gruntwork-io/cloud-nuke v0.47.0

on GitHub

Breaking Changes

Config YAML key casing standardized (#1012)

Config keys now use consistent casing matching Go struct names. Old keys are rejected with errors (strict unmarshaling). Examples of required changes:

• s3 → S3
• NatGateway → NATGateway
• EcsCluster → ECSCluster
• EksCluster → EKSCluster
• RdsParameterGroup → RDSParameterGroup

See the config example for the full updated format.

Tag filter syntax replaced (#1016, #1044)

The deprecated tag / tag_value fields have been removed. Use the new tags map syntax:

# Old (no longer works)
tag: my-tag
tag_value: my-value

# New
tags:
  my-tag: my-value

Strict config parsing (#1012)

Unknown fields in config YAML now cause errors instead of being silently ignored. Fix any typos or remove deprecated fields.

Resource type name changes (#992, #996, #1014)

Some resource type names used with --resource-type have changed (e.g., standardized naming). Run cloud-nuke inspect to see current resource type names.

Go API changes (#995, #1056)

For programmatic users of the Go library:

• Nuke() now returns []NukeResult instead of error
• GetAllResources() takes an additional *reporting.Collector parameter
• report/ and ui/ packages replaced by reporting/ and renderers/
• PrepareContext and IsGlobal interfaces removed

What's Changed

New Features

• feat: introduce generic Resource[C] pattern for GCP by @james00012 in #983
• feat: introduce generic Resource[C] pattern for AWS (first batch) by @james00012 in #984
• feat: add AWS Data Pipeline support by @james00012 in #1036
• feat: add GCP Cloud Functions (Gen2) resource by @james00012 in #1020
• feat: add GCP Artifact Registry resource by @james00012 in #1040
• feat(gcp): add Pub/Sub topic resource with first-seen label support by @james00012 in #1063
• feat: add --include-tag CLI flag for global tag-based resource filtering by @james00012 in #1072
• refactor: replace global state reporting with event-driven architecture by @james00012 in #995

Refactors

• refactor: migrate 30 AWS resources to generic Resource[C] pattern by @james00012 in #987
• refactor: migrate AWS resources to generic Resource[C] pattern by @james00012 in #992
• refactor: add NukeableResource interface and remove AWS SDK from resource package by @james00012 in #1056
• refactor: convert nuke_config from allowlist to blocklist by @james00012 in #1028
• refactor(gcp): align resource scanning with AWS region-based pattern by @james00012 in #1050
• refactor: add type-safe WrapGcpInitClient and fix missing Scope.Region by @james00012 in #993
• refactor: remove deprecated PrepareContext, IsGlobal, and Tag/TagValue fields by @james00012 in #1044
• refactor: consolidate nuke workflows and remove CircleCI nuke jobs by @james00012 in #1006
• refactor: improve VPC dependency cleanup robustness by @james00012 in #1013

Bug Fixes

• fix: EventBridge rule pagination bug causing infinite loop by @james00012 in #979
• fix: restore IAMUsers resource type name to 'iam' by @james00012 in #996
• fix: standardize config YAML keys and reject unknown fields by @james00012 in #1012
• fix: replace reflection-based config with type-safe approach and fix nil derefs by @james00012 in #1016
• fix: prevent nil pointer dereference in secrets manager delete and cloudtrail tag handling by @james00012 in #1011
• fix: render summary table for large resource counts to prevent CLI hang by @james00012 in #1007
• fix: transform DryRunOperation error in ec2-endpoint permission check by @james00012 in #1004
• fix: prevent infinite loop in IPAM custom allocation listing by @james00012 in #1005
• fix: prevent JSON renderer from writing multiple documents to output file by @james00012 in #1002
• fix: exclude internet gateways with gruntwork/gw- prefix from nuking by @james00012 in #1003
• fix: skip App Runner and Grafana in unsupported regions by @james00012 in #1029
• fix: wait for VPC endpoint deletion and protect default subnets by @james00012 in #1030
• fix: resolve S3 MRAP and Grafana region errors by @james00012 in #1032
• fix: handle EBS snapshot NotFound gracefully by @james00012 in #1033
• fix: exclude AWS Control Tower resources from nuke config by @james00012 in #1034
• fix: use stable HTTP 409 status code for non-empty bucket check by @james00012 in #1039
• fix: skip requester-managed VPC endpoints during nuke by @james00012 in #1037
• fix: skip ghost EKS clusters that return 404 on describe by @james00012 in #1023
• fix: add VPN gateway cleanup to VPC dependency safety net by @james00012 in #1022
• fix: aggregate nuke errors and propagate context by @james00012 in #1045
• fix: add safety checks and filtering to resource operations by @james00012 in #1046
• fix: align DefaultBatchSize fallback with actual default (50) by @james00012 in #1048
• fix: extend resource naming check to all providers by @james00012 in #1041
• fix: load config file in inspect commands by @james00012 in #1057
• fix(gcp): wire missing CLI flags into GCP query by @james00012 in #1058
• fix: pass tags to ShouldInclude in EFS, OpenSearch, Redshift, and KMS listers by @james00012 in #1073
• fix: delete SageMaker apps before spaces to avoid ResourceInUse error by @james00012 in #1070
• fix: classify transient nuke failures as warnings instead of errors by @james00012 in #1064

CI & Infrastructure

• Migrate scheduled nuke jobs from CircleCI to GitHub Actions by @james00012 in #997
• ci: add integration test for nuke_config.yml validation by @james00012 in #1035
• test: add unit tests for core infrastructure by @james00012 in #1059

Documentation

• docs: restructure README into focused docs/ by @james00012 in #1008
• docs: update supported resources and configuration by @james00012 in #1043

Dependencies

• build(deps): bump go.opentelemetry.io/otel/sdk from 1.36.0 to 1.40.0 by @dependabot in #1042
• build(deps): bump google.golang.org/grpc from 1.74.2 to 1.79.3 by @dependabot in #1071

Full Changelog: v0.46.0...v0.47.0