Keep IAM Users and Organization Role (#125)

goruha · web-flow · commit ad7e2184af9b · 2024-09-20T01:42:05.000+03:00
* Kepp IAM Users and Organization Role

* Update aws-nuke.yaml

* Update aws-nuke.yaml

* Kepp IAM Users and Organization Role
diff --git a/.github/aws-nuke.yaml b/.github/aws-nuke.yaml
@@ -32,9 +32,29 @@ regions:
   - us-gov-east-1
   - us-gov-west-1
 
+
+resource-types:
+  # don't nuke IAM users
+  excludes:
+    - IAMUser
+    - IAMUserAccessKey
+    - IAMUserPolicyAttachment
+
 account-blocklist:
   - "999999999999" # production
 
 accounts:
   # testing account
-  126450723953: {}
+  126450723953:
+    presets:
+      - defaults
+
+presets:
+  defaults:
+    filters:
+      IAMRole:
+        - "OrganizationAccountAccessRole"
+      IAMRolePolicy:
+        - property: "role:RoleName"
+          type: "regex"
+          value: "^OrganizationAccountAccessRole$"
