Elastic IP dissociated from Elastic Network Interface after lack of use?

Question

I have an Elastic IP (EIP) that is associated to an Elastic Network Interface (ENI) and a private IP. The EIP is not set to allow reassociation. This ENI is part of my VPC, assigned to a subnet, and has a fixed private address. In this VPC is one Lambda instance that uses this setup to access the internet using a static IP. This setup works fine, doesn't require a NAT gateway, but isn't high availability (as the use case doesn't require it to be)

However, after I stop using the application for around 2 months, I come back to find the EIP is no longer associated with the ENI. I have to manually go and associate the EIP with the ENI and everything works again. This has happened twice

Why does the EIP dissociate with the ENI? Is there a way to keep it associated?

Accepted Answer

It's not recommended to depend on EIPs associated with these Lambda Hyperplane ENIs for a few reasons but what I expect you're seeing is that when a Lambda function remains idle for a couple weeks it will remove the Hyperplane ENI. Then when the function is triggered it creates a new Hyperplane ENI but without the EIP association. More detail around this process can be found [here](https://docs.aws.amazon.com/lambda/latest/dg/foundation-networking.html) but you have a few options to consider.

1. If the Lamdba doesn't need to access resources hosted within your VPC then you can simply not configure it to run in your own VPC/Subnets. It would then default to running in a VPC owned by the Lambda service team and have outbound connectivity by default.
2. Use a NAT Gateway to provide outbound connectivity from your own VPC/Subnets.
3. If NAT Gateway cost is prohibitive and and high availability is not a concern (as you mentioned) then you could leverage a NAT Instance.

Elastic IP dissociated from Elastic Network Interface after lack of use?

Relevant content