Skip to main content

Offboarding

Welcome to the Crime Platform offboarding process. This page will walk you through the steps to remove access from a departing user from non-live and/or live tenants.

Overview

Offboarding consists of the following steps:

  1. Revoke User - Set account_enabled to false in the respective *.tfvars file to disable the user’s access. This will disable their non-live/live Azure account in Entra ID, delete their local account including home folder and authenticator config from DMZ Jumpbox, revoke their VPN access on VPN VMs, and delete their authenticator and VPN secrets in Azure KV.
  2. Remove User - Once user has been revoked you can remove them from the config altogether and their remaining resources will be deleted:
    • Entra ID account
    • GPG, SSH and initial encrypted password KV secrets
This page was last reviewed on 23 April 2026. It needs to be reviewed again on 23 October 2026 by the page owner platops-build-notices .
This page was set to be reviewed before 23 October 2026 by the page owner platops-build-notices. This might mean the content is out of date.