Skip to main content

Leavers Guide

When CP team members leave, follow this guide, and log completion in a ticket.

Revoking Access

Digital Services

Google account closure

This has to be ordered in advance of them leaving, by creating a ServiceNow order Return device for Digital Mac & WTP users

This is not just about returning their Mac - it will do the important step of closing their Google account.

This is usually raised by the line manager for civil servants.

  • Note - Include details in the ServiceNow request to transfer the leaver’s Google Drive to someone in their team.

  • Note - If the leaver has created any slack apps, these will need to be transferred to someone else in the team.

Contact #digital-it-forum channel for any queries

MOJ Digital VPN removal

Create a ServiceNow order: Digital VPN add/remove This is usually raised by the line manager for civil servants.

Slack account deactivation

Cloud Platform maintain a list of webhooks for Alertmanager Notifications - Incoming Webhooks. When the slack account is deactivated, these webhooks will still be active. Hence, no action is needed.

Some apps that member installed which require member-specific permissions may be atomatically deactivated. Check in advance, if the leaver has installed any such apps and if so, transfer them to someone else in the team by creating a ServiceNow order: Slack tasks for the D&T Workspace Also make sure there is atleast one other member who is a collaborator for the app.

AWS Accounts

  • Purge them from AWS accounts:

    • moj-cp
    • mojdsd
    • Cloud Platform Ephemeral Test
    • Cloud Platform Transit Gateways

    To login, use the SSO links above, or use the AWS console

  • Remove them from cloud-platform-terraform-awsaccounts-iam

  • Remove them from cloud-platform eks cluster

Other 3rd Party Accounts access removal

Below are the list of 3rd party accounts that need to be removed when a member leaves the team. Contact #ask-operations-engineering channel requesting the removal

  1. Request Password Management removal - 1Password

  2. Auth0 justice-cloud-platform

  3. Auth0 moj-cloud-platforms

  4. Pagerduty

  5. DockerHub MoJ teams

  6. Pingdom

  7. 1Password

  8. Sentry

  9. MoJ Github Organisation

  10. GitHub Projects

  11. Remove them from the PagerDuty support rota (if applicable)

10.Remove them from Google Group

Line manager actions

Complete the Leavers Checklist for Managers

This page was last reviewed on 12 April 2024. It needs to be reviewed again on 12 July 2024 by the page owner #cloud-platform .
This page was set to be reviewed before 12 July 2024 by the page owner #cloud-platform. This might mean the content is out of date.