Clean up your AWS resources
To avoid ongoing charges, delete the resources you created. Work backwards through the labs.
Lab 3 resources (delete first - these cost the most)
ECS Task and Cluster
- Go to ECS Console > cluster
dcs-level3 - Stop the running task (select it > Stop)
- Delete the cluster once the task has stopped
RDS Database
- Go to RDS Console > Databases
- Select
dcs-level3-opentdf> Actions > Delete - Uncheck "Create final snapshot" for a demo environment
- Type "delete me" and confirm
ECS Task Definitions
- Go to ECS > Task definitions
- Deregister all revisions of
dcs-level3-opentdf
Security Groups
- Go to EC2 > Security Groups
- Delete
dcs-level3-ecs-sganddcs-level3-rds-sg
KMS Key
- Go to KMS Console
- Select
dcs-level3-kas-kek> Schedule key deletion - Set waiting period to 7 days (minimum)
IAM Roles
- Delete
dcs-level3-ecs-execution-role - Delete
dcs-level3-kas-task-role
Lab 2 resources
Verified Permissions
- Go to Verified Permissions Console
- Delete your policy store
Cognito User Pools
- Go to Cognito Console
- Delete
dcs-level2-uk-idp,dcs-level2-pol-idp,dcs-level2-us-idp
Lambda
- Go to Lambda Console
- Delete
dcs-lab-data-service(the modified version from Lab 2) - Delete the execution role
dcs-lab-data-service-role
Lab 1 resources
S3 Buckets
- Empty
dcs-lab-data-...bucket (select all objects > delete) - Delete the bucket
CloudTrail
- Go to CloudTrail Console
- Check for any
dcs-*trails and delete them
IAM Roles
- Delete any remaining
dcs-*roles
Verify cleanup
After deleting everything, check:
- Cost Explorer: Should show costs declining over the next day
- IAM: No remaining
dcs-*users or roles - S3: No remaining
dcs-*buckets - ECS: No running tasks or services
Use AWS Resource Groups
If you tagged all resources with Project: dcs-level-1/2/3, you can use Resource Groups to find any resources you might have missed.