docs
Initial Deployment
CDK
CDK Destroy

Destroying Your Application with CDK 🛑

Once you no longer need your deployed resources, it's good practice to clean up your AWS environment by destroying the stack. AWS CDK provides a simple command to delete the resources created during deployment.

Why Destroy?

Resources left running in your AWS account, such as EC2 instances, S3 buckets, and databases, can incur unnecessary costs.

Overview

The cdk destroy command deletes the CloudFormation stack associated with your CDK app. This means all resources provisioned as part of the deployment (EC2 instance, VPCs, ECS, etc.) will be permanently removed.

Destroy Command

Just like with deployment, you'll want to specify the environment (Staging or Production) that you're working with. Here’s the command syntax:

cdk destroy --qualifier [qualifier name] --profile [profile name]

Destroying Staging Environment

Now, let's run our command.

cdk destroy --qualifier launchgoat --profile awslaunchgoat-staging

The command will prompt for confirmation before proceeding:

Are you sure you want to delete: CdkStack (y/n)?

Once confirmed, CDK will proceed to delete the CloudFormation stack and all associated resources. This will take about 5-10 minutes.

✅ CdkStack: destroyed

Great it's destroyed! However, there are 3 services that we need to delete manually. Login to your Staging account via AWS access portal.


1. S3 asset bucket created during cdk bootstrap

  • Go to S3 in the AWS Management Console, select the bucket, and Empty it first. Once the bucket is emptied, you can then Delete it.

Create Permission Set

2. CloudFormation stack created during cdk bootstrap

  • Go to CloudFormation in the AWS Management Console, select the CDKToolkit, and click on Delete. Wait for about 1 minute.

Create Permission Set

  • If delete fails, click on Retry delete and select force delete.

Create Permission Set

3. ECR repository and Docker image(s)

  • Go to Elastic Container Registry in the AWS Management Console, select the repository, and click on Delete.

Create Permission Set

Why Manual Deletion is Common

**Data Preservation**
- S3 and RDS store valuable data, 
  and AWS CDK doesn’t autoatically delete them to avoid accidental loss. 
 
**Accidental Loss Prevention**
- AWS requires manual confirmation or explicit settings to delete stateful resources. 
 
**Production Safeguards**
- In production, the risk of data loss is higher, 
  so manual deletion adds an extra layer of protection.

Destroying Production Environment

Let's run our command.

cdk destroy --qualifier launchgoat --profile awslaunchgoat-prod

✅ CdkStack: destroyed

Remember, we had to manually delete 3 services for staging? In a production environment, there's one additional service that cdk destroy can't delete, which we'll also need to remove manually. Login to your Production account via AWS access portal and delete the first 3 services before proceeding.


4. RDS instance. In our code, the database is retained in the production environment to ensure that it wasn't deleted accidentally.

  • Go to RDS in the AWS Management Console, select the database, and click on Actions then Delete.

Create Permission Set

  • At this point, you can choose to either create final snapshot or retain automated backups. However, for practice, let's unselect these options and proceed with the deletion.

Create Permission Set

Great! If you check your AWS account, you'll see that the services have been successfully deleted. Without the cdk destroy command, you would need to manually find and delete each service, which can be tedious and time-consuming.