Description of problem

The DestroyPrivateZones function in HyperShift's AWS infrastructure cleanup (cmd/infra/aws/route53.go) only processes the first page of results from the Route53 ListHostedZonesByVPC API call. When a VPC has more than 100 private hosted zones (the typical AWS pagination limit), zones beyond the first page are not deleted, causing resource leaks.

Version-Release number of selected component

HyperShift (affects all versions prior to the fix)

How reproducible

Always (when VPC has >100 private hosted zones)

Steps to Reproduceh1. Create a VPC with more than 100 private hosted zones associated

Run the HyperShift infrastructure destroy command:

hypershift destroy infra aws \-\-infra\-id  \-\-region  \-\-base\-domain 

Check the VPC's private hosted zones after deletion:

aws route53 list\-hosted\-zones\-by\-vpc \-\-vpc\-id  \-\-vpc\-region 

Actual results

Only the first 100 (or fewer) private hosted zones are deleted. Zones beyond the first page remain orphaned, preventing VPC cleanup and causing ongoing AWS costs.

Expected results

All private hosted zones associated with the VPC should be deleted, regardless of how many pages of results are returned by the AWS API.

Additional info

• Fixed in PR: https://github.com/openshift/hypershift/pull/7269
• Fix adds proper pagination loop using NextToken to iterate through all pages
• Tested manually by cleaning up 2 orphaned infrastructures with 4 total zones
• Unit tests added in cmd/infra/aws/route53_test.go (10 test cases covering pagination scenarios)
• Impact: Affects long-running test environments and shared VPC scenarios where multiple clusters create many hosted zones