AWS failing to remove the ENI when removing Lambda attached to VPC


AWS is failing to remove the ENI after 20 minutes leaving the stack in a failed state. The Lambda which is connected to a VPC and Subnet is removed but it's Security Group and Subnet lingers.

DELETE_FAILED | AWS::EC2::SecurityGroup | Lambda/SecurityGroup (LambdaSecurityGroup123) resource sg-123 has a dependent object (Service: Ec2, Status Code: 400, Request ID: 123)

Whilst I understand it's failing to delete the Security Group because the ENI isn't being deleted by AWS. I'm failing to understand why AWS isn't removing the ENI after 20 minutes?

  • Check the CloudWatch logs for the Lambda function to see if there were any errors or issues during execution that might have prevented it

2 Answers
Accepted Answer

By creating the security groups seperatly outside of the Lambda CDK stack - this allowed the ENI to be destroyed.

answered 9 days ago
profile picture
reviewed 9 days ago

I have the same issue when redeploying Lambda with Terraform.. Give it a little more time and they should go.

profile picture
answered 10 days ago
profile pictureAWS
reviewed 10 days ago
  • I left it for an hour and it failed to delete. Also tried re running cdk destroy but AWS still fails to delete the ENI and stack.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content