Aviatrix Self Service Launch Tool (SSLT): AWS: Manual clean up for the "Secure Egress" use-case infrastructure

  • 7 June 2023
  • 0 replies

Userlevel 2
Badge +1

The SSLT Secure Egress use-case deploys a number of components to your AWS account in the region you specified. This includes:

  • EC2 instances, keypairs, security groups, volumes
  • An NLB and target group
  • VPCs, subnets, route tables, nat gateway, etc
  • EIPs and network interfaces
  • An S3 bucket and contents
  • IAM roles and policies
  • KMS keys

You can see a listing of many of these items by searching with the AWS tag editor for ‘Owner:Aviatrix-SelfService’

AWS Tag Editor Sample Link


To clean up the infrastructure in your account, complete the items in the following order:

  1. Remove ‘termination protection’ from the EC2 instances ‘AviatrixController’ and ‘aviatrix-avx-ec2-spoke-selfservice’
  2. Terminate all instances
  3. Delete the NLB ‘AVX-SelfService-EC2-NLB-Egress’
  4. Delete the Target Group ‘AVX-SelfService-EC2-TG-Egress’
  5. Delete all Keypairs with ‘selfservice’ in the name
  6. Delete the nat gateway aviatrix-selfservice-vpc-secure-egress-us-east-2a
  7. Delete the controller and copilot network interfaces
  8. Release Elastic IP addresses
  9. Delete all of the security groups
  10. Delete ‘controller_vpc’ and ‘aviatrix-selfservice-vpc-secure-egress’
  11. Empty the selfservice s3 bucket
  12. Delete the ‘AviatrixSelfServiceDeploy’ cloudformation stack
  13. Delete the iam policies '*-aviatrix-role-app-app-policy' and '*-aviatrix-role-ec2-assume-role-policy'
  14. Delete the iam roles '*-aviatrix-role-app' and '*-aviatrix-role-ec2'

Note that some resources are dependent on others and may need time to fully delete before moving onto the next step.

If these instructions do not work for you or you have any questions, start a conversation here so we can help you.


0 replies

Be the first to reply!