Remove owned VPCEs when deleting VPC.

Author: s3rj1k

controllers/awscluster_controller_test.go

@@ -1476,6 +1476,18 @@ func mockedDeleteVPCCallsForNonExistentVPC(m *mocks.MockEC2APIMockRecorder) {
 }
 
 func mockedDeleteVPCCalls(m *mocks.MockEC2APIMockRecorder) {
+	m.DescribeVpcEndpointsPages(gomock.Eq(&ec2.DescribeVpcEndpointsInput{
+		Filters: []*ec2.Filter{
+			{
+				Name:   aws.String("tag:sigs.k8s.io/cluster-api-provider-aws/cluster/test-cluster"),
+				Values: []*string{aws.String("owned")},
+			},
+			{
+				Name:   aws.String("vpc-id"),
+				Values: []*string{aws.String("vpc-exists")},
+			},
+		},
+	}), gomock.Any()).Return(nil).AnyTimes()
 	m.DescribeSubnetsWithContext(context.TODO(), gomock.Eq(&ec2.DescribeSubnetsInput{
 		Filters: []*ec2.Filter{
 			{

pkg/cloud/services/network/vpc.go

@@ -276,17 +276,8 @@ func (s *Service) deleteVPCEndpoints() error {
 		return nil
 	}
 
-	// Gather all services that might have been enabled.
-	services := sets.New[string]()
-	if s.scope.Bucket() != nil {
-		services.Insert(fmt.Sprintf("com.amazonaws.%s.s3", s.scope.Region()))
-	}
-	if services.Len() == 0 {
-		return nil
-	}
-
 	// Get all existing endpoints.
-	endpoints, err := s.describeVPCEndpoints()
+	endpoints, err := s.describeVPCEndpoints(filter.EC2.ClusterOwned(s.scope.Name()))
 	if err != nil {
 		return errors.Wrap(err, "failed to describe vpc endpoints")
 	}