5.4 Build an ECS Destroy Job :: MP DevOps Series

AWS Modernization Workshop > Continuous Deployment > 5.4 Build an ECS Destroy Job

Destroy Amazon ECS Cluster

The previous pipeline jobs created infrastructures and resources that the pipeline required for execution. Now that all of the essential pipeline jobs have been defined, you need to define pipeline jobs that will decommission and destroy the resources created in previous jobs.

Copy the snippet below and append it to the bottom of your config.yml file:

  destroy_aws_ecs:
    machine:
      image: ubuntu-2004:202101-01
    resource_class: arm.medium
    steps:
      - checkout
      - run:
          name: Create .terraformrc file locally
          command: echo "credentials \"app.terraform.io\" {token = \"$TERRAFORM_TOKEN\"}" > $HOME/.terraformrc
      - terraform/install:
          terraform_version: "1.0.2"
          arch: "arm64"
          os: "linux"
      - terraform/init:
          path: ./terraform/ecs
      - terraform/plan:
          path: ./terraform/ecs
      - terraform/destroy:
          path: ./terraform/ecs

You should already be familiar with the machine:, steps: and checkout job elements so we’ll skip discussing them and focus on the remaining - run: elements in this job.

command: echo “credentials \“app.terraform.io\” {token = \“$TERRAFORM_TOKEN\“}” > $HOME/.terraformrc creates a required file, that is used by the Terraform CLI to authenticate your Terraform Cloud credentials and grant access to interact with the service. Notice that the $TERRAFORM_TOKEN environment variable, that you created earlier, specified and represents a protected way of referencing sensitive data in the config.yml file. Using environment variables in this manner protects against exposing sensitive data in pipeline configurations.

- terraform/install: block leverages the Terraform Orb to install the appropriate Terraform CLI binary into the executor. The cli will be required to execute Terraform code in the pipeline.

- terraform/init: block leverages the Terraform Orb to perform a terraform init command, which initializes the project.

- terraform/destroy: block leverages the Terraform Orb to perform a terraform destroy command, which destroys the infrastructures and resources created by previous jobs. In this case the destroy command is cleaning the state of this project.

Congratulations! You’ve created a job to destroy the App Runner service created earlier. You have also built the last pipeline job for this project. Next you’ll learn about CircleCI Workflows and how to orchestrate all of the awesome jobs you’ve defining throughout this workshop.

In the next section, you will learn about CircleCI Workflows.