You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
docs: document destroy command and add rollback guide
- Add destroy command section to docs/cli-commands.md (options, examples,
TEXT/JSON output, two-phase behavior, use cases, notes)
- Update command count from 8 to 9 in cli-commands.md
- Add destroy to command overview table and pipeline commands list
- Expand Clean Up Resources walkthrough to cover both destroy and delete
- Add Rollback Workflow to Common Workflows section in cli-commands.md
- Add destroy cleanup step to README.md Quick Start
- Add Rollback Guide link to README.md documentation section
- Add destroy cleanup step to all 6 translated READMEs (pt, fr, it, ja, zh, he)
- Update examples/full-pipeline-lifecycle.sh Step 8 to use destroy
- Update examples/cleanup-demo-resources.sh to use destroy with explanation
- Add new docs/rollback-guide.md covering manual rollback strategies,
destroy+redeploy clean slate approach, decision tree, catalog/project
preservation, GitHub Actions automated rollback workflows, and
bundle-based rollback setup
**What this shows:** The test command runs Python tests from the configured test folder against your deployed bundle. Tests receive environment variables with domain ID, project ID, and other context information to validate the deployment. This ensures your pipeline is working correctly after deployment and provides automated validation of your data workflows.
520
521
521
522
### 8. Clean Up Resources
523
+
524
+
Use `delete` to remove the DataZone project only, or `destroy` to remove all deployed resources (QuickSight, S3, Airflow workflows, Glue jobs, catalog resources, and optionally the project).
525
+
522
526
```bash
527
+
# Remove all deployed resources for a stage (recommended for full cleanup)
528
+
aws-smus-cicd-cli destroy --targets test --manifest manifest.yaml --force
⚠️ WARNING: This will permanently delete the above resources!
547
+
548
+
🗑️ Starting destruction...
549
+
550
+
Stage: test
551
+
552
+
📊 Destruction Summary
553
+
test: deleted=3 not_found=0 skipped=0 error=0
554
+
```
555
+
556
+
**What this shows:** The destroy command removes all resources deployed by the manifest for the targeted stage — Airflow workflows, S3 objects, QuickSight dashboards, Glue jobs, catalog resources, and optionally the DataZone project. It validates first (read-only), prints a full destruction plan, then prompts for confirmation before deleting anything. Use `--force` to skip the prompt in CI/CD pipelines.
557
+
558
+
```bash
559
+
# Remove only the DataZone project (leaves deployed content in place)
523
560
aws-smus-cicd-cli delete --stages test --manifest manifest.yaml --force
524
561
```
525
562
**Example Output:**
@@ -537,7 +574,7 @@ Targets to delete:
537
574
✅ test: Project deleted successfully
538
575
```
539
576
540
-
**What this shows:** The delete command removes SageMaker Unified Studio projects and their associated resources. It provides a summary of deletion operations, showing which projects were successfully removed. This is useful for cleaning up test environments and managing resource lifecycle in your CI/CD pipeline.
577
+
**What this shows:** The delete command removes only the SageMaker Unified Studio project and its associated CloudFormation stacks. Use this when you want to remove the project but leave deployed content (S3 files, QuickSight dashboards, etc.) intact.
541
578
542
579
```bash
543
580
aws-smus-cicd-cli --help
@@ -553,6 +590,7 @@ aws-smus-cicd-cli --help
553
590
5.**`run`** - Run workflow commands
554
591
6.**`logs`** - Fetch workflow logs from CloudWatch
555
592
7.**`delete`** - Delete projects and environments
593
+
8.**`destroy`** - Destroy all resources deployed by the manifest
- CloudFormation stacks are deleted automatically when projects are removed
953
991
- Use `--async` for faster execution when managing multiple targets
954
992
993
+
### 9. destroy - Destroy All Deployed Resources
994
+
995
+
Deletes all resources previously deployed by the manifest: QuickSight dashboards/datasets/data sources, S3 objects at declared target paths, Airflow serverless workflows, workflow-created resources (e.g. Glue jobs), DataZone catalog resources, and optionally the DataZone project. This is the inverse of `deploy`.
996
+
997
+
> **Note:**`destroy` is distinct from `delete`. The `delete` command only removes the DataZone project. The `destroy` command removes all deployed content resources and conditionally removes the project.
998
+
999
+
```bash
1000
+
aws-smus-cicd-cli destroy [OPTIONS]
1001
+
```
1002
+
1003
+
#### Options
1004
+
1005
+
| Option | Short | Description | Example |
1006
+
|--------|-------|-------------|---------|
1007
+
|`--manifest`|`-m`| Path to application manifest file (default: `manifest.yaml`) |`--manifest manifest.yaml`|
1008
+
|`--targets`|`-t`| Stage name(s) — single or comma-separated (default: all stages) |`--targets test`|
4. Delete bootstrap connections (created by `datazone.create_connection` actions)
1119
+
5. Delete QuickSight dashboards → datasets → data sources
1120
+
6. Delete S3 objects at declared `targetDirectory` prefixes
1121
+
7. Delete catalog resources (glossaries, terms, form types, asset types, assets, data products) in reverse dependency order
1122
+
8. Delete DataZone project (only if `project.create: true` in manifest)
1123
+
1124
+
**Key behaviors:**
1125
+
-**Idempotent**: Resources already absent are logged as `not_found`, not errors. Safe to run multiple times.
1126
+
-**Single confirmation gate**: All confirmations happen in one prompt after the full plan is printed.
1127
+
-**Active run re-check**: Live workflow run status is re-queried at destruction time to catch runs that started or completed after validation.
1128
+
-**Collision detection**: If more QuickSight resources or Airflow workflows match than declared in the manifest, destroy aborts before deleting anything.
1129
+
-**Built-in connections protected**: `default.*` connections are never deleted.
1130
+
-**Managed catalog resources protected**: Resources with `amazon.datazone.*` namespace are never deleted.
1131
+
-**Always synchronous**: No `--async` mode. Each deletion step completes before the next begins.
1132
+
-**Catalog warning**: When `deployment_configuration.catalog` is present, all project-owned catalog resources are deleted (not just imported ones). Set `disable: true` under `deployment_configuration.catalog` to skip catalog deletion.
1133
+
1134
+
#### Use Cases
1135
+
1136
+
-**Clean re-deployment**: Destroy a stage and redeploy from scratch to resolve state drift
1137
+
-**Environment teardown**: Remove test or staging environments after validation
1138
+
-**Rollback**: Remove a failed deployment before re-deploying a previous version
1139
+
-**Project cleanup**: Remove all resources before deleting the project
1140
+
1141
+
#### Notes
1142
+
- Requires sufficient IAM permissions to list and delete all resource types declared in the manifest (QuickSight, S3, Airflow Serverless, DataZone, Glue)
1143
+
- S3 bucket and prefix resolution requires a live DataZone API call — the project must be reachable at destroy time
1144
+
- Use `--force` in CI/CD pipelines to skip the interactive confirmation prompt; note that `--force` with `--output JSON` is required since JSON mode cannot prompt interactively
1145
+
- The `Resource_Prefix` configured in `deployment_configuration.quicksight.overrideParameters` must be unique to avoid collision errors
1146
+
955
1147
## Global Options
956
1148
957
1149
All commands support:
@@ -1000,9 +1192,31 @@ aws-smus-cicd-cli run --workflow my_dag --command "dags list" --targets test
0 commit comments