Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

I cannot delete a VPC Endpoint

0

Hi there,

I am trying to delete an entire VPC and the last elements on it are 2 ENIs that are attached to a VPC Endpoint and I am getting these messages when I try to delete this VPC Endpoint:

aws ec2 delete-vpc-endpoints --vpc-endpoint-ids vpce-VPCEID

{
    "Unsuccessful": [
        {
            "Error": {
                "Code": "InvalidParameter",
                "Message": "Operation is not allowed for requester-managed VPC endpoints for the service com.amazonaws.vpce.us-east-1.vpce-svc-SVCID."
            },
            "ResourceId": "vpce-VPCEID"
        }
    ]
}

Then I see the description of the service and I found this: aws ec2 describe-vpc-endpoint-services --service-names com.amazonaws.vpce.us-east-1.vpce-svc-SVCID

{
    "ServiceDetails": [
        {
            "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-SVCID",
            "ServiceId": "vpce-svc-SVCID",
            "ServiceType": [
                {
                    "ServiceType": "Interface"
                }
            ],
            "AvailabilityZones": [
                "us-east-1a",
                "us-east-1b",
                "us-east-1c",
                "us-east-1d",
                "us-east-1e",
                "us-east-1f"
            ],
            "Owner": "amazon",
            "BaseEndpointDnsNames": [
                "vpce-svc-SVCID.us-east-1.vpce.amazonaws.com"
            ],
            "VpcEndpointPolicySupported": false,
            "AcceptanceRequired": true,
            "ManagesVpcEndpoints": true,
            "PayerResponsibility": "ServiceOwner",
            "Tags": [],
            "SupportedIpAddressTypes": [
                "ipv4"
            ]
        }
    ],
    "ServiceNames": [
        "com.amazonaws.vpce.us-east-1.vpce-svc-SVCID"
    ]
}

Finally I understand that having "ManagesVpcEndpoints": true I cannot manually delete it because its managed directly by AWS. But I dont know with what it is exactly related, how can I get to delete it or at least know why it was created to detach the right resource?

BTW I do not have any listed resource when I go to the "VPC endpoint services" table on the AWS Console.

Thanks!

Temas
Redes y entrega de contenido
Etiquetas
Amazon VPC
Idioma
English
charlymonzon
preguntada hace un mes177 visualizaciones
1 Respuesta
1

Hello.

A VPC endpoint for requester managed is created when you create an AWS service (such as RDS Proxy).
This can be found in CloudTrail's event history if it was created within the last 90 days.
If it has been more than 90 days since it was created, you will not be able to view it on CloudTrail, so you will need to search for it steadily as described in the document below.
Therefore, please check if there are any AWS services related to the VPC endpoint, and if they exist, try deleting them.
https://repost.aws/knowledge-center/vpc-delete-requester-managed-endpoint

profile picture
EXPERTO
Riku_Kobayashi
respondido hace un mes
profile picture
EXPERTO
Oleksii Bebych
revisado hace un mes
profile pictureAWS
EXPERTO
AWS-User-alantam
revisado hace un mes
  • charlymonzon
    hace un mes

    Thanks for the answer, it has more than 90 days but there are no tags on the VPC Endpoint to look for the keys and values. There is an old account of a client of mine and I am trying to research all the services. I already deleted the databases, ec2 instances.. etc

  • Riku_Kobayashi EXPERTO
    hace un mes

    How about searching for active resources using the "Confirm you have terminated all active resources" procedure described in the document below? You might be able to find something if you search in the tag editor. https://repost.aws/knowledge-center/check-for-active-resources

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante