aws-nuke icon indicating copy to clipboard operation
aws-nuke copied to clipboard

Published 20 hours ago verified publisher icon rebuy-de

Can Aging time Added to all of the resources in awsnuke - whitelist pre-population, etc.

Open nhemchand opened this issue 2 years ago • 5 comments

I want to check whether awsnuke to see if resources that haven't reached a specific age (30 days, etc.) can automatically added to the awsnuke whitelist.

nhemchand avatar Mar 21 '22 15:03 nhemchand

1.This code snippet does not seem to be working. Im still able to delete ec2 instance of 60days old. ######################

EC2Instance:
- property: dateOlderThan
  value: "time.Now().AddDate(0, 0, -90d)"

######################

2.Can similar logic as above used for other 375 resources as well? nuke resource-types | wc -l ( 375 resources )

nhemchand avatar Mar 29 '22 18:03 nhemchand

Hello.

You have to specify the duration in hours. For example 90 days would be 2160h.

For example:

EC2Instance:
- property: dateOlderThan
  value: "2160h"

⚠️ It might also have to be a negative number (eg 2160h). Not sure about this, because I neither implemented nor used this feature.

"time.Now().AddDate(0, 0, -90d)"

This is the second time I am seeing this random code snippet in a config file. Where did you get this from?

svenwltr avatar Apr 05 '22 06:04 svenwltr

  1. Does property "dateOlderThan" support for all of the resource types nuke supports?

$ bin/aws-nuke-mac resource-types | wc -l 373

  1. I got the references for the random code snippet from the following. https://stackoverflow.com/questions/71409119/how-do-you-terminate-resources-that-are-older-than-x-days-using-aws-nuke

nhemchand avatar Apr 05 '22 15:04 nhemchand

By the way, this condition does not work. It is deleting resources older than 90 days as well. I tried with negative number as well ( eg: -2160h )

EC2Instance:
   - property: dateOlderThan
      value: "2160h"

nhemchand avatar Apr 05 '22 20:04 nhemchand

Does property "dateOlderThan" support for all of the resource types nuke supports?

No, only properties that look like a date.

By the way, this condition does not work.

The filter syntax is wrong. dateOlderThan is a filter type, not a property. The properties are logged by aws-nuke on execution. In case of EC2 instances, you can see that LaunchTime looks like a date:

eu-west-1 - EC2Instance - i-05fad575ab16ef746 - [Identifier: "i-05fad575ab16ef746", ImageIdentifier: "ami-00326b38b90636d3d", InstanceState: "running", InstanceType: "m6a.2xlarge", LaunchTime: "2022-04-06T11:18:59Z", tag:Name: "worker-stateful-dysprosium", tag:aws:autoscaling:groupName: "worker-stateful-dysprosium", tag:aws:ec2:fleet-id: "fleet-22aace4e-5c2b-218a-241a-018a14ce99f8", tag:aws:ec2launchtemplate:id: "lt-0aebdaec69b603a3c", tag:aws:ec2launchtemplate:version: "1", tag:k8s.io/cluster-autoscaler/enabled: "true", tag:kubernetes.io/cluster/staging: "owned"] - would remove

So you can use this as a property:

EC2Instance:
- property: LaunchTime
  type: dateOlderThan
  value: "2160h" # might be negative

svenwltr avatar Apr 06 '22 11:04 svenwltr