AWS Serverless template to delete default VPCs in newly created AWS accounts as part of the account creation.
This solution works asynchronously. So, you will get an HTTP 200 immediately after you've sent the request. This response is not an indicator that all default VPCs were being deleted. Deleting default VPCs in all available regions takes roughly 60 seconds.
On purpose, this script does not delete instances, VPC peerings, VPC endpoints, or other resources used by a default VPC not to interrupt projects which are actively using a default VPC. If this solution is executed right after the account creation, it is enough to delete the default VPC.
- AWS Lambda
- AWS API Gateway
- AWS Cloudwatch
Please follow all the steps below to deploy the solution.
- Serverless (tested with version 2.19.0)
- Deploy the CloudFormation template "vpc_delete_orga_iam_role.yaml" in the AWS Organization main account
- Deploy the CloudFormation template "vpc_delete_project_iam_role.yaml" in the newly created AWS project account
- Clone this repository
- Edit the parameters in the serverless.yml
- organization_account_id: The AWS account it of the AWS Organization main account
- run
sls deployto deploy the solution
❗ The serverless output while action 3 will mention:
WARNING: Function function has timeout of 180 seconds, however, it's attached to API Gateway so it's automatically limited to 30 seconds.
The function is called asynchronously; therefore, you can ignore this message.
The endpoint URL and the key can be found in the output of the serverless deployment. The account id for the account where the default VPC needs to be deleted must be provided via URL parameter account_id.
- run
sls removeto remove the solution