Can't delete AWS internet Gateway

amazon-web-services networking amazon-ec2 amazon-vpc gateway
34,360

Solution 1

You have some resources in the VPC that have been assigned a Public IP address, such as:

  • Amazon EC2 instances
  • Amazon RDS instances
  • Amazon Redshift cluster
  • VPC NAT Gateways
  • etc.

These IP addresses might have been assigned as an Elastic IP address or as an "auto-assign Public IP address" no instance creation.

You will need to delete these Elastic IP addresses before the Internet Gateway can be removed. If they were auto-assigned IP addresses, then Stop the instances to remove the public IP addresses.

You might also need to edit your Route Tables so that they do not refer to the Internet Gateway.

Solution 2

had eks in a vpc, deleted the cluster but now there's network interfaces with an EIP and sg attached to them that were loadbalancers that did not get deleted when deleting the cluster because the deployments were not deleted inside the cluster before deleting the cluster itself. Had to find all associated ELB's and delete them, then security groups, then intefaces, EIP, all the way down the line till finally deleting the internet gateway and vpc.

Solution 3

I had to delete NAT gateway that was hanging around to resolve mine.

Solution 4

For those facing the same problem check also Route tables having the Internet Gateway as target

Solution 5

Personally, I had to manually reject connections from the endpoint services in the VPC.
Endpoint Services > Select Service > Endpoint Connections > Select connection > Actions > Reject endpoint connection request

Share:
34,360

Related videos on Youtube

Souad
Author by

Souad

I Love programming, solve errors, production.

Updated on July 15, 2020

Comments

  • Souad
    Souad almost 4 years

    I created an internet gateway in AWS VPC dashboard, I attached it to a VPC then I want to detach it but I keep getting this error:

    Network vpc-xxxx has some mapped public adresses, Please unmap those public addresses before detaching the gateway. ( Service: AmazonEC2; Status Code: 400; Error Code: DependencyViolation; Request ID: qfdqsdf)

    What to do to detache this IGW ? Why exactly do I get this error?

    I need to get rid of this IGW without deleting extra resources. please any ideas?

    For information, the route table of the VPC does contain public addresses but they are routed to other targets. This IGW is not set as target anywhere.

    • helloV
      helloV almost 7 years
      Is the VPC empty or are there instances in the VPC's public subnet?
    • Souad
      Souad almost 7 years
      Yes there are instances in the subnets. these subnets are attached to virtual gateway not to internet gateway
    • helloV
      helloV almost 7 years
      If you have unassociated elastic IPs, release them and try.
    • Souad
      Souad almost 7 years
      The thing is that I have no elastic IPs
    • Michael - sqlbot
      Michael - sqlbot almost 7 years
      Why do you "need" to get rid of an Internet Gateway? This implies you have no instances with public or elastic IP addresses, no NAT Gateways, no external ELBs, and no other resources with an elastic network interface with associated public IP addresses... yet, for some reason you did attach an IGW to your VPC, and it's unclear why that might have been or why you now want to remove it.
    • garryp
      garryp over 5 years
      I found a NAT gateway lingering that caused this, and had to delete it.
    • Xavi Montero
      Xavi Montero about 4 years
      I am in the same situation (although in a VPC I created tfor test). Thing is: If the VPC+subnets+instances+public-IPs could live 'before' the internet gateway was attached, I don't see any reason for it not being able to detach after an attach. I mean... I have a table. I put a glass. I want to remove the glass. It says "there's thirsty people there". Okey... before placing the glass, the table had no glasses and that's all.
    • Xavi Montero
      Xavi Montero about 4 years
      Additionally, if I'm not misunderstood, the Internet Gateway allows OUTGOING traffic. I mean: I might want to have a host with a public IP to reach it via ssh, but maybe I don't wont that host to start connections to the outside world. Isn't the Internet Gateway intended only for outgoing traffic? Maybe I'm confused with that.
  • luk2302
    luk2302 over 6 years
    Thanks for RDS tip, in my case someone did set up a database without cloudformation and caused the vpc stack to not be deletable.
  • ab77
    ab77 over 5 years
    Also EC2->Network Interfaces-> filter by VPC Id. In our case there were left-over Client VPN IP assignments.
  • Jordan Stewart
    Jordan Stewart almost 5 years
    I can't think of anything that fits under the "etc." category, but I guess AWS is releasing new services all the time.
  • Max Lobur
    Max Lobur over 4 years
    Was ELB + sec groups in my case
  • thelr
    thelr about 4 years
    Load balancers fit in "etc"
  • Christopher Thomas
    Christopher Thomas almost 4 years
    Yeah if you have a VPC Private Link in an API Gateway I need to do this in order to delete them. You need to reject the connection like you mentioned first
  • LuQQiu
    LuQQiu almost 3 years
    Delete the load balancer helps!
  • Francisco Cardoso
    Francisco Cardoso over 2 years
    Delete NAT gateway also
  • ChuyAMS
    ChuyAMS over 2 years
    I also had to delete the security groups

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Second ENI in AWS VPC is not accessible on Ubuntu instance
The ec2 instance can't access internet in a public subnet without a elastic ip address?
How do I keep my Amazon Linux EC2 instance /var/log/messages from being filled with dhclient and ec2net messages?
How to use IPSec / Openswan with Amazon's Virtual Private Cloud (VPC) and EC2?
How to assign EIP to Autoscaling Group of VPC in Cloudformation template
Finding my network's public IP address range
FileZilla FTP to AWS EC2 Windows Server 2012 Instance: Failed to retrieve directory listing
Unable to mount Elastic File System on EC2 (mount.nfs4: Connection timed out)
Troubleshooting "Network is unreachable" from within an Amazon VPC
NAT and NGINX on the same server