How does Turbot work with the AWS default VPC in each region?

AWS automatically creates a default VPC in each region.

This is convenient when first using AWS, but becomes hard to manage and is a risk as organizations scale their use of AWS accounts and multiple VPCs.

For example, it means that EC2 instances may be launched in the wrong region and teams could be working in overlapping IP space (172.31.0.0/16 is always the CIDR for the default VPC).

Turbot provides a policy to automatically delete the AWS default VPC in each region: Turbot > Network > Delete Default VPCs. When enabled, Turbot will automatically delete the default VPC along with its subnets, route tables, etc in each AWS region.

Unfortunately, AWS does not provide any mechanism to mark a new VPC as the default for a region.

Sometimes, the AWS console and services expect to find a default VPC and will produce a warning message if it is not present. These can be safely ignored, since AWS will present other VPCs as available in the drop down list and users can choose the Turbot-managed VPC.

Was this article helpful?
0 out of 0 found this helpful