All Products
Search
Document Center

Resource Orchestration Service:ALIYUN::ROS::ResourceCleaner

Last Updated:Oct 31, 2024

ALIYUN::ROS::ResourceCleaner is used to create a resource cleaner.

Resource types that can be cleaned up

Note

Resource Orchestration Service (ROS) continues to support more resource types that can be cleaned up. You can call the GetFeatureDetails operation to query resources that can be cleaned up.

Alibaba Cloud service

Resource type

Application Configuration Management

ACM:Namespace

ActionTrail

ACTIONTRAIL:Trail

Application Load Balancer (ALB)

  • ALB:Acl

  • ALB:HealthCheckTemplate

  • ALB:LoadBalancer

  • ALB:SecurityPolicy

  • ALB:ServerGroup

API Gateway

  • ApiGateway:App

  • ApiGateway:Group

  • ApiGateway:Instance

  • ApiGateway:LogConfig

  • ApiGateway:Plugin

  • ApiGateway:Signature

  • ApiGateway:TrafficControl

Application Real-Time Monitoring Service (ARMS)

  • ARMS:AlertContact

  • ARMS:AlertContactGroup

  • ARMS:RetcodeApp

Service Mesh (ASM)

ASM:ServiceMesh

Certificate Management Service

CAS:Certificate

ApsaraDB MyBase

CDDC:DedicatedHostGroup

Alibaba Cloud CDN (CDN)

CDN:Domain

ApsaraDB for ClickHouse

ClickHouse:DBCluster

Elastic Cloud Phone (ECP)

CloudPhone:InstanceGroup

CloudMonitor

  • CMS:Contact

  • CMS:ContactGroup

  • CMS:MetricRuleTemplate

  • CMS:MonitorGroup

  • CMS:SiteMonitor

Container Service for Kubernetes (ACK)

CS:Cluster

Container Registry

CR:Instance

DataHub

DATAHUB:Project

Dynamic Route for CDN (DCDN)

DCDN:Domain

Apsara File Storage for HDFS

  • DFS:AccessGroup

  • DFS:FileSystem

Direct Mail

  • DirectMail:Domain

  • DirectMail:Ipfilter

Alibaba Cloud DNS (DNS)

  • DNS:Domain

  • DNS:DomainGroup

PolarDB-X 1.0

DRDS:DrdsInstance

Elastic Container Instance

  • ECI:ContainerGroup

  • ECI:ImageCache

Elastic Compute Service (ECS)

  • ECS:AutoProvisioningGroup

  • ECS:AutoSnapshotPolicy

  • ECS:Command

  • ECS:CustomImage

  • ECS:DedicatedHost

  • ECS:DeploymentSet

  • ECS:Disk

  • ECS:HpcCluster

  • ECS:Instance

  • ECS:LaunchTemplate

  • ECS:NetworkInterface

  • ECS:PrefixList

  • ECS:SSHKeyPair

  • ECS:SecurityGroup

  • ECS:Snapshot

Virtual Private Cloud (VPC)

  • VPC:AnycastEIP

  • VPC:CommonBandwidthPackage

  • VPC:DhcpOptionsSet

  • VPC:EIP

  • VPC:EipSegment

  • VPC:FlowLog

  • VPC:HaVip

  • VPC:Ipv6Gateway

  • VPC:NatGateway

  • VPC:NetworkAcl

  • VPC:RouteTable

  • VPC:VPC

  • VPC:VSwitch

Resource Access Management (RAM)

  • RAM:Group

  • RAM:ManagedPolicy

  • RAM:Role

  • RAM:SAMLProvider

  • RAM:User

ApsaraDB RDS

RDS:DBInstance

ROS

ROS:Template

Server Load Balancer (SLB)

  • SLB:AccessControl

  • SLB:Certificate

  • SLB:LoadBalancer

Edge Node Service (ENS)

ENS:Instance

Auto Scaling

  • ESS:AlarmTask

  • ESS:ScalingGroup

  • ESS:ScheduledTask

Elastic Container Instance

  • ECI:ContainerGroup

  • ECI:ImageCache

Serverless Workflow (SWF)

FNF:Flow

AnalyticDB for PostgreSQL

GPDB:DBInstance

Key Management Service (KMS)

  • KMS:Key

  • KMS:Secret

ApsaraMQ for Kafka

KAFKA:Instance

ApsaraDB for MongoDB

MONGODB:Instance

ApsaraDB for Memcache (OCS)

Memcache:Instance

Microservices Engine (MSE)

  • MSE:Cluster

  • MSE:Gateway

Message Service (MNS)

  • MNS:Topic

  • MNS:Queue

ApsaraDB for Redis

REDIS:Instance

Log Service

SLS:Project

Function Compute

FC:Service

File Storage NAS (NAS)

  • NAS:AccessGroup

  • NAS:FileSystem

Network Load Balancer (NLB)

  • NLB:LoadBalancer

  • NLB:ServerGroup

Tablestore

OTS:Instance

Object Storage Service (OSS)

OSS:Bucket

CloudOps Orchestration Service (OOS)

  • OOS:Execution

  • OOS:Template

  • OOS:PatchBaseline

  • OOS:Parameter

  • OOS:SecretParameter

PolarDB

POLARDB:DBCluster

PrivateLink

  • PrivateLink:VpcEndpoint

  • PrivateLink:VpcEndpointService

PolarDB-X 1.0

DRDS:DrdsInstance

ApsaraMQ for RocketMQ

ROCKETMQ:Instance

AnalyticDB for MySQL

ADB:DBCluster

Enterprise Distributed Application Service (EDAS)

  • EDAS:Application

  • EDAS:Cluster

E-MapReduce (EMR)

EMR:Cluster

Elasticsearch

ElasticSearch:Instance

Hybrid Backup Recovery (HBR)

HBR:DBVault

Alibaba Cloud DNS PrivateZone

PVTZ:Zone

Serverless App Engine (SAE)

  • SAE:Application

  • SAE:Namespace

Smart Access Gateway (SAG)

  • SAG:ACL

  • SAG:Qos

Time Series Database (TSDB)

TSDB:HiTSDBInstance

Web Application Firewall (WAF)

WAF:Domain

Syntax

{
  "Type": "ALIYUN::ROS::ResourceCleaner",
  "Properties": {
    "Action": String,
    "ResourceFilters": List,
    "Resources": List,
    "Mode": String,
    "FailureOption": String,
    "CleanUpRetryCount": Integer,
    "CleanUpTimeout": Number,
    "ExcludedResources": List,
    "CleanUpAlgorithm": String,
    "ResourceTypeOrder": List,
    "DisabledSideEffects": List
  }
}

Properties

Property

Type

Required

Editable

Description

Constraint

Action

String

Yes

Yes

The operation that is performed by the resource cleaner.

Valid values:

  • Scan: scans resources to retrieve the resources that you want to clean up.

  • CleanUp: cleans up the resources that are retrieved after the scan operation. When you create a resource cleaner, you cannot set Action to CleanUp. You can set Action to Action only when you update a resource cleaner.

  • Scan+CleanUp: scans resources and cleans up resources.

  • ScanWhenCreatingAndUpdating+CleanUpWhenDeleting: scans resources when you create or update a resource cleaner and cleans up resources when you delete a resource cleaner.

ResourceFilters

List

No

Yes

The list of filters.

The resource cleaner uses filters to scan the resources that you want to clean up.

You can specify up to 100 filters.

You can specify only one of ResourceFilters and Resources.

If filters are changed when you update a resource cleaner, the resource cleaner restarts the scan operation. In this case, if Action is set to CleanUp, the cleanup operation fails.

The Allow and Deny effects are supported for filters. The following values are valid for the effects. A smaller value indicates a higher priority.

  1. Resources that match a filter only of the Deny type are retained.

  2. Resources that match at least a filter only of the Allow type are cleaned up.

For more information, see ResourceFilters properties.

Resources

List

No

Yes

The list of resources that you want to clean up.

You can specify 1 to 1,000 resources.

You can specify only one of ResourceFilters and Resources.

For more information, see Resources properties.

Mode

String

No

Yes

The working mode of the resource cleaner.

Valid values:

  • Strict: A resource scan failure or resource cleanup failure causes the resource cleaner to fail.

  • Loose (default): A small number of resource scan failures or resource cleanup failures cause the resource cleaner to fail. Most scan failures are ignored. You can view the details of the failures in ScanErrors or ResourceDetails of the Outputs section. Most cleanup failures are ignored. You can view the details of the failures in ResourceDetails of the Outputs section.

FailureOption

String

No

Yes

The option to determine whether the dependencies are affected when a resource fails to be cleaned up.

Valid values:

  • Normal (default): When a resource fails to be cleaned up, the cleanup operation on the dependencies is not affected.

  • Fast: When a resource fails to be cleaned up, the cleanup operation fails to be performed on the dependencies.

Note

The option is supported for the cleanup operation, but not for the creation operation on dependencies.

CleanUpRetryCount

Integer

No

Yes

The maximum number of retries that are allowed for a failed cleanup.

Valid values: 1 to 6.

Default value: 1. A value of 1 specifies that the cleanup operation is not retried.

When you specify a value other than 1, the cleanup operation is retried if one of the following conditions are met:

  • A resource fails to be cleaned up.

  • A resource cleanup operation times out.

CleanUpTimeout

Number

No

Yes

The timeout period that is allowed for the cleanup operation.

Valid values: 60 to 14400.

Unit: seconds.

Default value: 3600.

ExcludedResources

List

No

Yes

The list of resources to be excluded from the resources that you want to clean up.

You can specify 1 to 1000 resources.

The system excludes only one resource based on each list item that you specify. If a list item is mapped to multiple resources, a failure occurs. In this case, you must specify more properties for the list item to eliminate ambiguity.

For more information, see ExcludedResources properties.

CleanUpAlgorithm

String

No

Yes

The algorithm that you want to use to clean up resources.

Valid values:

  • ResourceDependency (default): cleans up resources in the order of dependencies.

  • ResourceTypeOrder: cleans up resources in ascending order of resource types. You can use ResourceTypeOrder to specify the order of resource types. If you leave ResourceTypeOrder empty, all supported resource types are sorted in the default order.

ResourceTypeOrder

List

No

Yes

The order in which you want to clean up resource types.

You can specify 1 to 1000 resource types.

This property takes effect when CleanUpAlgorithm is set to ResourceTypeOrder.

The system does not scan or clean up the resources whose resource types are not specified.

For more information about supported resource types, see the Resource types that can be cleaned up section of this topic.

DisabledSideEffects

List

No

Yes

The list of side effects that you want to disable.

You can specify 1 to 50 side effects.

The list item can contain letters, digits, and wildcard characters (* and ?). The list item must be 1 to 100 characters in length.

You can use only asterisks (*) and question marks (?) as wildcard characters to perform fuzzy match.

The cleanup operation may have side effects for specific resources. You can call the GetFeatureDetails operation to query the side effects.

ResourceFilters syntax

"ResourceFilters": [
  {
    "IncludeDeletionProtection": Boolean,
    "ResourceTypePatterns": List,
    "ResourceIds": List,
    "RegionIds": List,
    "ResourceGroupIds": List,
    "Effect": String,
    "ResourceNamePatterns": List,
    "Tags": List
  }
]

ResourceFilters properties

Property

Type

Required

Editable

Description

Constraint

IncludeDeletionProtection

Boolean

No

Yes

Specifies whether to filter the resources for which deletion protection is enabled.

Valid values:

  • false

  • true (default)

ResourceTypePatterns

List

No

Yes

The list of resource types based on which you want to filter resources. Fuzzy match is supported. For more information about resource types, see the Resource types that can be cleaned up section of this topic.

You can specify 1 to 100 resource types.

If the resource type of the resource matches a specified resource type, the resource is filtered.

You can use only asterisks (*) and question marks (?) as wildcard characters to perform fuzzy match.

A list item must be in the Service:Type format. The list item must be 3 to 100 characters in length. The value of Service can contain letters and wildcard characters (* and ?). The value of Type can contain letters, digits, and wildcard characters (* and ?).

ResourceIds

List

No

Yes

The list of resource IDs based on which you want to filter resources.

You can specify 1 to 100 resource IDs.

If the ID of a resource matches a specified resource ID, the resource is filtered.

The list item must be 1 to 256 characters in length.

RegionIds

List

No

Yes

The list of region IDs based on which you want to filter resources.

You can specify 1 to 100 region IDs.

If the region ID of a resource matches a specified region ID, the resource is filtered.

The list item must be 1 to 64 characters in length.

ResourceGroupIds

List

No

Yes

The list of resource groups based on which you want to filter resources.

You can specify 1 to 100 resource groups.

If the resource group of a resource matches a specified resource group, the resource is filtered.

The list item must be 1 to 256 characters in length.

Effect

String

No

Yes

The effect on filtered resources.

Valid values:

  • Deny: Resources that match all filters only of the Deny type are retained.

  • Allow: Resources that match all filters only of the Allow type are cleaned up.

    Note

    If a resource matches filters of the Allow and Deny types, the resource is retained.

ResourceNamePatterns

List

No

Yes

The list of resource names based on which you want to filter resources. Fuzzy match is supported.

You can specify 1 to 100 resource names.

If the name of a resource matches a specified resource name, the resource is filtered.

You can use only asterisks (*) and question marks (?) as wildcard characters to perform fuzzy match.

The resource name can contain only letters, digits, spaces, underscores (_), hyphens (-), and wildcard characters (* and ?).

The list item must be 1 to 100 characters in length.

Tags

List

No

Yes

The list of tags based on which you want to filter resources. Custom tags and system tags are supported.

You can specify 1 to 100 tags.

The following rules apply:

  • If you specify a tag key and a tag value, a resource whose tag key and tag value match the specified tag key and tag value is filtered.

    Note
    1. If you specify a tag key and multiple tag values, a resource whose tag key matches the specified tag key and whose tag value matches one of the specified tag values is filtered.

    2. If you specify a tag key but do not specify a tag value, a resource whose tag key matches the specified tag key is filtered.

  • If you specify multiple tag keys and tag values, a resource whose tag keys and tag values match the specified tag keys and tag values is filtered.

For more information, see Tags properties.

Tags syntax

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags properties

Property

Type

Required

Editable

Description

Constraint

Value

String

No

Yes

The value of the tag.

The tag value can be up to 256 characters in length.

Note

Different results are returned if you leave this property empty and if the value is an empty string.

Key

String

Yes

Yes

The key of the tag.

The tag key must be 1 to 256 characters in length.

Resources syntax

"Resources": [
  {
    "ResourceId": String,
    "ResourceType": String,
    "RegionId": String
  }
]

Resources properties

Property

Type

Required

Editable

Description

Constraint

ResourceId

String

Yes

Yes

The ID of the resource that you want to clean up.

The resource ID must be 1 to 256 characters in length.

ResourceType

String

Yes

Yes

The resource type of the resource that you want to clean up.

For more information, see the Resource types that can be cleaned up section of this topic.

RegionId

String

Yes

Yes

The region ID of the resource that you want to clean up.

The region ID must be 1 to 64 characters in length.

ExcludedResources syntax

"ExcludedResources": [
  {
    "ResourceId": String,
    "ResourceType": String,
    "RegionId": String
  }
]

ExcludedResources properties

Property

Type

Required

Editable

Description

Constraint

ResourceId

String

Yes

Yes

The ID of the resource that you want to exclude.

The resource ID must be 1 to 256 characters in length.

ResourceType

String

No

Yes

The resource type of the resource that you want to exclude.

For more information, see the Resource types that can be cleaned up section of this topic.

RegionId

String

No

Yes

The region ID of the resource that you want to exclude.

The region ID must be 1 to 64 characters in length.

Return values

Fn::GetAtt

  • ResourceDetails: details of the resources that you want to clean up. The value is a dict that consists of the following fields.

    Field

    Type

    Description

    ResourceType

    String

    The resource type.

    RegionId

    String

    The region ID of the resource.

    ResourceId

    String

    The resource ID.

    ResourceName

    String

    The resource name.

    CleanupType

    String

    The cleanup type of the resource. Valid values:

    • Normal: The resource is cleaned up as expected.

    • DeleteWithInstance: When the resource is cleaned up, the dependencies of the resource are cleaned up. If the dependencies are filtered or excluded, the cleanup operation may fail. For more information, see the "CleanupTypeReasons" field of this topic.

    • UnableToDelete: The resource cannot be cleaned up. For more information, see the "CleanupTypeReasons" field of this topic.

    CleanupTypeReasons

    List

    The list of reasons for cleanup types.

    ResourceStatus

    String

    The state of the resource. Valid values:

    • Deleting: The resource is being cleaned up.

    • Failure: The resource fails to be cleaned up.

    • Success: The resource is cleaned up.

    • Skipped: The resource is excluded from the cleanup operation.

    • Pending: The resource is pending to be cleaned up.

    ResourceStatusReason

    String

    The reason why the resource is in the current state.

    Dependencies

    List

    The dependencies of the resource. The value is a dict that consists of the following fields:

    • ResourceType: the resource type of the dependency.

    • RegionId: the region ID of the dependency.

    • ResourceId: the dependency ID.

  • ResourcePartialDetails: a simplified version of ResourceDetails. ResourcePartialDetails consists only of the ResourceType, RegionId, ResourceId, ResourceName, ResourceStatus, and ResourceStatusReason fields.

  • NoCleanupResourceDetails: details of resources that are scanned but are not cleaned up. The value format is the same as the value format of ResourceDetails.

  • NoCleanupResourcePartialDetails: a simplified version of NoCleanupResourceDetails. NoCleanupResourcePartialDetails consists only of the ResourceType, RegionId, ResourceId, ResourceName, ResourceStatus, and ResourceStatusReason fields.

  • ResourceSummary: the summary of the resources that you want to clean up. The value is a dict that consists of the following fields.

    Field

    Type

    Description

    ResourceType

    String

    The resource type.

    DeletingCount

    Integer

    The number of resources that are being cleaned up.

    SuccessCount

    Integer

    The number of resources that are cleaned up.

    FailureCount

    Integer

    The number of resources that fail to be cleaned up.

    SkippedCount

    Integer

    The number of resources that are excluded from the cleanup operation.

    PendingCount

    Integer

    The number of resources that are pending to be cleaned up.

    OtherCount

    Integer

    The number of resources that are not in the preceding types of states.

    TotalCount

    Integer

    The total number of resources.

  • ScanErrors: the errors occur during the scan operation. This field is returned only if Mode is set to Loose. The value is a dict that consists of the following fields.

    Field

    Type

    Description

    ResourceType

    String

    The resource type.

    RegionId

    String

    The region ID.

    ErrorMessage

    String

    The error message returned after the region and resource type are scanned.

  • CleanResult: The result of the cleanup operation. Valid values:

    • Success: All resources are cleaned up.

    • ResourceFailure: Specific resources fail to be cleaned up.

    • Timeout: The cleanup operation times out.

    • CheckFailure: A precheck failure occurs during the cleanup operation.

    • UnknownFailure: An unknown error occurs.

    • UserCancelled: The cleanup operation is canceled by you.

    • None: The cleanup operation is not triggered.

Examples

  • YAML format

    ROSTemplateFormatVersion: '2015-09-01'
    Parameters: {}
    Resources:
      ResourceCleaner:
        Type: ALIYUN::ROS::ResourceCleaner
        Properties:
          FailureOption: Normal
          Action: Scan
          ResourceFilters:
            - ResourceIds:
                - i-bp1h09ipy0atb4kq****
          CleanUpRetryCount: 1
          CleanUpTimeout: 3600
          ExcludedResources:
            - ResourceId: i-bp1h09ipy0atb4kq****
              ResourceType: ECS:Instance
    Outputs: {}
  • JSON format

    {
      "ROSTemplateFormatVersion": "2015-09-01",
      "Parameters": {
      },
      "Resources": {
        "ResourceCleaner": {
          "Type": "ALIYUN::ROS::ResourceCleaner",
          "Properties": {
            "FailureOption": "Normal",
            "Action": "Scan",
            "ResourceFilters": [
              {
                "ResourceIds": [
                  "i-bp1h09ipy0atb4kq****"
                ]
              }
            ],
            "CleanUpRetryCount": 1,
            "CleanUpTimeout": 3600,
            "ExcludedResources": [
              {
                "ResourceId": "i-bp1h09ipy0atb4kq****",
                "ResourceType": "ECS:Instance"
              }
            ]
          }
        }
      },
      "Outputs": {
      }
    }