-
Notifications
You must be signed in to change notification settings - Fork 83
Cleaning up an ALZ Monitor Deployment
In some scenarios, it may be necessary to remove everything deployed by the ALZ Monitor solution. The instructions below detail execution of a PowerShell script to delete all resources deployed, including:
- Metric Alerts
- Activity Log Alerts
- Resource Groups (created for to contain alert resources)
- Policy Assignments
- Policy Definitions
- Policy Set Definitions
- Policy Assignment remediation identity role assignments
All resources deployed as part of the initial ALZ Monitor deployment and the resources created by dynamically by 'deploy if not exist' policies are either tagged, marked in metadata, or in description (depending on what the resource supports) with the value _deployed_by_alz_monitor or _deployed_by_alz_monitor=True. This metadata is used to execute the cleanup of deployed resources; if it has been removed or modified the cleanup script will not include those resources.
Follow the instructions below to download the cleanup script file. Alternatively, clone the repo from GitHub and ensure you are working from the latest version of the file by fetching the latest main branch.
- Navigate ALZ-Monitor project in GitHub
- In the folder structure, browse to the
src/scriptsdirectory - Open the Start-ALZMonitorCleanup.ps1 script file
- Click the Raw button
- Save the open file as Start-ALZMonitorCleanup.ps1
- Open PowerShell
- Install the Az.ResourceGraph module:
Install-Module Az.ResourceGraph - Change directories to the location of the Start-ALZMonitorCleanup.ps1 script
- Sign in to the Azure with the
Connect-AzAccountcommand. The account you sign in as needs to have permissions to remove Policy Assignments, Policy Definitions, and resources at the desired Management Group scope. - Execute the script using the option below
Generate a list of the resource IDs which would be deleted by this script:
./Start-ALZMonitorCleanup.ps1 -ReportOnlyShow output of what would happen if deletes executed:
./Start-ALZMonitorCleanup.ps1 -WhatIfDelete all resources deployed by the ALZ-Monitor IaC without prompting for confirmation:
./Start-ALZMonitorCleanup.ps1 -Force- What's New
- Monitoring and Alerting
- Alert Details
- Azure Policy Initiatives
- Deploying ALZ Monitor
- Introduction to deploying ALZ-Monitor
- Customize Policy Assignment
- Deploy with GitHub Actions
- Deploy with Azure Pipelines
- Deploy with Azure CLI
- Deploy with Azure PowerShell
- Deploy individual Policy Initiatives with Azure CLI
- Deploy individual Policy Initiatives with Azure PowerShell
- Policy remediation
- Cleaning up an ALZ Monitor Deployment
- Frequently Asked Questions
- Contributing
- Telemetry
- Known Issues
- Versioning