Skip to content

Instantly share code, notes, and snippets.

@jtroberts83

jtroberts83/DeleteDefaultVPCs.ps1

Created August 28, 2018 12:53
Show Gist options
  • Save jtroberts83/2dcc9c5207820780a8f30d9206025a2b to your computer and use it in GitHub Desktop.
Save jtroberts83/2dcc9c5207820780a8f30d9206025a2b to your computer and use it in GitHub Desktop.
Download ZIP
Powershell Function to Delete the default VPCs within a region and all resources attached to the default VPC
Raw
DeleteDefaultVPCs.ps1
Try
{
$VPCs = $null
$VPCs = Get-EC2Vpc -Filter @{Name="isDefault"; Values="true"} -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
$Script:TotalAPICalls ++
##Write-Host "Successfully gathered VPCs in account $Account" -ForegroundColor Green
}
Catch
{
Write-Host " ERROR gathered VPCs in account $Account - $_" -ForegroundColor Red
break
}
foreach($VPC in $VPCs)
{
$VPCId = $null
$VPCId = $VPC.VpcId
$VPCCIDR = $null
$VPCCIDR = $VPC.CidrBlock
Write-Host "Default VPC Found - $VPCId - CIDR: $VPCCIDR in Region: $Region on AWS Account: $Account" -ForegroundColor Green
Try
{
$Instances = $null
$Instances = Get-EC2Instance -Filter @{Name="vpc-id"; Values="$VPCId"} -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
$Script:TotalAPICalls ++
}
Catch
{
Write-Host " ERROR GETTING Instances in account $Account and region: $Region - $_" -ForegroundColor Red
}
if($Instances)
{
Write-Host " THERE ARE INSTANCES IN THIS REGION IN THE DEFAULT VPC in account $Account and region: $Region - $_" -ForegroundColor Red
pause
}
Try
{
$NICs = $null
$NICs = Get-EC2NetworkInterface -Filter @{Name="vpc-id"; Values="$VPCId"} -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
$Script:TotalAPICalls ++
}
Catch
{
Write-Host " ERROR GETTING NICs in account $Account and region: $Region - $_" -ForegroundColor Red
}
if($NICs)
{
foreach($NIC in $NICs)
{
$Attached = $null
$Attached = $NIC.Attachment
foreach($Attach in $Attached)
{
$AttachId = $null
$AttachId = $Attach.AttachmentId
$NICId = $null
$NICId = $NIC.NetworkInterfaceId
Dismount-EC2NetworkInterface -AttachmentId $AttachId -ForceDismount:$true -Force -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken
Remove-EC2NetworkInterface -NetworkInterfaceId $NICId -Force -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken
}
}
}
Try
{
$IGW = $null
$IGW = (Get-EC2InternetGateway -Filter @{Name="attachment.vpc-id"; Values="$VPCId"} -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop).InternetGatewayId
$Script:TotalAPICalls ++
}
Catch
{
Write-Host " ERROR GETTING IGWs in account $Account and region: $Region - $_" -ForegroundColor Red
}
if($IGW)
{
Try
{
Dismount-EC2InternetGateway -InternetGatewayId $IGW -VpcId $VPCId -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop -Force
$Script:TotalAPICalls ++
Write-Host " DISMOUNTING INTERNET GATEWAY $IGW from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Green
}
Catch
{
Write-Host " ERROR DISMOUNTING IGW $IGW from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Red
}
Try
{
Remove-EC2InternetGateway -InternetGatewayId $IGW -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop -Force
$Script:TotalAPICalls ++
Write-Host " REMOVING INTERNET GATEWAY $IGW from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Green
}
Catch
{
Write-Host " ERROR REMOVING IGW $IGW from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Red
}
}
Try
{
$SubnetObjects = $null
$SubnetObjects = Get-EC2Subnet -Filter @{Name="vpc-id"; Values="$VPCId"} -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
$Script:TotalAPICalls ++
foreach($Sub in $SubnetObjects)
{
$SubnetId = $null
$SubnetId = $Sub.SubnetId
Try
{
Remove-EC2Subnet -SubnetId $SubnetId -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop -Force
$Script:TotalAPICalls ++
Write-Host " REMOVING SUBNET $SubnetId from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Green
}
Catch
{
Write-Host " ERROR REMOVING SUBNET from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Red
}
}
}
Catch
{
Write-Host " ERROR GETTING SUBNET from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Red
}
Try
{
$RouteTables = $null
$RouteTables = Get-EC2RouteTable -Filter @{Name="vpc-id"; Values="$VPCId"} -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
$Script:TotalAPICalls ++
foreach($RouteTable in $RouteTables)
{
$RouteTableId = $null
$RouteTableAssociations = $null
$RouteTableId = $RouteTable.RouteTableId
$RouteTableAssociations = $RouteTable.Associations
foreach ($RTBAssoc in $RouteTableAssociations)
{
if ($RTBAssoc.Main)
{
######### don't touch the main route table
Write-Output "$Account; $AccountName; $Region; $DefaultVPC; main route table $RouteTableId"
}
else
{
$RTBAssocId = $RTBAssoc.RouteTableAssociationId
#Write-Output "$Account; $AccountName; $Region; $DefaultVPC; route table to delete $RouteTableId; $RTBAssocId"
######### let's unregister the route table to prepare to delete it
Write-Output "$Account; $AccountName; $Region; $DefaultVPC; detaching route table $RouteTableId; $RTBAssocId"
try
{
$RTBUnregister = Unregister-EC2RouteTable -AssociationId $RTBAssocId -Region $Region -Force -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
}
catch
{
$Failures = "Yes"
Write-Output "$Account; $AccountName; $Region; ERROR ERROR ERROR on GET-EC2Instance"
$ErrorMessage = $_.Exception.Message
$FailedItem = $_.Exception.ItemName
Write-Output "`n $ErrorMessage "
Write-Output "`n $FailedItem "
}
Write-Output "$Account; $AccountName; $Region; $DefaultVPC; route table detached $RouteTableId; $RTBAssocId"
######### now time to delete the route table
Write-Output "$Account; $AccountName; $Region; $DefaultVPC; deleting route table $RouteTableId; $RTBAssocId"
try
{
$RTBDelete = Remove-EC2RouteTable -RouteTableId $RouteTableId -Region $Region -Force -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
}
catch
{
$Failures = "Yes"
Write-Output "$Account; $AccountName; $Region; ERROR ERROR ERROR on Remove-EC2RouteTable"
$ErrorMessage = $_.Exception.Message
$FailedItem = $_.Exception.ItemName
Write-Output "`n $ErrorMessage "
Write-Output "`n $FailedItem "
}
Write-Output "$Account; $AccountName; $Region; $DefaultVPC; deleted route table $RouteTableId; $RTBAssocId"
}
}
}
}
Catch
{
Write-Host "Error getting ROUTETABLE INFO" -ForegroundColor Red
}
Try
{
$NACLs = $null
$NACLs = Get-EC2NetworkAcl -Filter @{Name="vpc-id"; Values="$VPCId"} -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
$Script:TotalAPICalls ++
}
Catch
{
Write-Host " ERROR GETTING NACL from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Red
}
foreach($NACL in $NACLs)
{
$NACLId =$null
$NACLId = $NACL.NetworkAclId
if($NACLId)
{
Try
{
Remove-EC2NetworkAcl -NetworkAclId $NACLId -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop -Force
$Script:TotalAPICalls ++
Write-Host " REMOVING NACL $NACLId from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Green
}
Catch
{
Write-Host " ERROR REMOVING NACL $NACLId from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Red
}
}
}
Try
{
$SecurityGroups = $null
$SecurityGroups = Get-EC2SecurityGroup -Filter @{Name="vpc-id"; Values="$VPCId"} -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
$Script:TotalAPICalls ++
}
Catch
{
Write-Host " ERROR GETTING EC2 SECURITY GROUP from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Red
}
foreach($SecurityGroup in $SecurityGroups)
{
Try
{
if(!$SecurityGroup.GroupName)
{
$SecurityGroupId = $null
$SecurityGroupId = $SecurityGroup.GroupId
Remove-EC2SecurityGroup -GroupId $SecurityGroupId -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop -Force
$Script:TotalAPICalls ++
Write-Host " REMOVING EC2 SECURITY GROUP $SecurityGroupId from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Green
}
}
Catch
{
Write-Host " ERROR REMOVING EC2 SECURITY GROUP from VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Red
}
}
Try
{
Remove-EC2Vpc -VpcId $VPCId -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop -Force
$Script:TotalAPICalls ++
Write-Host " REMOVING VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Green
}
Catch
{
Write-Host " ERROR REMOVING VPC $VPCId in region $Region and account $Account - $_" -ForegroundColor Red
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment