Clean Up Storage¶
This guide will walk you through cleaning up the snapshot data of a Rok cluster.
Note
If you have already cleaned up the snapshot data of Rok, you may proceed to the Verify section.
Overview
What You’ll Need¶
- A configured management environment.
Procedure¶
Choose one of the following options, based on your cloud provider.
Run the following command inside your management environment to delete the S3 buckets containing the snapshot data of your Rok cluster:
root@rok-tools:~# rok-s3-bucket-purge --bucket-prefix ${AWS_CF_S3_RESOURCES?}
Run the following command inside your management environment to delete the storage account that Rok uses:
root@rok-tools:~# az storage account delete --name ${STORAGE_ACCOUNT_NAME?} --yesTroubleshooting
The command failed with an authorization error
If the above command fails with an error message similar to the following:
(AuthorizationFailed) The client '0c799e27-a84f-41a2-a02b-236af002af99' with object id '0c799e27-a84f-41a2-a02b-236af002af99' does not have authorization to perform action 'Microsoft.Storage/storageAccounts/delete' over scope '/subscriptions/3b63afce-113a-4798-a303-f37dada04319/resourceGroups/arrikto/providers/Microsoft.Storage/storageAccounts/roka8eb022arriktoarrikto' or the scope is invalid. If access was recently granted, please refresh your credentials.it means that your identity does not have sufficient permissions to delete a storage account.
To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has
Owner
permissions. If you only haveReader
permissions, contact your administrator to grantOwner
permissions to your identity or to delete the storage account for you.
Verify¶
Choose one of the following options, based on your cloud provider.
List all S3 buckets with your cluster bucket prefix and verify the command produces no output:
root@rok-tools:~# aws s3 ls | cut -d " " -f 3 | grep ^${AWS_CF_S3_RESOURCES?}
Attempt to retrieve the Rok storage account and verify it does not exist:
root@rok-tools:~# az storage account show --name ${STORAGE_ACCOUNT_NAME?} Storage account 'roka8eb022arriktoarrikto' not found.Troubleshooting
The command failed with an authorization error
If the above command fails with an error message similar to the following:
(AuthorizationFailed) The client '0c799e27-a84f-41a2-a02b-236af002af99' with object id '0c799e27-a84f-41a2-a02b-236af002af99' does not have authorization to perform action 'Microsoft.Storage/storageAccounts/read' over scope '/subscriptions/3b63afce-113a-4798-a303-f37dada04319/resourceGroups/arrikto/providers/Microsoft.Storage/storageAccounts/roka8eb022arriktoarrikto' or the scope is invalid. If access was recently granted, please refresh your credentials.it means that your identity does not have sufficient permissions to retrieve a storage account.
To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has either
Owner
orReader
permissions. If you do not have the required permissions, contact your administrator to grant them to your identity.
Summary¶
You have successfully purged all buckets containing the snapshot data of your Rok cluster.
What’s Next¶
The next step is to clean up the cloud identity resources of Rok.