in lib/workshop.py [0:0]
def delete_simple_compute_environment(proj_name):
computeEnvironment = f"CE-{proj_name}"
iam_client = boto3.client('iam')
batch_client = boto3.client('batch')
ec2_client = boto3.client('ec2')
try:
response = batch_client.update_compute_environment(
computeEnvironment=computeEnvironment,
state='DISABLED',
)
while True:
response = batch_client.describe_compute_environments(
computeEnvironments=[computeEnvironment])
assert len(response['computeEnvironments']) == 1
env = response['computeEnvironments'][0]
state = env['state']
status = env['status']
if status == 'UPDATING':
print("Environment %r is updating, waiting..." % (computeEnvironment,))
elif state == 'DISABLED':
break
else:
raise RuntimeError('Expected status=UPDATING or state=DISABLED, '
'but status=%r and state=%r' % (status, state))
# wait a little bit before checking again.
time.sleep(15)
ce_response = batch_client.delete_compute_environment(
computeEnvironment=computeEnvironment
)
time.sleep(5)
response = describe_compute_environments([computeEnvironment])
while response['computeEnvironments'][0]['status'] == 'DELETING':
time.sleep(5)
response = describe_compute_environments([computeEnvironment])
if len(response['computeEnvironments']) != 1:
break
except:
print("CE may not exist, ignore")
# only delete those if the CE is deleted
response = describe_compute_environments([computeEnvironment])
if len(response['computeEnvironments']) != 1:
# clean up the other resouces created
batch_instance_role_name = f"batch_instance_role_{proj_name}"
instance_profile_name =f"instance_profile_{proj_name}"
batch_instance_policies = ["arn:aws:iam::aws:policy/CloudWatchFullAccess", "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role","arn:aws:iam::aws:policy/AmazonS3FullAccess", "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"]
try:
iam_client.remove_role_from_instance_profile(InstanceProfileName=instance_profile_name, RoleName=batch_instance_role_name)
except ClientError as e:
if e.response['Error']['Code'] == 'NoSuchEntity':
print("Ignore profile removal")
print("deleting service role" , batch_instance_role_name)
delete_service_role_with_policies(batch_instance_role_name, batch_instance_policies)
iam_client.delete_instance_profile(InstanceProfileName=instance_profile_name)
batch_service_role_name = f"batch_service_role_{proj_name}"
batch_service_policies = ["arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole", "arn:aws:iam::aws:policy/CloudWatchFullAccess", "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"]
delete_service_role_with_policies(batch_service_role_name, batch_service_policies)
batch_sg_name = f"batch_sg_{proj_name}"
try:
ec2_client.delete_security_group(GroupName=batch_sg_name)
except ClientError as e:
if e.response['Error']['Code'] == 'InvalidGroup.NotFound':
print("SG doesn't exist, ignore")
print("CE delete completed")