I want to delete my Network Load Balancer that's associated with AWS PrivateLink endpoint services.
Resolution
When you try to delete a Network Load Balancer that's associated with PrivateLink, you receive the following error message: "Network Load Balancer is currently associated with another service".
Before you can delete a Network Load Balancer, first check whether the Network Load Balancer is associated with endpoint services. If you see that it's associated with endpoint services, then you must disassociate it.
To remove the association with endpoint services from a Network Load Balancer, complete the following steps:
- Reject the endpoint connections on the endpoint service.
- Disassociate the Network Load Balancer from the endpoint service.
- Delete the Network Load Balancer.
To perform these steps, use the Amazon Virtual Private Cloud (VPC) console or the AWS Command Line Interface (AWS CLI).
Use the Amazon VPC console
Complete the following steps:
- Open the Amazon VPC console.
- Choose Endpoint services.
- To search for endpoint services, enter the Network Load Balancer ARN in the Filter field.
- To determine the endpoint connections that are attached to your endpoint service, choose the Endpoint connections tab.
- For all the connections that aren't in the Rejected state, choose Actions, Reject endpoint connection request.
- Choose the Load Balancers tab.
- To disassociate your Network Load Balancer from the endpoint service, choose Associate or Disassociate Load Balancers.
- Under Available Load Balancers, clear the Network Load Balancer's name, and then choose Save changes.
Note: If there are no other load balancers that are associated with this endpoint service, then you receive the error message Must select at least one Load Balancer. If you receive this error, then delete the endpoint service to remove the association.
- To delete the Network Load Balancer, see Delete a Network Load Balancer.
Use the AWS CLI
Note: If you receive errors when you run AWS CLI commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.
Complete the following steps:
-
To describe the endpoint service configurations, run the describe-vpc-endpoint-service-configurations command:
Note: Replace us-east-1 with the AWS Region where your Network Load Balancer is located.
aws ec2 describe-vpc-endpoint-service-configurations --region us-east-1 | grep -B 1 -A 3 /net/
The previous command filters the Network Load Balancer ARN and the associated endpoint service name in the Region. In the command output, search for the Network Load Balancer ARN (or use a specific filter in grep). If you find a match, then the Network Load Balancer is associated with endpoint services. Note the service ID of the endpoint service.
The output looks similar to the following:
$ aws ec2 describe-vpc-endpoint-service-configurations --region us-east-1 | grep -B 1 -A 3 /net/ "NetworkLoadBalancerArns": [
"arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/NLB-Test/ca76ff83bdfc24c6"
],
"ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-1234abc1234abc123",
"Tags": [
-
To reject the endpoint connections on the service, run the reject-vpc-endpoint-connections command:
aws ec2 reject-vpc-endpoint-connections --service-id vpce-svc-1234abc1234abc123 --vpc-endpoint-ids vpce-1234abc1234abc123
-
To disassociate the Network Load Balancer from the endpoint service, run the modify-vpc-endpoint-service-configuration command:
aws ec2 modify-vpc-endpoint-service-configuration --service-id vpce-svc-1234abc1234abc123 --remove-network-load-balancer-arns arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/NLB-Test/ca76ff83bdfc24c
-
To delete the Network Load Balancer, run the delete-load-balancer command.