AWS

OptInRequired - Opt In Required

Getting an **OptInRequired** error means you need to opt in to an AWS service or feature before using it—some AWS services require explicit opt-in, especially new regions, Local Zones, Wavelength Zones, or certain features. This client-side error (4xx) happens when AWS requires explicit acceptance. Most common when using new AWS regions, but also appears when Local Zones require opt-in, Wavelength Zones need activation, certain features require acceptance, or service agreements haven't been completed.

#Common Causes

  • Identity: IAM permissions allow but opt-in not completed. Service Control Policy (SCP) requires opt-in. Account-level opt-in restrictions.
  • Network: New region opt-in required. Local Zone opt-in required. Wavelength Zone opt-in required.
  • Limits: Service opt-in not completed. Feature not enabled. Service agreement not accepted. Terms of service not agreed.

Solutions

  1. 1Step 1: Diagnose - Check which service/region requires opt-in: Review error message for specific service or region. Check if it's a new region, Local Zone, or Wavelength Zone.
  2. 2Step 2: Diagnose - Check opt-in status: For EC2 Local Zones: aws ec2 describe-availability-zones --filters "Name=opt-in-status,Values=opted-in" --query 'AvailabilityZones[*].ZoneName' --output table. Check which zones require opt-in.
  3. 3Step 3: Diagnose - Verify account status: aws sts get-caller-identity. Check if account can opt in. Verify billing/payment method is active.
  4. 4Step 4: Fix - Opt in to Local Zone: aws ec2 modify-availability-zone-group --group-name ZONE_GROUP_NAME --opt-in-status opted-in. Verify: aws ec2 describe-availability-zones --zone-names ZONE_NAME.
  5. 5Step 5: Fix - Opt in to new region: Visit AWS Console > Account Settings > Regions. Enable the region. Or use AWS CLI if supported. Accept terms of service if prompted.

</>Code Examples

Check Opt-In Status for Availability Zones
1#!/bin/bash
2# Check which zones require opt-in
3echo "=== Availability Zones Requiring Opt-In ==="
4aws ec2 describe-availability-zones \
5  --filters "Name=opt-in-status,Values=not-opted-in" \
6  --query 'AvailabilityZones[*].[ZoneName,ZoneId,OptInStatus]' \
7  --output table
8
9# Check opted-in zones
10echo "\n=== Already Opted-In Zones ==="
11aws ec2 describe-availability-zones \
12  --filters "Name=opt-in-status,Values=opted-in" \
13  --query 'AvailabilityZones[*].[ZoneName,ZoneId]' \
14  --output table
15
16# List all zones with opt-in status
17echo "\n=== All Zones with Opt-In Status ==="
18aws ec2 describe-availability-zones \
19  --query 'AvailabilityZones[*].[ZoneName,OptInStatus,RegionName]' \
20  --output table
Opt In to Local Zone or Wavelength Zone
1#!/bin/bash
2# Opt in to Local Zone
3ZONE_GROUP_NAME="us-east-1-wl1-nyc-wlz-1"  # Replace with your zone group
4
5echo "=== Opting In to Zone Group: ${ZONE_GROUP_NAME} ==="
6aws ec2 modify-availability-zone-group \
7  --group-name ${ZONE_GROUP_NAME} \
8  --opt-in-status opted-in
9
10# Verify opt-in status
11echo "\n=== Verifying Opt-In Status ==="
12aws ec2 describe-availability-zones \
13  --zone-names ${ZONE_GROUP_NAME} \
14  --query 'AvailabilityZones[*].[ZoneName,OptInStatus]' \
15  --output table
16
17# Note: Some zones may require console opt-in
18echo "\n=== Note ==="
19echo "Some zones require opt-in via AWS Console:"
20echo "1. Go to EC2 Console > Settings > Zones"
21echo "2. Enable the zone"
22echo "3. Accept terms of service"
Check Account Status and Opt-In Eligibility
1#!/bin/bash
2# Check account identity
3echo "=== Account Identity ==="
4aws sts get-caller-identity --output table
5
6# Check if account can opt in (requires valid payment method)
7echo "\n=== Account Status ==="
8echo "Opt-in requires:"
9echo "1. Valid payment method on file"
10echo "2. Account in good standing"
11echo "3. Terms of service accepted"
12
13# Check for account issues
14echo "\n=== Checking for Account Issues ==="
15aws support describe-cases \
16  --include-resolved-cases \
17  --max-results 5 \
18  --query 'cases[*].[caseId,status,subject]' \
19  --output table 2>&1 | head -5 || echo "No support cases or access denied"
20
21# Note: Some opt-ins require console
22echo "\n=== Opt-In Methods ==="
23echo "1. AWS CLI (for Local Zones/Wavelength Zones)"
24echo "2. AWS Console (for new regions and some features)"
25echo "3. Contact AWS Support (for special cases)"

Related Errors

AccessDeniedInvalidParameter

Provider Information

This error code is specific to AWS services. For more information, refer to the official AWS documentation.

OptInRequired - Opt In Required | AWS Error Reference | Error Code Reference