  • VPC:VSwitch
ApsaraDB RDS

RDS:DBInstance

Server Load Balancer (SLB)
  • SLB:AccessControl
  • SLB:Certificate
  • SLB:LoadBalancer
Application Load Balancer (ALB)
  • ALB:LoadBalancer
  • ALB:ServerGroup
Auto Scaling
  • ESS:AlarmTask
  • ESS:ScalingGroup
  • ESS:ScheduledTask
Elastic Container Instance
  • ECI:ContainerGroup
  • ECI:ImageCache
ApsaraDB for MongoDB MONGODB:Instance
ApsaraDB for Memcache Memcache:Instance
ApsaraDB for Redis REDIS:Instance
Log Service SLS:Project
Function Compute FC:Service
Container Service for Kubernetes (ACK) CS:Cluster
Apsara File Storage NAS (NAS)
  • NAS:AccessGroup
  • NAS:FileSystem
Object Storage Service (OSS) OSS:Bucket
Operation Orchestration Service (OOS)
  • OOS:Execution
  • OOS:Template
PolarDB POLARDB:DBCluster
PolarDB-X 1.0 DRDS:DrdsInstance
Message Queue for Apache RocketMQ ROCKETMQ:Instance
AnalyticDB for MySQL ADB:DBCluster
Enterprise Distributed Application Service (EDAS)
  • EDAS:Application
  • EDAS:Cluster
E-MapReduce (EMR) EMR:Cluster
Elasticsearch ElasticSearch:Instance
Heaven Ask Engine SearchEngine:Instance
Hybrid Backup Recovery (HBR) HBR:DBVault
Alibaba Cloud DNS PrivateZone PVTZ:Zone
Certificate Management Service CAS:Certificate
Smart Access Gateway (SAG)
  • SAG:ACL
  • SAG:Qos
Alibaba Cloud CDN (CDN) CDN:Domain
Dynamic Route for CDN (DCDN) DCDN:Domain
Alibaba Cloud DNS (DNS) DNS:Domain
Web Application Firewall (WAF) WAF:Domain
Note Resource Orchestration Service (ROS) continues to add resources that can be cleaned up. You can call the GetFeatureDetails operation to obtain the resources that can be cleaned up.

Syntax

{
  "Type": "ALIYUN::ROS::ResourceCleaner",
  "Properties": {
    "Action": String,
    "ResourceFilters": List,
    "Resources": List,
    "Mode": String,
    "FailureOption": String,
    "CleanUpRetryCount": Integer,
    "CleanUpTimeout": Number,
    "ExcludedResources": List,
    "CleanUpAlgorithm": String,
    "ResourceTypeOrder": List,
    "DisabledSideEffects": List
  }
}

Properties

Property Type Required Editable Description Constraint
Action String Yes Yes The operation that is performed by the resource cleaner. Valid values:
  • Scan: scans resources. The system scans resources to retrieve the resources that you want to clean up.
  • CleanUp: cleans up resources. The system cleans up the resources that are retrieved after the scan operation. When you create a resource cleaner, you cannot set the Action property to CleanUp. You can set the Action property to Action only when you update the resource cleaner.
  • Scan+CleanUp: scans resources and cleans up resources.
  • ScanWhenCreatingAndUpdating+CleanUpWhenDeleting: scans resources when you create or update a resource cleaner and cleans up resources when you delete a resource cleaner.
ResourceFilters List No Yes The list of filters.

The resource cleaner uses filters to scan the resources that you want to clean up.

You can specify up to 100 filters.

You can specify the ResourceFilters or Resources property.

If filters are changed when you update a resource cleaner, the resource cleaner restarts the scan operation. In this case, if the Action property is set to CleanUp, the cleanup operation fails to be performed.

The Allow and Deny effects are supported for filters. The following values are valid for the effects. A smaller value indicates a higher priority.
  1. Deny: Resources that match a filter only of the Deny type are retained.
  2. Allow: Resources that match at least a filter only of the Allow type are cleaned up.
For more information, see ResourceFilters properties.
Resources List No Yes The list of resources that you want to clean up. You can specify 1 to 1,000 resources.

You can specify the ResourceFilters or Resources property.

For more information, see Resources properties.

Mode String No Yes The working mode of the resource cleaner. Default value: Loose. Valid values:
  • Strict: A resource scan failure or resource cleanup failure causes the resource cleaner to fail.
  • Loose: A small number of resource scan failures or resource cleanup failures cause the resource cleaner to fail. Most resource scan failures are ignored. You can view the details of the failures in ScanErrors or ResourceDetails of the Outputs section.
FailureOption String No Yes The option to determine whether the dependencies are affected after a resource fails to be cleaned up. Default value: Normal. Valid values:
  • Normal: When a resource fails to be cleaned up, the cleanup operation on the dependencies is not affected.
  • Fast: When a resource fails to be cleaned up, the cleanup operation fails to be performed on the dependencies.
Note The option is supported for the cleanup operation, but not for the creation operation on dependencies.
CleanUpRetryCount Integer No Yes The maximum number of retries for the cleanup operation. Valid values: 1 to 6.

Default value: 1. The value 1 indicates that the cleanup operation is not retried.

When you specify a value other than 1, the cleanup operation is retried if one of the following conditions are met:
  • A resource fails to be cleaned up.
  • A resource cleanup operation times out.
CleanUpTimeout Number No Yes The timeout period that is allowed for the cleanup operation. Valid values: 60 to 14400.

Unit: seconds.

Default value: 3600.

ExcludedResources List No Yes The list of resources to be excluded from the resources that you want to clean up. You can specify 1 to 1000 resources.

The system excludes only one resource based on each list item that you specify. If a list item is mapped to multiple resources, a failure occurs. In this case, you must add more items to the list so that each item is mapped to a resource to eliminate ambiguity.

For more information, see ExcludedResources properties.

CleanUpAlgorithm String No Yes The algorithm that you want to use to clean up resources. Default value: ResourceDependency. Valid values:
  • ResourceDependency: cleans up resources in the order of dependencies.
  • ResourceTypeOrder: cleans up resources in ascending order of resource types. You can use the ResourceTypeOrder property to specify the order of resource types. If you do not specify the ResourceTypeOrder property, resource types are sorted in the default order.
ResourceTypeOrder List No Yes The order in which you want to clean up resource types. You can specify 1 to 1000 resource types.

This property takes effect when you set the CleanUpAlgorithm property to ResourceTypeOrder.

The system does not scan or clean up the resources whose resource types are not specified.

For more information about supported resource types, see Resource types that can be cleaned up.

DisabledSideEffects List No Yes The list of side effects that you want to disable. You can specify 1 to 50 side effects.

The list item can contain letters, digits, and wildcard characters (* and ?). The list item must be 1 to 100 characters in length.

You can use only asterisk (*) and question mark (?) wildcard characters to perform fuzzy match.

The cleanup operation may have side effects for specific resources. You can call the GetFeatureDetails operation to query the side effects.

ResourceFilters syntax

"ResourceFilters": [
  {
    "IncludeDeletionProtection": Boolean,
    "ResourceTypePatterns": List,
    "ResourceIds": List,
    "RegionIds": List,
    "ResourceGroupIds": List,
    "Effect": String,
    "ResourceNamePatterns": List,
    "Tags": List
  }
]

ResourceFilters properties

Property Type Required Editable Description Constraint
IncludeDeletionProtection Boolean No Yes Specifies whether to filter the resources for which deletion protection is enabled. Default value: true. Valid values:
  • false: does not filter the resources for which deletion protection is enabled.
  • true: filters the resources for which deletion protection is enabled.
ResourceTypePatterns List No Yes The list of resource types based on which you want to filter resources. Fuzzy match is supported. For more information about resource types, see Resource types that can be cleaned up. You can specify 1 to 100 resource types.

If the type of a resource matches a specified resource type, the resource is filtered.

You can use only asterisk (*) and question mark (?) wildcard characters to perform fuzzy match.

A list item must be in the Service:Type format. The list item must be 3 to 100 characters in length. The value of Service can contain letters, and wildcard characters (* and ?). The value of Type can contain letters, digits, and wildcard characters (* and ?).

ResourceIds List No Yes The list of resource IDs based on which you want to filter resources. You can specify 1 to 100 resource IDs.

If the ID of a resource matches a specified resource ID, the resource is filtered.

The list item must be 1 to 256 characters in length.

RegionIds List No Yes The list of region IDs based on which you want to filter resources. You can specify 1 to 100 region IDs.

If the region ID of a resource matches a specified region ID, the resource is filtered.

The list item must be 1 to 64 characters in length.

ResourceGroupIds List No Yes The list of resource groups based on which you want to filter resources. You can specify 1 to 100 resource groups.

If the resource group of a resource matches a specified resource group, the resource is filtered.

The list item must be 1 to 256 characters in length.

Effect String No Yes The effect on filtered resources. Valid values:
  • Deny: Resources that match all filters only of the Deny type are retained.
  • Allow: Resources that match all filters only of the Allow type are cleaned up.
    Note If a resource matches filters of the Allow and Deny types, the resource is retained.
ResourceNamePatterns List No Yes The list of resource names based on which you want to filter resources. Fuzzy match is supported. You can specify 1 to 100 resource names.

If the name of a resource matches a specified resource name, the resource is filtered.

You can use only asterisk (*) and question mark (?) wildcard characters to perform fuzzy match.

The resource name can contain only letters, digits, spaces, underscores (_), hyphens (-), and wildcard characters (* and ?).

The list item must be 1 to 100 characters in length.

Tags List No Yes The list of tags based on which you want to filter resources. Custom tags and system tags are supported. You can specify 1 to 100 tags.
The following rules apply:
  • If you specify a tag key and a tag value, a resource whose tag key and tag value match the specified tag key and tag value is filtered.
    Note
    1. If you specify a tag key and multiple tag values, a resource whose tag key matches the specified tag key and whose tag value matches one of the specified tag values is filtered.
    2. If you specify a tag key but do not specify a tag value, a resource whose tag key matches the specified tag key is filtered.
  • If you specify multiple tag keys and tag values, a resource whose tag keys and tag values match the specified tag keys and tag values is filtered.

For more information, see Tags properties.

Tags syntax

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags properties

Property Type Required Editable Description Constraint
Value String No Yes The value of the tag. The tag value can be up to 256 characters in length.
Note Different results are returned if you leave this property empty and if the value is an empty string.
Key String Yes Yes The key of the tag. The tag key must be 1 to 256 characters in length.

Resources syntax

"Resources": [
  {
    "ResourceId": String,
    "ResourceType": String,
    "RegionId": String
  }
]

Resources properties

Property Type Required Editable Description Constraint
ResourceId String Yes Yes The ID of the resource that you want to clean up. The resource ID must be 1 to 256 characters in length.
ResourceType String Yes Yes The resource type that you want to clean up. For more information, see Resource types that can be cleaned up.
RegionId String Yes Yes The region ID of the resource that you want to clean up. The region ID must be 1 to 64 characters in length.

ExcludedResources syntax

"ExcludedResources": [
  {
    "ResourceId": String,
    "ResourceType": String,
    "RegionId": String
  }
]

ExcludedResources properties

Property Type Required Editable Description Constraint
ResourceId String Yes Yes The ID of the resource that you want to exclude. The resource ID must be 1 to 256 characters in length.
ResourceType String No Yes The resource type that you want to exclude. For more information, see Resource types that can be cleaned up.
RegionId String No Yes The region ID of the resource that you want to exclude. The region ID must be 1 to 64 characters in length.

Return values

Fn::GetAtt

  • ResourceDetails: the details of the resources that you want to clean up. The value is a dict that consists of the following fields.
    Field Type Description
    ResourceType String The resource type.
    RegionId String The ID of the region in which the resource is deployed.
    ResourceId String The ID of the resource.
    ResourceName String The prefix of the resource name.
    CleanupType String The cleanup type of the resource. Valid values:
    • Normal: The resource is cleaned up as expected.
    • DeleteWithInstance: When the resource is cleaned up, the dependencies of the resource are cleaned up. If the dependencies are filtered or excluded, the cleanup operation may fail. For more information, see "CleanupTypeReasons" of this topic.
    • UnableToDelete: The resource cannot be cleaned up. For more information, see "CleanupTypeReasons" of this topic.
    CleanupTypeReasons List The list of reasons for cleanup types.
    ResourceStatus String The state of the resource. Valid values:
    • Deleting: The resource is being cleaned up.
    • Failure: The resource fails to be cleaned up.
    • Success: The resource is cleaned up.
    • Skipped: The resource is excluded from the cleanup operation.
    • Pending: The resource is pending to be cleaned up.
    ResourceStatusReason String The reason why the resource is in the state.
    Dependencies List The dependencies of the resource. The value is a dict that consists of the following fields:
    • ResourceType: the resource type of the dependency.
    • RegionId: the region ID of the dependency.
    • ResourceId: the ID of the dependency.
  • ResourcePartialDetails: a simplified version of ResourceDetails. ResourcePartialDetails consists only of the ResourceType, RegionId, ResourceId, ResourceName, ResourceStatus, and ResourceStatusReason fields.
  • NoCleanupResourceDetails: the details of resources that are scanned but are not cleaned up. The format is the same as the format of the value of the ResourceDetails property.
  • NoCleanupResourcePartialDetails: a simplified version of NoCleanupResourceDetails. NoCleanupResourcePartialDetails consists only of the ResourceType, RegionId, ResourceId, ResourceName, ResourceStatus, and ResourceStatusReason fields.
  • ResourceSummary: the details of the resources that you want to clean up. The value is a dict that consists of the following fields.
    Field Type Description
    ResourceType String The resource type.
    DeletingCount Integer The number of resources that are being cleaned up.
    SuccessCount Integer The number of resources that are cleaned up.
    FailureCount Integer The number of resources that fail to be cleaned up.
    SkippedCount Integer The number of resources that are excluded from the cleanup operation.
    PendingCount Integer The number of resources that are pending to be cleaned up.
    OtherCount Integer The number of other types of resources.
    TotalCount Integer The total number of resources.
  • ScanErrors: the errors occur during the scan operation. This field is returned only if the Mode parameter is set to Loose. The value is a dict that consists of the following fields.
    Field Type Description
    ResourceType String The resource type.
    RegionId String The ID of the region.
    ErrorMessage String The error message returned after the region and resource type are scanned.
  • CleanResult: The result of the cleanup operation. Valid values:
    • Success: All resources are cleaned up.
    • ResourceFailure: Specific resources fail to be cleaned up.
    • Timeout: The cleanup operation times out.
    • CheckFailure: A precheck failure occurs during the cleanup operation.
    • UnknownFailure: An unknown error occurs.
    • UserCancelled: The cleanup operation is canceled by you.
    • None: The cleanup operation is not triggered.

Examples

  • YAMLformat

    ROSTemplateFormatVersion: '2015-09-01'
    Parameters: {}
    Resources:
      ResourceCleaner:
        Type: ALIYUN::ROS::ResourceCleaner
        Properties:
          FailureOption: Normal
          Action: Scan
          ResourceFilters:
            - ResourceIds:
                - i-bp1h09ipy0atb4kq****
          CleanUpRetryCount: 1
          CleanUpTimeout: 3600
          ExcludedResources:
            - ResourceId: i-bp1h09ipy0atb4kq****
              ResourceType: ECS:Instance
    Outputs: {}
  • JSONformat

    {
      "ROSTemplateFormatVersion": "2015-09-01",
      "Parameters": {
      },
      "Resources": {
        "ResourceCleaner": {
          "Type": "ALIYUN::ROS::ResourceCleaner",
          "Properties": {
            "FailureOption": "Normal",
            "Action": "Scan",
            "ResourceFilters": [
              {
                "ResourceIds": [
                  "i-bp1h09ipy0atb4kq****"
                ]
              }
            ],
            "CleanUpRetryCount": 1,
            "CleanUpTimeout": 3600,
            "ExcludedResources": [
              {
                "ResourceId": "i-bp1h09ipy0atb4kq****",
                "ResourceType": "ECS:Instance"
              }
            ]
          }
        }
      },
      "Outputs": {
      }
    }