Uninstall the solution - Security Insights on AWS

Uninstall the solution

You can uninstall the Security Insights on AWS solution from the AWS Management Console or by using the AWS Command Line Interface (AWS CLI). You must manually delete the CloudWatch Logs and S3 bucket created by this solution. AWS Solutions do not automatically delete these resources in case you have stored data to retain.

Using the AWS Management Console

  1. Sign in to the CloudFormation console.

  2. On the Stacks page, select this solution's installation stack.

  3. Choose Delete.

Using AWS Command Line Interface

Determine whether the AWS CLI is available in your environment. For installation instructions, see What Is the AWS Command Line Interface in the AWS CLI User Guide. After confirming that the AWS CLI is available, run the following command.

$ aws cloudformation delete-stack --stack-name <installation-stack-name>

Deleting the CloudWatch Logs

The solution configures all the Lambda functions with a log retention period of 365 days. These logs are retained and not deleted when solution template is deleted. Follow these steps to delete the CloudWatch Logs.

  1. Sign in to the CloudWatch console.

  2. Choose Log groups from the left navigation pane.

  3. Locate the <stack-name> CloudWatch Logs.

  4. Select each CloudWatch Log and choose Actions, then Delete log groups.

  5. Confirm the deletion.

To delete the CloudWatch Logs using the AWS CLI, run the following command:

$ aws logs delete-log-group --log-group-name <log-group-name>

Deleting the Amazon S3 bucket

This solution is configured to retain the solution-created S3 bucket to store Athena query results if you decide to delete the AWS CloudFormation stack, to prevent accidental data loss. After uninstalling the solution, you can manually delete this S3 bucket if you don't need to retain the data. Follow these steps to delete the Amazon S3 bucket.

  1. Sign in to the Amazon S3 console.

  2. Choose Buckets from the left navigation pane.

  3. Locate the <stack-name> S3 buckets.

  4. Select the S3 bucket and choose Delete.

To delete the S3 bucket using AWS CLI, run the following command:

$ aws s3 rb s3://<bucket-name> --force