v3.42.0

3.42.0 (2025-01-04)

Summary

New Setting

• CreateRoleToDeleteStack on CloudFormationStack - if a cloudformation stack is missing it's role, this setting will allow AWS nuke to re-create the role to allow the deletion of the stack.

New Resources

• S3AccessGrantsInstance
• S3AccessGrantsGrant
• S3AccessGrantsLocation
• TransferWebApp

Removed Resources

• MobileProject

Changes

Bug Fixes

• cloudformation-stack: remove role afterwards (bafba21)
• cloudwatchlogs-loggroup: property RetentionInDays should always have a value (76177af)
• deps: update module github.com/aws/aws-sdk-go to v1.55.5 (340043a)
• deps: update module github.com/aws/aws-sdk-go-v2/service/s3 to v1.72.0 (1cf5971)
• s3-access-grants-grant: pass account id to delete input (d1f2ccc)

Features

• adding support for s3 access grants, grant, instance, location (cc5548a)
• cloudformation-stack: new setting CreateRoleToDeleteStack (1c42a86)
• cloudwatchevents-target: add properties (60243b3)
• cloudwatchlogs-loggroup: add RetentionInDays properties (b8982b4)
• cloudwatchlogs-loggroup: new properties, refactor properties struct (d8ffbc5)
• mobile-project: remove resource, no longer supported by AWS (de5feb2)
• new resource TransferWebApp (0c8daf7)

Verify Binaries

Currently only the checksums.txt is signed, therefore it's sha256 signature is signed. Simply verify the hash and then verify the checksums signature.

cosign verify-blob \
  --signature https://github.com/ekristen/aws-nuke/releases/download/v3.42.0/checksums.txt.sig \
  --certificate https://github.com/ekristen/aws-nuke/releases/download/v3.42.0/checksums.txt.pem \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-identity "https://github.com/ekristen/aws-nuke/.github/workflows/goreleaser.yml@refs/tags/v3.42.0" \
  https://github.com/ekristen/aws-nuke/releases/download/v3.42.0/checksums.txt

v3.41.0

3.41.0 (2025-01-03)

Bug Fixes

• command/run: logging output back to stdout (d31fa12)

Features

• resource: add SSMQuickSetupConfigurationManager resource (54919bd)

v3.40.0

3.40.0 (2025-01-02)

Bug Fixes

• neptune-cluster: filter on engine to neptune (323856a)
• neptune-snapshot: filter to just neptune engine (733d9fd)

Features

• neptune-snapshot: new properties: Status and CreateTime (6d956b5)

Verify Binaries

Currently only the checksums.txt is signed, therefore it's sha256 signature is signed. Simply verify the hash and then verify the checksums signature.

cosign verify-blob \
  --signature https://github.com/ekristen/aws-nuke/releases/download/v3.40.0/checksums.txt.sig \
  --certificate https://github.com/ekristen/aws-nuke/releases/download/v3.40.0/checksums.txt.pem \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-identity "https://github.com/ekristen/aws-nuke/.github/workflows/goreleaser.yml@refs/tags/v3.40.0" \
  https://github.com/ekristen/aws-nuke/releases/download/v3.40.0/checksums.txt

v3.39.0

3.39.0 (2024-12-26)

Bug Fixes

• deps: update to 0.24.0 for structured logging (f47c098)
• various tweaks for structured logging (36ab9b5)

Features

• add kv log-format (19c3894)
• expand resource names using globs (b190ddf)
• structured logging (fd6965b)

Verify Signature

cosign verify-blob \
  --signature https://github.com/ekristen/aws-nuke/releases/download/v3.39.0/checksums.txt.sig \
  --certificate https://github.com/ekristen/aws-nuke/releases/download/v3.39.0/checksums.txt.pem \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-identity "https://github.com/ekristen/aws-nuke/.github/workflows/goreleaser.yml@refs/tags/v3.39.0" \
  https://github.com/ekristen/aws-nuke/releases/download/v3.39.0/checksums.txt

v3.38.1

3.38.1 (2024-12-26)

Bug Fixes

• cognito-userpool: include auto verified attributes (593b1c6)
• cognito-userpool: include user attribute update settings (0a4b89a)

v3.38.0

3.38.0 (2024-12-24)

Features

• kms-alias: pass key tags through to alias with key: prefix (af75681)
• route53-resource-record: pass hosted zone tags to resource record set with zone:tag prefix (74753ef)

v3.37.0

3.37.0 (2024-12-23)

Bug Fixes

• cloudwatch-alarm: query for both composite and metric alarms (f01fa7c)
• deps: update aws-sdk-go-v2 monorepo (5248581)
• ec2-tgw: ensure state is set (85f1152)
• resource-explorer2-index: limit to current region (c2f936c)

Features

• cloudwatch-alarm: support composite alarms (0bef229)
• resource-explorer2-index: add properties (aa8a6ff)

v3.36.0

3.36.0 (2024-12-13)

Bug Fixes

• rds-instance: filter out neptune instances (e3a0fd3)

Features

• neptune-cluster: tags and properties (2791fdb)
• neptune: support deletion protect, properties, tags (2cc68d0)
• sfn-state-machine: new properties, tags, name, type, creationdate (01d94f8)

v3.35.3

3.35.3 (2024-12-12)

Bug Fixes

• ec2-tgw: filter out gateways not owned by account (33df674)
• gamelift: skip unsupported regions (ab47eb1)

v3.35.2

3.35.2 (2024-12-10)

Bug Fixes

• deps: update module github.com/ekristen/libnuke to v0.22.0 (7406289)