Skip to main content
Destructive command — This will permanently delete AWS resources. Always backup data first.

Overview

The fjall destroy command removes AWS resources created by Fjall. It handles both organisation-level destruction and application teardown, ensuring resources are removed in the correct order.

Usage

fjall destroy [target] [options]

Destruction Types

Organisation Destruction

Remove AWS organisation infrastructure: 
fjall destroy organisation
This removes:
  • Service control policies
  • Organisational units
  • AWS Organization (if empty)
  • Cost allocation tags

Platform Destruction

Remove platform infrastructure: 
fjall destroy platform
This removes:
  • SSO configuration
  • Shared services
  • IPAM pools
  • Transit gateways

Application Destruction

Remove a specific application: 
fjall destroy app
This removes:
  • Load balancers
  • Application services (ECS, Lambda)
  • Databases (after confirmation)
  • Networking resources
  • Security groups

Interactive Mode

Run without arguments for guided destruction: 
fjall destroy
Prompts: 
? What would you like to destroy?
 Application - Cloud applications
    Organisation - AWS foundation

? Select application to destroy:
 app
    api-service
    web-frontend

⚠️  This will destroy all resources for 'app'
? Are you sure? (y/N)

Options

OptionDescriptionExample
-v, --verboseShow detailed destruction logsfjall destroy -v
--np, --no-promptSkip confirmation promptsfjall destroy --np
--platformDestroy platform infrastructurefjall destroy --platform
--accountDestroy account infrastructurefjall destroy --account
--target <target>Non-interactive destructionfjall destroy --target app
--confirmAuto-confirm destructionfjall destroy --confirm

Destruction Process

1. Pre-destruction Checks

Fjall validates:
  • AWS credentials are valid
  • Target exists
  • No dependent resources exist
  • Data backup requirements

2. Resource Analysis

For each target:
  • Lists all resources to be deleted
  • Identifies dependencies
  • Checks for data that needs backup
  • Calculates destruction order

3. Confirmation

🗑️  Preparing to destroy app...

Resources to delete:
  - AWS::ElasticLoadBalancingV2::LoadBalancer
  - AWS::ECS::Service (AppService)
  - AWS::ECS::Cluster (AppCluster)
  - AWS::RDS::DBCluster (AppDatabase)
  - AWS::EC2::SecurityGroup (3)
  - AWS::EC2::VPC

⚠️  This action cannot be undone!

Destroy? (y/N)

4. Destruction Execution

Fjall:
  • Deletes resources in reverse dependency order
  • Monitors CloudFormation stack deletion
  • Handles errors gracefully
  • Reports completion status

Safety Features

Confirmation Required

By default, Fjall requires explicit confirmation:
  • Shows all resources to be deleted
  • Warns about data loss
  • Requires typing ‘y’ to proceed

Dependency Protection

Fjall prevents accidental deletion:
  • Won’t delete organisation with active accounts
  • Won’t delete platform with active applications
  • Checks for external dependencies

Order of Destruction

Resources are removed safely:
  1. Application services
  2. Load balancers
  3. Databases (with extra confirmation)
  4. Network resources
  5. Base infrastructure

Examples

Destroy Application

# Interactive with confirmation
fjall destroy

# Direct with confirmation
fjall destroy app

# Skip all prompts (dangerous!)
fjall destroy app --confirm --np

Destroy Organisation Infrastructure

# Remove platform first
fjall destroy platform

# Then remove organisation
fjall destroy organisation

Verbose Destruction

# See detailed progress
fjall destroy app --verbose

Common Issues

Resources Not Deleting

  1. Stack DELETE_FAILED 
     Stack deletion failed: Resource cannot be deleted
    Fix: Check CloudFormation console for specific resource blocking deletion
  2. Non-empty S3 Buckets 
     S3 bucket must be empty before deletion
    Fix: Empty bucket manually or use AWS Console
  3. RDS Deletion Protection 
     Database has deletion protection enabled
    Fix: Disable deletion protection in RDS console first

Manual Cleanup

If automatic destruction fails:
  1. Check CloudFormation - View specific errors
  2. Remove blockers - Empty S3 buckets, disable protections
  3. Retry destruction - Run command again
  4. Manual deletion - Use AWS Console as last resort

Best Practices

  1. Always backup data - Export databases before destruction
  2. Destroy dev first - Test in non-production environments
  3. Review resources - Use fjall list to see what exists
  4. Use verbose mode - Add -v to see detailed progress

Data Preservation

Before Destroying Databases

  1. Create snapshots: 
    # RDS/Aurora snapshots are automatic
# Check AWS Console for snapshot creation
  2. Export data: 
    # Use AWS tools to export if needed
aws rds create-db-snapshot
  3. Verify backups:
    • Check RDS snapshots exist
    • Confirm S3 bucket contents copied
    • Save any CloudWatch logs needed

Next Steps

After destruction:
  • Verify cleanup: Check AWS Console
  • Review costs: Ensure billing stops
  • Remove local files: rm -rf fjall/app if needed
CloudFormation stacks can take 5-10 minutes to delete completely. Monitor progress in the AWS Console if needed.