AWS cost optimization

Elastic IP Cost in AWS: How to Find Idle Public IPv4 Spend

Elastic IP cost in AWS now includes public IPv4 usage. Learn how to find idle addresses, verify ownership, and safely release review candidates today.

Published 2026-05-18 Updated 2026-05-18 By Cloud Cost Clinic

Quick takeaway

Elastic IP cost is one of those small AWS lines that looks harmless until you realize the address has been sitting there like it pays rent in vibes.

Elastic IP addresses and public IPv4 addresses are worth reviewing because they can create recurring hourly cost. AWS documentation says AWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses.

That does not mean every public address is waste. Treat idle, unassociated, or unexplained addresses as review candidates first. Verify DNS, allowlists, owners, and recovery needs before releasing anything. Public IP cleanup is one of those tasks where a small bill line can have a surprisingly long memory.

The console has many buttons. The hard one is "are we sure?"

Network cables in a server room used as a visual cue for public IPv4 cost review

Why Elastic IP cost shows up

An Elastic IP address is a static public IPv4 address allocated to your AWS account. It can be associated with resources such as an EC2 instance, network interface, NAT Gateway, or load balancer pattern depending on the design.

Elastic IP and public IPv4 cost usually shows up when:

Addresses are allocated and forgotten.
Temporary migration addresses become permanent.
Stopped or removed workloads leave addresses behind.
Public IPv4 is enabled by default for workloads that do not need it.
DNS records or partner allowlists depend on old addresses.
Teams do not have a public IP ownership review.

Public IP cleanup is not just a billing task. It can be a networking and access-control task. The address may look idle in one console and still be famous in a vendor allowlist.

A fictional but realistic example: a small team finds an unassociated address and wants to release it. Then someone checks DNS, an old partner allowlist, and a migration note. The address is no longer attached, but the assumption around it is still alive. That is annoying. It is also why the review exists.

How to find Elastic IP and public IPv4 spend

Start in Cost Explorer:

1. Look for public IPv4, Elastic IP, EC2-Other, or VPC-related usage. 2. Group by usage type. 3. Filter by linked account and Region. 4. Compare daily trend to find steady hourly baseline versus recent change.

Then inspect allocated addresses in the VPC or EC2 console. For each address, record:

Whether it is associated or unassociated.
Attached instance, network interface, NAT Gateway, or other resource.
Region and account.
DNS records.
Security group or firewall dependency.
External allowlists.
Monitoring checks.
Owner, application, and environment.
Whether the workload can use private networking or IPv6.

Unassociated is a strong review signal, but it is not proof that release is safe. Unattached does not mean unloved.

Where Public IP Insights fits

AWS Public IP Insights can help build the inventory side of the review. It is useful for finding public IPv4 addresses across resources and checking which accounts and Regions need attention.

Use it to answer inventory questions:

Which public IPv4 addresses exist?
Which resources are they attached to?
Which addresses look idle or unexplained?
Which accounts or Regions have the most review candidates?

Then do the human part. Public IP Insights can help find addresses; it does not know whether a partner allowlist, DNS record, rollback plan, or migration note still depends on one.

Inventory is the start. Approval is the work. AWS gives you elastic infrastructure. It does not give you elastic attention.

How to verify before releasing an address

Before releasing an Elastic IP address, confirm:

No DNS record points to it.
No vendor, customer, partner, firewall, or SaaS integration allowlists it.
No monitoring, uptime check, or automation expects it.
It is not part of a migration, rollback, disaster recovery, or failover plan.
The workload owner approves the release.
A change window exists if the address is production-facing.

If the address is attached to a stopped instance, check whether that instance is expected to restart with the same public endpoint.

Safer ways to reduce the cost

Release clearly abandoned unassociated addresses after ownership review.
Remove public IPv4 from workloads that only need private connectivity.
Prefer private networking where the application can use it.
Review stale DNS and allowlists before releasing addresses.
Add owner and purpose tags to public-facing resources.
Use Public IP Insights or inventory exports to keep a repeatable review list.
Create a monthly public IP review for small accounts with frequent experiments.

The safest first action may be tagging and ownership cleanup. Releasing the address comes after the evidence holds. The useful first win may simply be knowing who can say yes.

What not to do

Do not bulk-release every unassociated Elastic IP address without checking context. A detached address may still be reserved for migration, failover, rollback, or an external allowlist.

Do not remove public access from a workload without understanding how users, automation, vendors, monitoring, and support workflows reach it.

Do not assume Elastic IP is the only public IPv4 cost. AWS public IPv4 charges can apply beyond classic idle Elastic IP cases.

Do not let the small dollar amount talk you into skipping context. A cheap public address can still be expensive to break.

Checklist

Find public IPv4 and Elastic IP usage in Cost Explorer.
Export allocated addresses by account and Region.
Mark associated and unassociated addresses.
Identify attached resources and DNS records.
Check allowlists, monitoring, and migration notes.
Verify owner and environment.
Release only addresses with clear approval and low risk.
Recheck the bill after Cost Explorer refreshes.

FAQ

Does AWS charge for Elastic IP addresses?

AWS documentation says AWS charges for all public IPv4 addresses, including Elastic IP addresses. Check the current Amazon VPC pricing page before using exact rates.

Is an unassociated Elastic IP safe to release?

Not automatically. It is a good review candidate, but it may still be reserved for DNS, allowlists, failover, migration, or rollback.

How do I find idle Elastic IP addresses?

Use Cost Explorer to find the billing signal, then inspect Elastic IPs by account and Region. Mark addresses that are unassociated or attached to stopped or unclear resources, then verify ownership.

What should I check before releasing an Elastic IP?

Check DNS, allowlists, firewall rules, monitoring, external integrations, migration notes, recovery plans, and workload owner approval.

AWS VPC Costs puts public IPv4 spend in the wider networking cost picture.
What Is EC2-Other in AWS Cost Explorer? helps trace where public IPv4 and related EC2 costs may appear.
AWS Cost Optimization Checklist for Small AWS Teams keeps release decisions tied to ownership and rollback.

Sources

AWS docs: IP addressing for your VPCs and subnets
AWS docs: Start using Elastic IP addresses
AWS pricing: Amazon VPC pricing
AWS News Blog: AWS public IPv4 address charge and Public IP Insights
Related: AWS VPC Costs

Reader question

When you review public IPv4 spend, is the hard part finding the addresses or proving they are safe to release?