diff --git a/cli/internal/cmd/iamdestroy.go b/cli/internal/cmd/iamdestroy.go index fc1a1d39a..b1d80deda 100644 --- a/cli/internal/cmd/iamdestroy.go +++ b/cli/internal/cmd/iamdestroy.go @@ -89,9 +89,9 @@ func (c *destroyCmd) iamDestroy(cmd *cobra.Command, spinner spinnerInterf, destr if !flags.yes { // Confirmation - confirmString := "Do you really want to destroy your IAM configuration?" + confirmString := "Do you really want to destroy your IAM configuration? Note that this will remove all resources in the resource group." if gcpFileExists { - confirmString += fmt.Sprintf(" (This will also delete %q)", constants.GCPServiceAccountKeyFile) + confirmString += fmt.Sprintf("\nThis will also delete %q", constants.GCPServiceAccountKeyFile) } ok, err := askToConfirm(cmd, confirmString) if err != nil { diff --git a/cli/internal/terraform/terraform/azure/main.tf b/cli/internal/terraform/terraform/azure/main.tf index d0e695c8d..3f580a8a9 100644 --- a/cli/internal/terraform/terraform/azure/main.tf +++ b/cli/internal/terraform/terraform/azure/main.tf @@ -12,7 +12,11 @@ terraform { } provider "azurerm" { - features {} + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } } locals { diff --git a/cli/internal/terraform/terraform/iam/azure/main.tf b/cli/internal/terraform/terraform/iam/azure/main.tf index 5e32c26df..98d8dbdbe 100644 --- a/cli/internal/terraform/terraform/iam/azure/main.tf +++ b/cli/internal/terraform/terraform/iam/azure/main.tf @@ -13,7 +13,11 @@ terraform { # Configure Azure resource management provider provider "azurerm" { - features {} + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } } # Configure Azure active directory provider diff --git a/docs/docs/workflows/config.md b/docs/docs/workflows/config.md index dae7e0d5a..e6b46b7d9 100644 --- a/docs/docs/workflows/config.md +++ b/docs/docs/workflows/config.md @@ -264,3 +264,8 @@ Delete the IAM configuration by executing the following command in the same dire ```bash constellation iam destroy ``` + +:::caution +For Azure, deleting the IAM configuration by executing `constellation iam destroy` will delete the whole resource group created by `constellation iam create`. +This also includes any additional resources in the resource group that weren't created by Constellation. +:::