The inverse of
deploy, this command is used to remove a Config Rule and its Lambda Function from the targeted account.
This is intended to be used primarily for clean-up for testing deployment automation (perhaps from a CI/CD pipeline) to ensure that it works from an empty account, or to clean up a test account during development. See also the clean command if you want to more thoroughly scrub Config from your account.
usage: rdk undeploy [-h] [--all] [-s RULESETS] [-f] [--lambda-role-arn LAMBDA_ROLE_ARN] [--stack-name STACK_NAME] [--execution-role-name EXECUTION_ROLE_NAME] [--rdklib-layer-arn RDKLIB_LAYER_ARN] [--lambda-layers LAMBDA_LAYERS] [--force] [<rulename> [<rulename> ...]]
|<rulename>||Rule name(s) to deploy. Rule(s) will be pushed to AWS.|
All rules in the working directory will be deployed.
|-s, --rulesets||comma-delimited list of RuleSet names|
[optional] Only deploy Lambda functions. Useful for cross-account deployments.
|[optional] Assign existing iam role to lambda functions. If omitted, “rdkLambdaRole” will be created.|
|--stack-name||[optional] CloudFormation Stack name for use with –functions-only option. If omitted, “RDK-Config-Rule-Functions” will be used.|
|[optional] IAM Role that the Lambda function(s) will assume in each target account.|
|[optional] Lambda Layer ARN that contains the desired rdklib. Note that Lambda Layers are region-specific.|
|[optional] Comma-separated list of Lambda Layer ARNs to deploy with your Lambda function(s).|
[optional] Remove selected Rules from account without prompting for confirmation.