forked from rebuy-de/aws-nuke
-
Notifications
You must be signed in to change notification settings - Fork 0
/
root.go
165 lines (141 loc) · 4.9 KB
/
root.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
package cmd
import (
"fmt"
"os"
"sort"
"github.com/rebuy-de/aws-nuke/pkg/awsutil"
"github.com/rebuy-de/aws-nuke/pkg/config"
"github.com/rebuy-de/aws-nuke/resources"
log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
)
func NewRootCommand() *cobra.Command {
var (
params NukeParameters
creds awsutil.Credentials
defaultRegion string
verbose bool
)
command := &cobra.Command{
Use: "aws-nuke",
Short: "aws-nuke removes every resource from AWS",
Long: `A tool which removes every resource from an AWS account. Use it with caution, since it cannot distinguish between production and non-production.`,
}
command.PreRun = func(cmd *cobra.Command, args []string) {
log.SetLevel(log.InfoLevel)
if verbose {
log.SetLevel(log.DebugLevel)
}
log.SetFormatter(&log.TextFormatter{
EnvironmentOverrideColors: true,
})
}
command.RunE = func(cmd *cobra.Command, args []string) error {
var err error
err = params.Validate()
if err != nil {
return err
}
if !creds.HasKeys() && !creds.HasProfile() && defaultRegion != "" {
creds.AccessKeyID = os.Getenv("AWS_ACCESS_KEY_ID")
creds.SecretAccessKey = os.Getenv("AWS_SECRET_ACCESS_KEY")
}
err = creds.Validate()
if err != nil {
return err
}
command.SilenceUsage = true
config, err := config.Load(params.ConfigPath)
if err != nil {
log.Errorf("Failed to parse config file %s", params.ConfigPath)
return err
}
if defaultRegion != "" {
awsutil.DefaultRegionID = defaultRegion
if config.CustomEndpoints.GetRegion(defaultRegion) == nil {
err = fmt.Errorf("The custom region '%s' must be specified in the configuration 'endpoints'", defaultRegion)
log.Error(err.Error())
return err
}
}
account, err := awsutil.NewAccount(creds, config.CustomEndpoints)
if err != nil {
return err
}
n := NewNuke(params, *account)
n.Config = config
return n.Run()
}
command.PersistentFlags().BoolVarP(
&verbose, "verbose", "v", false,
"Enables debug output.")
command.PersistentFlags().StringVarP(
¶ms.ConfigPath, "config", "c", "",
"(required) Path to the nuke config file.")
command.PersistentFlags().StringVar(
&creds.Profile, "profile", "",
"Name of the AWS profile name for accessing the AWS API. "+
"Cannot be used together with --access-key-id and --secret-access-key.")
command.PersistentFlags().StringVar(
&creds.AccessKeyID, "access-key-id", "",
"AWS access key ID for accessing the AWS API. "+
"Must be used together with --secret-access-key. "+
"Cannot be used together with --profile.")
command.PersistentFlags().StringVar(
&creds.SecretAccessKey, "secret-access-key", "",
"AWS secret access key for accessing the AWS API. "+
"Must be used together with --access-key-id. "+
"Cannot be used together with --profile.")
command.PersistentFlags().StringVar(
&creds.SessionToken, "session-token", "",
"AWS session token for accessing the AWS API. "+
"Must be used together with --access-key-id and --secret-access-key. "+
"Cannot be used together with --profile.")
command.PersistentFlags().StringVar(
&defaultRegion, "default-region", "",
"Custom default region name.")
command.PersistentFlags().StringSliceVarP(
¶ms.Targets, "target", "t", []string{},
"Limit nuking to certain resource types (eg IAMServerCertificate). "+
"This flag can be used multiple times.")
command.PersistentFlags().StringSliceVarP(
¶ms.Excludes, "exclude", "e", []string{},
"Prevent nuking of certain resource types (eg IAMServerCertificate). "+
"This flag can be used multiple times.")
command.PersistentFlags().BoolVar(
¶ms.NoDryRun, "no-dry-run", false,
"If specified, it actually deletes found resources. "+
"Otherwise it just lists all candidates.")
command.PersistentFlags().BoolVar(
¶ms.Force, "force", false,
"Don't ask for confirmation before deleting resources. "+
"Instead it waits 15s before continuing. Set --force-sleep to change the wait time.")
command.PersistentFlags().IntVar(
¶ms.ForceSleep, "force-sleep", 15,
"If specified and --force is set, wait this many seconds before deleting resources. "+
"Defaults to 15.")
command.PersistentFlags().IntVar(
¶ms.MaxWaitRetries, "max-wait-retries", 0,
"If specified, the program will exit if resources are stuck in waiting for this many iterations. "+
"0 (default) disables early exit.")
command.PersistentFlags().BoolVarP(
¶ms.Quiet, "quiet", "q", false,
"Don't show filtered resources.")
command.AddCommand(NewVersionCommand())
command.AddCommand(NewResourceTypesCommand())
return command
}
func NewResourceTypesCommand() *cobra.Command {
cmd := &cobra.Command{
Use: "resource-types",
Short: "lists all available resource types",
Run: func(cmd *cobra.Command, args []string) {
names := resources.GetListerNames()
sort.Strings(names)
for _, resourceType := range names {
fmt.Println(resourceType)
}
},
}
return cmd
}