chore: update CloudFormation templates to include DeletionPolicy and UpdateReplacePolicy for resource management, adjust logging format, and correct condition for production stage

sliedig · sliedig · commit 2cd914c8a3bd · 2025-06-01T12:42:38.000+08:00
diff --git a/Unicorn.Properties/template.yaml b/Unicorn.Properties/template.yaml
@@ -73,13 +73,17 @@ Resources:
   # Services share their event bus name and arn
   UnicornPropertiesEventBusNameParam:
     Type: AWS::SSM::Parameter
+    DeletionPolicy: Delete
+    UpdateReplacePolicy: Delete
     Properties:
       Type: String
       Name: !Sub /uni-prop/${Stage}/UnicornPropertiesEventBus
       Value: !GetAtt UnicornPropertiesEventBus.Name
 
   UnicornPropertiesEventBusArnParam:
     Type: AWS::SSM::Parameter
+    DeletionPolicy: Delete
+    UpdateReplacePolicy: Delete
     Properties:
       Type: String
       Name: !Sub /uni-prop/${Stage}/UnicornPropertiesEventBusArn
@@ -197,6 +201,8 @@ Resources:
   #### STATE MACHINE
   ApprovalStateMachine:
     Type: AWS::Serverless::StateMachine
+    DeletionPolicy: Delete
+    UpdateReplacePolicy: Delete
     Properties:
       Name: !Sub "${AWS::StackName}-ApprovalStateMachine"
       DefinitionUri: ./StateMachine/PropertyApproval.asl.yaml
@@ -326,12 +332,16 @@ Resources:
   # Event bus for Unicorn Properties Service, used to publish and consume events
   UnicornPropertiesEventBus:
     Type: AWS::Events::EventBus
+    DeletionPolicy: Delete
+    UpdateReplacePolicy: Delete
     Properties:
       Name: !Sub UnicornPropertiesBus-${Stage}
 
   # Event bus policy to restrict who can publish events (should only be services from UnicornPropertiesNamespace)
   UnicornPropertiesEventsBusPublishPolicy:
     Type: AWS::Events::EventBusPolicy
+    DeletionPolicy: Delete
+    UpdateReplacePolicy: Delete
     Properties:
       EventBusName: !Ref UnicornPropertiesEventBus
       StatementId: !Sub OnlyPropertiesServiceCanPublishToEventBus-${Stage}
@@ -350,6 +360,8 @@ Resources:
   # Catchall rule used for development purposes. Logs all events matching any of the services to CloudWatch Logs
   UnicornPropertiesCatchAllRule:
     Type: AWS::Events::Rule
+    DeletionPolicy: Delete
+    UpdateReplacePolicy: Delete
     Properties:
       Name: properties.catchall
       Description: Catchall rule used for development purposes.
diff --git a/Unicorn.Web/template.yaml b/Unicorn.Web/template.yaml
@@ -14,6 +14,7 @@ Metadata:
         - ES6000 # Rule disabled because SQS DLQs don't need a RedrivePolicy
         - WS2001 # Rule disabled because check does not support !ToJsonString transform
         - ES1001 # Rule disabled because our Lambda functions don't need DestinationConfig.OnFailure
+        - W3002  # Rule disabled as nested templates are being packaged 
         - W3002  # Rule disabled as nested templates are being packaged
         - E3030  # Rule disabled due to using cfn-lint-serverless rules v0.3
 
@@ -39,7 +40,7 @@ Mappings:
       Value: "AWS Serverless Developer Experience"
 
 Conditions:
-  IsProd: !Equals [!Ref Stage, Prod]
+  IsProd: !Equals [!Ref Stage, prod]
 
 Globals:
   Api:
@@ -183,24 +184,13 @@ Resources:
         - MetricsEnabled: true
           ResourcePath: /*
           HttpMethod: "*"
-          LoggingLevel: !If
-            - IsProd
-            - ERROR
-            - INFO
+          LoggingLevel: !If [IsProd, ERROR, INFO]
           ThrottlingBurstLimit: 10
           ThrottlingRateLimit: 100
       AccessLogSetting:
         DestinationArn: !GetAtt UnicornWebApiLogGroup.Arn
-        Format: !Join
-          - ""
-          - - '{"requestId":"$context.requestId",'
-            - '"integration-error":"$context.integration.error",'
-            - '"integration-status":"$context.integration.status",'
-            - '"integration-latency":"$context.integration.latency",'
-            - '"integration-requestId":"$context.integration.requestId",'
-            - '"integration-integrationStatus":"$context.integration.integrationStatus",'
-            - '"response-latency":"$context.responseLatency",'
-            - '"status":"$context.status"}'
+        Format: >
+          {"requestId": $context.requestId, "integration-error": $context.integration.error, "integration-status": $context.integration.status, "integration-latency": $context.integration.latency, "integration-requestId": $context.integration.requestId, "integration-integrationStatus": $context.integration.integrationStatus, "response-latency": $context.responseLatency, "status": $context.status}
       DefinitionBody: !Transform
         Name: "AWS::Include"
         Parameters:
@@ -445,23 +435,23 @@ Resources:
         Stage: !Ref Stage
 
   # CloudFormation Stack with the Cross-service EventBus Rules for Web Service
-  # SubscriptionsStack:
-  #   Type: AWS::Serverless::Application
-  #   UpdateReplacePolicy: Delete
-  #   DeletionPolicy: Delete
-  #   DependsOn:
-  #     - UnicornWebEventBusArnParam
-  #   Properties:
-  #     Location: "Integration/subscriptions.yaml"
-  #     Parameters:
-  #       Stage: !Ref Stage
+  SubscriptionsStack:
+    Type: AWS::Serverless::Application
+    UpdateReplacePolicy: Delete
+    DeletionPolicy: Delete
+    DependsOn:
+      - UnicornWebEventBusArnParam
+    Properties:
+      Location: "Integration/subscriptions.yaml"
+      Parameters:
+        Stage: !Ref Stage
 
 Outputs:
   #### API GATEWAY OUTPUTS
   BaseUrl:
     Description: Web service API endpoint
     Value: !Sub "https://${UnicornWebApi}.execute-api.${AWS::Region}.${AWS::URLSuffix}"
-  UnicornWebRestApiUrl:
+  UnicornWebApiUrl:
     Description: Web service API endpoint
     Value: !Sub "https://${UnicornWebApi}.execute-api.${AWS::Region}.${AWS::URLSuffix}/${Stage}/"
 
