Cleanup FAQ
There are two parts to cleaning up your accelerator bootstrap and Platform landing zone deployment:
- Remove the Platform landing zone
- Remove the bootstrap resources
For convenience we provide a PowerShell cmdlet called Remove-PlatformLandingZone to help with the Platform landing zone and the Microsoft Azure portion of these tasks. We recommend you use this cmdlet to clean up after testing as it is faster than using the Terraform destroy option of the Continuous Delivery Pipeline.
Open a PowerShell terminal using PowerShell 7.
Ensure you have the latest version of the ALZ PowerShell Module installed:
$alzModule = Get-InstalledPSResource -Name ALZ 2>$null if (-not $alzModule) { Install-PSResource -Name ALZ } else { Update-PSResource -Name ALZ }Login to Azure CLI and select your bootstrap subscription:
az login --tenant "<tenant-id>" --use-device-code az account set --subscription "<bootstrap-subscription-id>"Run the following command to prepare to remove the Platform landing zone:
TipIf you are in a brownfield environment and your Management Groups or Platform subscriptions contain resource you do not wish to delete, you can use the-ResourceGroupsToRetainNamePatternsand-ManagementGroupsToDeleteNamePatternsparameters to be specific about what to delete / retain. See the Remove-PlatformLandingZone documentation for more details on the available parameters.The following describes the required parameters:
-ManagementGroups: (Required) The root parent management group ID under which the Platform landing zone management groups were created-Subscriptions: (Recommended Optional) A comma-separated list of the Platform landing zone subscription IDs (management, connectivity, identity, security). We set this for scenarios where a full deployment wasn’t completed and the subscriptions are not nested under the management group hierarchy.-AdditionalSubscriptions: (Optional) A comma-separated list of any additional subscription IDs that were used during deployment that are outside of the Platform landing zone subscriptions (e.g. the bootstrap subscription in 5 subscription model)-SubscriptionsTargetManagementGroup: (Optional) The management group ID under which the Platform landing zone subscriptions were moved to. Only required if this is not the Tenant Root Group.-PlanMode: (Optional) Runs the cmdlet in plan mode to show what resources will be deleted without actually deleting them.
Remove-PlatformLandingZone ` -ManagementGroups "<root-parent-management-group-id>" ` -Subscriptions "<management-subscription-id>", "<connectivity-subscription-id>", "<identity-subscription-id>", "<security-subscription-id>" ` -AdditionalSubscriptions "<bootstrap-subscription-id>" ` -SubscriptionsTargetManagementGroup "<root-parent-management-group-id>" ` -PlanModeReview the plan output to ensure it is going to delete the correct resources
If the plan looks correct, re-run the command without the
-PlanModeparameter to delete the Platform landing zoneRemove-PlatformLandingZone ` -ManagementGroups "<root-parent-management-group-id>" ` -Subscriptions "<management-subscription-id>", "<connectivity-subscription-id>", "<identity-subscription-id>", "<security-subscription-id>" ` -AdditionalSubscriptions "<bootstrap-subscription-id>" ` -SubscriptionsTargetManagementGroup "<root-parent-management-group-id>"You’ll be prompted to confirm you want to proceed, follow the instructions to run the deletions
If you still have your folder structure created during bootstrap, you can re-run the Deploy-Accelerator cmdlet with the -Destroy parameter to remove any version control system resources created during bootstrap
WarningIf you lost your folder structure, you’ll need to manually delete the version control system resources such as projects or repositories, agent pools, and teams.
Open a PowerShell terminal using PowerShell 7.
Set your variables for the Infrastructure as Code type and the target folder path where your folder structure is located:
$iacType = "terraform" # Set to 'bicep', 'terraform', or 'bicep-classic' $targetFolderPath = "~/accelerator"Ensure you have the latest version of the ALZ PowerShell Module installed:
$alzModule = Get-InstalledPSResource -Name ALZ 2>$null if (-not $alzModule) { Install-PSResource -Name ALZ } else { Update-PSResource -Name ALZ }Login to Azure CLI and select your bootstrap subscription:
This is required even though we already deleted our Azure resources as the Terraform provider needs valid credentials to query that they have been deleted.
az login --tenant "<tenant-id>" --use-device-code az account set --subscription "<bootstrap-subscription-id>"If you set your Version Control System personal access tokens (PATs) as environment variables during bootstrap, ensure they are still set in your current terminal session or set them again.
Run the following command to remove the version control system resources created during bootstrap:
WarningIf you are using GitHub and you deployed GitHub Actions Runner Groups, will need to manually delete any agents from the Runner Groups before running this command, due to limitation of the GitHub API. More details can be found in here.if(!$iacType) { throw "iacType variable is not set. Please set it to one of: 'bicep', 'terraform', or 'bicep-classic'." } if($iacType -eq "terraform") { Deploy-Accelerator ` -inputs "$targetFolderPath/config/inputs.yaml", "$targetFolderPath/config/platform-landing-zone.tfvars" ` -starterAdditionalFiles "$targetFolderPath/config/lib" ` -output "$targetFolderPath/output" ` -destroy } if($iacType -eq "bicep") { Deploy-Accelerator ` -inputs "$targetFolderPath/config/inputs.yaml", "$targetFolderPath/config/platform-landing-zone.yaml" ` -output "$targetFolderPath/output" ` -destroy } if($iacType -eq "bicep-classic") { Deploy-Accelerator ` -inputs "$targetFolderPath/config/inputs.yaml" ` -output "$targetFolderPath/output" ` -destroy }Once it generates the plan, hit enter to deploy the bootstrap.