How to Clean Up AWS VPC Resources
When deleting AWS VPCs, dependent network resources are sometimes left behind.
cleanup_aws_vpcs plugin can find and delete these orphaned resources, which include:
- AWS VPC Peering Connections
- AWS EC2 Network ACLs
- AWS EC2 Network Interfaces
- AWS ELB
- AWS ALB
- AWS ALB Target Groups
- AWS EC2 Subnets
- AWS EC2 Security Groups
- AWS EC2 Internet Gateways
- AWS EC2 NAT Gateways
- AWS EC2 Route Tables
This guide assumes that you have already installed and configured Resoto to collect your AWS cloud resources.
Execute the following command in Resoto Shell to open the Resoto Worker configuration for editing:
> config edit resoto.worker
Enable cleanup by modifying the
resotoworkersection of the configuration as follows:
# Enable cleanup of resources
# Do not actually cleanup resources, just create log messages
# How many cleanup threads to run in parallel
When cleanup is enabled, marked resources will be deleted as a part of the
collect_and_cleanupworkflow, which runs each hour by default.tip
trueto simulate cleanup without actually deleting resources.
plugin_cleanup_aws_vpcssection with the desired target cloud account IDs and setting the
true:cleanup_aws_vpcs plugin configuration
# Dictionary of key cloud with list of account IDs for which the plugin should be active as value
# Enable plugin?
The plugin will now run each time Resoto emits the
post_cleanup_plan event. The
post_cleanup_plan event is emitted in the
cleanup phase of the
Each time the
cleanup_aws_vpcs plugin runs, network resources associated with VPCs that have been deleted or marked for cleanup will also be flagged for removal during the next cleanup run.