13

I'm trying to get all Elastic IPs that are not currently assigned to instances.

It's easy to get all of the Elastic IPs using this: aws ec2 describe-addresses

From here, it would be easy to filter out any results that do not have an"AssociationId". However, I'm not sure how to do that using --query.

I know that the --query option uses JMESPath to filter results, but I have no idea how to tell it to return me all results that do not have an AssociationId. Any help?

Thanks.

Anthony Neace
  • 25,013
  • 7
  • 114
  • 129
joshft91
  • 1,755
  • 7
  • 38
  • 53

2 Answers2

22

You can check the Addresses collection for null values, but instead of AssociationId a better general solution may be better to use InstanceId:

InstanceId -> (string)

The ID of the instance that the address is associated with (if any).

AssociationId -> (string)

The ID representing the association of the address with an instance in a VPC.

Elastic IPs that are not in a VPC do not have the AssociationId property, but elastic IPs in both VPC and EC2 Classic will output InstanceId.

You can alternatively use AssociationId in the same way, if you only care about IPs in a VPC.

Examples:

aws ec2 describe-addresses --query 'Addresses[?InstanceId==null]'

aws ec2 describe-addresses --query 'Addresses[?AssociationId==null]'

Further Reading:

Anthony Neace
  • 25,013
  • 7
  • 114
  • 129
  • 1
    Note that in some situations, unassociated EIPs will yield InstanceId==null and sometimes InstanceId=="". Believe that the distinction is VPC EIPs (show null) vs EC2-Classic EIPs (show ""). – jarmod Nov 20 '15 at 18:28
  • Thanks for the comment. I've additionally seen EC2-Classic EIPs explicitly show null in the result set (`"InstanceId": null`), and VPC EIPS simply not include `InstanceId` at all if it isn't set. For that situation at least, only checking null returns both cases from my console. – Anthony Neace Nov 20 '15 at 18:51
  • Appreciate it - this seems like a good way to go. Wasn't aware that I could check for null on non-existing parameters. Thanks! – joshft91 Nov 23 '15 at 17:43
  • 1
    Need to use double quotes on Windows: `"Addresses[?InstanceId==null]"` – EM0 Nov 17 '17 at 10:13
  • While this works for the `aws` CLI as described, I can't make a similar request work with the API. I'm sending a body `Action=DescribeAddresses&Filter.1.Name=instance-id&Version=2016-11-15` but I get no matching results. Any idea how to format this? – jwadsack Jul 30 '19 at 00:00
  • @jwadsack Hi, this dimension probably changes the answer sufficiently to ask a new/separate question. Feel free to link to this one for additional context! – Anthony Neace Jul 30 '19 at 00:02
  • @AnthonyNeace that's a good point. I had thought of that and found https://stackoverflow.com/questions/34384827/find-unassigned-elastic-ips which is exactly my issue and appears to be unsolved. I'll keep digging and follow up there with any findings. – jwadsack Jul 30 '19 at 02:55
  • For anyone wondering where the `query` command is documented it's [here](https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html#cli-usage-filter-client-side). I was able to filter for all IP addresses where neither `InstanceId` or `AssociationId` is set with the following (on Windows): `aws ec2 describe-addresses --query "Addresses[?InstanceId==null&&AssociationId==null].[PublicIp]" --output text` – Steve Chambers Apr 09 '22 at 10:58
6

ElasticIPs are also attached to NAT Gateways. In that case InstanceID value will be null but AssociationID is the field which will be present there in any scenario. So better to use associationID to be sure that EIP is in use or not.

Sachin Yadav
  • 71
  • 1
  • 3