Link Search Menu Expand Document
Elastio Docs

Run this Script to uninstall Elastio

Before proceeding with the uninstall process, please unlink the account you are going to clean up from your Elastio tenant. This can be done on the Sources page of your Elastio tenant.

Use this script to remove the Elastio CloudFormation stack, all Cloud Connectors and Vaults.

We recommend using AWS CloudShell. Save the following script to an .sh file on your machine, upload it to CloudShell using the Actions menu, make it executable and run the script.

Important! Elastio deployment should be intact, no Elastio resources should be removed manually before the script is run. If you encountered any errors during the deletion process, please contact the Elastio Support team for help, do not remove the Cloud Formation stack manually.

This script will delete all resources including vaults, Cloud Connectors and the CloudFormation stack.

Note: If you’re not using AWS CloudShell, make sure the latest AWS CLI v2 is installed on your machine for the script to work properly. The AWS region parameter should be configured in the ~/.aws/config file, or set as an environment variable $AWS_REGION before the script is run, and the AWS CLI should be configured to have access to the account you are attempting to clean up.

#!/bin/bash
set -ex

str=$(aws --version)
major_v=$(echo $str | cut -d' ' -f1 | cut -d'/' -f2 | cut -d'.' -f1)

if [ "$major_v" != 2 ]; then
    echo "AWS CLI not installed. Install AWS CLI v2 to proceed."
    exit 1
fi

if ! [ -x "$(command -v elastio -V)" ]; then
   echo "Installing Elastio CLI"
   sudo /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/elastio/elastio-stack/master/scripts/install-elastio.sh) $0" -- -c
fi

elastio -V

start_region=$(aws configure get region || echo "$AWS_REGION")
regions=("us-east-1" "us-east-2" "us-west-1" "us-west-2" "eu-central-1" "ap-southeast-2" "eu-west-1" "eu-west-2" "eu-west-3" "ap-south-1" "ca-central-1")

# get and delete all vaults
for reg in "${regions[@]}"
do
    aws configure set default.region $reg
    aws configure set region $reg
    if elastio vault list --output-format json --aws-region $reg;
    then
        echo "$reg have red stack"
        for v in $(elastio vault list --output-format json --aws-region $reg | grep -Po '"vault_name": *\K"[^"]*"' | tr -d '"')
        do
            echo "$v vault will be deleted from $reg aws-region"
            vaults+=("$v")
            elastio vault delete $v --force --aws-region $reg
        done

        elastio stack destroy --aws-region $reg

        for value in "${vaults[@]}"
        do
            aws kms delete-alias --alias-name alias/elastio-vault-$value-key || true
        done

        aws ecs describe-capacity-providers --query "capacityProviders[*].name" | \
        grep elastio-vault | \
        sed 's/"//'g | \
        sed 's/,//' | \
        sed 's/ //'g | \
        xargs -t -n1 aws ecs delete-capacity-provider --capacity-provider || true

        aws kms delete-alias --alias-name alias/elastio-vault-default-key || true

        aws kms delete-alias --alias-name alias/elastio-provisioner-auth-signing-key || true

        filter="elastio-"

        aws batch describe-job-definitions --status 'ACTIVE' | \
            grep "jobDefinitionArn" | \
            grep $filter | \
            awk '{ print $2 }' | \
            tr -d \", | \
            xargs -t -n1 -I '{}' aws batch deregister-job-definition --job-definition '{}'
    else
        echo "$reg doesn't have red stack"

        aws ecs describe-capacity-providers --query "capacityProviders[*].name" | \
        grep elastio-vault | \
        sed 's/"//'g | \
        sed 's/,//' | \
        sed 's/ //'g | \
        xargs -t -n1 aws ecs delete-capacity-provider --capacity-provider || true

        aws kms delete-alias --alias-name alias/elastio-vault-default-key || true

        aws kms delete-alias --alias-name alias/elastio-provisioner-auth-signing-key || true

        filter="elastio-"

        aws batch describe-job-definitions --status 'ACTIVE' | \
            grep "jobDefinitionArn" | \
            grep $filter | \
            awk '{ print $2 }' | \
            tr -d \", | \
            xargs -t -n1 -I '{}' aws batch deregister-job-definition --job-definition '{}'
    fi
done

for reg in "${regions[@]}"
do
    aws configure set default.region $reg
    aws configure set region $reg
    echo "CFN will be deleted for $reg aws-region"
    aws cloudformation delete-stack --stack-name elastio-account-level-stack
    s3s=$(aws s3 ls --human-readable)
    echo "$s3s" > temp.txt
    filename=temp.txt
    bucket_name=elastio-report

    while read line; do
    # reading each line
    formatted_line=$(echo $line | cut -d' ' -f3)
        if [[ "$formatted_line" == *$bucket_name* ]]; then
            aws s3 rb s3://$formatted_line --force
        fi
    done < $filename
    rm temp.txt
done

aws configure set default.region $start_region
aws configure set region $start_region
aws cur --region us-east-1 delete-report-definition --report-name "elastio-report"