forked from awslabs/amazon-bedrock-agentcore-samples
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdestroy.sh
More file actions
executable file
·263 lines (209 loc) · 8.17 KB
/
destroy.sh
File metadata and controls
executable file
·263 lines (209 loc) · 8.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
#!/bin/bash
# ============================================================================
# Destroy Script for Multi-Agent Runtime (Terraform)
# ============================================================================
# This script safely destroys all resources created by this Terraform configuration
# Usage: ./destroy.sh
set -e # Exit on error
# Color codes for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# Function to print colored output
print_info() {
echo -e "${BLUE}[INFO]${NC} $1"
}
print_success() {
echo -e "${GREEN}[SUCCESS]${NC} $1"
}
print_warning() {
echo -e "${YELLOW}[WARNING]${NC} $1"
}
print_error() {
echo -e "${RED}[ERROR]${NC} $1"
}
# Function to check if command exists
command_exists() {
command -v "$1" >/dev/null 2>&1
}
# ============================================================================
# Pre-flight Checks
# ============================================================================
print_warning "Starting Resource Cleanup..."
echo ""
# Check Terraform installation
if ! command_exists terraform; then
print_error "Terraform is not installed"
exit 1
fi
# Check AWS CLI installation
if ! command_exists aws; then
print_error "AWS CLI is not installed"
exit 1
fi
# Check AWS credentials
if ! aws sts get-caller-identity > /dev/null 2>&1; then
print_error "AWS credentials are not configured or invalid"
exit 1
fi
AWS_ACCOUNT=$(aws sts get-caller-identity --query Account --output text)
AWS_REGION=$(aws configure get region)
print_info "AWS Account: $AWS_ACCOUNT"
print_info "AWS Region: $AWS_REGION"
echo ""
# ============================================================================
# Check for Terraform State
# ============================================================================
if [ ! -f "terraform.tfstate" ] && [ ! -f ".terraform/terraform.tfstate" ]; then
print_warning "No Terraform state found"
print_info "Either no resources have been deployed, or state is stored remotely"
read -p "Do you want to attempt to import state from backend? (yes/no): " -r
echo ""
if [[ $REPLY =~ ^[Yy][Ee][Ss]$ ]]; then
print_info "Initializing Terraform to fetch remote state..."
terraform init
else
print_info "Cleanup cancelled"
exit 0
fi
fi
# ============================================================================
# Show Destruction Plan
# ============================================================================
print_info "Creating destruction plan..."
echo ""
if ! terraform plan -destroy; then
print_error "Failed to create destruction plan"
exit 1
fi
echo ""
# ============================================================================
# Destruction Confirmation
# ============================================================================
print_warning "========================================"
print_warning "RESOURCE DESTRUCTION CONFIRMATION"
print_warning "========================================"
print_warning "This will permanently delete the following resources:"
print_warning " - Orchestrator Runtime"
print_warning " - Specialist Runtime"
print_warning " - 2x S3 Buckets (source code storage)"
print_warning " - 2x ECR Repositories (including all images)"
print_warning " - 2x CodeBuild Projects"
print_warning " - IAM Roles and Policies (including A2A permissions)"
print_warning " - CloudWatch Log Groups"
echo ""
print_warning "THIS ACTION CANNOT BE UNDONE!"
echo ""
print_info "Resources in other AWS services (e.g., S3 buckets) may still incur costs"
echo ""
read -p "Are you absolutely sure you want to destroy all resources? (yes/no): " -r
echo ""
if [[ ! $REPLY =~ ^[Yy][Ee][Ss]$ ]]; then
print_info "Destruction cancelled by user"
exit 0
fi
# Double confirmation for safety
print_warning "Second confirmation required..."
read -p "Type 'DESTROY' to confirm: " -r
echo ""
if [ "$REPLY" != "DESTROY" ]; then
print_info "Destruction cancelled - confirmation text did not match"
exit 0
fi
# ============================================================================
# Execute Destruction
# ============================================================================
print_warning "Starting resource destruction..."
echo ""
if terraform destroy -auto-approve; then
print_success "All resources destroyed successfully"
else
print_error "Destruction failed"
print_warning "Some resources may still exist. Please check AWS Console"
exit 1
fi
echo ""
# ============================================================================
# Cleanup Local Files
# ============================================================================
print_info "Cleaning up local Terraform files..."
# Ask about state file cleanup
read -p "Do you want to remove local Terraform state files? (yes/no): " -r
echo ""
if [[ $REPLY =~ ^[Yy][Ee][Ss]$ ]]; then
rm -f terraform.tfstate
rm -f terraform.tfstate.backup
rm -f tfplan
print_success "Local state files removed"
fi
# Ask about .terraform directory
read -p "Do you want to remove .terraform directory? (yes/no): " -r
echo ""
if [[ $REPLY =~ ^[Yy][Ee][Ss]$ ]]; then
rm -rf .terraform
rm -f .terraform.lock.hcl
print_success ".terraform directory removed"
fi
echo ""
# ============================================================================
# Verification
# ============================================================================
print_info "Verifying resource cleanup..."
echo ""
# Check for ECR repositories
STACK_NAME=$(grep 'stack_name' terraform.tfvars 2>/dev/null | cut -d'"' -f2 || echo "agentcore-basic")
ECR_REPOS=$(aws ecr describe-repositories --region $AWS_REGION 2>/dev/null | grep "$STACK_NAME" | wc -l | tr -d ' ')
if [ "$ECR_REPOS" -eq 0 ]; then
print_success "ECR repositories cleaned up"
else
print_warning "Found $ECR_REPOS ECR repositories matching '$STACK_NAME'"
print_info "These may need manual cleanup"
fi
# Check for AgentCore runtimes (both agents)
RUNTIME_COUNT=$(aws bedrock-agentcore list-agent-runtimes --region $AWS_REGION 2>/dev/null | grep "$STACK_NAME" | wc -l | tr -d ' ')
if [ "$RUNTIME_COUNT" -eq 0 ]; then
print_success "AgentCore runtimes cleaned up (Orchestrator and Specialist)"
else
print_warning "Found $RUNTIME_COUNT AgentCore runtimes matching '$STACK_NAME'"
print_info "These may need manual cleanup"
fi
# Check for S3 buckets (both agent source buckets)
S3_BUCKETS=$(aws s3api list-buckets --region $AWS_REGION 2>/dev/null | grep "$STACK_NAME" | wc -l | tr -d ' ')
if [ "$S3_BUCKETS" -eq 0 ]; then
print_success "S3 buckets cleaned up (Orchestrator and Specialist source buckets)"
else
print_warning "Found $S3_BUCKETS S3 buckets matching '$STACK_NAME'"
print_info "These may need manual cleanup"
fi
echo ""
# ============================================================================
# Completion Summary
# ============================================================================
print_success "========================================"
print_success "CLEANUP COMPLETED"
print_success "========================================"
echo ""
print_info "Cleanup Summary:"
print_success " ✓ Terraform resources destroyed"
print_success " ✓ Local state files cleaned (if selected)"
echo ""
print_info "What to verify in AWS Console:"
print_info "1. Bedrock AgentCore - No runtimes remaining"
print_info " https://console.aws.amazon.com/bedrock/home?region=$AWS_REGION#/agentcore"
echo ""
print_info "2. S3 - No buckets remaining"
print_info " https://console.aws.amazon.com/s3/buckets?region=$AWS_REGION"
echo ""
print_info "3. ECR - No repositories remaining (Orchestrator & Specialist)"
print_info " https://console.aws.amazon.com/ecr/repositories?region=$AWS_REGION"
echo ""
print_info "4. CodeBuild - No projects remaining (Orchestrator & Specialist)"
print_info " https://console.aws.amazon.com/codesuite/codebuild/projects?region=$AWS_REGION"
echo ""
print_info "6. CloudWatch Logs - Check for orphaned log groups"
print_info " https://console.aws.amazon.com/cloudwatch/home?region=$AWS_REGION#logsV2:log-groups"
echo ""
print_success "Cleanup completed successfully!"
print_info "You can safely re-deploy by running: ./deploy.sh"