https://wintermutecore.com/tags/ephemeral-environments/Recent content in Ephemeral Environments on Project WintermuteHugoen-usFri, 03 Apr 2026 11:00:00 +0200https://wintermutecore.com/posts/aws-tag-based-resource-cleanup/Fri, 03 Apr 2026 11:00:00 +0200https://wintermutecore.com/posts/aws-tag-based-resource-cleanup/<p><strong>TL;DR.</strong> Name and time filters are not enough for safe AWS bulk cleanup. Use tags as the primary signal, expect <code>ListTagsForResource</code> to be your bottleneck, enforce tagging at provisioning time, and run an audit job that flags untagged resources so the policy stays honest.</p> <p>The &ldquo;delete a lot of AWS resources at once&rdquo; problem shows up in every account: CI sandboxes, expired test estates, dev environments forgotten about, ad-hoc reproductions left behind. Bulk cleanup tools that target this exist and work well. Used carelessly any of them is a footgun. Used carefully with tag filtering, they become one of the most useful pieces of cost discipline you can ship.</p>