codepipeline/ct_uninstall_multi.sh

#!/bin/bash

# This script will remove the Automated pipeline, IAM Roles, and a ServiceCatalog Portfolio created by the install.sh.  

ACC=$(aws sts get-caller-identity --query 'Account' | tr -d '"')
# add child accounts as space delimited list. 
# You will need to ensure StackSet IAM roles are correctly setup in each child account
childAcc=""
allACC="$ACC $childAcc"
allregions="us-east-1 us-east-2 us-west-1"
export AWS_DEFAULT_REGION=us-east-1
export AWS_DEFAULT_REGION=$(aws configure get region)
echo "Using Account:$ACC  Region:$AWS_DEFAULT_REGION Child Accounts:$childAcc All Regions:$allregions"

function delete_stack_set()
{
SSNAME=${1:-'None'}

SSaccList=$(aws cloudformation list-stack-instances --stack-set-name $SSNAME --query 'Summaries[*].Account' --output text | xargs -n1 | sort |uniq| xargs)
SSregList=$(aws cloudformation list-stack-instances --stack-set-name $SSNAME --query 'Summaries[*].Region' --output text | xargs -n1 | sort |uniq| xargs)

echo "$SSaccList, $SSregList"

echo "aws cloudformation delete-stack-instances --stack-set-name $SSNAME --accounts $SSaccList --regions $SSregList --operation-preferences FailureToleranceCount=1,MaxConcurrentCount=3 --no-retain-stacks --query 'OperationId' --output text"
SSOPID=$(aws cloudformation delete-stack-instances --stack-set-name $SSNAME --accounts $SSaccList --regions $SSregList --operation-preferences FailureToleranceCount=1,MaxConcurrentCount=3 --no-retain-stacks --query 'OperationId' --output text)

echo $SSOPID

wait_for_deletion $SSNAME $SSOPID

aws cloudformation delete-stack-set --stack-set-name $SSNAME

}

function wait_for_deletion()
{
SSNAME=${1:-SC-IAC-automated-portfolio}
SSOPID=$2

STATUS=""
until [ "$STATUS" = "SUCCEEDED" ]; do 
  STATUS=$(aws cloudformation describe-stack-set-operation --stack-set-name $SSNAME --operation-id $SSOPID --query 'StackSetOperation.Status' --output text)
  echo "waiting for portfolio Stackset to delete. current status: $STATUS"
  sleep 5
done;
}

function clean_s3_buckets()
{
SNAME=${1:-SC-RA-IACPipeline}
for BNAME in $(aws cloudformation list-stack-resources --stack-name SC-RA-IACPipeline --query 'StackResourceSummaries[?ResourceType==`AWS::S3::Bucket`].PhysicalResourceId' --output text | xargs -n1)
do
aws s3 rb s3://$BNAME --force
done
}

function delete_stacks()
{
SNAME=${1:-RSC-RA-IACPipeline}
echo "Deleting the automated pipeline stack."
aws cloudformation delete-stack --stack-name $SNAME
echo "Waiting for Stack deletion to complete"
aws cloudformation wait stack-create-complete --stack-name $SNAME
}

# multi account multi region, CF StackSet
echo "Deleting the ServiceCatalog Portfolio StackSet, this make take a while."
delete_stack_set SC-IAC-automated-portfolio
delete_stack_set SC-IAC-automated-IAMroles
delete_stack_set IAM-StackSetExecution-Role

echo "Clearing out the Automation pipeline S3 buckets"
clean_s3_buckets SC-RA-IACPipeline

echo "Deleting the automated pipeline stack."
delete_stacks SC-RA-IACPipeline

echo "Deleting the StackSet IAM roles."
delete_stacks IAM-StackSetAdministrator
delete_stacks IAM-StackSetExecution

echo "Cleanup process completed... "