diff --git a/.github/workflows/janitor.yaml b/.github/workflows/janitor.yaml
new file mode 100644
index 00000000..561e648d
--- /dev/null
+++ b/.github/workflows/janitor.yaml
@@ -0,0 +1,61 @@
+name: Janitor
+
+on:
+  schedule:
+    - cron: "0 3 * * *"
+  workflow_dispatch:
+
+jobs:
+  azure-janitor:
+    name: azure-janitor
+    runs-on: ubuntu-latest
+    steps:
+      - name: Login to Azure
+        uses: azure/login@v2
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+
+      - name: Cleanup
+        continue-on-error: true
+        run: |
+          # Get the AKS clusters by prefix
+          for rg in $(az group list --query "[?contains(name,'auto-aks-hp-ci')].{Name: name}" | jq -r ".[] | .Name" 2> /dev/null); do
+            echo "Deleting AKS resource group: $rg"
+            az group delete --name $rg --yes
+          done
+
+  aws-janitor:
+    name: aws-janitor
+    runs-on: ubuntu-latest
+    if: ${{ false }}
+    env:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    steps:
+      - name: Cleanup
+        uses: rancher-sandbox/aws-janitor@v0.1.0
+        with:
+          regions: ${{ secrets.EKS_REGION }}
+          commit: false
+          ignore-tag: janitor-ignore
+
+  gcp-janitor:
+    name: gcp-janitor
+    runs-on: ubuntu-latest
+    steps:
+      - name: Authenticate to GCP
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
+
+      - name: Setup gcloud
+        uses: google-github-actions/setup-gcloud@v2
+
+      - name: Cleanup
+        continue-on-error: true
+        run: |
+          # Get the GKE clusters by prefix
+          for cl in $(gcloud container clusters list --location asia-south2-c --filter="name:auto-gke-hp-ci" --format json | jq -r ".[] | .name" 2> /dev/null); do
+            echo "Deleting GKE cluster: $cl"
+            gcloud container clusters delete --location asia-south2-c $cl --async --quiet
+          done
diff --git a/hosted/eks/helper/helper_cluster.go b/hosted/eks/helper/helper_cluster.go
index 3c277819..b39f2b04 100644
--- a/hosted/eks/helper/helper_cluster.go
+++ b/hosted/eks/helper/helper_cluster.go
@@ -3,6 +3,7 @@ package helper
 import (
 	"fmt"
 	"os"
+	"strconv"
 
 	"github.com/rancher/shepherd/extensions/clusters/eks"
 
@@ -23,6 +24,10 @@ func GetTags() map[string]string {
 	eksConfig := new(management.EKSClusterConfigSpec)
 	config.LoadConfig(eks.EKSClusterConfigConfigurationFileKey, eksConfig)
 	providerTags := helpers.GetCommonMetadataLabels()
+	if clusterCleanup, _ := strconv.ParseBool(os.Getenv("DOWNSTREAM_CLUSTER_CLEANUP")); clusterCleanup == false {
+		providerTags["janitor-ignore"] = "true"
+	}
+
 	if eksConfig.Tags != nil {
 		for key, value := range *eksConfig.Tags {
 			providerTags[key] = value
diff --git a/hosted/helpers/structs.go b/hosted/helpers/structs.go
index e2d6383f..d2f2e114 100644
--- a/hosted/helpers/structs.go
+++ b/hosted/helpers/structs.go
@@ -3,6 +3,8 @@ package helpers
 import (
 	"fmt"
 	"os"
+	"os/user"
+	"strconv"
 	"time"
 
 	"github.com/rancher/shepherd/clients/rancher"
@@ -25,8 +27,16 @@ var (
 			return "latest"
 		}
 	}()
-	Provider                = os.Getenv("PROVIDER")
-	ClusterNamePrefix       = fmt.Sprintf("%shostcluster-hp", Provider)
+	Provider          = os.Getenv("PROVIDER")
+	testuser, _       = user.Current()
+	clusterCleanup, _ = strconv.ParseBool(os.Getenv("DOWNSTREAM_CLUSTER_CLEANUP"))
+	ClusterNamePrefix = func() string {
+		if clusterCleanup {
+			return fmt.Sprintf("%s-hp-ci", Provider)
+		} else {
+			return fmt.Sprintf("%s-%s-hp-ci", Provider, testuser.Username)
+		}
+	}()
 	RancherVersion          = os.Getenv("RANCHER_VERSION")
 	RancherUpgradeVersion   = os.Getenv("RANCHER_UPGRADE_VERSION")
 	Kubeconfig              = os.Getenv("KUBECONFIG")