Amazon Elastic Compute Cloud
CLI Reference (API Version 2013-02-01)
AWS Documentation » Amazon EC2 » Command Line Reference » Commands (CLI Tools) » ec2-describe-network-interfaces
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Did this page help you?  Yes | No |  Tell us about it...

ec2-describe-network-interfaces

Description

Describes one or more of your network interfaces.

The short version of this command is ec2dnic.

Syntax

ec2-describe-network-interfaces --filter FILTER

Options

NameDescription

-F, --filter name=value

A filter for limiting the results. See the Supported Filters section for a list of supported filters. Use quotation marks if the value string has a space ("name=value example"). On a Windows system, use quotation marks even without a space in the value string ("name=value").

Type: String

Default: None

Required: No

Example: -F "description=My ENI"

Supported Filters

You can specify filters so that the response includes information for only certain network interfaces. For example, you can use a filter to specify that you're interested in network interfaces launched in a specific Availability Zone. You can specify multiple values for a filter. The response includes information for a network interface only if it matches at least one of the filter values that you specified.

You can specify multiple filters; for example, specify network interfaces in a specific Availability Zone, and that have a specific owner ID. The response includes information for a network interface only if it matches all the filters that you specified. If there's no match, no special message is returned, the response is simply empty.

You can use wildcards in a filter value. An asterisk (*) matches zero or more characters, and a question mark (?) matches exactly one character. You can escape special characters using a backslash (\) before the character. For example, a value of \*amazon\?\\ searches for the literal string *amazon?\.

The following are the available filters.

addresses.private-ip-address

The private IP addresses associated with the network interface.

Type: String

addresses.primary

Whether the private IP address is the primary IP address associated with the network interface.

Type: Boolean

Valid values: true | false

addresses.association.public-ip

The association ID returned when the network interface was associated with the Elastic IP address.

Type: String

addresses.association.owner-id

The owner ID of the addresses associated with the network interface.

Type: String

association.association-id

The association ID returned when the network interface was associated with an IP address.

Type: String

association.allocation-id

The allocation ID that AWS returned when you allocated the Elastic IP address for your network interface.

Type: String

association.ip-owner-id

The owner of the Elastic IP address associated with the network interface.

Type: String

association.public-ip

The address of the Elastic IP address bound to the network interface.

Type: String

attachment.attachment-id

The ID of the interface attachment.

Type: String

attachment.instance-id

The ID of the instance to which the network interface is attached.

Type: String

attachment.instance-owner-id

The owner ID of the instance to which the network interface is attached.

Type: String

attachment.device-index

The device index to which the network interface is attached.

Type: Integer

attachment.status

The status of the attachment.

Type: String

Valid values: attaching | attached | detaching | detached

attachment.attach.time

The time that the network interface was attached to an instance.

Type: DateTime

attachment.delete-on-termination

Indicates whether the attachment is deleted when an instance is terminated.

Type: Boolean

availability-zone

The Availability Zone of the network interface.

Type: String

description

The description of the network interface.

Type: String

group-id

The ID of a security group associated with the network interface.

Type: String

group-name

The name of a security group associated with the network interface.

Type: String

mac-address

The MAC address of the network interface.

Type: String

network-interface-id

The ID of the network interface.

Type: String

owner-id

The AWS account ID of the network interface owner.

Type: String

private-ip-address

The private IP address or addresses of the network interface.

Type: String

private-dns-name

The private DNS name of the network interface.

Type: String

requester-id

The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).

Type: String

requester-managed

Indicates whether the network interface is being managed by an AWS service (for example, AWS Management Console, Auto Scaling, and so on).

Type: Boolean

source-dest-check

Indicates whether the network interface performs source/destination checking. A value of true means checking is enabled, and false means checking is disabled. The value must be false for the network interface to perform Network Address Translation (NAT) in your VPC.

Type: Boolean

status

The status of the network interface. If the network interface is not attached to an instance, the status shows available; if a network interface is attached to an instance the status shows in-use.

Type: String

Valid values: available | in-use

subnet-id

The ID of the subnet for the network interface.

Type: String

tag-key

The key of a tag assigned to the resource. This filter is independent of the tag-value filter. For example, if you use both the filter "tag-key=Purpose" and the filter "tag-value=X", you get any resources assigned both the tag key Purpose (regardless of what the tag's value is), and the tag value X (regardless of what the tag's key is). If you want to list only resources where Purpose is X, see the tag:key filter.

For more information about tags, see Tagging Your Resources in the Amazon Elastic Compute Cloud User Guide.

Type: String

tag-value

The value of a tag assigned to the resource. This filter is independent of the tag-key filter.

Type: String

tag:key

Filters the response based on a specific tag/value combination.

Example: To list just the resources that have been assigned tag Purpose=X, specify:

--filter tag:Purpose=X

Example: To list just resources that have been assigned tag Purpose=X OR Purpose=Y, specify:

--filter tag:Purpose=X --filter tag:Purpose=Y

vpc-id

The ID of the VPC for the network interface.

Type: String

Common Options

OptionDescription

--region REGION

Overrides the region specified by the EC2_URL environment variable and the URL specified by the -U option.

Default: The value of the EC2_URL environment variable, or us-east-1 if EC2_URL isn't set.

Example: --region eu-west-1

-U, --url URL

The uniform resource locator (URL) of the Amazon EC2 web service entry point.

Default: The value of the EC2_URL environment variable, or https://ec2.amazonaws.com if EC2_URL isn't set.

Example: -U https://ec2.amazonaws.com

-K, --private-key EC2-PRIVATE-KEY

The private key that identifies you to Amazon EC2. For more information, see Tell the Tools Who You Are.

Default: The value of the EC2_PRIVATE_KEY environment variable. If EC2_PRIVATE_KEY isn't set, you must specify this option.

Example: -K pk-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem

-C, --cert EC2-CERT

The X.509 certificate that identifies you to Amazon EC2.

Default: The value of the EC2_CERT environment variable. If EC2_CERT isn't set, you must specify this option.

Example: -C cert-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem

-O, --aws-access-key AWS_ACCESS_KEY

The access key ID associated with your AWS account. For more information, see Tell the Tools Who You Are.

Default: The value of the AWS_ACCESS_KEY environment variable. If AWS_ACCESS_KEY isn't set, you must specify this option.

Example: -O AKIAIOSFODNN7EXAMPLE

Note

For more information, see the following section, Deprecated Options.

-W, --aws-secret-key AWS_SECRET_KEY

The secret access key associated with your AWS account.

Default: The value of the AWS_SECRET_KEY environment variable. If AWS_SECRET_KEY isn't set, you must specify this option.

Example: -W wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

Note

For more information, see the following section, Deprecated Options.

-T, --security-token TOKEN AWS_DELEGATION_TOKEN

The AWS delegation token.

Default: The value of the environment variable (if set).

--connection-timeout TIMEOUT

The connection timeout, in seconds.

Example: --connection-timeout 30

--request-timeout TIMEOUT

The request timeout, in seconds.

Example: --request-timeout 45

-v, --verbose

Displays verbose output, including the API request and response on the command line. This is useful if you are building tools to talk directly to our Query API.

-H, --headers

Includes column headers in the command output.

--show-empty-fields

Shows empty columns as (nil).

--hide-tags

Omits tags for tagged resources.

--debug

Displays internal debugging information. This can assist us when helping you troubleshooting problems.

-?, --help, -h

Displays usage information for the command.

-

Reads arguments from standard input. This is useful when piping the output from one command to the input of another.

Example: ec2-describe-instances | grep stopped | cut -f 2 | ec2-start-instances -

Deprecated Options

For a limited time, you can still use the private key and X.509 certificate instead of your access key ID and secret access key. However, we recommend that you start using your access key ID (-O, --aws-access-key) and secret access key (-W, --aws-secret-key) now, as the private key (-K, --private-key) and X.509 certificate (-C, --cert) won't be supported after the transition period elapses. For more information, see Tell the Tools Who You Are.

OptionDescription

-K, --private-key EC2-PRIVATE-KEY

The private key to use when constructing requests to Amazon EC2.

Default: The value of the EC2_PRIVATE_KEY environment variable.

Example: -K pk-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem

-C, --cert EC2-CERT

The X.509 certificate to use when constructing requests to Amazon EC2.

Default: The value of the EC2_CERT environment variable.

Example: -C cert-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem

Output

The command returns a table that contains the following information for each network interface.

  • The NETWORKINTERFACE identifier

  • The ID of the network interface

  • The ID of the subnet

  • The ID of the VPC

  • The Availability Zone

  • A description

  • The ID of the account that created the network interface

  • The ID of the entity that launched the instance on your behalf

  • Whether the network interface is being managed by AWS

  • The status (available, attaching, in-use, detaching)

  • The MAC address

  • The private IP address

  • The private DNS name

  • Whether traffic to or from the instance is validated

  • The GROUP identifier

  • The ID of the security group

  • The name of the security group

  • The ATTACHMENT identifier

  • The ID of the instance

  • The ID of the attachment

  • The ASSOCIATION identifier

  • The Elastic IP address

  • The ID of the owner of the Elastic IP address

  • The ID of the account that created the network association

  • The ID of the association

  • The private IP address

  • The PRIVATEIPADDRESS identifier

  • The private IP address

Amazon EC2 command line tools display errors on stderr.

Examples

Example Request

This example lists all network interfaces that you own.

PROMPT> ec2-describe-network-interfaces 
NETWORKINTERFACE        eni-5e318a37            subnet-c53c87ac vpc-cc3c87a5
ap-southeast-1b 053230519467            false   in-use  02:81:60:c7:15:3d   10.0.0.79               true
GROUP   sg-084b5664     quick-start-4 
ATTACHMENT      i-5a0f6b0e      eni-attach-59bf7430     attached        true
PRIVATEIPADDRESS        10.0.0.79
PRIVATEIPADDRESS        10.0.0.183
PRIVATEIPADDRESS        10.0.0.184
NETWORKINTERFACE        eni-236dd74a    My ENI  subnet-c88a35a1 vpc-f28a359b
ap-southeast-1a 053230519467            false   available       02:78:d7:32:3f:ba       10.0.0.117              true 
GROUP   sg-854954e9     LinuxGroup
PRIVATEIPADDRESS        10.0.0.117
NETWORKINTERFACE        eni-69ce7500    Primary network interface       subnet-c
d8a35a4 vpc-f28a359b    ap-southeast-1b 053230519467            false   in-use
02:78:d7:18:ad:f0       10.0.1.152              true  GROUP   sg-dc4c51b0     quick-start-2
ATTACHMENT      i-e0841fb4      eni-attach-696ba300     attached        true
PRIVATEIPADDRESS        10.0.1.152
PRIVATEIPADDRESS        10.0.1.12
NETWORKINTERFACE        eni-f25de69b            subnet-c88a35a1 vpc-f28a359b
ap-southeast-1a 053230519467            false   in-use  02:78:d7:2d:16:5b
10.0.0.133              true

This example filters for a network interface with the private IP address of 10.0.0.26.

PROMPT> ec2-describe-network-interfaces --filter "addresses.private-ip-address=10.0.0.26"
NETWORKINTERFACE       eni-4cba0725            subnet-73ba071a vpc-6bba0702    ap-southeast-1b 013274050172            false   available       02:75:3f:8e:3a:d3       10.0.0.26               true 
GROUP   sg-8fb3a1e3     default  ASSOCIATION     203.0.113.12      013274050172            eipassoc-f008b799	10.0.0.26 
PRIVATEIPADDRESS        10.0.0.26

Related Topics

Download

Related Action

Document Conventions« PreviousNext »
Terms of UseDid this page help you?  Yes | No |  Tell us about it...