#GroundUp: Nuke Your Resources on AWS Pt1
Welcome to the #GroundUp series once again. You can check a listing of the posts in this series here. In this post, we will look at how to use a helpful utility by the name aws-nuke created by the team at rebuy.de. Today we’d look at the Part 1 of this series where I get to share with you why you may need this utility and next week as I round up on the #GroundUp series, we will follow along with setting up the aws-nuke utility.
Over the years, one thing I have discovered is that as one is learning about the cloud, there comes the point where you may run multiple services and, in some instances, lose track of some of these services across multiple regions you may not even frequent. I must say here that using an Infrastructure as Code (IaC) tool may be helpful in having a standard way to delete some resources you may not need as you can make the changes and apply them using CloudFormation or Terraform.
With AWS Nuke, you can easily automate the deletion of unused resources while also ensuring that critical resources are protected. It’s important that there are other tools that can also be used to delete resources within your AWS Cloud environment and in researching for this article and the subsequent blog I came across across an equally good utility from the team at Grunt.io, you can check out their repo for more details here. One thing is that they work almost in the same way and the learning curve for both are alike too.
What is AWS Nuke?
AWS Nuke is an open-source utility that can be used to manage your AWS cloud infrastructure by automating the process of deleting orphaned or unwanted resources. This helps you keep your AWS account clean and organized, which, in turn, helps you optimize your cloud usage and reduce costs.
AWS Nuke is a command-line tool that can be installed on your local machine or an EC2 instance.
Benefits of Using AWS Nuke
Using AWS Nuke gives you the following benefits;
1. Increased Security: Unused resources can be an attack surface for attackers. Using AWS Nuke to clear unused resources and thus reduce the attack surface.
2. Saves Time and Effort: The process of deleting resources manually can sometimes be daunting and in the case where you are not keeping track of these resources using an IaC tool for example. With AWS Nuke, you have the option of automating the deletion of resources and focusing on other tasks.
3. Optimizes Your Cloud Usage: In addition, you get to cut down on your usage cost as you can ‘nuke’ orphaned or unused resources. AWS Nuke helps you do this by automating the process of deleting these resources.
AWS Nuke Use Cases
AWS Nuke can be used in a variety of use cases, including:
1. DevOps Automation: As part of your DevOps processes, you can employ AWS Nuke to clear unused resources.
2. Cost Optimization: You can also adopt the AWS Nuke tool, to optimize and streamline your cloud usage and costs. This is especially useful if you have many resources to manage.
3. Security and Compliance: In using AWS Nuke to delete unused resources which can be susceptible to security breaches, you keep your resources secure and also adhere to compliance with regulations.
Additional Notes
As long as you use AWS Nuke correctly, it is safe to use. It is always important to test out AWS Nuke in a non-critical environment before running that in your production. Tune the filters to capture all resources you wish to delete as resources deleted are permanent and cannot be undone. Based on your own needs you can customize AWS Nuke to suit your specific needs and you can also take advantage of various rules that are built into the AWS Nuke tool.
Conclusion
For anyone starting off with AWS and even for people who are power users of AWS, this utility becomes a handy tool in your arsenal to manage your resources. One pointer I will leave you with in closing is that for anyone who is starting off in the cloud and may not want to worry the head about the issues of deleting resources over and over again you can use sandboxes provided on AWS Skill builder labs or those provided by third party organizations. These automatically tear down resources after a stated period of time and you do not have to worry about additional cost components there.
Well with that said, I hope you learnt a few things that will be helpful as you go along with your journey in the cloud. Thank you for reading and hope to see you for the part 2 of this post and a video walkthrough as well as we get hands-on with the AWS Nuke Utility.
References
· GitHub Page for AWS Nuke by Rebuy.de — https://github.com/rebuy-de/aws-nuke
· AWS guide on Using AWS Nuke — https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/automate-deletion-of-aws-resources-by-using-aws-nuke.html
· AWS Nuke example Codes — https://github.com/aws-samples/aws-nuke-account-cleanser-example
Github Page for AWS Nuke by Gruntwork.io — https://github.com/gruntwork-io/cloud-nuke
