search

ekristen / aws-nuke

Remove all the resources from an AWS account
https://ekristen.github.io/aws-nuke/
MIT License
246 stars 25 forks source link

Account Filter Recognition Failure #382

Closed JL7105 closed 1 month ago

JL7105 commented 1 month ago

I am attempting to nuke every resource I can in every region except one IAM user. I have followed the account filter doucmentation as best as I could. 

regions:
  - all

accounts:
  ############:
    filters:
      IAMUser:
        - "******************"

Note: The account ID and IAM user is filled in correctly when ran. I have triple checked.

Here is the result I get every time:

Configuration Details

Account ID:       ############
Resource Types:   505 (total)
      Included:   505
      Excluded:   0
Filter Presets:   0
Resource Filters: 0

Note: use --with-filtered to see resources with filters defined
Note: use --with-included to see included resource types that will be nuked
Note: use --with-excluded to see excluded resource types

Are there any fixes or work arounds for this? It seems to recognize the file and the regions just not the account filter I have in place.

ekristen commented 1 month ago

@JL7105 the explain-config is about the resource types and not the resources. You will need to run the full nuke which will due a dry run and show you what is filtered vs what will be removed. Once you've reviewed the output, then you can run with --no-dry-run which will prompt you a second time and actually do the removal of resources.

I'll work on the verbiage in the explain-config as I can see how it's a bit ambiguous.