search

rebuy-de / aws-nuke

Nuke a whole AWS account and delete all its resources.
MIT License
5.75k stars 721 forks source link

Adds tag filter support to resource EC2VPCEndpointServiceConfiguration #1175

Closed gavD closed 7 months ago

gavD commented 9 months ago

What we have done

We have a teardown use-case that needs to step over a particular EC2VPCEndpointServiceConfiguration that has the tag allow_delete set to false:

      EC2VPCEndpointServiceConfiguration:
        - property: tag:allow_delete
          value: false

So we have added this configuration to the resource.

References

  1. Similar to work done by @sjpalf here https://github.com/rebuy-de/aws-nuke/pull/855

Evidence of work

Running the command dist/aws-nuke --config nuke-config.yml --quiet --target EC2VPCEndpointServiceConfiguration with the filter commented out from our config gives us:

eu-west-2 - EC2VPCEndpointServiceConfiguration - vpce-svc-<redacted> - [Name: com.amazonaws.vpce.eu-west-2.vpce-svc-<redacted>, tag:Name: <redacted>g, tag:allow_delete: false, tag:auth_enabled: true, tag:component: <redacted>, tag:component_root: core, tag:environment: <redacted>, tag:managed_by: terragrunt, tag:ssl_enabled: true, tag:strict_auth_enabled: true, tag:team: <redacted>] - would remove
Scan complete: 1 total, 1 nukeable, 0 filtered.

With the filter present in our config we get:

Scan complete: 1 total, 0 nukeable, 1 filtered.

This matches our expectations

Risks

I've not worked on this repo before and I'm not a regular Go-bot so my Go code might be suboptimal

gavD commented 7 months ago

closing this PR as it looks implemented by https://github.com/ekristen/aws-nuke/pull/100/ :-) thanks