CloudFormation is buggy and won't properly clean up VPC and Internet Gateway

Question

I'm using the `eksctl` utility to build and destroy Kubernetes clusters on Amazon EKS. When I delete the CloudFormation stacks, most of the resources are properly destroyed, including the EKS cluster itself. *However*, the VPC and Internet Gateway are getting hung up, and will not clean up properly. This is leaving my account with a bunch of orphaned VPC resources that I don't want, and contributing to my resource limits unnecessarily. The CloudFormation stacks get stuck in the `DELETE_FAILED` state.

```
The vpc 'vpc-096bd7c39859b6afb' has dependencies and cannot be deleted. (Service: AmazonEC2; Status Code: 400; Error Code: DependencyViolation; Request ID: 28dda82e-9aa9-4d05-b870-9371d77cee23; Proxy: null)
```

```
The internetGateway 'igw-0c214b63b8b795b81' has dependencies and cannot be deleted. (Service: Ec2, Status Code: 400, Request ID: 71c41fe9-1247-4a29-ac47-d5c32d29837d, Extended Request ID: null)
```

**Question**: Can the AWS CloudFormation team fix this, so that the resources are properly cleaned up?

Accepted Answer

As noted [here](https://docs.aws.amazon.com/eks/latest/userguide/delete-cluster.html), do you have any active services associated with LBs in your EKS cluster?

If so, you should delete those services through kubectl and wait until the LBs are deleted properly.

Also generally it is recommended you use eksctl, or ensure you followed the steps in the above page when deleting clusters.

As a last resort, you can try to delete the IGWs and resources, such as ELBs, within the VPC manually to resolve dependencies and clean up resources.

CloudFormation is buggy and won't properly clean up VPC and Internet Gateway

相關內容