Skip to content

Instantly share code, notes, and snippets.

View yossi-silberhaft's full-sized avatar

Yossi Silberhaft yossi-silberhaft

  • Tel Aviv, Israel
View GitHub Profile
@magnetikonline
magnetikonline / README.md
Last active September 20, 2023 13:01
Remove AWS created network interfaces for VPC Lambda functions from given security group ID.

Remove AWS network interfaces from security group ID

Script has been handy to clean up security groups which have been used with VPC honed AWS Lambda functions and maintain an ENI association.

Why this is a problem:

  • Lambda function is created within the given VPC subnet(s) and assigned security group.
  • During deployment, AWS on your behalf creates ENIs assigned to the security group and placed into the instructed subnet(s).
  • Next, change is made to Lambda involving new security group association. AWS now creates new ENIs - as ENI reuse between Lambdas is only for the same security group/subnet combination.
  • Finally, user wishes to clean up legacy security group - but can't as existing ENIs still use security group.