Abstract
A tool to remove all resources in an AWS Account automatically without manually clicking countless buttons
Refer to Github Repo for more details
Always double check what resources that AWS Nuke aren't able to remove
- There are a few resources that require manual removal like AWS Network Firewall
Setup Checklist:
AWS Account Setting
We need to create Account Alias in order to start using aws-nuke
AWS Nuke Configuration File
We are using a .yml to configure the behaviour of aws-nuke
Example 1: Remove all
regions:
- "ap-southeast-1"
account-blocklist:
- 1234567890
accounts:
"<YOUR_ACCOUNT_NUMBER>": {}Yaml Syntax
Make sure there is a space between
:and{}
Example 2: Filter resources
Prevent some resources from be removed
# Achieve this: ap-southeast-1 - ACMCertificate - arn:aws:acm:ap-southeast-1:106330972960:certificate/5212c31a-94f1-4dc9-80a8-b72d8d6b2054 - [DomainName: "vault.yxy.ninja"] - filtered by config
regions:
- "ap-southeast-1"
account-blocklist:
- 1234567890
accounts:
"<YOUR_ACCOUNT_NUMBER>":
filters:
ACMCertificate:
- "arn:aws:acm:ap-southeast-1:106330972960:certificate/5212c31a-94f1-4dc9-80a8-b72d8d6b2054"Run in Docker
Pass in the AWS Nuke Configuration File & AWS Credentials to the container using Docker Volume
docker run \
--rm -it \
-v <ABSOLUTE_PATH_TO_CONFIG.YAML>:/home/aws-nuke/config.yml \
-v <ABSOLUTE_PATH_TO_.aws>:/home/aws-nuke/.aws \
rebuy/aws-nuke:latest \
--profile <YOUR_AWS_PROFILE> \
--config /home/aws-nuke/config.yml