Stack Retention Disabled
- Query id: 6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97
- Query name: Stack Retention Disabled
- Platform: Terraform
- Severity: Medium
- Category: Backup
- CWE: 404
- URL: Github
Description¶
Make sure that retain_stack is enabled to keep the Stack and it's associated resources during resource destruction
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_cloudformation_stack_set_instance" "positive1" {
account_id = "123456789012"
region = "us-east-1"
stack_set_name = aws_cloudformation_stack_set.example.name
retain_stack = false
}
resource "aws_cloudformation_stack_set_instance" "positive2" {
account_id = "123456789012"
region = "us-east-1"
stack_set_name = aws_cloudformation_stack_set.example.name
}