At the moment we don’t have any APIs to list unused IP addresses of a subnet directly unfortunately. However you can use “describe-network-interfaces” API to get a list of the IP addresses which are already in use in a subnet. Then you can get a list of unused internal IP addresses by subtracting those occupied IP addresses from all available IP addresses in the subnet (CIDR block).

Example AWS CLI command for IPs in use:

aws ec2 describe-network-interfaces –filters “Name=subnet-id,Values=subnet-12345678” –query ‘NetworkInterfaces[*].PrivateIpAddress’

You can also get the CIDR Block of the subnet:

aws ec2 describe-subnets –subnet-ids subnet-12345678 –query ‘Subnets[*].[CidrBlock][]’

With the CIDR block you can generate a list of IP addresses programmatically (for example, python 3 has a ipaddress module) and subtract the IP addresses in use from the first CLI command.