Keep IAM Users and Organization Role (#125)

* Kepp IAM Users and Organization Role * Update aws-nuke.yaml * Update aws-nuke.yaml * Kepp IAM Users and Organization Role
cloudposse · Sep 19, 2024 · ad7e218 · ad7e218
1 parent 7146581
commit ad7e218
Showing 1 changed file with 21 additions and 1 deletion.
diff --git a/.github/aws-nuke.yaml b/.github/aws-nuke.yaml
@@ -32,9 +32,29 @@ regions:
   - us-gov-east-1
   - us-gov-west-1
 
+
+resource-types:
+  # don't nuke IAM users
+  excludes:
+    - IAMUser
+    - IAMUserAccessKey
+    - IAMUserPolicyAttachment
+
 account-blocklist:
   - "999999999999" # production
 
 accounts:
   # testing account
-  126450723953: {}
+  126450723953:
+    presets:
+      - defaults
+
+presets:
+  defaults:
+    filters:
+      IAMRole:
+        - "OrganizationAccountAccessRole"
+      IAMRolePolicy:
+        - property: "role:RoleName"
+          type: "regex"
+          value: "^OrganizationAccountAccessRole$"