-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuninstall.sh
48 lines (38 loc) · 2.6 KB
/
uninstall.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#!/bin/bash
# This script will remove the Automated pipeline, IAM Roles, and a ServiceCatalog Portfolio created by the install.sh.
ACC=$(aws sts get-caller-identity --query 'Account' | tr -d '"')
# add child accounts as space delimited list.
# You will need to ensure StackSet IAM roles are correctly setup in each child account
childAcc=""
allACC="$ACC $childAcc"
allregions="us-east-1 us-east-2 us-west-1"
export AWS_DEFAULT_REGION=us-east-1
echo "Using Account:$ACC Region:$AWS_DEFAULT_REGION Child Accounts:$childAcc All Regions:$allregions"
echo "Clearing out the Automation pipeline S3 buckets"
aws s3 rb s3://servicecatalog-pipelineartifacts-$ACC --force
aws s3 rb s3://servicecatalog-deployedtemplates-$ACC --force
# multi account multi region, CF StackSet
echo "Deleting the ServiceCatalog Portfolio StackSet, this make take a while."
SSOPID=$(aws cloudformation delete-stack-instances --stack-set-name SC-IAC-automated-portfolio --accounts $allACC --regions $allregions --operation-preferences FailureToleranceCount=1,MaxConcurrentCount=3 --no-retain-stacks | jq '.OperationId' | tr -d '"')
STATUS=""
until [ "$STATUS" = "SUCCEEDED" ]; do
STATUS=$(aws cloudformation describe-stack-set-operation --stack-set-name SC-IAC-automated-portfolio --operation-id $SSOPID | jq '.StackSetOperation.Status' | tr -d '"')
echo "waiting for portfolio Stackset to delete. current status: $STATUS"
sleep 5
done;
aws cloudformation delete-stack-set --stack-set-name SC-IAC-automated-portfolio
echo "Deleting the ServiceCatalog IAM roles StackSet, this make take a while."
SSOPID=$(aws cloudformation delete-stack-instances --stack-set-name SC-IAC-automated-IAMroles --accounts $allACC --regions $AWS_DEFAULT_REGION --operation-preferences FailureToleranceCount=1,MaxConcurrentCount=1 --no-retain-stacks | jq '.OperationId' | tr -d '"')
STATUS=""
until [ "$STATUS" = "SUCCEEDED" ]; do
STATUS=$(aws cloudformation describe-stack-set-operation --stack-set-name SC-IAC-automated-IAMroles --operation-id $SSOPID | jq '.StackSetOperation.Status' | tr -d '"')
echo "waiting for IAM role Stackset to delete. current status: $STATUS"
sleep 10
done;
aws cloudformation delete-stack-set --stack-set-name SC-IAC-automated-IAMroles
echo "Deleting the automated pipeline stack."
aws cloudformation delete-stack --stack-name SC-RA-IACPipeline
echo "Deleting the StackSet IAM roles."
aws cloudformation delete-stack --stack-name IAM-StackSetAdministrator
aws cloudformation delete-stack --stack-name IAM-StackSetExecution
echo "Complete. See CloudFormation Stacks and StackSets Console in each region ($allregions) to confirm all resources have been removed."