By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cannot delete ENI attached to destroyed EKS

0

Hello. via terraform I've created a stack with EKS. On EKS I did setup aws-load-balancer-ingress-conotroller and traefik.

Before to destroy everything via terraform I didn't delete the 2 pods for my alb and traefik service.

Doing so I'm not able to delete the eni created by these process.

I'm root in my account and I run also the following command

aws ec2 detach-network-interface --attachment-id eni-attach-xxxxxxxx --force

An error occurred (AuthFailure) when calling the DetachNetworkInterface operation: You do not have permission to access the specified resource.

Also I've a basic account, so I cannot contact the support in order to ask them to delete for me.

Can please someone shed some light ?

Thanks

Topics
Migration & ModernizationSecurity, Identity, & ComplianceComputeContainersNetworking & Content Delivery
Tags
AWS Database Migration ServiceAWS Network FirewallAmazon EC2Amazon Elastic Kubernetes ServiceElastic Load Balancing
Language
English
AWS-User-7974421
asked 2 years ago1219 views
2 Answers
0

Hello Michael and thanks for answering :)

The problem is that my cluster is already deleted but there is some security groups which was created by our deployment (aws-alb-ingress-controller) did created these eni. Because I deleted the cluster before to delete the aws-alb-ingress-controller, this made the ENI still attached and impossible to be removed.

How I can do that now ? I don't have the paying support :(

AWS-User-7974421
answered 2 years ago
  • MichaelFischer EXPERT
    2 years ago

    That ENI is probably associated with an Application Load Balancer associated with your account that was created by the controller. Destroy the ALB and the ENIs will also be deprovisioned.

0

You are most likely trying to delete one of the network interfaces associated with the EKS cluster endpoint that is projected into your VPC. Since the EKS cluster is "owned" by AWS, you cannot delete the cluster's ENIs, even as the root account. Once you successfully destroy the cluster, the ENIs will disappear.

Also, please be advised that accessing AWS via the root account is a disfavored approach and so we do not recommend it. See our best practices guidance for additional details.

AWS
EXPERT
MichaelFischer
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content