Skip to content

Instantly share code, notes, and snippets.

@getsec

getsec/delete-config-everywhere.sh

Created March 9, 2022 18:51
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save getsec/1c9ec7e4db664fc93ea0b9c355ec60a6 to your computer and use it in GitHub Desktop.
Save getsec/1c9ec7e4db664fc93ea0b9c355ec60a6 to your computer and use it in GitHub Desktop.
Download ZIP
Simple script to delete a bunch of AWS config items...
Raw
delete-config-everywhere.sh
#!/bin/bash
profile=$1
all_regions=$(aws ec2 describe-regions --region us-west-1 --query 'Regions[*].RegionName' --output text)
for region in $all_regions; do
rules=$(aws configservice describe-config-rules --region $region --query 'ConfigRules[*].ConfigRuleName' --output text)
if [ ${#rules} -ge 1 ]; then
for rule in $rules; do
echo "Deleting $rule in $region"
aws configservice delete-config-rule --region $region --config-rule-name $rule
done
fi
recorder=$(aws configservice describe-configuration-recorders --region $region --query 'ConfigurationRecorders[*].name' --output text)
if [ ${#recorder} -ge 2 ]; then
echo "Deleting $recorder in $region"
aws configservice delete-configuration-recorder --configuration-recorder-name $recorder --region $region
else
echo "No recorder found in $region"
fi
delivery_channels=$(aws configservice describe-delivery-channels --region $region --query 'DeliveryChannels[*].name' --output text)
if [ ${#delivery_channels} -ge 2 ]; then
echo "Deleting $delivery_channels in $region"
aws configservice delete-delivery-channel --delivery-channel-name $delivery_channels --region $region
else
echo "No delivery_channels found in $region"
fi
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment