Leavers Guide
When CP team members leave, follow this guide, and log completion in a ticket.
Revoking Access
Digital Services
Equipment Return (including MacBook) and Accounts Closure
Only use this bundle to return, Digital MacBook’s and WTP devices. Leaver Bundle – Digital
This is usually raised by the line manager for civil servants.
Note - It is no longer possible to transfer a leaver’s documents, etc. to another person as part of the leaver’s process please transfer any documents to a suitable place before they leave.
Note - If the leaver has created any slack apps, these will need to be transferred to someone else in the team.
Contact #digital-it-forum channel for any queries
Slack account deactivation
Cloud Platform maintain a list of webhooks for Alertmanager Notifications - Incoming Webhooks. When the slack account is deactivated, these webhooks will still be active. Hence, no action is needed.
Some apps that member installed which require member-specific permissions may be atomatically deactivated. Check in advance, if the leaver has installed any such apps and if so, transfer them to someone else in the team by creating a ServiceNow order: Slack tasks for the D&T Workspace Also make sure there is atleast one other member who is a collaborator for the app.
AWS Accounts
Purge them from AWS accounts:
To login, use the SSO links above, or use the AWS console
Remove them from
cloud-platform-terraform-awsaccounts-iam- As per this PR
Remove them from
cloud-platform eks cluster- As per this File
Other 3rd Party Accounts access removal
Below are the list of 3rd party accounts that need to be removed when a member leaves the team. Contact #ask-operations-engineering channel requesting the removal
Request Password Management removal - 1Password
DockerHub MoJ teams
Remove them from the PagerDuty support rota (if applicable)
10.Remove them from platforms@digital.justice.gov.uk Google Group
Line manager actions
Complete the Leavers Checklist for Managers