Remove AWS Config Cloud Formation Stack from Account Factory Provisioned Account

gistfile1.txt

#!/bin/bash
set -uo pipefail
IFS=$'\n\t'

export AWS_ACCESS_KEY_ID=""
export AWS_SECRET_ACCESS_KEY=""
export AWS_SESSION_TOKEN=""

ACCOUNT_ID=
ROLE_ARN=arn:aws:iam::${ACCOUNT_ID}:role/AWSControlTowerExecution

credentials=$(aws sts assume-role --role-arn "${ROLE_ARN}" --role-session-name "assumerole")
regions=$(curl -s https://raw.githubusercontent.com/boto/botocore/develop/botocore/data/endpoints.json | grep -B1 desc|grep {|cut -d \" -f2)

export AWS_ACCESS_KEY_ID=$(echo $credentials | jq -r '.Credentials''.AccessKeyId')
export AWS_SECRET_ACCESS_KEY=$(echo $credentials | jq -r '.Credentials''.SecretAccessKey')
export AWS_SESSION_TOKEN=$(echo $credentials | jq -r '.Credentials''.SessionToken')

for region in ${regions}; do
    aws cloudformation list-stacks --region $region > /dev/null 2>&1
    exit_code=$?
    if [[ ${exit_code} = 254 ]] || [[ ${exit_code} = 255 ]]; then
        echo "No access to $region with the provided credentials or region is not activated for your account."
        continue
    fi
    stack_to_delete=$(aws cloudformation list-stacks --output text --region ${region} --query 'StackSummaries[?TemplateDescription==`Configure AWS Config` && StackStatus != `DELETE_COMPLETE`].StackName')
    if [ -z ${stack_to_delete} ]; then
        echo "No stacks with 'Configure AWS Config' TemplateDescription found in the region: ${region}"
        continue
    fi 
    echo "Will remove cloud formation stack: ${stack_to_delete} from region ${region}"
    aws cloudformation delete-stack --region ${region} --stack-name ${stack_to_delete}
done