Skip to main content

Leavers Guide

When CP team members leave, follow this guide, and log completion in a ticket.

Revoking Access

Digital Services

The Service Desk will be able to remove and revoke access from a number of different accounts outside of Cloud Platform.

1/ Google account closure, ordered in advance of them leaving, by creating a ServiceNow order Return device for Digital Mac & WTP users

This is not just about returning their Mac - it will do the important step of closing their Google account.

  • Note - Include details in the ServiceNow request to transfer the leaver’s Google Drive to someone in their team.

  • Note - for leavers from the cloud-platforms team - ask the service desk to transfer any slack webhook integrations to someone in the team.
    This is because if the person has created a slack-webhook for alerting purposes, the loss of that slack-webhook can cause problems - when their profile is deleted (as the webhook link is referenced in cloud-platform-infrastructure/blob/main/terraform/cloud-platform-components/terraform.tfvars.

2/ MOJ Digital VPN removal by creating a ServiceNow order: Digital VPN add/remove

AWS Accounts

1/ Purge them from AWS accounts:

  • moj-cp
  • mojdsd
  • Cloud Platform Ephemeral Test
  • Cloud Platform Transit Gateways

To login, use the SSO links above, or use the AWS console

2/ Remove them from cloud-platform-terraform-awsaccounts-iam

3/ Remove them from cloud-platform-eks

4/ Request Password Management removal - contact details here removal

5/ Remove their access to:

6/ Remove them from the PagerDuty support rota (if applicable)

7/ Remove them from Google Group

Line manager actions

1/ Fill in the MOJ Digital Leavers Form

2/ Complete the Leavers Checklist for Managers

This page was last reviewed on 12 May 2023. It needs to be reviewed again on 12 August 2023 by the page owner #cloud-platform .
This page was set to be reviewed before 12 August 2023 by the page owner #cloud-platform. This might mean the content is out of date.