Remove Azure Deployments Not the Resource Group

As many know Azure Resource Groups work best when deployed and removed based on the Resource Group as a whole.  This works for most cases, however it does not for all of them.  We will go over a scenario when this does not work and solutions to remove the deployment without removing the entire Resource Group.

Scenario

You are given an existing Azure Resource Group that was provisioned by a core team.  You are not granted permissions to create or remove the Resource Group.  Also multiple developers use this resource group for other IaaS resources (vm’s, nic’s, nsg’s).  Your goal is to build templates for multiple groups and test them. You can see how building and then manually removing all resources by hand would get very involved very fast.

Solution 1 (Windows – PowerShell)

In this solution we use the deployment name as the base for removing the resource group.

Requirements

• Template Files can be found here: AzureDeploymentRemoval
• Deploying your temples in such a way that a new container is created per deployment
  • You achieve this is by using an existing container that contains the base image and by copying the VHD to a new container during deployment.
    • Note that you can only copy images in the same storage account as the destination if you are not pulling from the gallery.

Use PowerShell to create a deployment as such:

New-AzureRmResourceGroupDeployment -ResourceGroupName 'RG1' -TemplateFile 'C:foldertemplate.json' -TemplateParameterFile 'C:folderparameters.json' -Name 'waka444'

List the deployment by running:

Get-AzureRMResourceGroupDeployment -ResourceGroupName 'RG1' -Name 'waka444'

OK so we have a deployment. Great!  Let’s go ahead and script out the removal of ONLY the resources deployed by the template and the container we used for the storage based on the deployment name.

Parameters

Command

.AzureDeploymentRemoval.ps1 -deploymentname waka444 -rgname RG1 -storageaccount wltest -containertoremove "testbuild" -key 'r4xasdf34fasdf/V8GPPXbbdEELZuJ2BjlGRaasdfasdfasdfasdfasdfLGYa4f3276Q=='

Solution 2 (Linux – Azure CLI & Bash)

Remove a deployment based on tag names rather then the deployment name.  Inside the template we set a tag on all resources called tag_buildname.

Requirements

• Template Files can be found here: AzureDeploymentRemoval
• Deploying your temples in such a way that a new container is created per deployment
  • You achieve this is by using an existing container that contains the base image and copying the VHD to a new container during deployment.
    • Note that you can only copy images in the same storage account as a destination if you are not pulling from the gallery.
• Specify a tag on all resources in your template, in my example and script we used a tag called “tags_buildname“
• JQ must be installed on the Linux machine

Use Azure CLI to create a deployment:

azure group deployment create -n 'waka444' -g 'RG1' -f ./template.json -e ./parameter.json --mode Incremental

List the deployment by running:

azure group deployment show -g RG1 waka444

Now let’s go ahead and script out the removal of ONLY the resources deployed by the template based on a tag name and the container we used for the storage based on the deployment name.

Parameters

Command

./AzureDeploymentRemoval.sh -a 'testbuild01' -b 'testbuild01' -c 'RG1' -d 'wltest' -e 'r4xasdf34fasdf/V8GPPXbbdEELZuJ2BjlGRaasdfasdfasdfasdfasdfLGYa4f3276Q=='