Why can't I delete my Amazon EKS cluster?

Last updated: 2022-08-26

I can't delete my Amazon Elastic Kubernetes Service (Amazon EKS) cluster. How do I resolve this?

Short description

To delete an Amazon EKS cluster, you must first delete all managed node groups that are associated with the cluster. For more information, see Deleting an Amazon EKS cluster.

Note: It's a best practice to delete the cluster with the same tool that you used to create the cluster.

Important: If you create load balancers using the AWS Load Balancer Controller (from the GitHub website), then Application Load Balancers or Network Load Balancers are created for you. If you delete your cluster before deleting the Kubernetes ingresses or services that manage the load balancer, then you must manually delete the load balancer. See, Delete an Application Load Balancer, Delete a Network Load Balancer, and Delete your load balancer (Classic).

If you still can't delete your cluster components, consider the following options based on your scenario:

  • You receive the error message "The following resource(s) failed to delete" or "resource XXXXXXX has a dependent object". Complete the steps in the Delete the AWS CloudFormation stack that created the cluster component section.
  • You deleted your cluster, and the nodes are still active. Deleting a cluster doesn't automatically delete self-managed nodes. You must manually delete the nodes. Complete the steps in the Delete self-managed nodes section.
  • Your cluster is stuck in the DELETING state. Confirm that no missing AWS Identity and Access Management (IAM) policy or role is preventing your cluster from deleting. If the IAM role is missing, then complete the steps in the Recreate the IAM service role for Amazon EKS section.

Note: It's normal for your cluster to take time to delete. You aren't charged for a cluster that is in the DELETING state.

Resolution

Note: If you receive errors when running AWS Command Line Interface (AWS CLI) commands, make sure that you’re using the most recent AWS CLI version.

Delete the AWS CloudFormation stack that created the cluster component

1.    You can delete the stack on the AWS CloudFormation console. Or, you can use the AWS CLI delete-stack command.

If you can't delete your stack because of dependencies, then manually delete the resources that have the dependencies, or remove the dependencies. Then, try to delete the stack again.

If you want to retain the resources that are failing to delete, then skip the resources when you delete the stack. This option is available only on resources or stacks that are in a DELETE_FAILED state. The skipped resources remain active in the account, but the CloudFormation stack is deleted. You can then delete the resources through the AWS Management Console.

2.    After the stack is deleted, try deleting your cluster again.

If the stack is slow to delete or failed to delete, then review the DeleteCluster API call in AWS CloudTrail.

Delete self-managed nodes

If you manually created an Amazon Elastic Compute Cloud (Amazon EC2) instance, then terminate your instance. If you created the nodes by an Auto Scaling group, then deleting the Auto Scaling group deletes the nodes. If you used CloudFormation to create the nodes, then deleting the stack deletes the nodes.

Recreate the IAM service role for Amazon EKS

You must have an IAM service role that allows Amazon EKS to make calls to other AWS services for you. If you delete or modify the role after you create the cluster, then the cluster fails to delete some resources. For example, the cluster might not delete the elastic network interface that's used for private communication with the control plane instances.

1.    Create the IAM role again.

Important: Make sure that you choose Amazon EKS as the service to manage clusters for you.

2.    Attach the AmazonEKSClusterPolicy managed policies to the IAM role.


Did this article help?


Do you need billing or technical help?