▲ 0 r/devops
I debugged an "undeletable" AWS Elastic IP for hours — turned out Redshift Serverless was silently holding it (full writeup)
Spent hours debugging an “undeletable” AWS Elastic IP that looked completely orphaned.
No EC2.
No NAT Gateway.
No Load Balancer.
But AWS kept refusing deletion because the VPC endpoint was requester-managed.
Eventually traced the dependency chain through:
Elastic IP → ENI → VPC Endpoint → Security Group → Redshift Serverless
The real culprit was a hidden Redshift Serverless networking dependency silently managing the endpoint behind the scenes.
Also discovered internet scanners hitting the endpoint because of overly permissive security group rules, which initially made the endpoint appear “active.”
Full debugging breakdown, AWS CLI investigation, Flow Logs analysis, and cleanup steps here:
u/Appropriate-Bat-6124 — 2 days ago