Description:

This policy ensures that there are no unassigned Elastic IP addresses in your AWS account. Unassigned Elastic IP addresses can incur charges, so it is important to ensure that they are only being used when necessary.


Rationale:

Unassigned Elastic IP addresses can incur charges, even if they are not being used. This is because AWS still needs to allocate resources to keep them available. By ensuring that there are no unassigned Elastic IP addresses, you can help to reduce your AWS bill.

Impact:
If there are unassigned Elastic IP addresses in your AWS account, you may be charged for them even if you are not using them. This could lead to unexpected charges on your AWS bill.

Default Value:
AWS will initially recommend that you do not have any unassigned Elastic IP addresses in your account.

Pre-Requisite:

  • You must have access to the AWS Management Console or the AWS CLI.
  • You must know the region where the Elastic IP addresses are located.


Remediation Steps:

  1. Identify all of the unassigned Elastic IP addresses in your account.
  2. Release the unassigned Elastic IP addresses.


Test Plan:

  1. Verify that the unassigned Elastic IP addresses have been released.
  2. Check your AWS bill to ensure that you are no longer being charged for the unassigned Elastic IP addresses.


Implementation Plan:

  • Use the AWS Management Console to identify and release unassigned Elastic IP addresses.
  • Use the AWS CLI to identify and release unassigned Elastic IP addresses.


AWS CLI Process:

aws ec2 describe-addresses --filters "Name=domain,Values=eip" aws ec2 release-address --address-id <address-id>
Using AWS GUI:
  1. Go to the AWS Management Console.
  2. Click on the "Elastic IPs" tab.
  3. Select the unassigned Elastic IP addresses.
  4. Click on the "Release" button.


Backout Plan:

  1. Identify the unassigned Elastic IP addresses that you released.
  2. Reallocate the unassigned Elastic IP addresses to your EC2 instances.


Note:

  • This policy does not apply to Elastic IP addresses that are in use by EC2 instances or Elastic Network Interfaces.
  • This policy does not apply to Elastic IP addresses that are in the process of being released.


Reference:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html