AWS cloud services is exciting to use until your bill starts pilling up because you did not stop one service from running. This was my reality a few days ago. The reason why we use cloud providers is to help us reduce cost and also make use of services effectively, but this might not be the case if not properly managed.
In this article, I’ll will be talking about a powerful tool for cleaning up your AWS account quickly and efficiently. This tool is a fast way of doing things instead of manually managing resources or doing it through Terraform, this tool is a great alternative that can be easily run from your console.
Introducing Cloud-Nuke
Cloud-Nuke is an open-source tool available on GitHub. It’s designed to delete all AWS resources within an account or clean up the account, saving you from manual clean-up tasks.
1. How to Install Gruntwork’s Cloud-Nuke
macOS or Linux
For macOS or Linux users, installation is straightforward. Simply run:
brew install cloud-nuke
Windows
For Windows users, you can install it via Winget with the command:
winget install cloud-nuke
If installing via Winget doesn’t work, you can manually download and install the Cloud-Nuke via GitHub:
- Visit the Cloud-Nuke GitHub releases page.
- Download the latest release for Windows (usually a
.zipfile). - Extract the
.zipfile to a directory of your choice. - Add the directory containing
cloud-nuke.exeto your PATH:- Open the Start Menu, search for "Environment Variables," and select "Edit the system environment variables."
- In the System Properties window, click on "Environment Variables."
- In the "System variables" section, find and select the
Pathvariable, then click "Edit." - Click "New" and paste the path to the directory where
cloud-nuke.exeis located. - Click "OK" to close all windows.
To verify the installation, run the command:
cloud-nuke
2. Setting Up AWS Credentials
Before using Cloud-Nuke, you need to export your AWS access key, secret key, and region as environment variables. Use the following commands:
export AWS_ACCESS_KEY="<PLACE_YOUR_AWS_ACCESS_KEY>"
export AWS_SECRET_KEY="<PLACE_YOUR_AWS_SECRET_KEY>"
export AWS_REGION="<PLACE_YOUR_AWS_REGION_NAME>"
You can find these details by navigating to your AWS console:
- On the top right corner under your username, click on My Security Credentials.
- Navigate to Access keys (access key ID and secret access key).
- Ensure the key status is ACTIVE.
3. Deleting All AWS Resources with Cloud-Nuke
Warning: Running Cloud-Nuke will delete all the resources in your AWS account, so proceed with caution as there’s no going back!
To delete all AWS resources, simply run:
cloud-nuke aws
This command will display the types and quantities of resources that are about to be deleted. It will then ask for confirmation before proceeding. To confirm, type nuke and hit enter.
4. Deleting Resources in a Specific AWS Region
If you want to delete resources in a specific region, you can specify the region using the --region flag:
cloud-nuke aws --region us-east-1
This will only affect resources in the us-east-1 region.
5. Listing Supported Resource Types
Cloud-Nuke doesn’t support all AWS resources. To list the supported resource types, run:
cloud-nuke aws --list-resource-types
6. Excluding Resources from Deletion
To exclude specific resources from being deleted, use the --exclude-resource-type flag:
cloud-nuke aws --exclude-resource-type s3 --exclude-resource-type ec2
7. Excluding Resources by Age
If you only want to delete resources that were created before a certain period, use the --older-than flag:
cloud-nuke aws --older-than 24h
8. Targeting Specific Resource Types
To target specific resource types, use the --resource-type flag:
cloud-nuke aws --resource-type ec2 --resource-type ami
This will focus the deletion process only on ec2 and ami resources. You can also use this flag to speed up the search process.
To inspect specific resource types without deleting them, run:
cloud-nuke inspect-aws --resource-type ec2
9. Protecting Resources with the cloud-nuke-after Tag
To protect resources from accidental or premature deletion, you can tag them with cloud-nuke-after and specify a future date in the format 2024-07-09T00:00:00Z. This ensures that the resources remain intact until their designated expiration date.
By using Cloud-Nuke, you don’t only take control of your AWS resources you also prevent yourself from unexpected bills. NOTE, always use this tool with caution, especially in production environments, as it can have significant consequences on your infrastructure. Way to Cloud!
Top comments (0)