Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Fails to delete security group

See original GitHub issue

When a security group is created and applied for mounting targets to efs, it gets deployed fine but deletion fails.

Reproduction Steps

  1. Create EFS
  2. Create security group for mount targets
  3. Create mount targets
  4. Deploy
  5. Destroy

Code to reproduce (update account and cidr)

import os
import logging

from aws_cdk import (
    aws_ec2 as ec2,
    aws_efs as efs


class MyStack(core.Stack):

    def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
        super().__init__(scope, id, **kwargs)

        vpc = ec2.Vpc(
            self, "my-vpc",

        efs_mt_sg = ec2.SecurityGroup(
            self, "efs_mt_sg",

        efs_fs = efs.EfsFileSystem(self, "efs",

        efs.CfnMountTarget(self, "mount_target1",

        efs.CfnMountTarget(self, "mount_target2",


    # pass objects to another stack
    def outputs(self):
        return self.output_props

app = core.App()

stack = MyStack(
    description="Creates the Stack",
    env=core.Environment(region=AWS_REGION, account=AWS_ACCOUNT)


Error Log

resource sg-09c4efe115ae38094 has a dependent object (Service: AmazonEC2; Status Code: 400; Error Code: DependencyViolation; Request ID: 05e5f8c0-cab2-4acf-a68b-bed7ba34ddb7)


  • CLI Version :1.31.0
  • Framework Version:<What is this? not sure>
  • OS : Mac OS Catalina
  • Language : Python3


This could be related but happens in a different scenario:

This is 🐛 Bug Report

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Reactions:4
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

machender1commented, Jul 30, 2020

I am seeing the same problem … the cdk destroy fails to delete the ENI attached to EFS.

Appreciate any help to clear this.

github-actions[bot]commented, Jan 29, 2022

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

Read more comments on GitHub >

github_iconTop Results From Across the Web

unable to delete security groups from amazon aws
Go to your security group "testcluster-zookeeper". · Delete all referenced rules to testcluster · Press the "apply rule changes" button · Go to ......
Read more >
not able to delete a security group for my Amazon VPC in AWS
Hi@akhtar,. When you try to delete that security group, you will get an error message which will give the ID of the resource...
Read more >
Unable to delete AWS Security Groups · Issue #6454 - GitHub
Looking at the EC2 error message, it sounds like you have rules in your security groups that reference each other. Try clearing out...
Read more >
Why Can't I Delete A Security Group? - GitHub Pages
A. Your security group might be in use by a Neutron port. To delete the security group, you'll first need to delete the...
Read more >
delete-security-group — AWS CLI 2.9.8 Command Reference
If you attempt to delete a security group that is associated with an instance, or is referenced by another security group, the operation...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found