Delete default VPC via aws CLI

Question

When starting a new account, Amazon creates a new default VPC with 3 subnets, 1 security group, 1 ACL and 1 internet gateway. I want to delete the default vpc and objects associated with. I can do this via the console but I want to achieve this via the aws cli and I'm stucked.

When I try the following command :

aws ec2 delete-vpc --vpc-id $VpcId

The console returns a DependencyViolation error :

A client error (DependencyViolation) occurred when calling the DeleteVpc operation: The vpc 'vpc-13f53076' has dependencies and cannot be deleted.

So I tried to delete dependencies but it doesn't works for all !

• For the internet gateway, I got the same error :

  A client error (DependencyViolation) occurred when calling the DeleteInternetGateway operation: The internetGateway 'igw-d0f51bb5' has dependencies and cannot be deleted.

• For the default security group. I got the following error :

  A client error (CannotDelete) occurred when calling the DeleteSecurityGroup operation: the specified group: "sg-acca7bc " name: "default" cannot be deleted by a user

• For the default ACL, I got the following error :

  A client error (InvalidParameterValue) occurred when calling the DeleteNetworkAcl operation: cannot delete default network ACL acl-d3ba77b6

This is a new account without anything created before excepted the default vpc created by Amazon. Any help or pointers in the right direction would be much appreciated.

Answer 1

I needed to go through and delete all default VPCs across all regions, and wrote a script for it. Might save someone else some time. Requires aws cli and 'jq'.

#/usr/bin/env bash

export REGIONS=$(aws ec2 describe-regions | jq -r ".Regions[].RegionName")

for region in $REGIONS; do
    # list vpcs
    echo $region
    aws --region=$region ec2 describe-vpcs | jq ".Vpcs[]|{is_default: .IsDefault, cidr: .CidrBlock, id: .VpcId} | select(.is_default)"
done

read -p "Are you sure? " -n 1 -r
echo    # (optional) move to a new line
if [[ $REPLY =~ ^[Yy]$ ]]
then
    for region in $REGIONS ; do
        echo "Killing $region"
        # list vpcs
        export IDs=$(aws --region=$region ec2 describe-vpcs | jq -r ".Vpcs[]|{is_default: .IsDefault, id: .VpcId} | select(.is_default) | .id")
        for id in "$IDs" ; do
            if [ -z "$id" ] ; then
                continue
            fi

            # kill igws
            for igw in `aws --region=$region ec2 describe-internet-gateways | jq -r ".InternetGateways[] | {id: .InternetGatewayId, vpc: .Attachments[0].VpcId} | select(.vpc == \"$id\") | .id"` ; do
                echo "Killing igw $region $id $igw"
                aws --region=$region ec2 detach-internet-gateway --internet-gateway-id=$igw --vpc-id=$id
                aws --region=$region ec2 delete-internet-gateway --internet-gateway-id=$igw
            done

            # kill subnets
            for sub in `aws --region=$region ec2 describe-subnets | jq -r ".Subnets[] | {id: .SubnetId, vpc: .VpcId} | select(.vpc == \"$id\") | .id"` ; do
                echo "Killing subnet $region $id $sub"
                aws --region=$region ec2 delete-subnet --subnet-id=$sub
            done

            echo "Killing vpc $region $id"
            aws --region=$region ec2 delete-vpc --vpc-id=$id
        done
    done

fi