Clean up AWS resources

Disable all events

Use the following command to disable all events:

aws iot update-event-configurations --cli-input-json \
    "eventConfigurations": {
        "THING_TYPE": {
            "Enabled": false
        "JOB_EXECUTION": {
            "Enabled": false
            "Enabled": false
        "CERTIFICATE": {
            "Enabled": false
            "Enabled": false
            "Enabled": false
        "CA_CERTIFICATE": {
            "Enabled": false
        "THING": {
            "Enabled": false
        "JOB": {
            "Enabled": false
        "POLICY": {
            "Enabled": false
        "THING_GROUP": {
            "Enabled": false

Delete the resources

Deleting the resources that where created during the workshop is a semi-automated process. We start with deprecating the thing type.

First action is to deprecate the thing type as it will take round about 5 minutes

# deprecate the thing type
aws iot deprecate-thing-type --thing-type-name bulk-type

The things that you created can be deleted by a script.

This script deletes devices created in the workshop like my-first-thing, my-second-thing, etc. The script also deletes devices based on prefixes that where created in the workshop like bulky, jitr- or fleety IF YOU HAVE ANY DEVICES CREATED OUTSIDE OF THIS WORKSHOP WHO’S NAMES START WITH “bulky”, “jitr-” or “fleety” they will be also be deleted!!! Don’t use the script in this case or modify it to your needs!!!

Delete the remaining resources manually

# delete the dynamic thing group
aws iot delete-dynamic-thing-group --thing-group-name Dynamic_Building_Day_One

# disable indexing
aws iot update-indexing-configuration \
	  --thing-indexing-configuration thingIndexingMode=OFF

# delete the IoT topic rule
aws iot delete-topic-rule --rule-name JITRRule

# delete the jitr lambda function
aws lambda delete-function --function-name jitr

# delete the jitr policy
aws iot delete-policy --policy-name jitr_Policy

# delete thing group
aws iot delete-thing-group --thing-group-name bulk-group

# get CA certificate id
aws iot list-ca-certificates

# inactivate CA
aws iot update-ca-certificate \
  --new-status INACTIVE --certificate-id $CA_CERTIFICATE_ID

# delete CA
aws iot delete-ca-certificate \
  --certificate-id $CA_CERTIFICATE_ID
# delete the provisioning template
aws iot delete-provisioning-template --template-name FleetProvisioningTemplate

# deprecation of thing-type needs 5min. If this command is not successful, wait and try again
aws iot delete-thing-type --thing-type-name bulk-type

If there are any remaining resources like things, certificates, policies, etc. delete them manually

Detach all remaining certificates from the IoT policy $IOT_POLICY

Disable Logging for AWS IoT Core

  • Settings -> Logs -> Edit -> Level of verbosity: Disable logging -> Update

Delete your private CA

The private CA in the workshop uses the CA common name IoT Device Management CA. In case you have created multiple CAs with the same CA common name make sure not to delete the wrong CA.

Go to the AWS Certificate Manager console

  1. Private CAs
  2. Select the CA with the CA common name IoT Device Management CA
  3. Actions: Disable -> confirm disabling the CA
  4. Actions: Delete -> confirm deleting the CA