Deleting VPC Endpoints With AWS CLI

This is a quick note on how to delete VPC endpoints that are no longer needed with AWS CLI.

First, we need to find all the vpc-endpoints-ids [1].

❯ aws ec2 describe-vpc-endpoints --query 'VpcEndpoints[].VpcEndpointId'
[
    "vpce-097008f8d26caxxxx",
    "vpce-07aaeabdefd8xxxx",
    "vpce-0bc6d548ff2e0xxxx"
]

Note: I replaced the last 4 digit with ‘xxxx’. It’s a good idea to try out without really deleting the VPC endpoints by supplying --dry-run to the command below:

❯ aws ec2 delete-vpc-endpoints --vpc-endpoint-ids vpce-097008f8d26caxxxx vpce-07aaeabdefd8xxxx vpce-0bc6d548ff2e0xxxx --dry-run

An error occurred (DryRunOperation) when calling the DeleteVpcEndpoints operation: Request would have succeeded, but DryRun flag is set.

Let’s delete all of the 3 resources:

❯ aws ec2 delete-vpc-endpoints --vpc-endpoint-ids vpce-097008f8d26caxxxx vpce-07aaeabdefd8xxxx vpce-0bc6d548ff2e0xxxx
{
    "Unsuccessful": []
}

Don’t be surprised with the "Unsuccessful": []. The empty ([]) results is actually a good thing. That means all VPCs have been deleted/removed successfully.

If the command is partially successful or unsuccessful, a list of unsuccessful items is returned. If the command succeeds, the returned list is empty. [2].

References:

• [1]describe-vpc-endpoints
• [2]delete-vpc-endpoints