Why can't I delete my Amazon EKS cluster?
Last updated: 2020-02-20
I can't delete my Amazon Elastic Kubernetes Service (Amazon EKS) cluster. Or, I deleted my Amazon EKS cluster, but I still see worker nodes being created.
To delete an Amazon EKS cluster completely, you must delete the Amazon EKS control plane and data plane, or delete the worker nodes. For more information, see Deleting a Cluster.
Note: It's a best practice to delete the cluster with the same tool that you used to create the cluster.
Important: Deleting Kubernetes services and Ingress resources removes the load balancer from the account. If you created your load balancer in the AWS Management Console, then you must manually delete that load balancer, or delete the services in Kubernetes.
If you still can't delete your cluster components, consider the following options based on your scenario:
- If you receive the error message "The following resource(s) failed to delete" or "resource XXXXXXX has a dependent object" when you try to delete your cluster, then complete the steps in the Delete the AWS CloudFormation stack that created the cluster component section.
- If you deleted your cluster and the nodes are still active, then complete the steps in the Delete the Auto Scaling group used to create your worker nodes section. This issue is caused by unmanaged worker nodes that are associated with the cluster as part of an AWS CloudFormation stack.
- If your cluster is stuck in the DELETING state for a long time, confirm that no missing AWS Identity and Access Management (IAM) policy or role is preventing your cluster from deleting. If the IAM role is missing, then complete the steps in the Recreate the IAM service role for Amazon EKS section.
Note: It's normal for your cluster to take time to delete. You aren't charged for a cluster that is in the DELETING state.
Delete the AWS CloudFormation stack that created the cluster component
1. If you can't delete your stack because of dependencies, then manually delete the resources that have the dependencies or remove the dependencies. Then, try to delete the stack again.
If you want to retain the resources that are failing to delete, then skip the resources when you delete the stack. This option is available only on resources or stacks that are in a DELETE_FAILED state.
The skipped resources remain active in the account, but the AWS CloudFormation stack is deleted successfully. You can then delete the resources through the AWS Management Console.
2. After the stack is deleted, try deleting your cluster again.
Delete the Auto Scaling group used to create your worker nodes
1. Delete the stack for the AWS CloudFormation worker node that returned the error. This deletes the Auto Scaling group that was created as part of the stack.
Note: To find the name of the stack where the instance was created, look for the instance tag in the form: aws:cloudformation:stack-name.
2. Verify that the Auto Scaling group is deleted.
If the Auto Scaling group still exists, then delete your Auto Scaling group.
Recreate the IAM service role for Amazon EKS
You must have an IAM service role that allows Amazon EKS to make calls to other AWS services on your behalf. If you delete or modify the role after you create the cluster, then the cluster fails to delete some resources (for example, the load balancer or elastic network interface).
1. Create the IAM role again.
Important: Be sure to choose Amazon EKS as the service that you want to manage clusters on your behalf.
2. Attach the AmazonEKSServicePolicy and AmazonEKSClusterPolicy managed policies to the IAM role.