Scripts for Auto IP Updates on Amazon EC2 or DigitalOcean

Today, I will be sharing with you my scripts for automating IP updates upon deployment on Amazon EC2 or DigitalOcean. The DigitalOcean update script can also be used on VPS from other providers.


DigitalOcean and Amazon EC2 Logo

DigitalOcean and Amazon EC2 are both cloud computing providers, where customers can dynamically deploy Virtual Private Servers (VPS) for purposes such as web hosting and scientific computation. DigitalOcean call their VPS "droplets" while Amazon EC2 name theirs "instances".

An important feature of these platforms is their scalability. For example, snapshots can be taken at any time for an existing VPS, and new VPS can readily be deployed from snapshots. However, you could get a different IP for each deployment. This IP change will affect software on your VPS and their config must be updated manually every time, which is a tedious task.

Problem: How to automate IP address updates for your VPS deployments, and avoid manually editing your software configuration every time?

Solution: Use a bash script to automatically do this task at system boot.

My IP Update Scripts

I will share my update scripts with brief explanations. They are licensed GPLv3 with NO guarantee, use them at your own risk. As a prerequisite, you should have the utilities dig, curl and sed installed. Before using the script for the first time, you MUST manually create a file /root/IPADDR with the contents below:

For EC2 Classic AND VPC instances:


For DigitalOcean droplets or other VPS:


Replace the placeholders above with actual values and remove the comments. To automatically run the script on system boot, save it somewhere and make it executable, then add a line to your /etc/rc.local.

How to save the scripts: Click on "view raw" at the bottom-right corner, Ctrl-A to select all, Ctrl-C to copy, then paste into your favorite editor. Alternatively, you can download them (first script, second script).

Update script for EC2 Classic AND VPC instances with up to two IPs:

In the script above, remember to replace YOUR_SOFTWARE_CONFIG_FILE with your actual config file, replace YOUR_IPTABLES_RULES_FILE with the IPTables rules file (e.g. /etc/iptables/rules.v4), then edit the two lines below it to correct the "live" IPTables rules. Finally, if used in a VPC, change the /24 at the end of ip addr add line to your actual subnet size.


This script can be used on EC2 Classic and VPC instances with up to two IP addresses on eth0. First, it queries the instance metadata for the current Public IP, Local IP and VPC subnet CIDR. Then, the script retrieves old IPs from /root/IPADDR, and verifies all IPs against a regular expression. It also checks that the mapping between Local IPs and Public IPs is correct, and swapping them if needed. This is because EC2 does not guarantee the order of IPs returned by metadata queries.

After that, the script proceeds to update your config files and IPTables rules with the new IP and subnet CIDR information. (The subnet CIDR part can be removed if you don't need it.)

Finally, the script adds the second Local IP address (if any) to eth0, and then records all new IPs to /root/IPADDR for future use.

Update script for DigitalOcean droplets or other VPS:

Again, in this script you need to replace several placeholders with your own content. Read the sections above the script for details. One of the differences from the previous script is that the public IP is retrieved using this method, which I consider the most robust.

If your VPS has private networks

In the cases that your VPS is not run directly on its public IP address, or has another interface (e.g. eth1) that is on a private network, try adding the following code:

IP2=$(ifconfig eth1 | grep "inet " | awk -F'[: ]+' '{ print $4 }')  
if [[ "${IP2}" =~ ${IP_REGEX} ]]; then  
... ...

I hope you enjoyed reading this article, and it can help you automate IP updates for your VPS deployments on Amazon EC2 or DigitalOcean.

Please share this post if you like it, and do not hesitate to write your comments or questions in the Disqus form below.

Next article: Ghost Blog Auto Setup with Nginx and ModSecurity
Previous article: Securing Your Asterisk VoIP Server with IPTables

Return to Lin's Tech Blog Homepage

Lin Song

Final year U.S. Ph.D. candidate in Electrical and Computer Engineering (ECE). As a hobby, I love computers, Linux and programming. Seeking opportunities. Feel free to connect with me on LinkedIn, or

View or Post

Disclaimer: All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. All trademarks mentioned herein belong to their respective owners.
    The owner of this blog will not be liable for any errors or omissions in this information nor for the availability of it. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.

Your name:

Email address:

Website URL:

Please leave a comment:

You agree that this form is for A N T I-S P A M B O T S!
     D O-N O T-S U B M I T !