Clean up unused internet gateways in your AWS environment to reduce clutter and potential misconfiguration. The plan discovers all internet gateways across your chosen scope, isolates those that are not attached to any VPC, guides you through selecting which ones may safely be removed, and then deletes and validates those approved gateways. Throughout the process, it emphasizes user review, exception handling, and post‑change verification.
Inventory internet gateways and their attachment status
First, the plan scans your defined AWS scope (such as selected Regions or all Regions in an account) to build a complete inventory of internet gateways. For each gateway, it records key details including its ID, Region, current state, and attachment information (which VPCs it may be attached to and the state of those attachments). This information is stored in a structured form (like a table or JSON) so it can be filtered and reviewed later.
Identify unattached internet gateways
From the full inventory, the plan filters down to internet gateways that have no VPC attachments. It confirms that there are no pending or partial attachments and gathers useful metadata such as tags, creation details (when available), and naming patterns that might indicate intended or special use. These unattached gateways are compiled into a candidate list, ready for your review and approval.
User: Approve unattached internet gateways for deletion
The candidate list of unattached internet gateways is then presented to you, including each gateway’s ID, Region, tags, and other relevant context. The plan highlights any gateways whose tags or names suggest special purpose or future use, so you can make informed decisions. You are guided through selecting which gateways should be deleted and which should be retained as exceptions, with the option to record reasons for keeping them. The result is a final, structured list of approved internet gateways to be deleted.
Delete approved unattached internet gateways
Using the user‑approved list, the plan proceeds to remove the selected internet gateways. Before each deletion, it re‑checks that the gateway still has no VPC attachments to guard against recent configuration changes; any gateway that has acquired a new attachment is skipped and recorded as an exception. The plan then deletes the remaining unattached gateways in their respective Regions and records the outcome for each, confirming afterward that successfully deleted gateways no longer appear in your environment. A summary is produced showing which deletions succeeded and which, if any, failed or were skipped, along with reasons.
Validate approved unattached internet gateways are deleted
Finally, the plan validates that all internet gateways you approved for deletion have indeed been removed. It retrieves the latest list of internet gateways in each relevant Region and checks that each approved ID is no longer present. For any gateway that still exists, it identifies whether the deletion failed or was intentionally skipped due to a new attachment, and documents the cause and any required follow‑up action. A concise validation report is produced, summarizing which gateways were successfully deleted and which need additional remediation or review.