The inverse of deploy, this command is used to remove a Config Rule and its Lambda Function from the targeted account.

This is intended to be used primarily for clean-up for testing deployment automation (perhaps from a CI/CD pipeline) to ensure that it works from an empty account, or to clean up a test account during development. See also the clean command if you want to more thoroughly scrub Config from your account.

usage: rdk undeploy [-h] [--all] [-s RULESETS] [-f]
                    [--lambda-role-arn LAMBDA_ROLE_ARN]
                    [--stack-name STACK_NAME]
                    [--execution-role-name EXECUTION_ROLE_NAME]
                    [--rdklib-layer-arn RDKLIB_LAYER_ARN]
                    [--lambda-layers LAMBDA_LAYERS] [--force]
                    [<rulename> [<rulename> ...]]

Positional Arguments

<rulename> Rule name(s) to deploy. Rule(s) will be pushed to AWS.

Named Arguments

--all, -a

All rules in the working directory will be deployed.

Default: False

-s, --rulesets comma-delimited list of RuleSet names
-f, --functions-only

[optional] Only deploy Lambda functions. Useful for cross-account deployments.

Default: False

 [optional] Assign existing iam role to lambda functions. If omitted, “rdkLambdaRole” will be created.
--stack-name [optional] CloudFormation Stack name for use with –functions-only option. If omitted, “RDK-Config-Rule-Functions” will be used.
 [optional] IAM Role that the Lambda function(s) will assume in each target account.
 [optional] Lambda Layer ARN that contains the desired rdklib. Note that Lambda Layers are region-specific.
 [optional] Comma-separated list of Lambda Layer ARNs to deploy with your Lambda function(s).

[optional] Remove selected Rules from account without prompting for confirmation.

Default: False