aws-nuke

Delete a whole AWS account and all resources

Updated on October 29, 2024 · 1 minute read

NAME

aws-nuke - Delete a whole AWS account and all resources

DESCRIPTION

A tool which removes every resource from an AWS account. Use it with caution, since it cannot distinguish between production and non-production.

Usage:

: aws-nuke [flags] aws-nuke [command]

Available Commands:

completion: Generate the autocompletion script for the specified shell

help: Help about any command

: resource-types lists all available resource types version shows version of this application

Flags:

--access-key-id string: AWS access key ID for accessing the AWS API. Must be used together with --secret-access-key. Cannot be used together with --profile.

--assume-role-arn string: AWS IAM role arn to assume. The credentials provided via --access-key-id or --profile must be allowed to assume this role.

-c, --config string: (required) Path to the nuke config file.

--default-region string: Custom default region name.

-e, --exclude strings: Prevent nuking of certain resource types (eg IAMServerCertificate). This flag can be used multiple times.

--force: Don't ask for confirmation before deleting resources. Instead it waits 15s before continuing. Set --force-sleep to change the wait time.

--force-sleep int: If specified and --force is set, wait this many seconds before deleting resources. Defaults to 15. (default 15)

-h, --help: help for aws-nuke

--max-wait-retries int: If specified, the program will exit if resources are stuck in waiting for this many iterations. 0 (default) disables early exit.

--no-dry-run: If specified, it actually deletes found resources. Otherwise it just lists all candidates.

--profile string: Name of the AWS profile name for accessing the AWS API. Cannot be used together with --access-key-id and --secret-access-key.

-q, --quiet: Don't show filtered resources.

--secret-access-key string: AWS secret access key for accessing the AWS API. Must be used together with --access-key-id. Cannot be used together with --profile.

--session-token string: AWS session token for accessing the AWS API. Must be used together with --access-key-id and --secret-access-key. Cannot be used together with --profile.

-t, --target strings: Limit nuking to certain resource types (eg IAMServerCertificate). This flag can be used multiple times.

-v, --verbose: Enables debug output.

Use "aws-nuke [command] --help" for more information about a command.

April 2023

aws-nuke 2.16.0

Questions & Answers

Helpful answers and articles about aws-nuke you may found on these sites:

Network Engineering