11

I'm working on provisioning new Azure environment using ARM templates. In order to deploy I use the Azure PowerShell New-AzureRmResourceGroupDeployment command, where I specify DeploymentName , ResourceGroupName etc.

However, when I want to remove the deployed resources by running

Remove-AzureRmResourceGroupDeployment -Name DeploymentName -ResourceGroupName RGname -Force 

it does not remove resources. It just deletes a tag in deployment tab in Azure portal. Is there a way to rollback or remove deployment with related resources? I don't want to delete whole Resource group.

juvchan
  • 6,113
  • 2
  • 22
  • 35
Sparrow_ua
  • 664
  • 1
  • 11
  • 28

3 Answers3

13

The general guidance from Microsoft is that a Resource Group contains zero or more resources that share a common lifecycle. Hence, they would probably tell you to separate different deployments into different Resource Groups.

I have actually tried the same thing you have before, but deleting a deployment only deletes the deployment metadata, not the actual resources that were provisioned by the deployment. It would be a great feature request to be able to "slice and dice" resources, based on the most recent deployment that they were a member of.

Here is the supporting documentation:

All of the resources in your group should share the same lifecycle. You will deploy, update and delete them together. If one resource, such as a database server, needs to exist on a different deployment cycle it should be in another resource group.

https://azure.microsoft.com/en-us/documentation/articles/resource-group-overview/#resource-groups

enter image description here

  • So, I just delete the Resource Group to clean up all resources deployed/created from the ARM Template? – FilBot3 Jan 15 '20 at 15:13
  • Yes, @FilBot3 , but this is trickier than it might seem: it is very unlikely that your entire deployment can exist in one RG as the complexity increases. For instance, we have a centralized location (RG) where we store all logs / diagnostics. Therefore, each resource in an RG actually has logs in another RG. They need to be removed manually before destroying the resource. There are lots of cases like this, not just logs. :( – Mike Williamson May 09 '21 at 18:27
2

You can do this if you want to roll up your sleeves and write a bit more code... Though Trevor Sullivan has the best suggestion for overall management of resources.

Take a look at this cmdlet:

(Get-AzureRmResourceGroupDeploymentOperation -DeploymentName $DeploymentName -ResourceGroupName $RGName).Properties.ProvisioningOperation

(Get-AzureRmResourceGroupDeploymentOperation -DeploymentName $DeploymentName -ResourceGroupName $RGName).Properties.TargetResource.id

The first will tell you if the operation was a create operation on the resource, the second will give you the resourceId which you can then use to delete with:

Remove-AzureRMResource

But if you organize your resource groups by life cycle then removing the entire group is easier.

The other thing to watch out for here is resources that have dependencies on one another. I'm not sure what will happen in those cases (fail to delete, etc). I can't think of a specific problem to watch out for, just that I haven't spent much time looking at "clean up" this way...

bmoore-msft
  • 8,376
  • 20
  • 22
-5

To remove all the deployed resources under a specific resource group,

you should use the Azure PowerShell command:

Remove-AzureRmResourceGroup [-Name] <ResourceGroupName> [-Force <SwitchParameter>]

The Remove-AzureRmResourceGroupDeployment only removed the specific deployment by name and resource group name but not the resources.

Hope this helps!

juvchan
  • 6,113
  • 2
  • 22
  • 35
  • 1
    The OP is specifically asking about deleting all the resources in the deployment and not just the deployment metadata or removing the whole resourcegroup – iCrus Nov 27 '17 at 10:24