By using AWS re:Post, you agree to the Terms of Use

EKS Cluster was create Security Group and don't cleanup this SG after destroy


About two weeks ago we found that CFN manifest after delete can not removed VPC. I've checked that and it turned out that the EKS cluster don't removed Security Group which self created. Security group has naming "eks-cluster-sg-EKS-*" with description "EKS created security group applied to ENI that is attached to EKS Control Plane master nodes, as well as any managed workloads." How I can fix that? For reproduce that you need to deploy VPC with EKS by CFN or using AWS QSS solution. Thanks

  • Has the EKS cluster been deleted? I dont think the controllers clean up after them self so its a manual tasks of finding the resources and cleaning up after it

  • The cluster was removed but the sg groups remained. Before now, the cluster deleted its sg behind it