AWS::EC2::NetworkInterface - AWS CloudFormation
SyntaxPropertiesReturn ValuesExamplesSee Also

AWS::EC2::NetworkInterface

Describes a network interface in an Elastic Compute Cloud (EC2) instance for AWS CloudFormation.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::EC2::NetworkInterface",
  "Properties" : {
      "Description" : String,
      "GroupSet" : [ String, ... ],
      "InterfaceType" : String,
      "Ipv6AddressCount" : Integer,
      "Ipv6Addresses" : InstanceIpv6Address,
      "PrivateIpAddress" : String,
      "PrivateIpAddresses" : [ PrivateIpAddressSpecification, ... ],
      "SecondaryPrivateIpAddressCount" : Integer,
      "SourceDestCheck" : Boolean,
      "SubnetId" : String,
      "Tags" : [ Tag, ... ]
    }
}

YAML

Type: AWS::EC2::NetworkInterface
Properties: 
  Description: String
  GroupSet: 
    - String
  InterfaceType: String
  Ipv6AddressCount: Integer
  Ipv6Addresses: 
    InstanceIpv6Address
  PrivateIpAddress: String
  PrivateIpAddresses: 
    - PrivateIpAddressSpecification
  SecondaryPrivateIpAddressCount: Integer
  SourceDestCheck: Boolean
  SubnetId: String
  Tags: 
    - Tag

Properties

Description

A description for the network interface.

Required: No

Type: String

Update requires: No interruption

GroupSet

A list of security group IDs associated with this network interface.

Required: No

Type: List of String

Update requires: No interruption

InterfaceType

Indicates the type of network interface. To create an Elastic Fabric Adapter (EFA), specify efa. For more information, see Elastic Fabric Adapter in the Amazon Elastic Compute Cloud User Guide.

Required: No

Type: String

Allowed Values: efa

Update requires: Replacement

Ipv6AddressCount

The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the Ipv6Addresses property and don't specify this property.

Required: No

Type: Integer

Update requires: No interruption

Ipv6Addresses

One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet to associate with the network interface. If you're specifying a number of IPv6 addresses, use the Ipv6AddressCount property and don't specify this property.

Required: No

Type: InstanceIpv6Address

Update requires: No interruption

PrivateIpAddress

Assigns a single private IP address to the network interface, which is used as the primary private IP address. If you want to specify multiple private IP address, use the PrivateIpAddresses property.

Required: No

Type: String

Update requires: Replacement

PrivateIpAddresses

Assigns a list of private IP addresses to the network interface. You can specify a primary private IP address by setting the value of the Primary property to true in the PrivateIpAddressSpecification property. If you want EC2 to automatically assign private IP addresses, use the SecondaryPrivateIpAddressCount property and do not specify this property.

Required: No

Type: List of PrivateIpAddressSpecification

Update requires: Some interruptions

SecondaryPrivateIpAddressCount

The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using privateIpAddresses.

The number of IP addresses you can assign to a network interface varies by instance type. For more information, see IP Addresses Per ENI Per Instance Type in the Amazon Virtual Private Cloud User Guide.

Required: No

Type: Integer

Update requires: No interruption

SourceDestCheck

Indicates whether traffic to or from the instance is validated.

Required: No

Type: Boolean

Update requires: No interruption

SubnetId

The ID of the subnet to associate with the network interface.

Required: Yes

Type: String

Update requires: Replacement

Tags

An arbitrary set of tags (key–value pairs) for this network interface.

Required: No

Type: List of Tag

Update requires: No interruption

Return Values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource name.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

PrimaryPrivateIpAddress

Returns the primary private IP address of the network interface. For example, 10.0.0.192.

SecondaryPrivateIpAddresses

Returns the secondary private IP addresses of the network interface. For example, ["10.0.0.161", "10.0.0.162", "10.0.0.163"].

Examples

Tip

For more NetworkInterface template examples, see Elastic Network Interface (ENI) Template Snippets.

Simple Standalone ENI

This is a simple standalone Elastic Network Interface (ENI), using all of the available properties.

JSON

"myENI" : {
   "Type" : "AWS::EC2::NetworkInterface",
   "Properties" : {
      "Tags": [{"Key":"foo","Value":"bar"}],
      "Description": "A nice description.",
      "SourceDestCheck": "false",
      "GroupSet": ["sg-75zzz219"],
      "SubnetId": "subnet-3z648z53",
      "PrivateIpAddress": "10.0.0.16"
   }
}

YAML

   myENI:
      Type: AWS::EC2::NetworkInterface
      Properties:
         Tags:
         - Key: foo
           Value: bar
         Description: A nice description.
         SourceDestCheck: 'false'
         GroupSet:
         - sg-75zzz219
         SubnetId: subnet-3z648z53
         PrivateIpAddress: 10.0.0.16

ENI on an EC2 instance

This is an example of an ENI on an EC2 instance. In this example, one ENI is added to the instance. If you want to add more than one ENI, you can specify a list for the NetworkInterface property. However, you can specify multiple ENIs only if all the ENIs have just private IP addresses (no associated public IP address). If you have an ENI with a public IP address, specify it and then use the AWS::EC2::NetworkInterfaceAttachment resource to add additional ENIs.

JSON

"Ec2Instance" : {
   "Type" : "AWS::EC2::Instance",
   "Properties" : {
      "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]},
      "KeyName" : { "Ref" : "KeyName" },
      "SecurityGroupIds" : [{ "Ref" : "WebSecurityGroup" }],
      "SubnetId" : { "Ref" : "SubnetId" },
      "NetworkInterfaces" : [ {
         "NetworkInterfaceId" : {"Ref" : "controlXface"}, "DeviceIndex" : "1" } ],
      "Tags" : [ {"Key" : "Role", "Value" : "Test Instance"}],
      "UserData" : { "Fn::Base64" : { "Ref" : "WebServerPort" }}
   }
}

YAML

Ec2Instance:
   Type: AWS::EC2::Instance
   Properties:
      ImageId:
         Fn::FindInMap:
         - RegionMap
         - Ref: AWS::Region
         - AMI
      KeyName:
         Ref: KeyName
      SecurityGroupIds:
      - Ref: WebSecurityGroup
      SubnetId:
         Ref: SubnetId
      NetworkInterfaces:
      - NetworkInterfaceId:
         Ref: controlXface
        DeviceIndex: '0'
      Tags:
      - Key: Role
        Value: Test Instance
      UserData:
         Fn::Base64:
            Ref: WebServerPort

See Also