Deleting resources with Idem#
To have Idem remove a resource, apply states that make use of the absent directive.
Prerequisites#
- Connect Idem to the host environment and set up authentication. See Connecting Idem to providers and Authenticating Idem with providers.
- Be familiar with the resources, resource types, and attributes from the API of your provider.
Describing resources#
With Idem, removing resources is similar to creating them as described in Creating or updating resources with Idem.
You begin with SLS file content that describes the existing resources, which can be generated with the Idem describe command, be hand written, or be assembled by combining the two approaches. The file should include resource data that follows this pattern:
state-name:
plug-in.resource.type.absent:
- attribute1: xxxxxxxx
- attribute2: xxxxxxxx
- attribute3: xxxxxxxx
Where:
state-name |
Unique identifier for this resource state |
plug-in |
The provider environment from your credentials file |
resource |
A supported resource for your plug-in, from the provider API |
type |
The supported resource type, from the provider API |
absent |
The directive to remove the resource |
For example:
instance-idem-test:
aws.ec2.instance.absent:
- resource_id: 'i-0e5716c94c7265b59'
In the preceding example, you could have just removed some attributes, but you chose to remove the resource ID, which deletes the EC2 instance and, by association, all attributes. You don’t need to separately list the attributes like you did when creating the instance.
Although the example shows one state, a single SLS file may contain many states in order to fully manage a large group of resources.
Testing and running the state command#
To test the delete action without making real deletions, use the same Idem state and --test command as you would when creating.
idem state path-to-state-file/my-resource-group.sls --test
The command output gives you a report on what would be removed.
To actually apply the delete action, remove the --test argument.
idem state path-to-state-file/my-resource-group.sls
The command output gives you a report on what was actually removed.
Rerunning the state command#
If you were to immediately rerun the same state command, nothing additional would be removed. On the other hand, if resources had been restored by a third party, rerunning the command would remove them again.
Note
A single SLS file can include both absent and present operations, so one file and command can establish resources that you want to exist or not exist.
In addition, you can run an idem state command with the --invert option, which creates what would normally be removed with absent, and vice versa.