From 44e0a4b50085e4267e2109d42dc01693f5f4be82 Mon Sep 17 00:00:00 2001
From: Matt Craddock <5796417+craddm@users.noreply.github.com>
Date: Thu, 7 Dec 2023 11:47:32 +0000
Subject: [PATCH 1/6] add documentation for removing SRE data storage

---
 .../roles/system_manager/manage_deployments.md   | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/docs/source/roles/system_manager/manage_deployments.md b/docs/source/roles/system_manager/manage_deployments.md
index 7b01adb3dc..d3cf0efc9f 100644
--- a/docs/source/roles/system_manager/manage_deployments.md
+++ b/docs/source/roles/system_manager/manage_deployments.md
@@ -127,6 +127,14 @@ On your **deployment machine**.
 
 - If you provide the optional `-dryRun` parameter then the names of all affected resources will be printed, but nothing will be deleted
 
+```{attention}
+The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist and must be deleted manually through the Azure Portal if desired. 
+
+This allows the data to be used for the project associated with the SRE to exist before and after the project starts and ends, without requiring the full SRE to be running.
+
+The storage account can be found under `RG_SHM_<SHM ID>_PERSISTENT_DATA`, with a name similar to `<SHM ID><SRE ID>data<random letters>`.
+```
+
 ## {{end}} Remove a complete Safe Haven
 
 ### {{collision}} Tear down any attached SREs
@@ -154,6 +162,14 @@ On your **deployment machine**.
     If you provide the optional `-dryRun` parameter then the names of all affected resources will be printed, but nothing will be deleted
     ```
 
+```{attention}
+The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist and must be deleted manually through the Azure Portal if desired. 
+
+This allows the data to be used for the project associated with the SRE to exist before and after the project starts and ends, without requiring the full SRE to be running.
+
+The storage account can be found under `RG_SHM_<SHM ID>_PERSISTENT_DATA`, with a name similar to `<SHM ID><SRE ID>data<random letters>`.
+```
+
 ### {{unlock}} Disconnect from the Azure Active Directory
 
 Connect to the **SHM Domain Controller (DC1)** via Remote Desktop Client over the SHM VPN connection

From fef9aebd5a8f3a745a51e262cf89eafb5bde18b5 Mon Sep 17 00:00:00 2001
From: Matt Craddock <5796417+craddm@users.noreply.github.com>
Date: Thu, 7 Dec 2023 11:48:59 +0000
Subject: [PATCH 2/6] Reformat and reorder paragraph

---
 .../source/roles/system_manager/manage_deployments.md | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/docs/source/roles/system_manager/manage_deployments.md b/docs/source/roles/system_manager/manage_deployments.md
index d3cf0efc9f..5f59edf92b 100644
--- a/docs/source/roles/system_manager/manage_deployments.md
+++ b/docs/source/roles/system_manager/manage_deployments.md
@@ -128,10 +128,9 @@ On your **deployment machine**.
 - If you provide the optional `-dryRun` parameter then the names of all affected resources will be printed, but nothing will be deleted
 
 ```{attention}
-The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist and must be deleted manually through the Azure Portal if desired. 
-
+The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist. 
 This allows the data to be used for the project associated with the SRE to exist before and after the project starts and ends, without requiring the full SRE to be running.
-
+The storage account must be deleted manually through the Azure Portal if desired. 
 The storage account can be found under `RG_SHM_<SHM ID>_PERSISTENT_DATA`, with a name similar to `<SHM ID><SRE ID>data<random letters>`.
 ```
 
@@ -162,11 +161,11 @@ On your **deployment machine**.
     If you provide the optional `-dryRun` parameter then the names of all affected resources will be printed, but nothing will be deleted
     ```
 
-```{attention}
-The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist and must be deleted manually through the Azure Portal if desired. 
 
+```{attention}
+The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist. 
 This allows the data to be used for the project associated with the SRE to exist before and after the project starts and ends, without requiring the full SRE to be running.
-
+The storage account must be deleted manually through the Azure Portal if desired. 
 The storage account can be found under `RG_SHM_<SHM ID>_PERSISTENT_DATA`, with a name similar to `<SHM ID><SRE ID>data<random letters>`.
 ```
 

From 15bd05a566af3757482b8f438ac61ff9aff7b387 Mon Sep 17 00:00:00 2001
From: Matt Craddock <5796417+craddm@users.noreply.github.com>
Date: Thu, 7 Dec 2023 11:58:43 +0000
Subject: [PATCH 3/6] Fix typos in storage account docs

---
 docs/source/deployment/snippets/05_storage_accounts.partial.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/source/deployment/snippets/05_storage_accounts.partial.md b/docs/source/deployment/snippets/05_storage_accounts.partial.md
index 66a3498766..7a9f88ba81 100644
--- a/docs/source/deployment/snippets/05_storage_accounts.partial.md
+++ b/docs/source/deployment/snippets/05_storage_accounts.partial.md
@@ -7,4 +7,4 @@ PS> ./Setup_SRE_Storage_Accounts.ps1 -shmId <SHM ID> -sreId <SRE ID>
 - where `<SHM ID>` is the {ref}`management environment ID <roles_deployer_shm_id>` for this SHM
 - where `<SRE ID>` is the {ref}`secure research environment ID <roles_deployer_sre_id>` for this SRE
 
-This script will create a storage account in the `RG_SHM_<shmId>_DATA_PERSISTENT` resource group, a corresponding private end point in `RG_SRE_NETWORKING` and will configure the DNS zone of the storage account to the right IP address.
+This script will create a storage account in the `RG_SHM_<SHM ID>_PERSISTENT_DATA` resource group, a corresponding private end point in `RG_SRE_<SRE ID>_NETWORKING` and will configure the DNS zone of the storage account to the right IP address.

From 11d9b25b91ef08c9cf9bced835451a5a88d6efe4 Mon Sep 17 00:00:00 2001
From: Matt Craddock <5796417+craddm@users.noreply.github.com>
Date: Thu, 7 Dec 2023 12:05:29 +0000
Subject: [PATCH 4/6] Modify instructions for deletion of SRE storage

---
 docs/source/roles/system_manager/manage_deployments.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/docs/source/roles/system_manager/manage_deployments.md b/docs/source/roles/system_manager/manage_deployments.md
index 5f59edf92b..9091a2c73c 100644
--- a/docs/source/roles/system_manager/manage_deployments.md
+++ b/docs/source/roles/system_manager/manage_deployments.md
@@ -127,11 +127,12 @@ On your **deployment machine**.
 
 - If you provide the optional `-dryRun` parameter then the names of all affected resources will be printed, but nothing will be deleted
 
-```{attention}
 The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist. 
 This allows the data to be used for the project associated with the SRE to exist before and after the project starts and ends, without requiring the full SRE to be running.
+```{attention}
 The storage account must be deleted manually through the Azure Portal if desired. 
 The storage account can be found under `RG_SHM_<SHM ID>_PERSISTENT_DATA`, with a name similar to `<SHM ID><SRE ID>data<random letters>`.
+Deleting the SRE storage account from `RG_SHM_<SHM ID>_PERSISTENT_DATA` will delete any work that was done in the SRE. 
 ```
 
 ## {{end}} Remove a complete Safe Haven
@@ -161,12 +162,12 @@ On your **deployment machine**.
     If you provide the optional `-dryRun` parameter then the names of all affected resources will be printed, but nothing will be deleted
     ```
 
-
-```{attention}
 The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist. 
 This allows the data to be used for the project associated with the SRE to exist before and after the project starts and ends, without requiring the full SRE to be running.
+```{attention}
 The storage account must be deleted manually through the Azure Portal if desired. 
 The storage account can be found under `RG_SHM_<SHM ID>_PERSISTENT_DATA`, with a name similar to `<SHM ID><SRE ID>data<random letters>`.
+Deleting the SRE storage account from `RG_SHM_<SHM ID>_PERSISTENT_DATA` will delete any work that was done in the SRE. 
 ```
 
 ### {{unlock}} Disconnect from the Azure Active Directory

From 929eecf8a38eb5a5fe421689cd1086b380816db5 Mon Sep 17 00:00:00 2001
From: Matt Craddock <5796417+craddm@users.noreply.github.com>
Date: Thu, 7 Dec 2023 12:09:28 +0000
Subject: [PATCH 5/6] Update docs

---
 .../roles/system_manager/manage_deployments.md       | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/docs/source/roles/system_manager/manage_deployments.md b/docs/source/roles/system_manager/manage_deployments.md
index 9091a2c73c..b326d5c327 100644
--- a/docs/source/roles/system_manager/manage_deployments.md
+++ b/docs/source/roles/system_manager/manage_deployments.md
@@ -127,12 +127,12 @@ On your **deployment machine**.
 
 - If you provide the optional `-dryRun` parameter then the names of all affected resources will be printed, but nothing will be deleted
 
-The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist. 
+The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist.
 This allows the data to be used for the project associated with the SRE to exist before and after the project starts and ends, without requiring the full SRE to be running.
 ```{attention}
-The storage account must be deleted manually through the Azure Portal if desired. 
+To avoid accidental deletion, the storage account must be deleted manually through the Azure Portal.
 The storage account can be found under `RG_SHM_<SHM ID>_PERSISTENT_DATA`, with a name similar to `<SHM ID><SRE ID>data<random letters>`.
-Deleting the SRE storage account from `RG_SHM_<SHM ID>_PERSISTENT_DATA` will delete any work that was done in the SRE. 
+Deleting the SRE storage account from `RG_SHM_<SHM ID>_PERSISTENT_DATA` will delete any work that was done in the SRE.
 ```
 
 ## {{end}} Remove a complete Safe Haven
@@ -162,12 +162,12 @@ On your **deployment machine**.
     If you provide the optional `-dryRun` parameter then the names of all affected resources will be printed, but nothing will be deleted
     ```
 
-The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist. 
+The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist.
 This allows the data to be used for the project associated with the SRE to exist before and after the project starts and ends, without requiring the full SRE to be running.
 ```{attention}
-The storage account must be deleted manually through the Azure Portal if desired. 
+To avoid accidental deletion, the storage account must be deleted manually through the Azure Portal.
 The storage account can be found under `RG_SHM_<SHM ID>_PERSISTENT_DATA`, with a name similar to `<SHM ID><SRE ID>data<random letters>`.
-Deleting the SRE storage account from `RG_SHM_<SHM ID>_PERSISTENT_DATA` will delete any work that was done in the SRE. 
+Deleting the SRE storage account from `RG_SHM_<SHM ID>_PERSISTENT_DATA` will delete any work that was done in the SRE.
 ```
 
 ### {{unlock}} Disconnect from the Azure Active Directory

From 0641bee26ac091700792e3e4095bbbe9b47417f3 Mon Sep 17 00:00:00 2001
From: Matt Craddock <5796417+craddm@users.noreply.github.com>
Date: Thu, 7 Dec 2023 12:11:30 +0000
Subject: [PATCH 6/6] fix linting error

---
 docs/source/roles/system_manager/manage_deployments.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/source/roles/system_manager/manage_deployments.md b/docs/source/roles/system_manager/manage_deployments.md
index b326d5c327..88fbc31179 100644
--- a/docs/source/roles/system_manager/manage_deployments.md
+++ b/docs/source/roles/system_manager/manage_deployments.md
@@ -129,6 +129,7 @@ On your **deployment machine**.
 
 The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist.
 This allows the data to be used for the project associated with the SRE to exist before and after the project starts and ends, without requiring the full SRE to be running.
+
 ```{attention}
 To avoid accidental deletion, the storage account must be deleted manually through the Azure Portal.
 The storage account can be found under `RG_SHM_<SHM ID>_PERSISTENT_DATA`, with a name similar to `<SHM ID><SRE ID>data<random letters>`.
@@ -164,6 +165,7 @@ On your **deployment machine**.
 
 The `SRE_Teardown.ps1` script *does not* remove the SRE data storage account stored in the SHM. Thus, the `ingress`, `egress`, and `backup` data folders still exist.
 This allows the data to be used for the project associated with the SRE to exist before and after the project starts and ends, without requiring the full SRE to be running.
+
 ```{attention}
 To avoid accidental deletion, the storage account must be deleted manually through the Azure Portal.
 The storage account can be found under `RG_SHM_<SHM ID>_PERSISTENT_DATA`, with a name similar to `<SHM ID><SRE ID>data<random letters>`.