Finding and Removing Unattached AWS Elastic IP addresses

Unattached Elastic IP Addresses can add extra costs to your monthly AWS bill. In this guide, we'll show you how to find and remove unneeded Elastic IP addresses.

Patrick Londa
Jul 21, 2022
 min read
Share this post

An Amazon Web Services Elastic IP address is a static public IPv4 address allocated to your EC2 instance that you can reach via the internet. EIP addresses are designed for dynamic cloud computing because they can swiftly remap to another instance if their existing instance fails for whatever reason.

Since Elastic IP addresses might be a critical component of your AWS infrastructure, they are charged at an hourly rate, even if they are not being used with a running instance. You may be charged $0.005 per Elastic IP address not associated with a running instance per hour. So across your infrastructure, if you have 50 unattached Elastic IP addresses associated with your account, you’ll be paying $180/month unnecessarily.

In this guide, we will show you how to find and fix unattached Elastic IP addresses in AWS so you can lower your cloud costs.

Blink Automation: Detect and Remove Unattached AWS Elastic IP Addresses
AWS + Slack
Try This Automation

Finding Unattached AWS Elastic IP Addresses

Being aware of unattached AWS Elastic IP addresses is crucial. This is especially true if you use EC2 - Classic, an older Amazon elastic compute cloud, which disassociates EIP addresses when their related instance is stopped. You would need to manually release your EIP address from a stopped instance to avoid the AWS enforced hourly charges. 

AWS Elastic IP addresses can also become unattached when more than one AWS EIP address is set to be associated with the same EC2 instance.

Here are a couple of methods for finding your unattached AWS Elastic IP addresses: 

Using the AWS Management Console:

  1. Simply log into the console and go to the VPC dashboard.
  2. Then, locate the left navigation panel. Under the Virtual Private Cloud section, select Elastic IPs.
  3. Choose the Unassociated filter from the drop down menu to have the console show you your unassociated EIP addresses.
  4. This can be applied to multiple regions to find any other unattached EIPs you may have. Change AWS regions using the navigation bar.

Using the AWS CLI:

  1. By running a describe-addresses command, you can list Elastic IPs in the selected region.
[--filters <value>]
[--public-ips <value>]
[--allocation-ids <value>]
[--dry-run | --no-dry-run]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
  1. The command output should provide an array of your available EIPs and their metadata.
  2. You can use this information to locate EIPs that are not returning the AssociationId parameter. Those are your EIP addresses that are unattached or unassociated.

Removing AWS Elastic IP Addresses

After detecting your unattached EIPs, the next step is to remove or release them. You should do this as soon as possible to avoid as many hourly charges on your monthly AWS bill. You can remove or release them using the same methods from the previous step.

Using the AWS Management Console:

  1. Select those EIPs.
  2. You have to click the Actions drop down button on the top dashboard menu.
  3. You need to select Release Address.  
  4. In the Release Address confirmation box, make sure to review that the correct unattached EIPs have been selected before you click the Yes, delete button, which will remove the chosen EIPs from your AWS account.

Using the AWS CLI:

  1. Run the release-address command:
[--allocation-id <value>]
[--public-ip <value>]
[--network-border-group <value>]
[--dry-run | --no-dry-run]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
  1. Use the EIP's AllocationId values for the unattached EIP address when running this command to delete the EIP.

By following these steps, you will be able to cut your AWS costs and ensure that you are cleaning up any unattached EIP addresses.

Detecting Unattached IP Addresses Automatically with Blink

It doesn’t make sense to pay for EIP addresses that you aren’t using, but running through these steps can take time and requires context-switching.

If you want to run this type of check often, there’s a better way to do it.

With Blink, you run a scheduled automation to check for unattached Elastic IP addresses and send a notification to Slack to approve releasing it.

Blink Automation: Detect Unattached AWS Elastic IP Addresses and Remove Them Upon Approval
Blink Automation: Detect Unattached AWS Elastic IP Addresses and Remove Them Upon Approval

When this automation runs, it executes the following actions:

  1. Gets all unattached AWS Elastic IPs.
  2. Asks for approval via Slack to release the unattached IPs.
  3. If approved, releases the unattached IPs.

You can import this automation from the Blink library and customize it however you like. For example, you could add conditional logic to release IPs if they haven’t been manually approved for removal within a set time frame.

In Blink, you can also create automations from scratch to meet your team’s unique needs using the hundreds of drag-and-drop actions available from a wide range of tools.

Get started with Blink today to see how easy automation can be.

Automate your security operations everywhere.

Blink is secure, decentralized, and cloud-native. 
Get modern cloud and security operations today.

Get a Demo