This repo contains the config to periodically clean the AWS Sandbox account of all
resources using aws-nuke. It also contains the Terraform to deploy the AWS resources
required to run this job remotely.
It is possible to exlude resources you wish to retain by adding them to the aws-nuke.yaml config file.
- aws-nuke.yaml config file is used by aws-nuke
- buildspec.yml is used by AWS CodeBuild
- Terraform IAC code is within the
terraformdirectory - Terraform IAC initial setup code for state file bucket/dynamodb is within the
terraform/bootstrapdirectory
Test locally after updating aws-nuke.yaml
aws-vault exec madesso -- aws-nuke -c aws-nuke.yaml -q --force
By default aws-nuke runs in dry-run mode. To really delete things add the --no-dry-run flag.