AWS CloudFormation
User Guide (Version )

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

AWS::EC2::NetworkInterface

Describes a network interface in an Elastic Compute Cloud (EC2) instance for AWS CloudFormation.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::EC2::NetworkInterface", "Properties" : { "Description" : String, "GroupSet" : [ String, ... ], "InterfaceType" : String, "Ipv6AddressCount" : Integer, "Ipv6Addresses" : InstanceIpv6Address, "PrivateIpAddress" : String, "PrivateIpAddresses" : [ PrivateIpAddressSpecification, ... ], "SecondaryPrivateIpAddressCount" : Integer, "SourceDestCheck" : Boolean, "SubnetId" : String, "Tags" : [ Tag, ... ] } }

YAML

Type: AWS::EC2::NetworkInterface Properties: Description: String GroupSet: - String InterfaceType: String Ipv6AddressCount: Integer Ipv6Addresses: InstanceIpv6Address PrivateIpAddress: String PrivateIpAddresses: - PrivateIpAddressSpecification SecondaryPrivateIpAddressCount: Integer SourceDestCheck: Boolean SubnetId: String Tags: - Tag

Properties

Description

A description for the network interface.

Required: No

Type: String

Update requires: No interruption

GroupSet

A list of security group IDs associated with this network interface.

Required: No

Type: List of String

Update requires: No interruption

InterfaceType

Indicates the type of network interface. To create an Elastic Fabric Adapter (EFA), specify efa. For more information, see Elastic Fabric Adapter in the Amazon Elastic Compute Cloud User Guide.

Required: No

Type: String

Allowed Values: efa

Update requires: Replacement

Ipv6AddressCount

The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the Ipv6Addresses property and don't specify this property.

Required: No

Type: Integer

Update requires: No interruption

Ipv6Addresses

One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet to associate with the network interface. If you're specifying a number of IPv6 addresses, use the Ipv6AddressCount property and don't specify this property.

Required: No

Type: InstanceIpv6Address

Update requires: No interruption

PrivateIpAddress

Assigns a single private IP address to the network interface, which is used as the primary private IP address. If you want to specify multiple private IP address, use the PrivateIpAddresses property.

Required: No

Type: String

Update requires: Replacement

PrivateIpAddresses

Assigns a list of private IP addresses to the network interface. You can specify a primary private IP address by setting the value of the Primary property to true in the PrivateIpAddressSpecification property. If you want EC2 to automatically assign private IP addresses, use the SecondaryPrivateIpAddressCount property and do not specify this property.

Required: No

Type: List of PrivateIpAddressSpecification

Update requires: Some interruptions

SecondaryPrivateIpAddressCount

The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using privateIpAddresses.

The number of IP addresses you can assign to a network interface varies by instance type. For more information, see IP Addresses Per ENI Per Instance Type in the Amazon Virtual Private Cloud User Guide.

Required: No

Type: Integer

Update requires: No interruption

SourceDestCheck

Indicates whether traffic to or from the instance is validated.

Required: No

Type: Boolean

Update requires: No interruption

SubnetId

The ID of the subnet to associate with the network interface.

Required: Yes

Type: String

Update requires: Replacement

Tags

An arbitrary set of tags (key–value pairs) for this network interface.

Required: No

Type: List of Tag

Update requires: No interruption

Return Values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource name.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

PrimaryPrivateIpAddress

Returns the primary private IP address of the network interface. For example, 10.0.0.192.

SecondaryPrivateIpAddresses

Returns the secondary private IP addresses of the network interface. For example, ["10.0.0.161", "10.0.0.162", "10.0.0.163"].

Examples

Tip

For more NetworkInterface template examples, see Elastic Network Interface (ENI) Template Snippets.

Simple Standalone ENI

This is a simple standalone Elastic Network Interface (ENI), using all of the available properties.

JSON

"myENI" : { "Type" : "AWS::EC2::NetworkInterface", "Properties" : { "Tags": [{"Key":"foo","Value":"bar"}], "Description": "A nice description.", "SourceDestCheck": "false", "GroupSet": ["sg-75zzz219"], "SubnetId": "subnet-3z648z53", "PrivateIpAddress": "10.0.0.16" } }

YAML

myENI: Type: AWS::EC2::NetworkInterface Properties: Tags: - Key: foo Value: bar Description: A nice description. SourceDestCheck: 'false' GroupSet: - sg-75zzz219 SubnetId: subnet-3z648z53 PrivateIpAddress: 10.0.0.16

ENI on an EC2 instance

This is an example of an ENI on an EC2 instance. In this example, one ENI is added to the instance. If you want to add more than one ENI, you can specify a list for the NetworkInterface property. However, you can specify multiple ENIs only if all the ENIs have just private IP addresses (no associated public IP address). If you have an ENI with a public IP address, specify it and then use the AWS::EC2::NetworkInterfaceAttachment resource to add additional ENIs.

JSON

"Ec2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]}, "KeyName" : { "Ref" : "KeyName" }, "SecurityGroupIds" : [{ "Ref" : "WebSecurityGroup" }], "SubnetId" : { "Ref" : "SubnetId" }, "NetworkInterfaces" : [ { "NetworkInterfaceId" : {"Ref" : "controlXface"}, "DeviceIndex" : "1" } ], "Tags" : [ {"Key" : "Role", "Value" : "Test Instance"}], "UserData" : { "Fn::Base64" : { "Ref" : "WebServerPort" }} } }

YAML

Ec2Instance: Type: AWS::EC2::Instance Properties: ImageId: Fn::FindInMap: - RegionMap - Ref: AWS::Region - AMI KeyName: Ref: KeyName SecurityGroupIds: - Ref: WebSecurityGroup SubnetId: Ref: SubnetId NetworkInterfaces: - NetworkInterfaceId: Ref: controlXface DeviceIndex: '1' Tags: - Key: Role Value: Test Instance UserData: Fn::Base64: Ref: WebServerPort

See Also