DeleteRestApi: the slowest API in AWS

I had 689 dead API Gateways to delete across two AWS accounts — orphaned Kubeflow model deployment endpoints that hadn’t received a request in 180 days. I knew about the rate limit going in, so I wrote a script with a 32-second sleep between calls, kicked it off in the background, and went to work on other things.

DeleteRestApi is hard-capped at one call per 30 seconds per account. Not per-region, not per-user — per account. Hit it faster and you get TooManyRequestsException. There’s no way to batch. There’s no bulk delete. Every API Gateway is one API call, one 30-second wait.

My script sleeps 32 seconds between deletes to stay under the cap, with a 90-second backoff on TooManyRequestsException:

for api in to_delete:
    try:
        apigw.delete_rest_api(restApiId=api['id'])
    except apigw.exceptions.TooManyRequestsException:
        time.sleep(90)
        apigw.delete_rest_api(restApiId=api['id'])
    time.sleep(32)

337 API Gateways on the dev account took 181 minutes. 142 on the prod account took 90 minutes. The rate limit is per-account, so I ran both accounts in parallel — but within each account, it’s strictly serial.

I accidentally launched the the prod account script twice. The second instance immediately started hitting TooManyRequestsException because both scripts were competing for the same per-account rate limit. Eight of the deletes came back as “already gone” — the first script had deleted them between the second script’s retries.

The Lambda equivalent, DeleteFunction, has no such rate limit. I deleted 540 Lambda functions across both accounts in under 3 minutes. The API Gateway cleanup took 4.5 hours for fewer resources.

689 API Gateways. 32 seconds each. One at a time.