-
-
Notifications
You must be signed in to change notification settings - Fork 350
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support to delete ec2 key pairs using cloud-nuke #379
Conversation
4c5a9cf
to
5d77c62
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's a folder in the repo called config
that handles resources when using a config.yml file. The new resource should be added to the Config
struct as well as any usages.
Readme also needs to be updated
aws/ec2_key_pair.go
Outdated
) | ||
|
||
// getAllEc2KeyPairs extracts the list of existing ec2 key pairs. | ||
func getAllEc2KeyPairs(session *session.Session) ([]*string, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This function should contain logic for deciding if an ec2 key pair should be included in the list to be nuked. If you do a repo search for shouldInclude*
you should find examples. This is what powers the regex and time based filtering
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah that's nice. I wonder if that should be a separate ticket to handle? https://gruntwork.atlassian.net/browse/CORE-284 -- the acceptance criteria does not seem to mention about the capability to support such feature.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't have a problem with adding it to a separate ticket, but I don't think we should release it without this functionality since all of the other resources support it. Especially with a tool designed for destruction like cloud-nuke. It would be very easy for someone to create a config file with a regex and accidentally delete something because the regex feature wasn't added.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah that's a great point. Let's add that as part of this if that's the case. Let me update the PR 👍
5d77c62
to
e646e1b
Compare
Got it. Updated. |
Need to update the readme and add release notes to the PR |
Hmm I though I updated the readme :S I guess it was not included somehow. Is this one special because it's an open source repository? |
2204f79
to
4786bfa
Compare
4786bfa
to
8388277
Compare
Description
Fixes https://gruntwork.atlassian.net/browse/CORE-284.
Testing
aws-inspect
on ec2 key pairTODOs
Read the Gruntwork contribution guidelines.
nuke_sandbox
andnuke_phxdevops
jobs in.circleci/config.yml
have been updated with appropriate exclusions (either directly in the job or via the.circleci/nuke_config.yml
file) to prevent nuking IAM roles, groups, resources, etc that are important for the test accounts.Release Notes (draft)
Added / Removed / Updated [X].
Migration Guide