2 files changed, 31 insertions, 0 deletions

diff --git a/roles/openshift_aws/defaults/main.yml b/roles/openshift_aws/defaults/main.yml
index c8d385db5..1696c2751 100644
--- a/roles/openshift_aws/defaults/main.yml
+++ b/roles/openshift_aws/defaults/main.yml
@@ -322,3 +322,8 @@ openshift_aws_masters_groups: masters,etcd,nodes
 # By default, don't delete things like the shared IAM instance
 # profile and uploaded ssh keys
 openshift_aws_enable_uninstall_shared_objects: False
+# S3 bucket names are global by default and can take minutes/hours for the
+# name to become available for re-use (assuming someone doesn't take the
+# name in the meantime). Default to just emptying the contents of the S3
+# bucket if we've been asked to create the bucket during provisioning.
+openshift_aws_really_delete_s3_bucket: False
diff --git a/roles/openshift_aws/tasks/uninstall_s3.yml b/roles/openshift_aws/tasks/uninstall_s3.yml
new file mode 100644
index 000000000..0b08cbeed
--- /dev/null
+++ b/roles/openshift_aws/tasks/uninstall_s3.yml
@@ -0,0 +1,26 @@
+---
+- name: empty S3 bucket
+  block:
+  - name: get S3 object list
+    aws_s3:
+      bucket: "{{ openshift_aws_s3_bucket_name }}"
+      mode: list
+      region: "{{ openshift_aws_region }}"
+    register: s3_out
+
+  - name: delete S3 objects
+    aws_s3:
+      bucket: "{{ openshift_aws_s3_bucket_name }}"
+      mode: delobj
+      object: "{{ item }}"
+    with_items: "{{ s3_out.s3_keys }}"
+  when: openshift_aws_create_s3 | bool
+
+- name: delete S3 bucket
+  aws_s3:
+    bucket: "{{ openshift_aws_s3_bucket_name }}"
+    mode: delete
+    region: "{{ openshift_aws_region }}"
+  when:
+  - openshift_aws_create_s3 | bool
+  - openshift_aws_really_delete_s3_bucket | bool