This repository has been archived by the owner on Mar 28, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathremove_storage_environments.yml
207 lines (180 loc) · 5.43 KB
/
remove_storage_environments.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
---
- hosts: localhost
connection: local
gather_facts: no
vars_prompt:
- name: "name_of_deploy"
prompt: "Tell me again what you want to remove?"
private: no
tasks:
- fail:
msg: "That was a close one!"
when: name_of_deploy != project_slug
- name: Remove rds
rds:
command: delete
region: "{{ region }}"
instance_name: "{{ project_slug }}-database"
wait: yes
wait_timeout: 10000
- name: Create S3 User with access the sync and media bucket[for rerun]
iam:
iam_type: user
name: "{{ project_slug }}-sync-s3-user"
state: present
- name: Create S3 User for Application[for rerun]
iam:
iam_type: user
name: "{{ project_slug }}-s3-user"
state: present
- name: Remove S3 permission for sync user on sync bucket
iam_policy:
policy_name: "{{ project_slug }}-sync-s3-policy"
iam_name: "{{ project_slug }}-sync-s3-user"
iam_type: user
state: absent
region: "{{ region }}"
- name: Remove Read-Only S3 permission for sync User to pull media bucket
iam_policy:
policy_name: "{{ project_slug }}-s3-readonly-from-{{ clone_from_project_slug }}"
iam_name: "{{ project_slug }}-sync-s3-user"
iam_type: user
state: absent
region: "{{ region }}"
when: clone_from_project_slug is defined
- name: Remove S3 User with access the sync and media bucket
iam:
iam_type: user
name: "{{ project_slug }}-sync-s3-user"
state: absent
- name: Remove S3 bucket which hold fixtures for data sync
s3_bucket:
name: "{{ project_slug }}-sync"
state: absent
when: clone_from_project_slug is undefined
- name: Remove RDS subnet group
rds_subnet_group:
region: "{{ region }}"
state: absent
name: "{{ project_slug }}-rds-subnet-group"
- name: Remove S3 permission for user
iam_policy:
policy_name: "{{ project_slug }}-s3-policy"
iam_name: "{{ project_slug }}-s3-user"
iam_type: user
state: absent
- name: Remove S3 User for Application
iam:
iam_type: user
name: "{{ project_slug }}-s3-user"
state: absent
- name: Remove S3 bucket
s3_bucket:
name: "{{ project_slug }}-static-files"
state: absent
force: yes
- name: Remove S3 bucket
s3_bucket:
name: "{{ project_slug }}-media-files"
state: absent
force: yes
- name: Get VPC
ec2_vpc_net:
state: present
name: "{{ project_slug }}-vpc"
region: "{{ region }}"
cidr_block: 10.0.0.0/16
resource_tags: '{"Name":"{{ project_slug }}_vpc"}'
register: vpc
- name: Remove database security group
ec2_group:
name: "{{ project_slug }}-rds-security-group"
vpc_id: "{{ vpc.vpc.id }}"
region: "{{ region }}"
state: absent
register: "rds_sg"
- name: Remove public subnet route table
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
region: "{{ region }}"
tags:
Name: "{{ project_slug }}_public_route"
state: absent
- name: Remove private subnet route table
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
region: "{{ region }}"
tags:
Name: "{{ project_slug }}_private_route"
state: absent
- name: Get Public Subnets
ec2_vpc_subnet_facts:
region: "{{ region }}"
filters:
vpc_id: "{{ vpc.vpc.id }}"
"tag:Type": "public"
register: public_subnets
- name: Get all nat gateways
ec2_vpc_nat_gateway_facts:
region: "{{ region }}"
filters:
vpc-id: "{{ vpc.vpc.id }}"
register: nat_gateways
- name: Remove NAT Gateways
ec2_vpc_nat_gateway:
state: absent
region: "{{ region }}"
nat_gateway_id: "{{ item.nat_gateway_id }}"
wait: yes
with_items: "{{ nat_gateways.result }}"
- name: Remove public subnet
ec2_vpc_subnet:
state: absent
vpc_id: "{{ vpc.vpc.id }}"
az: "{{ az }}"
region: "{{ region }}"
cidr: 10.0.0.0/24
- name: Remove public subnet2
ec2_vpc_subnet:
state: absent
vpc_id: "{{ vpc.vpc.id }}"
az: "{{ az2 }}"
region: "{{ region }}"
cidr: 10.0.1.0/24
- name: Remove private subnet
ec2_vpc_subnet:
state: absent
vpc_id: "{{ vpc.vpc.id }}"
az: "{{ az }}"
region: "{{ region }}"
cidr: 10.0.2.0/24
- name: Remove private subnet2
ec2_vpc_subnet:
state: absent
az: "{{ az2 }}"
region: "{{ region }}"
vpc_id: "{{ vpc.vpc.id }}"
cidr: 10.0.3.0/24
- name: Remove IGW
ec2_vpc_igw:
vpc_id: "{{ vpc.vpc.id }}"
region: "{{ region }}"
state: absent
- name: Remove NACL
ec2_vpc_nacl:
state: absent
vpc_id: "{{ vpc.vpc.id }}"
name: "{{ project_slug }}-nacl"
region: "{{ region }}"
- name: Remove Private NACL
ec2_vpc_nacl:
state: absent
vpc_id: "{{ vpc.vpc.id }}"
name: "{{ project_slug }}-nacl-public"
region: "{{ region }}"
- name: Remove vpc
ec2_vpc_net:
state: absent
name: "{{ project_slug }}-vpc"
region: "{{ region }}"
cidr_block: 10.0.0.0/16