Identify and delete any unused Amazon Virtual Private Gateways (VGWs) in order to adhere to best practices and to avoid reaching the service limit (by default, you are limited to 5 VGWs - attached or detached - per AWS region). An AWS Virtual Private Gateway is considered unused when is no longer associated with a VPN connection (on the VPC side of the connection). Cloud Conformity Service Limits feature (integrated into Amazon Trusted Advisor service) can also help you ensure that the allocation of AWS VGW resources is not reaching the limit.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
As good practice, every unused (detached) AWS Virtual Private Gateway should be removed from your account for a better management of your AWS resources.
To recognize any unused Virtual Private Gateways (VGWs) currently available within your AWS account, perform the following:
To remove any unused AWS Virtual Private Gateways provisioned within your AWS account, perform the following: