search

rebuy-de / aws-nuke

Nuke a whole AWS account and delete all its resources.
MIT License
5.49k stars 708 forks source link

Cannot delete secrets that are part of the Event Bridge connection #1204

Open moltar opened 3 months ago

moltar commented 3 months ago

These secrets have the following naming pattern:

events!connection/${NAME}/${UUID}

They are managed by the Event Bridge connection.

They cannot be deleted, and can only be scheduled for deletion (min 7 days).

https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-target-connection.html

ekristen commented 3 months ago

@moltar do you have any logs that you can share? It would be helpful to see what ResourceType is throwing the error and what the logs are. Thanks.

moltar commented 3 months ago

Hey @ekristen, it's just a secret from the AWS Secrets Manager.

The difference is that it's auto-managed by Amazon EventBridge service for you.

From the docs: https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-target-connection.html

A connection defines the authorization method and credentials for EventBridge to use in connecting to a given HTTP endpoint. When you configure the authorization settings and create a connection, it creates a secret in AWS Secrets Manager to securely store the authorization information.

Unfortunately, I cannot repro it at the moment, because I have already wiped it manually.

Next time I deploy and need to nuke again, I will update the error message.