Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Unable to release Elastic IP stuck with "ServiceManaged: rds" – No active RDS resources found

0

I am unable to release an Elastic IP (EIP) in the us-east-2 (Ohio) region. When attempting to release it via the console, I receive the following error: "Elastic IP addresses could not be released. <IP_ADDRESS>: You do not have permission to access the specified resource."

Steps Taken:

  1. IAM Permissions: Verified that my IAM user has AdministratorAccess. The IAM Policy Simulator confirms that ec2:ReleaseAddress is "Allowed" with no explicit denies.

  2. RDS Resource Check: I have checked the RDS dashboard in the us-east-2 region. There are 0 Databases.

  3. Other Resource Check: Verified there are no active NAT Gateways, Load Balancers, or VPC Endpoints in this region that could be holding the IP.

  4. Reverse DNS: Checked "Update reverse DNS" in the EIP console; no records are set.

I have an open support case regarding this that has remained unassigned for 12 days. I am looking for guidance on how to force the RDS service to release this IP because I am currently incurring charges for this unassociated EIP.

  • AWS-User-2203401
    a month ago

    That many days is a long time. What is your support tier?

  • Tyler
    a month ago

    I am on Basic Support. It is still "Unassigned" status now.

Topics
AnalyticsCloud Financial ManagementMigration & ModernizationComputeDatabase
Tags
Amazon EC2Amazon Relational Database ServiceVirtual Private CloudAWS Billing
Language
English
asked a month ago93 views
1 Answer
0

The Elastic IP is likely still associated with RDS service-managed resources that may not be immediately visible in the RDS console. The "ServiceManaged: rds" tag indicates that RDS has control over this resource through its service-linked role.

Here are some additional steps to investigate and resolve this issue:

Check for Hidden RDS Resources:

  1. Verify there are no DB instances in a "deleting" or transitional state by using the AWS CLI: aws rds describe-db-instances --region us-east-2
  2. Check for DB clusters (Aurora): aws rds describe-db-clusters --region us-east-2
  3. Look for custom DB cluster endpoints that might still exist: aws rds describe-db-cluster-endpoints --region us-east-2

Check Network Interfaces: Since RDS manages network interfaces that can hold EIPs, check for any lingering network interfaces:

  • In the EC2 console, go to Network Interfaces and filter by the us-east-2 region
  • Look for interfaces with a description containing "RDS" or with a "Requester ID" showing "amazon-rds"
  • Check if any of these interfaces have your EIP associated with them

Verify VPC Endpoints: RDS can create VPC endpoints that might hold onto network resources. Run: aws ec2 describe-vpc-endpoints --region us-east-2 --filters "Name=service-name,Values=*rds*"

Service-Linked Role Permissions: The RDS service-linked role has permissions to manage EC2 resources including allocating, associating, and releasing addresses. However, there may be a delay or stuck state in the cleanup process.

Given that your support case has been unassigned for 12 days, I recommend:

  1. Escalating your existing support case or opening a new one specifically mentioning the "ServiceManaged: rds" tag and the stuck EIP
  2. Request that AWS Support check for any orphaned RDS-managed resources in your account
  3. Ask them to verify the service-linked role's cleanup processes for this specific EIP

Unfortunately, you cannot directly force RDS to release service-managed resources without AWS Support intervention, as these are controlled by the service itself through its service-linked role policies.
Sources
AmazonRDSServiceRolePolicy - AWS Managed Policy

answered a month ago
AWS
MODERATOR
reviewed a month ago
EXPERT
reviewed a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content