Recently, I had the task of deleting all the resources in my AWS account, as they were not being used and were generating unwanted bills. With close to 50 different resources spread across various regions, the manual deletion process would have taken hours.
To streamline this, I discovered a helpful open-source tool called “Cloud-Nuke” that allows you to delete all resources in one go without manual intervention.
Installation
Windows :
Download the latest binary for your OS on the releases page
Move the binary to a folder on your PATH. E.g.: mv cloud-nuke_darwin_amd64 /usr/local/bin/cloud-nuke
Add execute permissions to the binary. E.g.: chmod u+x /usr/local/bin/cloud-nuke
Linux/MacOs:
Install using package manager — : brew install cloud-nuke
To test the installation — : cloud-nuke --help
Setting Credentials
Set the credentials of a user with “Admin” privileges as it is necessary to destroy the resources.
export AWS_ACCESS_KEY_ID="ASIAXZXA2NEZM"
export AWS_SECRET_ACCESS_KEY="5bPGiXSbDkdQSmeRDcVgEV/dMlMbL"
export AWS_SESSION_TOKEN="IQoJb3JpZ2luX2VjECmFwLXNvduScbHJr8cK"
Generate your user credentials from the IAM console and export them in the terminal.
Implementation
With the setup ready, let’s explore some commands for deleting AWS infrastructure.
Caution⚠️ : Be certain while using Cloud-Nuke, as it will irreversibly delete all resources.
Display available commands and get additional help
cloud-nuke --help
This will show the available commands and additional help to use cloud-nuke.
- Destroy all resources (with confirmation prompt)
cloud-nuke aws
This is the command that will check all the resources in the account and destroy everything. Also, it will ask for confirmation before nuking.
- Check resources without deletion
cloud-nuke aws --dry-run
This command will only check the resources in your account and list them for you on the terminal.
- Delete resources in a specific region (e.g., ap-south-1)
cloud-nuke aws --region ap-south-1
In the previous command , it search and delete the resources in all the region, but if you want to delete resources in a particular region then you can use this command.
- List resource types that will be checked and deleted
cloud-nuke aws --list-resource-types
If you want to know which resources will be checked and deleted by cloud-nuke, this is the command to go with.
- Exclude specific regions from deletion (e.g., us-east-1, us-east-2)
cloud-nuke aws --exclude-region us-east-1 --exclude-region us-east-2
If you want to exclude any particular region from nuking, you can use the — exclude-region attribute.
Note: Be cautious while deleting VPC resources due to potential dependencies; ensure all dependencies are removed before applying Cloud-Nuke. Additionally, be aware of any Service Control Policies (SCPs) applied to the account.
For more details, you can check out this GitHub repo: https://github.com/gruntwork-io/cloud-nuke
Happy Destruction!
Top comments (0)