Created
December 7, 2021 19:55
-
-
Save kapilt/4719dfa500b07f2143a8c1a5a0a12105 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| regions: | |
| - us-east-1 | |
| - us-east-2 | |
| - us-west-2 | |
| - global | |
| account-blocklist: | |
| - "999999999999" # production | |
| accounts: | |
| "335100961297": | |
| filters: | |
| CloudFormationStack: | |
| value: "StackSet-AWSControlTowerBP" | |
| - type: contains | |
| value: "StackSet-StackletBootstrapRoles" | |
| CloudWatchLogsLogGroup: | |
| - type: contains | |
| value: controltower | |
| - type: contains | |
| value: ControlTower | |
| EC2RouteTable: | |
| - property: "tag:Name" | |
| type: contains | |
| value: "aws-controltower" | |
| EC2Subnet: | |
| - property: "tag:Name" | |
| type: contains | |
| value: "aws-controltower" | |
| EC2DHCPOption: | |
| - property: "tag:Name" | |
| type: contains | |
| value: "aws-controltower" | |
| EC2NetworkACL: | |
| - property: "tag:Name" | |
| type: contains | |
| value: "aws-controltower" | |
| EC2VPC: | |
| - property: "tag:Name" | |
| type: contains | |
| value: "aws-controltower" | |
| SNSTopic: | |
| - type: glob | |
| value: "*aws-controltower*" | |
| SNSSubscription: | |
| - type: contains | |
| value: "aws-controltower" | |
| CloudWatchEventsRule: | |
| - type: contains | |
| value: "event-forward" | |
| - type: "contains" | |
| value: "aws-controltower" | |
| CloudWatchEventsTarget: | |
| - type: contains | |
| value: "event-forward" | |
| - type: "contains" | |
| value: "aws-controltower" | |
| LambdaFunction: | |
| - type: glob | |
| value: "aws-controltower-*" | |
| property: Name | |
| IAMRolePolicy: | |
| - type: contains | |
| value: aws-controltower | |
| - type: contains | |
| value: ControlTower | |
| - type: contains | |
| value: aws-controltower | |
| - type: contains | |
| value: AWSReservedSSO | |
| IAMRolePolicyAttachment: | |
| - type: contains | |
| value: aws-controltower | |
| - type: contains | |
| value: AWSReservedSSO | |
| - type: contains | |
| value: ControlTower | |
| - type: contains | |
| value: aws-controltower | |
| IAMRole: | |
| - type: contains | |
| value: AWSReservedSSO | |
| - type: contains | |
| value: aws-controltower | |
| property: Name | |
| - type: contains | |
| value: ControlTower | |
| property: Name | |
| - type: contains | |
| value: aws-controltower | |
| property: Name | |
| resource-types: | |
| excludes: | |
| # core account infra | |
| - IAMSAMLProvider | |
| - ConfigServiceDeliveryChannel | |
| - ConfigServiceConfigurationRecorder | |
| - CloudTrailTrail | |
| - AppStreamImage | |
| # delete tables not items | |
| - DynamoDBTableItem | |
| # delete this via console as data plane stuff can take a while | |
| - S3Bucket | |
| - S3Object | |
| - S3MultipartUpload | |
| # these take forever | |
| - GlobalAccelerator | |
| - GlobalAcceleratorEndpointGroup | |
| - GlobalAcceleratorListener |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment