From a9357c37ccdd2ea13bb067078acb145e3b96d5c7 Mon Sep 17 00:00:00 2001 From: Nitya Dhanushkodi Date: Fri, 15 Apr 2022 09:54:25 -0700 Subject: [PATCH] Cleanup EKS VPC peering connections (#1173) --- hack/aws-acceptance-test-cleanup/main.go | 34 ++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/hack/aws-acceptance-test-cleanup/main.go b/hack/aws-acceptance-test-cleanup/main.go index 45198b8ea5..085d25fee9 100644 --- a/hack/aws-acceptance-test-cleanup/main.go +++ b/hack/aws-acceptance-test-cleanup/main.go @@ -197,6 +197,31 @@ func realMain(ctx context.Context) error { vpcID := cluster.ResourcesVpcConfig.VpcId + // Once we have the VPC ID, collect VPC peering connections to delete. + filternameAccepter := "accepter-vpc-info.vpc-id" + filternameRequester := "requester-vpc-info.vpc-id" + vpcPeeringConnectionsWithAccepter, err := ec2Client.DescribeVpcPeeringConnections(&ec2.DescribeVpcPeeringConnectionsInput{ + Filters: []*ec2.Filter{ + { + Name: &filternameAccepter, + Values: []*string{vpcID}, + }, + }, + }) + + if err != nil { + return err + } + vpcPeeringConnectionsWithRequester, err := ec2Client.DescribeVpcPeeringConnections(&ec2.DescribeVpcPeeringConnectionsInput{ + Filters: []*ec2.Filter{ + { + Name: &filternameRequester, + Values: []*string{vpcID}, + }, + }, + }) + vpcPeeringConnectionsToDelete := append(vpcPeeringConnectionsWithAccepter.VpcPeeringConnections, vpcPeeringConnectionsWithRequester.VpcPeeringConnections...) + // Delete NAT gateways. natGateways, err := ec2Client.DescribeNatGatewaysWithContext(ctx, &ec2.DescribeNatGatewaysInput{ Filter: []*ec2.Filter{ @@ -419,6 +444,15 @@ func realMain(ctx context.Context) error { fmt.Printf("Security group: Destroyed [id=%s]\n", *sg.GroupId) } + // Delete VPC Peering Connections. + for _, vpcpc := range vpcPeeringConnectionsToDelete { + _, err = ec2Client.DeleteVpcPeeringConnection(&ec2.DeleteVpcPeeringConnectionInput{VpcPeeringConnectionId: vpcpc.VpcPeeringConnectionId}) + if err != nil { + return err + } + fmt.Printf("VPC PeeringConnection: Destroyed [id=%s]\n", *vpcpc.VpcPeeringConnectionId) + } + // Delete VPC. Sometimes there's a race condition where AWS thinks // the VPC still has dependencies but they've already been deleted so // we may need to retry a couple times.