Hey! We’re hitting a hard crash when nuking AWS Secrets Manager secrets. Cloud-nuke panics with a nil pointer dereference in SecretsManagerSecrets.deleteAsync:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x68 pc=0x6fbb3c8]

goroutine 1240 [running]:
github.com/gruntwork-io/cloud-nuke/aws/resources.(*SecretsManagerSecrets).deleteAsync(...)
  /home/circleci/project/aws/resources/secrets_manager.go:103 +0xe8
created by github.com/gruntwork-io/cloud-nuke/aws/resources.(*SecretsManagerSecrets).nukeAll
  /home/circleci/project/aws/resources/secrets_manager.go:76 +0x14d

Versions

• cloud-nuke v0.45.0 (repro)
• Also appears to still be present in v0.46.0 (same code path)

What happens

From reading the code, deleteAsync calls DescribeSecret(...) but does not check err before using the returned secret value. It then does:

• len(secret.ReplicationStatus) > 0

If DescribeSecret returns an error (throttling / access denied / not found due to race / transient API error), secret can be nil, which causes SIGSEGV.

Expected behavior

Cloud-nuke should not crash. If DescribeSecret fails, the error should be returned/logged for that resource and the run should continue.

Suggested fix (minimal)

In aws/resources/secrets_manager.go inside deleteAsync, add a guard right after DescribeSecret:

• if err != nil → send to errChan and return
• if secret == nil → send an error to errChan and return