Checking for unallocated AWS Elastic IPs
Maintaining proper housekeeping of an AWS account is crucial to ensure smooth functioning and cost optimization. However, in some cases, routine tasks like checking and releasing unallocated Elastic IP addresses (EIPs) can be overlooked, especially in startups where AWS usage scales rapidly.
To address this issue, I have shared my experience in identifying the scope of the problem.
One important aspect to consider when dealing with unallocated EIPs is the associated costs
An Elastic IP address doesn’t incur charges as long as all the following conditions are true:
The Elastic IP address is associated with an EC2 instance.
The instance associated with the Elastic IP address is running.
The instance has only one Elastic IP address attached to it.
The Elastic IP address is associated with an attached network interface.
Checking for unallocated Elastic IPs en masse
Like anything in bulk, the AWS CLI is your friend. We can easily get all Elastic IPs in the account using:
aws ec2 describe-addresses
From here we filter out any results that do not have an ”AssociationId”.
The reason we want to filter by AssociationId and not InstanceId is that ElasticIPs can also be attached to NAT Gateways. In that case, InstanceID value will be null but AssociationID is the field that will be present there in any scenario. Add the associationID filter but using the query option:
aws ec2 describe-addresses --query 'Addresses[?AssociationId==null]'
From here add any options you need such as profile and region and you’re good to go!
aws ec2 --profile lewis --region us-east-1 describe-addresses --query 'Addresses[?AssociationId==null]'
Release Elastic IPs and start saving the pennies
Once you have identified all unallocated elastic IPs, again the CLI is our friend. Either find the IP or the allocation-id of the elastic IP to be released use the release-address command:
aws ec2 release-address --public-ip 220.127.116.11
aws ec2 release-address --allocation-id eipalloc-11d1111a