Have you recently received an email from Amazon with the subject “[Notification] New charge for public IPv4 addresses starting February 1, 2024”? This message is to inform you that starting in February, there will be a new $0.005/hr charge for all Public IPv4 addresses used by your AWS account. There’s a good chance that it could result in a noticeable increase on your AWS bill, and it could be more than you expect. How much more depends on a number of factors, as I’ll get to below.
In this article, I’ll cover why this is happening, identify some of the services affected by this change you may not have considered, and show you how to identify the amount of Public IPv4 you are currently using in your account.
If you’d rather not delve into the technical details, you can book my company Cloud Versed Consulting for a consultation and we can help you understand exactly what this will mean for you.
Why this is happening
As Amazon Web Services stated on their blog post announcing the new charge, with the availability of IPv4 addresses becoming more limited, the costs of acquiring new IPs has been increasing significantly over the last few years. This cost is now going to be passed over to customers with the intent of encouraging a reduction in IPv4 usage. Two main ways this can be done is by reducing the services that require public addresses or migrating towards IPv6.
Public IP addresses might not consider
Do you know how many Public IP addresses your AWS account is using?
If you think about the resources that will be using these public IPs, some may easily come to mind, like a few instances that have Public IP addresses attached. But that is just the start of resources that may affect your usage amount.
For example, let’s say that you have a VPC Network that contains 5 private instances, 1 private Multi-AZ RDS MySQL instance, 1 load balancer, a NAT Gateway, and 1 public bastion host. You may think that this would use 1 Public IP address, because there’s only one public instance involved. However, the NAT Gateway and Load Balancers each use multiple Public IPs on your behalf, so it’s actually 5 Public IPs!
Here’s how the Public IP Addresses work out for some of the resource you may not have considered:
- Load Balancers - likely 2-3 Public IP addresses each
- NAT Gateways - likely 2-3 Public IP addresses each
- VPN Gateways - 2 Public IP addresses per Site-to-site connection
- RDS Databases - 1 Public IP address per instance public, or 2 if they’re Multi-AZ instances
- Global Accelerator - 2 Public IP addresses each
If instead of my above example, you had public IP Addresses associated with all 5 instances, and had a public IP address associated with your Multi-AZ RDS MySQL instance, and a load balancer, this would add up to 9 Public IP addresses. This scenario would likely cost you about $32.85/month. In addition, you need to be much more careful to ensure that your security groups are also configured correctly so as not to allow public access to the backing instances or database.
How many Public IPs your accounts are using
One fast and relatively easy way to determine how many Public IP addresses your account is using today is through Cost Explorer.
Here’s how you can see how much public IP address usage your account has:
- Open up Cost Explorer
-
Select the date range you want to analyze
- Click in the Date Range field
- Select that range you’re interested in
- Click Apply
- Select the Granularity you want the data broken down by: Daily, Monthly or Hourly. I prefer Daily.
- For the Dimensions field, select API Operations.
-
For Usage type
- Click the Usage type field
- In the Filter Usage types field, enter Public IP
- Click the Select All check box
- Click Apply
You will now have a report for your desired date range.
In the Usage (Hrs) section, you’ll find a graph of the number of Public IP usage hours broken down by the API Operation that caused the usage.
In the Cost and Usage breakdown section, you will find the Total usage in Hours, as well as a breakdown by each API Operation, and a breakdown by your Granularity (In my case, days).
To get an estimate of the cost that this Public IP Usage will eventually cost, you need only multiply the number of hours by $0.005. For example, in my example above, I have a total usage of 717.94 hours for October, so 717.94 * 0.005 = $3.59. If my usage were relatively stable, that would give me an idea what my usage would likely be in February.
What the API Operations mean
The API Operations roughly translate to the method by which the Public IP was originally requested. Here’s what they actually mean:
- AllocateAddressVPC: The Public IP address is associated with Elastic IP that is not attached to any instances. These IP addresses have traditionally come with an Idle IP address charge.
- AssociateAddressVPC: The Public IP address is associated with an Elastic IP that is attached to an instance.
- CreateAccelerator: The Public IP address is associated with an AWS Global Accelerator.
- CreateVPNConnection: The Public IP address is associated with an AWS Site-to-Site VPN connection.
- DescribeNetworkInterfaces: The Public IP address is associated with an AWS Managed service, such as Elastic Load Balancing, NAT Gateways, RDS, etc.
- RunInstances: The Public IP address is associated with Instances in your VPC.
Resource Level Visibility into IP Addresses
By now you should have an idea how much Public IP address hours you are using. But what if you want to understand more about what specific resources are using those Public IPs? This is where the Network Interfaces section of the EC2 console can be helpful.
Here’s how you can use it:
- Go to the Network Interfaces page
- Scroll right, until the Interface Type and Public IPv4 addresses columns are visible
- Click the Public IPv4 address column twice to sort it so that all resources with associated Public IPs are at the top.
Now we can see many of the individual resources and services in our VPC that are using Public IPs.
Here’s an example from a sample VPC. We can see that we have 7 Public IPs in use. Of these, we can see from the Instance ID column that 2 are associated with EC2. We can also see from the Description column that 2 are associated with RDS Instances, 2 are associated with a NAT Gateway, and 1 is associated with a specific Application Load Balancer.
If you’ve read this far, I hope you found this content useful. If you have any questions, be sure to drop them in the comments.
Need help with your Public IPs on AWS?
If you would like some more help understanding your Public IP usage, or would like help with reducing your Public IP costs, book a consult with my company Cloud Versed Consulting, and we can discuss options to help clarify your Public IP usage and reduce unnecessary costs.