Merge pull request #41 from oharan2/aws_cleanup

Update docs with AWS cleanup dos and don'ts

Author: oharan2

docs/OCP_CI_Tutorials/Cluster_Cleanup/Manual_Cluster_Cleanup_Guide.md

@@ -4,13 +4,50 @@
 
 - [Introduction](#introduction)
 - [AWS](#aws)
+  - [Prerequisites](#prerequisites)
+  - [General cleanup dos and don'ts](#general-cleanup-dos-and-donts)
+    - [VPCs](#vpcs)
+    - [Hosted zones](#route-53-hosted-zones)
+    - [S3 Buckets](#s3-buckets)
+  - [Cleanup resources by cluster identified](#cleanup-resources-by-cluster-identified)
 
 ## Introduction
 
-Sometimes, a scenario can fail before a cluster is fully deprovisioned leaving stale resources in a cloud-provider (at the time of writing this, we only use AWS). If that occurs, the Interop team is responsible for cleaning that cluster up in the cloud-provider account to avoid any unwanted cost. This document will serve as a guide to how to manually cleanup a cluster in the cloud-provider platforms we use.
+Sometimes, a scenario can fail before a cluster is fully deprovisioned leaving stale resources in a cloud-provider (at the time of writing this, we only use AWS). If that occurs, the Interop team is responsible for cleaning up that cluster in the cloud-provider account to avoid any unwanted cost. This document serves as a guide on how to manually clean up a cluster in the cloud-provider platforms we use.
 
 ## AWS
 
+### Prerequisites
+
+In order to perform manual cleanup and be able to delete resources in the cloud-provider account, users must belong to the watchers group, which subscribes to the EC2-delete policy and necessary permissions.
+
+### General cleanup dos and don'ts
+
+This section provides additional cleanup instructions for each resource type
+
+It is generally safe to delete any resource whose name has one of the following prefixes:
+
+* `ci-op-*`
+* `ci-rosa-*`
+* `mtc-*` (The MTC scenario has a unique prefix since it's deployed by the ocp-cli-installer)
+
+#### VPCs
+
+* In any AWS region: **_Don't_** delete any VPC whose `Default VPC` value is `Yes`
+
+![default-vpc.png](img/default-vpc.png)
+
+#### Route 53: Hosted zones
+
+* **_Do_** ONLY delete `A Records` safely inside available hosted zones
+* **_Don't_** delete any hosted zone which doesn't have the interop testing prefix mentioned above (there may be reserved resources for internal use)
+
+#### S3 Buckets
+
+* Similarly, **_don't_** delete any S3 bucket which doesn't have the interop testing prefix mentioned above (there may be reserved resources for internal use)
+
+### Cleanup resources by cluster identified
+
 In order to cleanup an OCP cluster provisioned through OpenShift CI in AWS, follow these steps:
 
 1. Find the "name" of the cluster. Every cluster provisioned using OpenShift CI should have a unique name associated with it. This is how we know which AWS resources came from which Prow job.