Extracting public IP data from AWS can be painful and time consuming. This NQE makes it easy to identify public IPs across all accounts and regions and can be customized for other cloud providers.
Overview
Starting in February 2024, AWS began charging for public IP addresses to incentivize the migration to IPv6 due to the depletion of IPv4 space. Managing these costs can be challenging, especially with AWS’s VPC IP Address Manager (IPAM) which only works across a single account and incurs additional charges. Our NQE provides a comprehensive view across accounts and regions without extra costs, simplifying IP management. This functionality also extends to other cloud platforms like Azure and GCP, offering a unified solution for IP management.
Results
- This NQE simplifies IP management by providing a centralized dashboard to view and manage IP addresses across multiple AWS accounts and regions.
- The Public IP NQE identifies underutilized IP addresses, helping customers avoid unnecessary charges. Customers have reported significant savings, avoiding tens of thousands of dollars in potential bills.
- This comprehensive solution helps organizations maintain cost-effective and efficient IP address management across multiple cloud platforms.
Solution
Our NQE collects and normalizes data on Elastic IP addresses within AWS, making it easier to spot underutilized IP addresses in a vendor-agnostic model. Customization options allow users to refine results to specific machine types or regions, enabling large organizations to manage thousands of IP addresses efficiently. Because the network data is part of our model, you could refine your results to return public IPs assigned to specific machine types, Linux for example, or find public IPs in a particular region. This helps large organizations focus their search when they have have thousands if not tens of thousands of public IP addresses.
NQE Script
/**
* @intent Shows the number and cost of AWS public IPv4 IP addresses
*/
import "L3/IpAddressUtils";
// $0.005 per hour per IP
costPerIpPerDay = 24.0 * 0.005;
isIPv4(subnet) = isPresent(patternMatch(toString(subnet), `{ipv4Subnet}`));
getPublicAllocatedIps(cloudAccount) =
foreach vpc in cloudAccount.vpcs
let publicAllocatedIps = (foreach subnet in vpc.subnets
foreach iface in subnet.ifaces
foreach ip in iface.ipAddresses
where isIPv4(ip) && ip not in privateIpAddressSet
select ip)
let numPublicIps = length(publicAllocatedIps)
select {
regionsOrnetworkBorderGroups: vpc.cloudRegions,
vpcName: vpc.name,
vpcId: vpc.id,
numPublicIps
};
getPublicUnallocatedIps(cloudAccount) =
o{ regionsOrnetworkBorderGroups: (foreach ip in cloudAccount.publicUnallocatedIps select ip.networkBorderGroup),
vpcName: null : String,
vpcId: null : String,
numPublicIps: length(cloudAccount.publicUnallocatedIps)
}];
foreach cloudAccount in network.cloudAccounts
where cloudAccount.cloudType == CloudType.AWS
foreach record in getPublicAllocatedIps(cloudAccount) + getPublicUnallocatedIps(cloudAccount)
let numPublicIps = record.numPublicIps
where numPublicIps > 0
select {
"Cloud Account": cloudAccount.name,
"Regions or Network Border Groups": record.regionsOrnetworkBorderGroups,
"VPC Name": record.vpcName,
"VPC ID": record.vpcId,
"Count of Public IPs": numPublicIps,
"Daily Cost ($)": float(numPublicIps) * costPerIpPerDay,
"Monthly Cost ($)": float(numPublicIps) * 30.0 * costPerIpPerDay,
"Annual Cost ($)": float(numPublicIps) * 365.0 * costPerIpPerDay
}
Sample result