18.2. Cloud Credential Operator 유틸리티를 사용하여 AWS 리소스 삭제
STS를 사용하여 수동 모드에서 Cloud Credential Operator (CCO)를 사용하여 OpenShift Container Platform 클러스터를 설치 제거한 후 리소스를 정리하려면 CCO 유틸리티(ccoctl)를 사용하여 설치 중에 ccoctl이 생성한 AWS 리소스를 제거할 수 있습니다.
사전 요구 사항
-
ccoctl바이너리를 추출하고 준비합니다. - STS를 사용하여 수동 모드에서 CCO와 함께 OpenShift Container Platform 클러스터를 설치합니다.
프로세스
ccoctl에서 생성한 AWS 리소스를 삭제합니다.$ ccoctl aws delete \ --name=<name> \ 1 --region=<aws_region> 2
출력 예:
2021/04/08 17:50:41 Identity Provider object .well-known/openid-configuration deleted from the bucket <name>-oidc 2021/04/08 17:50:42 Identity Provider object keys.json deleted from the bucket <name>-oidc 2021/04/08 17:50:43 Identity Provider bucket <name>-oidc deleted 2021/04/08 17:51:05 Policy <name>-openshift-cloud-credential-operator-cloud-credential-o associated with IAM Role <name>-openshift-cloud-credential-operator-cloud-credential-o deleted 2021/04/08 17:51:05 IAM Role <name>-openshift-cloud-credential-operator-cloud-credential-o deleted 2021/04/08 17:51:07 Policy <name>-openshift-cluster-csi-drivers-ebs-cloud-credentials associated with IAM Role <name>-openshift-cluster-csi-drivers-ebs-cloud-credentials deleted 2021/04/08 17:51:07 IAM Role <name>-openshift-cluster-csi-drivers-ebs-cloud-credentials deleted 2021/04/08 17:51:08 Policy <name>-openshift-image-registry-installer-cloud-credentials associated with IAM Role <name>-openshift-image-registry-installer-cloud-credentials deleted 2021/04/08 17:51:08 IAM Role <name>-openshift-image-registry-installer-cloud-credentials deleted 2021/04/08 17:51:09 Policy <name>-openshift-ingress-operator-cloud-credentials associated with IAM Role <name>-openshift-ingress-operator-cloud-credentials deleted 2021/04/08 17:51:10 IAM Role <name>-openshift-ingress-operator-cloud-credentials deleted 2021/04/08 17:51:11 Policy <name>-openshift-machine-api-aws-cloud-credentials associated with IAM Role <name>-openshift-machine-api-aws-cloud-credentials deleted 2021/04/08 17:51:11 IAM Role <name>-openshift-machine-api-aws-cloud-credentials deleted 2021/04/08 17:51:39 Identity Provider with ARN arn:aws:iam::<aws_account_id>:oidc-provider/<name>-oidc.s3.<aws_region>.amazonaws.com deleted
검증
- 리소스가 삭제되었는지 확인하려면 AWS를 쿼리합니다. 자세한 내용은 AWS 설명서를 참조하십시오.
