diff --git a/api/v1alpha1/managedcluster_types.go b/api/v1alpha1/managedcluster_types.go
index db1ceda04..158f4c7a7 100644
--- a/api/v1alpha1/managedcluster_types.go
+++ b/api/v1alpha1/managedcluster_types.go
@@ -22,7 +22,7 @@ import (
 )
 
 const (
-	BlockingFinalizer       = "hmc.mirantis.com/do-not-delete"
+	BlockingFinalizer       = "hmc.mirantis.com/cleanup"
 	ManagedClusterFinalizer = "hmc.mirantis.com/managed-cluster"
 
 	FluxHelmChartNameKey = "helm.toolkit.fluxcd.io/name"
diff --git a/internal/controller/managedcluster_controller.go b/internal/controller/managedcluster_controller.go
index 4d44cac54..5a0e58df6 100644
--- a/internal/controller/managedcluster_controller.go
+++ b/internal/controller/managedcluster_controller.go
@@ -47,7 +47,6 @@ import (
 	hmc "github.com/Mirantis/hmc/api/v1alpha1"
 	"github.com/Mirantis/hmc/internal/helm"
 	"github.com/Mirantis/hmc/internal/telemetry"
-	"github.com/Mirantis/hmc/internal/utils"
 )
 
 // ManagedClusterReconciler reconciles a ManagedCluster object
@@ -76,17 +75,11 @@ var (
 		Kind:    "azurecluster",
 	}
 
-	gvkAWSMachine = schema.GroupVersionKind{
+	gvkMachine = schema.GroupVersionKind{
 		Group:   "cluster.x-k8s.io",
 		Version: "v1beta1",
 		Kind:    "machine",
 	}
-
-	gvkAzureMachine = schema.GroupVersionKind{
-		Group:   "infrastructure.cluster.x-k8s.io",
-		Version: "v1beta1",
-		Kind:    "azuremachine",
-	}
 )
 
 // Reconcile is part of the main kubernetes reconciliation loop which aims to
@@ -427,15 +420,16 @@ func (r *ManagedClusterReconciler) Delete(ctx context.Context, l logr.Logger, ma
 		return ctrl.Result{}, err
 	}
 
-	err = r.releaseCluster(ctx, managedCluster.Namespace, managedCluster.Name, managedCluster.Spec.Template)
+	err = helm.DeleteHelmRelease(ctx, r.Client, managedCluster.Name, managedCluster.Namespace)
 	if err != nil {
 		return ctrl.Result{}, err
 	}
 
-	err = helm.DeleteHelmRelease(ctx, r.Client, managedCluster.Name, managedCluster.Namespace)
+	err = r.releaseCluster(ctx, managedCluster.Namespace, managedCluster.Name, managedCluster.Spec.Template)
 	if err != nil {
 		return ctrl.Result{}, err
 	}
+
 	l.Info("HelmRelease still exists, retrying")
 	return ctrl.Result{RequeueAfter: 10 * time.Second}, nil
 }
@@ -447,8 +441,8 @@ func (r *ManagedClusterReconciler) releaseCluster(ctx context.Context, namespace
 	}
 
 	providerGVKs := map[string]providerSchema{
-		"aws":   {machine: gvkAWSMachine, cluster: gvkAWSCluster},
-		"azure": {machine: gvkAzureMachine, cluster: gvkAzureCluster},
+		"aws":   {machine: gvkMachine, cluster: gvkAWSCluster},
+		"azure": {machine: gvkMachine, cluster: gvkAzureCluster},
 	}
 
 	// Associate the provider with it's GVK
@@ -473,7 +467,7 @@ func (r *ManagedClusterReconciler) releaseCluster(ctx context.Context, namespace
 
 func (r *ManagedClusterReconciler) getProviders(ctx context.Context, templateName string) ([]string, error) {
 	template := &hmc.Template{}
-	templateRef := types.NamespacedName{Name: templateName, Namespace: utils.DefaultSystemNamespace}
+	templateRef := types.NamespacedName{Name: templateName, Namespace: r.SystemNamespace}
 	if err := r.Get(ctx, templateRef, template); err != nil {
 		log.FromContext(ctx).Error(err, "Failed to get Template", "templateName", templateName)
 		return nil, err
@@ -481,10 +475,11 @@ func (r *ManagedClusterReconciler) getProviders(ctx context.Context, templateNam
 	return template.Status.Providers.InfrastructureProviders, nil
 }
 
-func (r *ManagedClusterReconciler) removeClusterFinalizer(ctx context.Context, namespace, clusterName string, gvk schema.GroupVersionKind) error {
+func (r *ManagedClusterReconciler) removeClusterFinalizer(ctx context.Context, namespace, name string, gvk schema.GroupVersionKind) error {
 	l := log.FromContext(ctx)
 	opts := &client.ListOptions{
-		LabelSelector: labels.SelectorFromSet(map[string]string{hmc.FluxHelmChartNameKey: clusterName}),
+		LabelSelector: labels.SelectorFromSet(map[string]string{hmc.FluxHelmChartNameKey: name}),
+		Namespace:     namespace,
 	}
 	itemsList := &metav1.PartialObjectMetadataList{}
 	itemsList.SetGroupVersionKind(gvk)
@@ -492,7 +487,7 @@ func (r *ManagedClusterReconciler) removeClusterFinalizer(ctx context.Context, n
 		return err
 	}
 	if len(itemsList.Items) == 0 {
-		l.Info("Object not found", gvk.Kind, clusterName)
+		l.Info("Object not found", gvk.Kind, name)
 		return nil
 	}
 
@@ -503,7 +498,7 @@ func (r *ManagedClusterReconciler) removeClusterFinalizer(ctx context.Context, n
 	if finalizersUpdated {
 		l.Info("Allow to stop cluster", "finalizer", hmc.BlockingFinalizer)
 		if err := r.Client.Patch(ctx, &cluster, client.MergeFrom(&originalCluster)); err != nil {
-			return fmt.Errorf("failed to patch cluster %s/%s: %w", namespace, clusterName, err)
+			return fmt.Errorf("failed to patch cluster %s/%s: %w", namespace, name, err)
 		}
 	}
 
diff --git a/templates/aws-hosted-cp/templates/awscluster.yaml b/templates/aws-hosted-cp/templates/awscluster.yaml
index 65e370873..ea52af698 100644
--- a/templates/aws-hosted-cp/templates/awscluster.yaml
+++ b/templates/aws-hosted-cp/templates/awscluster.yaml
@@ -5,7 +5,7 @@ metadata:
   annotations:
     cluster.x-k8s.io/managed-by: k0smotron
   finalizers:
-  - hmc.mirantis.com/do-not-delete
+  - hmc.mirantis.com/cleanup
 spec:
   region: {{ .Values.region }}
   # identityRef:
diff --git a/templates/aws-standalone-cp/templates/awscluster.yaml b/templates/aws-standalone-cp/templates/awscluster.yaml
index f797a8c20..5e2d4e4d9 100644
--- a/templates/aws-standalone-cp/templates/awscluster.yaml
+++ b/templates/aws-standalone-cp/templates/awscluster.yaml
@@ -2,6 +2,8 @@ apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: AWSCluster
 metadata:
   name: {{ include "cluster.name" . }}
+  finalizers:
+  - hmc.mirantis.com/cleanup
 spec:
   region: {{ .Values.region }}
   # identityRef:
diff --git a/templates/azure-hosted-cp/templates/azurecluster.yaml b/templates/azure-hosted-cp/templates/azurecluster.yaml
index a93a8e10b..b1734116d 100644
--- a/templates/azure-hosted-cp/templates/azurecluster.yaml
+++ b/templates/azure-hosted-cp/templates/azurecluster.yaml
@@ -5,7 +5,7 @@ metadata:
   annotations:
     cluster.x-k8s.io/managed-by: k0smotron
   finalizers:
-  - hmc.mirantis.com/do-not-delete
+  - hmc.mirantis.com/cleanup
 spec:
   identityRef:
     kind: AzureClusterIdentity
diff --git a/templates/hmc/templates/rbac/roles.yaml b/templates/hmc/templates/rbac/roles.yaml
index bb2b995ab..6cb6bea50 100644
--- a/templates/hmc/templates/rbac/roles.yaml
+++ b/templates/hmc/templates/rbac/roles.yaml
@@ -125,8 +125,7 @@ rules:
   - infrastructure.cluster.x-k8s.io
   resources:
   - awsclusters
-  - azurecluster
-  - azuremachine
+  - azureclusters
   verbs:
   - get
   - list