How do I resolve the error "The address with allocation id cannot be released because it is locked to your account" when trying to release an Elastic IP address from my Amazon EC2 instance?

Short description

You receive this error message when Amazon EC2 creates a reverse Domain Name System (rDNS) record for your Elastic IP address. The Elastic IP address locks to your account for as long as the rDNS record exists.

Resolution

Confirm whether rDNS is set for your Elastic IP address

1.    Connect to your instance using SSH.

2.    Run the host command. Replace the 203.0.113.0 sample IP address with your IP address.

$ host 203.0.113.0

If your Elastic IP address has an rDNS set, then this command returns an output that's similar to the following example:

$ 203.0.113.0.in-addr.arpa. domain-name-pointer mail.domain.com

Remove the rDNS entry

Using the Amazon EC2 console

Note: It's a best practice to remove the rDNS entry using the Amazon EC2 console.

1.    Open the Amazon EC2 console.

2.    Under Network & Security, select Elastic IPs.

3.    Choose the Elastic IP address, and then select Actions, Update reverse DNS.

4.    For Reverse DNS domain name, clear the domain name.

5.    Enter update to confirm.

6.    Select Update.

Using the AWS Command Line Interface (AWS CLI)

To remove a reverse DNS record using the AWS CLI, use the reset-address-attribute command as shown in the following example:

aws ec2 reset-address-attribute --allocation-id <value> --attribute <value>

See the following example command for Linux:

aws ec2 reset-address-attribute --allocation-id eipalloc-abcdef01234567890 --attribute domain-name

See the following example command for Windows:

aws ec2 reset-address-attribute --allocation-id eipalloc-abcdef01234567890 --attribute domain-name

Note: If you receive errors when running AWS CLI commands, make sure that you’re using the most recent version of the AWS CLI.

Using AWS Support

If you can't remove the request using the Amazon EC2 console or the AWS CLI, then request AWS assistance using these steps:

1.    Open the Request to remove email sending limitations form.

2.    Complete the form using the following information: Email Address: Your email address. Use Case Description: Your specific use case for requesting rDNS removal. Elastic IP address: A list of your Elastic IP addresses**.
Reverse DNS record:** This field is optional. Reverse DNS Record for EIP 1: Enter please remove rDNS. Reverse DNS Record for EIP 2: Leave blank.

3.    Choose Submit.

Note: Removing the rDNS might take a few days to propagate through the system.

Release the Elastic IP address

1.    After you receive confirmation of the rDNS removal, run the host command for your IP address to verify removal completion:

$ host 203.0.113.0

This command returns output that's similar to the following example:

$ 203.0.113.0.in-addr.arpa. domain-name-pointer ec2-54-244-68-210.us-west-2.compute.amazonaws.com.

2.    Open the Amazon EC2 console, and then choose Elastic IPs from the navigation pane.

3.    Select the Elastic IP address, and then choose Actions, Release addresses.

4.    Choose Release.

If you still encounter the error when releasing your Elastic IP address after removing the rDNS, then contact AWS Support to unlock your Elastic IP address.

Related information

Configurable reverse DNS for Amazon EC2's Elastic IP addresses