#!/bin/bash rmattach() { [[ ${#vpcid} -eq 0 ]] && vpcid=$(idvpcid) [[ ${#vpcid} -eq 0 ]] && return 3 igwid=$(aws ec2 describe-internet-gateways \ --query \ "InternetGateways[?Attachments[?VpcId=='${vpcid}' && State=='available']].InternetGatewayId" \ --output text) [[ ${#igwid} -eq 0 ]] && return echo "Detaching ${igwname} from ${vpcname}" aws ec2 detach-internet-gateway --internet-gateway-id ${igwid} --vpc-id ${vpcid} return 0 } rmec2() { iid=$(idinstanceid) [[ ${#iid} -eq 0 ]] && return aws ec2 terminate-instances --instance-ids ${iid} > /dev/null idistate ${iid} | grep -qi terminated while [ $? -ne 0 ] do echo "... Waiting for ${iname} to terminate" sleep 2 idistate ${iid} | grep -qi terminated done } rmigw() { [[ ${#igwid} -eq 0 ]] && igwid=$(idigwid) echo "Deleting igw: ${igwname}" aws ec2 delete-internet-gateway --internet-gateway-id ${igwid} return $? } rmrole() { Arn=$(aws iam list-policies --query "Policies[?PolicyName=='${policyname}'].{ARN:Arn}" --output text) if [ ${#Arn} -eq 0 ] then echo "Removing ${policyname}" aws iam delete-policy --policy-arn ${Arn} fi aws iam list-roles --query 'Roles[*].RoleName' --output yaml | \ grep -q ${rolename} if [ $? -eq 0 ] then echo "Removing ${rolename}" aws iam delete-role --role-name ${rolename} fi } rmrtable() { [[ ${#vpcid} -eq 0 ]] && vpcid=$(idvpcid) [[ ${#vpcid} -eq 0 ]] && return 3 [[ ${#rtableid} -eq 0 ]] && rtableid=$(idrtable) # remove secrets manager endpoint: smepid=$(aws ec2 describe-vpc-endpoints \ --filters Name=service-name,Values=com.amazonaws.${region}.secretsmanager \ Name=vpc-id,Values=${vpcid} \ --query "VpcEndpoints[?VpcId=='${vpcid}' && \ ServiceName=='com.amazonaws.${region}.secretsmanager'].VpcEndpointId" \ --output text) if [ ${#smepid} -gt 0 ] then echo "Removing secrets manager interface endpoint" aws ec2 delete-vpc-endpoints --vpc-endpoint-ids ${smepid} > /dev/null fi # Remove s3 endpoint: plist=$(aws ec2 describe-managed-prefix-lists \ --region ${region} --query \ "PrefixLists[?PrefixListName=='com.amazonaws.${region}.s3'].PrefixListId" \ --output text) already=$(aws ec2 describe-route-tables --route-table-id ${rtableid} --query \ "RouteTables[*].Routes[?DestinationPrefixListId=='${plist}'].State" \ --output text) if [ ${#already} -gt 0 ] then echo "Removing s3 endpoint from ${rtablename}" endptid=$(aws ec2 describe-vpc-endpoints \ --filters Name=service-name,Values=com.amazonaws.${region}.s3 \ --query "VpcEndpoints[*].VpcEndpointId" --output text) aws ec2 delete-vpc-endpoints --vpc-endpoint-ids ${endptid} > /dev/null fi # Disassociate route table from subnet for subcidr in ${subcidrs[*]} do subid=$(idsubnetid ${vpcid} ${subcidr}) rtassocid=$(idrtableassocid ${subid}) if [ ${#rtassocid} -gt 0 ] then echo "Disassociating ${rtablename} from ${subcidr}" aws ec2 disassociate-route-table --association-id ${rtassocid} fi done echo "Deleting route table: ${rtablename} - ${rtableid}" aws ec2 delete-route-table --route-table-id ${rtableid} } rmsg() { sgid=$(idsgid) [[ ${#sgid} -eq 0 ]] && return 0 echo "Deleting security group: ${sgname}" aws ec2 delete-security-group --group-id ${sgid} } rmsubnets() { [[ ${#vpcid} -eq 0 ]] && vpcid=$(idvpcid) [[ ${#vpcid} -eq 0 ]] && return 3 x=0; while [ ${x} -lt ${#subcidrs[*]} ] do snetid=$(idsubnetid ${vpcid} ${subcidrs[${x}]}) if [ ${#snetid} -ne 0 ] then echo "Deleting subnet: ${subnames[${x}]} - ${subcidrs[${x}]}" aws ec2 delete-subnet --subnet-id ${snetid} fi x=$((x+1)) done } rmvpc() { vpcid=$(idvpcid) if [ ${#vpcid} -gt 0 ] then echo "Deleting vpc: ${vpcid}" aws ec2 delete-vpc --vpc-id ${vpcid} fi } [[ -f ./vars ]] && source ./vars || exit 10 rmec2 || exit rmsg || exit rmrtable || exit rmattach || exit rmigw || exit rmsubnets || exit rmvpc || exit # rmrole