By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Can't delete a RequesterManaged Network interface

0

I did the [https://catalog.us-east-1.prod.workshops.aws/workshops/976050cc-0606-4b23-b49f-ca7b8ac4b153/en-US]( Data Engineering Immersion Day) session from workshops.aws by my own and when I wanted to clean up the resources after all, a couple of resources have not been deleted by the "Delete stack" function in CloudFormation.

Remaining resources are only these: IGW, ENI,PrivateSubnet,RouteTable,VPC

Manual deletion of the network interface did not work due to: Failed to detach the network interface. API error: "You do not have permission to access the specified resource."

What I've found is that there is a "RequesterId": "27xxxxx". I don't know how this had been created, because I have a different account number and I did not create such resources. Could the CloudFormation template have created such ? I can't delete the ENI, but I want to release the publicIP after all. How to delete it?

"NetworkInterfaces": [ { "Association": { "IpOwnerId": "23xxxxx", "PublicIp": "3.230.216.167" }, "Attachment": { "AttachTime": "2024-04-24T11:29:56+00:00", "AttachmentId": "eni-attach-061bad9b2a0e20bd3", "DeleteOnTermination": false, "InstanceOwnerId": "23xxxxx", "Status": "attached" }, "Groups": [ { "GroupName": "dmslab-student-sgdefault-6ykSO9oeetTe", "GroupId": "sg-0e4d09d04549c0606" } ], "NetworkInterfaceId": "eni-00ca9c577f535eaa6", "OwnerId": "43xxxxx", "RequesterId": "27xxxxx", "RequesterManaged": true, "Status": "in-use", "SubnetId": "subnet-09f49b4c49429eee7", "VpcId": "vpc-0173bc2edc5b71725" } ]

Topics
Networking & Content DeliveryManagement & Governance
Tags
Amazon VPCAWS CloudFormationAWS Workshop Studio
Language
English
SzabolcsK
asked 10 days ago117 views
2 Answers
1
Accepted Answer

Hello.

Are there any DMS replication instances or endpoints left?
If the DMS resources remain, the ENI should also remain, so make sure that the DMS resources are deleted.

Looking at the workshop documentation, it appears that the DMS replication instance uses the corresponding security group.
So that ENI could be that of a DMS replication instance.
https://catalog.us-east-1.prod.workshops.aws/workshops/976050cc-0606-4b23-b49f-ca7b8ac4b153/en-US/400/401/430-main-lab

If there are any remaining DMS replication instances, please try deleting them using the steps in the document below.
https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.Deleting.html

profile picture
EXPERT
Riku_Kobayashi
answered 9 days ago
  • SzabolcsK
    9 days ago

    Thank you Riku! That was it! 1 remaining DMS replication instance was left. I totally forgot to delete that replica..

    It was hard to guess which AWS service could have been the Requester owner in this case. Is there any hint which makes it easy to figure this out ? (other than relying on the workshop instruction material)

  • Riku_Kobayashi EXPERT
    9 days ago

    It may be a good idea to search for AWS resources that are likely to be related to the ENI using the "Confirm you have terminated all active resources" step described in the document below. https://repost.aws/knowledge-center/check-for-active-resources

  • SzabolcsK
    9 days ago

    Thx. Greatly appreciated!

0

Review CloudFormation Template: Go back to the CloudFormation template used to create the stack. Check if there are any configurations that might have caused the ENI to be created with a "RequesterId" from a different account. Look for any references to the specific ENI or the "RequesterId".

Check Stack Deletion Policy: Sometimes, CloudFormation can't delete resources due to dependencies or permissions issues. Review the deletion policy for the stack and ensure it's set to "Retain" or "Delete" for the ENI and other resources.

Before attempting to delete the ENI again, ensure that any resources associated with it, such as instances, security groups, or network interfaces, are terminated or detached. CloudFormation may fail to delete resources if they are still in use.

Release Public IP: Once the ENI is detached or deleted, you can release the associated public IP address. This can typically be done through the AWS Management Console or AWS CLI by navigating to the Elastic IPs section and releasing the IP address

Garre Sandeep
answered 10 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content