@shinyaz

Deleting a VPC after EKS cluster removal requires waiting for VPC endpoint ENI release

1 min read
#eks#kubernetes#vpc

After deleting an EKS cluster, I tried to delete the VPC and hit DependencyViolation.

Output
An error occurred (DependencyViolation) when calling the DeleteSubnet operation:
The subnet 'subnet-xxx' has dependencies and cannot be deleted.

The culprit was VPC endpoints that EKS auto-created. Even after cluster deletion, the endpoints and their associated ENIs remain in-use, blocking subnet and VPC deletion. You need to explicitly delete the VPC endpoints and wait 30–60 seconds for the ENIs to become available.

Terminal
# Delete VPC endpoints
for vpce in $(aws ec2 describe-vpc-endpoints \
  --filters "Name=vpc-id,Values=$VPC_ID" --region us-east-1 \
  --query 'VpcEndpoints[].VpcEndpointId' --output text); do
  aws ec2 delete-vpc-endpoints --vpc-endpoint-ids $vpce --region us-east-1
done
 
# Wait for ENI release (30-60 seconds)
sleep 60
 
# Delete remaining ENIs, then proceed with VPC deletion
for eni in $(aws ec2 describe-network-interfaces \
  --filters "Name=vpc-id,Values=$VPC_ID" --region us-east-1 \
  --query 'NetworkInterfaces[].NetworkInterfaceId' --output text); do
  aws ec2 delete-network-interface --network-interface-id $eni --region us-east-1
done

After this, delete security groups → subnets → IGW → VPC in order. Encountered this during cleanup for the Neuron DRA verification.

Share this post

Shinya Tahara

Shinya Tahara

Solutions Architect @ AWS

I'm a Solutions Architect at AWS, providing technical guidance primarily to financial industry customers. I share learnings about cloud architecture and AI/ML on this site.The views and opinions expressed on this site are my own and do not represent the official positions of my employer.

Read more