MCPcopy Index your code
hub / github.com/gruntwork-io/cloud-nuke

github.com/gruntwork-io/cloud-nuke @v0.52.0 sqlite

repository ↗ · DeepWiki ↗ · release v0.52.0 ↗
2,915 symbols 9,385 edges 336 files 991 documented · 34%
README

Maintained by Gruntwork.io

cloud-nuke

A CLI tool to delete all resources in your cloud account. Designed for cleaning up test accounts, removing leftover resources, and eliminating unnecessary defaults like default VPCs and permissive security group rules.

BEWARE!

When executed as cloud-nuke aws, this tool is HIGHLY DESTRUCTIVE and deletes all resources! This mode should never be used in a production environment!

When executed as cloud-nuke defaults-aws, this tool deletes all DEFAULT VPCs and the default ingress/egress rule for all default security groups. This should be used in production environments WITH CAUTION.

Install

Download from releases page

  1. Download the latest binary for your OS on the releases page.
  2. Move the binary to a folder on your PATH. E.g.: mv cloud-nuke_darwin_amd64 /usr/local/bin/cloud-nuke.
  3. Add execute permissions to the binary. E.g.: chmod u+x /usr/local/bin/cloud-nuke.
  4. Test it installed correctly: cloud-nuke --help.

Install via package manager

Note that package managers are third party and may not always have the latest version. Check your version against the releases page.

  • macOS: brew install cloud-nuke
  • Linux: brew install cloud-nuke (Homebrew on Linux)
  • Windows: winget install cloud-nuke

Quick Start

# Delete all resources (with confirmation prompt)
cloud-nuke aws

# Inspect resources without deleting
cloud-nuke inspect-aws

# Delete resources in specific regions only
cloud-nuke aws --region us-east-1 --region us-west-2

# Delete only specific resource types
cloud-nuke aws --resource-type ec2 --resource-type s3

# Preview what would be deleted
cloud-nuke aws --dry-run

# Delete default VPCs and security group rules
cloud-nuke defaults-aws

# Use a config file for granular filtering
cloud-nuke aws --config path/to/config.yaml

Supported Resources

Supports 125+ AWS resource types. Full list →

Documentation

Topic Description
CLI Usage All flags, options, and commands
Configuration Config file format and filter examples
Supported Resources Full resource list and config support matrix
Library Usage Using cloud-nuke as a Go library
Developing Running locally, testing, and releasing

Telemetry

As of v0.29.0, cloud-nuke sends telemetry to Gruntwork (command name, version, and AWS account ID). IP addresses and resource names are never collected. Disable with DISABLE_TELEMETRY=1.

Credentials

You will need to provide your AWS credentials using one of the standard AWS CLI credential mechanisms.

Contributing

Contributions are very welcome! Please check out the Contribution Guidelines and Developing cloud-nuke for instructions.

License

This code is released under the MIT License. See LICENSE.txt.

Extension points exported contracts — how you extend this code

Event (Interface)
Event is the interface that all reporting events implement. [10 implementers]
reporting/events.go
Renderer (Interface)
Renderer processes events and produces output. CLI renderer outputs progressively on ScanComplete and NukeComplete. JSON [3 …
reporting/collector.go
AppRunnerServiceAPI (Interface)
AppRunnerServiceAPI defines the interface for App Runner service operations. [3 implementers]
aws/resources/apprunner_service.go
GcpResource (Interface)
GcpResource is an interface that represents a single GCP resource. This interface is satisfied by GcpResourceAdapter[C]
gcp/resources/types.go
DeleteFunc (FuncType)
DeleteFunc is a function that deletes a single resource by ID.
resource/batch_deleter.go
NukeableResource (Interface)
NukeableResource defines the common interface for all cloud resources that can be nuked. This is embedded by provider-sp
resource/resource.go
LoadBalancersV2API (Interface)
LoadBalancersV2API defines the interface for ELBv2 operations. [2 implementers]
aws/resources/elbv2.go
GcpInitClientFunc (FuncType)
GcpInitClientFunc is the type-safe client initialization function signature.
gcp/resources/adapter.go

Core symbols most depended-on inside this repo

String
called by 1957
resource/resource.go
Debugf
called by 401
logging/logger.go
ShouldInclude
called by 153
config/config.go
WrapAwsInitClient
called by 133
aws/resources/adapter.go
NewAwsResource
called by 125
aws/resources/adapter.go
SimpleBatchDeleter
called by 80
resource/batch_deleter.go
FormatTimestamp
called by 78
util/time.go
ResourceName
called by 50
resource/resource.go

Shape

Function 1,353
Method 1,190
Struct 222
Interface 140
FuncType 8
TypeAlias 2

Languages

Go100%

Modules by API surface

aws/resources/ec2_vpc.go35 symbols
aws/resources/iam.go34 symbols
util/tag.go33 symbols
config/config.go30 symbols
config/config_test.go27 symbols
aws/resources/s3.go27 symbols
aws/resources/ec2_vpc_test.go27 symbols
aws/resources/sagemaker_studio.go26 symbols
aws/resources/security_group.go25 symbols
aws/resources/iam_test.go24 symbols
aws/resources/ecs_cluster_test.go24 symbols
reporting/events.go22 symbols

Dependencies from manifests, versioned

atomicgo.dev/cursorv0.1.1 · 1×
cel.dev/exprv0.25.1 · 1×
cloud.google.com/gov0.120.0 · 1×
cloud.google.com/go/artifactregistryv1.17.1 · 1×
cloud.google.com/go/auth/oauth2adaptv0.2.8 · 1×
cloud.google.com/go/compute/metadatav0.9.0 · 1×
cloud.google.com/go/longrunningv0.6.7 · 1×
cloud.google.com/go/monitoringv1.24.2 · 1×

For agents

$ claude mcp add cloud-nuke \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact