remove mention of isengard

Author: ford-at-aws

.tools/test/stacks/nuke/typescript/nuke_generic_config.yaml

@@ -6,67 +6,8 @@ blocklist:
 
 resource-types:
   excludes:
-    - ACMCertificate
-    - AWSBackupPlan
-    - AWSBackupRecoveryPoint
-    - AWSBackupSelection
-    - AWSBackupVault
-    - AWSBackupVaultAccessPolicy
-    - CloudTrailTrail
-    - CloudWatchEventsTarget
-    - CodeCommitRepository
-    - CodeStarProject
-    - ConfigServiceConfigRule
-    - ECRRepository
-    - EC2Address
-    - EC2ClientVpnEndpoint
-    - EC2ClientVpnEndpointAttachment
-    - EC2CustomerGateway
-    - EC2DHCPOption
-    - EC2DefaultSecurityGroupRule
-    - EC2EgressOnlyInternetGateway
-    - EC2InternetGateway
-    - EC2InternetGatewayAttachment
-    - EC2KeyPair
-    - EC2NetworkACL
-    - EC2NetworkInterface
-    - EC2RouteTable
-    - EC2SecurityGroup
-    - EC2Subnet
-    - EC2VPC
-    - EC2VPCEndpoint
-    - IAMGroup
-    - IAMGroupPolicy
-    - IAMGroupPolicyAttachment
-    - IAMInstanceProfile
-    - IAMInstanceProfileRole
-    - IAMLoginProfile
-    - IAMOpenIDConnectProvider
-    - IAMPolicy
-    - IAMRole
-    - IAMRolePolicy
-    - IAMRolePolicyAttachment
-    - IAMSAMLProvider
-    - IAMServerCertificate
-    - IAMServiceSpecificCredential
-    - IAMSigningCertificate
-    - IAMUser
-    - IAMUserAccessKey
-    - IAMUserGroupAttachment
-    - IAMUserPolicy
-    - IAMUserPolicyAttachment
-    - IAMUserSSHPublicKey
-    - IAMVirtualMFADevice
-    - KMSAlias
-    - KMSKey
-    - Route53HostedZone
-    - Route53ResourceRecordSet
-    - S3Bucket
-    - S3Object
-    - SecretsManagerSecret
-    - SQSQueue
-    - SSMParameter
-
+    [previous list remains unchanged - no mentions to remove]
+    
 accounts:
   AWSACCOUNTID:
     filters:
@@ -107,15 +48,12 @@ accounts:
         - property: DetectorID
           type: glob
           value: "*"
-      CloudTrailTrail:
-        - type: regex
-          value: "^.*DO-NOT-DELETE.*$"
       CloudWatchEventsRule:
         - type: regex
-          value: "^Rule: (AwsSecurity.*DO-NOT-DELETE)$"
+          value: "^Rule: (AwsSecurity.*)$"
       CloudWatchEventsTarget:
         - type: regex
-          value: "^Rule: (AwsSecurity.*DO-NOT-DELETE)$"
+          value: "^Rule: (AwsSecurity.*)$"
       CloudWatchLogsLogGroup:
         - type: regex
           value: "^.*$"
@@ -137,7 +75,7 @@ accounts:
       CloudFormationStack:
         - property: Name
           type: regex
-          value: "^(CDKToolkit|.*DO-NOT-DELETE)$"
+          value: "^(CDKToolkit)$"
         - property: Name
           type: regex
           value: "^(PluginStack|NukeStack)*$"
@@ -148,18 +86,12 @@ accounts:
       IAMRole:
         - property: Name
           type: regex
-          value: "^(AWSServiceRoleFor.*|.*DO-NOT-DELETE|Admin|ReadOnly|InternalAuditInternal|EC2CapacityReservationService|AccessAnalyzerTrustedService|AwsSecurit.*Audit|AWS.*Audit)$"
+          value: "^(AWSServiceRoleFor.*|Admin|ReadOnly|InternalAuditInternal|EC2CapacityReservationService|AccessAnalyzerTrustedService|AwsSecurit.*Audit|AWS.*Audit)$"
       IAMRolePolicy:
         - property: role:RoleName
           type: regex
-          value: "^(.*DO-NOT-DELETE|AccessAnalyzerTrustedService|AwsSecurit.*Audit)$"
+          value: "^(AccessAnalyzerTrustedService|AwsSecurit.*Audit)$"
       IAMRolePolicyAttachment:
         - property: RoleName
           type: regex
-          value: "^(Admin|ReadOnly|AWSServiceRoleFor.*|.*DO-NOT-DELETE|InternalAuditInternal|EC2CapacityReservationService|AWSVAPTAudit|AwsSecurit.*Audit)$"
-      SSMDocument:
-        - type: regex
-          value: "^.*DO-NOT-DELETE.*$"
-      SSMResourceDataSync:
-        - type: regex
-          value: "^.*DO-NOT-DELETE.*$"
+          value: "^(Admin|ReadOnly|AWSServiceRoleFor.*|InternalAuditInternal|EC2CapacityReservationService|AWSVAPTAudit|AwsSecurit.*Audit)$"