How do I delete an AWS CloudFormation stack that's stuck in DELETE_FAILED status?

Short description

Your stack might be stuck in DELETE_FAILED status for the following reasons:

• A stack resource has a dependent object or other dependencies that can't be deleted. To resolve this issue, complete the steps in the Delete a stack with a dependent object or other dependencies that can't be deleted section.
• The service role being used isn't valid or can't be assumed. To resolve this issue, complete the steps in the Delete a stack with an invalid role section.
• A custom resource failed to stabilize in the expected amount of time. To resolve this issue, complete the steps in the Delete a stack for a custom resource that failed to stabilize section.

Resolution

Delete a stack with a dependent object or other dependencies that can't be deleted

Dependency issues usually occur when you make an out-of-band change. For example, your stack fails if a security group that's part of your stack is attached to an elastic network interface that's not part of your stack. The stack fails because the security group resource can't be deleted. To delete the stack, you must retain that dependent resource.

To delete a stack while retaining a resource, complete the following steps:

AWS CloudFormation Console

1. Open the AWS CloudFormation console.
2. Choose the stack that's stuck in DELETE_FAILED status.
3. Choose Delete.
   Note: A window opens and lists the resources that failed to delete.
4. In the window, select all the resources that you want to retain, and then choose Delete stack.

AWS Command Line Interface

Note: If you receive errors when running AWS CLI commands, make sure that you’re using the most recent AWS CLI version.

Run the following delete-stack command:

$ aws cloudformation delete-stack --stack-name my-stack --retain-resources myresource1 myresource2

Note: Replace my-stack with the name of your stack. Replace myresource1 and myresource2 with the logical IDs of the resources that failed to delete.

The CloudFormation stack tries to delete the stack again, but doesn't delete any of the resources that you selected to retain. The status of your stack changes to DELETE_COMPLETE.

Important: To avoid unnecessary charges, you must manually delete the resources that are retained when the stack is deleted.

Delete a stack with an invalid role

If you try to delete a stack that was created using a service role that now doesn't exist, then you receive the following error: "An error occurred (ValidationError) when calling the DeleteStack operation: Role is invalid or cannot be assumed."

To resolve this error, complete the following steps:

1. Open the AWS CloudFormation console.
2. Choose the stack that you want to delete to see its details.
3. In the Stack info tab, note the name of the IAM role assigned to the stack.
4. Create an AWS Identity and Access Management (IAM) role using the same name as the IAM role in step 3.
   Important: When you create your IAM role, verify that it has the right permissions to delete the resources in the stack.
5. In the AWS CloudFormation console, re-attempt to delete the stack.

Delete a stack for a custom resource that failed to stabilize

To delete a stack for a custom resource that failed to stabilize in the expected amount of time, see How do I troubleshoot an AWS Lambda backed custom resource that's stuck in DELETE_FAILED status or DELETE_IN_PROGRESS status in AWS CloudFormation?