Submit feedback on
Inactive VPC Interface Endpoint
We've received your feedback.
Thanks for reaching out!
Oops! Something went wrong while submitting the form.
Close
back arrow
Go back
Inactive VPC Interface Endpoint
Service Category
Networking
Cloud Provider
AWS
Service Name
AWS VPC
Inefficiency Type
Unused Resource
Explanation

VPC Interface Endpoints are commonly deployed to meet network security or compliance requirements by enabling private access to AWS services. However, these endpoints often remain provisioned even after the original use case is deprecated. In some cases, the applications have been decommissioned; in others, traffic routing has changed and the endpoint is no longer used. Since interface endpoints generate hourly charges whether or not they are used, identifying and removing inactive ones can eliminate unnecessary costs.

Relevant Billing Model

VPC Interface Endpoints incur costs based on:

  • Hourly Charges: Billed per hour for each provisioned interface endpoint, in each Availability Zone, regardless of traffic.
  • Data Processing Charges: Billed per gigabyte (GB) of data processed through the endpoint.

Because hourly charges continue to accrue even when no data flows through the endpoint, idle endpoints result in ongoing costs with no business value.

Detection
  • Identify all VPC Interface Endpoints currently provisioned in your account
  • Review data transfer activity to determine whether any data has flowed through the endpoint over a representative time period
  • Confirm whether the associated AWS service or endpoint service is still used by any workloads in the environment
  • Evaluate whether the endpoint is tied to any running EC2 instances, Lambda functions, or container workloads
  • Check whether the endpoint is linked to a deprecated environment or redundant architecture
  • Engage with networking or application teams to verify that no current dependencies exist
Remediation

Decommission VPC Interface Endpoints that show no recent usage and are not tied to any active application dependencies. Since endpoints are billed hourly, removing unused ones immediately eliminates ongoing charges. This change has no impact on availability or connectivity as long as no resources are routing traffic through the endpoint. Coordinate with application and networking teams to ensure safe removal.

Relevant Documentation

AWS PrivateLink Pricing

"

Submit Feedback
Powered by
Copyright © PointFive | All Rights Reserved 2025
Privacy Policy
Terms & Conditions
Cookie Policy
Cookies Preferences