AWS::EC2::EIPAssociation - AWS CloudFormation
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

AWS::EC2::EIPAssociation

将弹性 IP 地址与实例或网络接口关联起来。您必须将弹性 IP 地址分配给您的账户,然后才能使用该地址。

弹性 IP 地址适用于 EC2-Classic 平台或 VPC。有关更多信息,请参阅 Amazon Elastic Compute Cloud 用户指南 中的弹性 IP 地址

[EC2-Classic、仅限 EC2-VPC 的账户中的 VPC] 如果弹性 IP 地址已与不同实例相关联,则会与该实例取消关联,并与指定实例关联。如果您将弹性 IP 地址与具有现有弹性 IP 地址的实例关联,现有地址会与该实例取消关联,但仍会分配给您的账户。

[EC2-Classic 账户中的 VPC] 如果未指定私有 IP 地址,弹性 IP 地址将与主 IP 地址关联。如果弹性 IP 地址已与另一个实例或网络接口关联,除非您允许重新关联,否则会收到错误消息。您无法将弹性 IP 地址与具有现有弹性 IP 地址的实例或网络接口进行关联。

语法

要在 AWS CloudFormation 模板中声明此实体,请使用以下语法:

JSON

{ "Type" : "AWS::EC2::EIPAssociation", "Properties" : { "AllocationId" : String, "EIP" : String, "InstanceId" : String, "NetworkInterfaceId" : String, "PrivateIpAddress" : String } }

YAML

Type: AWS::EC2::EIPAssociation Properties: AllocationId: String EIP: String InstanceId: String NetworkInterfaceId: String PrivateIpAddress: String

属性

AllocationId

[EC2-VPC] 分配 ID。对于 EC2-VPC 为必填。

必需:条件

类型:字符串

Update requires: Some interruptions

EIP

要与实例关联的弹性 IP 地址。对于 EC2-Classic 为必填。

必需:条件

类型:字符串

Update requires: Some interruptions

InstanceId

实例的 ID。对于 EC2-Classic 为必填。对于 EC2-VPC,您可以指定实例 ID 或网络接口 ID,但不能同时指定二者。如果您指定实例 ID,除非已连接一个网络接口,否则此操作将失败。

必需:条件

类型:字符串

Update requires: Some interruptions

NetworkInterfaceId

[EC2-VPC] 网络接口的 ID。如果实例有多个网络接口,您必须指定一个网络接口 ID。

对于 EC2-VPC,您可以指定实例 ID 或网络接口 ID,但不能同时指定二者。

必需:条件

类型:字符串

Update requires: Some interruptions

PrivateIpAddress

[EC2-VPC] 弹性 IP 地址关联的主要或次要私有 IP 地址。如果没有指定私有 IP 地址,弹性 IP 地址将与主要私有 IP 地址关联。

必需:否

类型:字符串

Update requires: No interruption

返回值

Ref

在将此资源的逻辑 ID 传递给内部 Ref 函数时,Ref 返回 资源名称。

For more information about using the Ref function, see Ref.

示例

将弹性 IP 地址与实例关联

以下示例创建一个带两个弹性网络接口 (ENI) 的实例。此示例假设您已有一个 VPC。

有关其他示例,请参阅使用 AWS::EC2::EIP 代码段分配 Amazon EC2 弹性 IP

JSON

"Resources" : { "ControlPortAddress" : { "Type" : "AWS::EC2::EIP", "Properties" : { "Domain" : "vpc" } }, "AssociateControlPort" : { "Type" : "AWS::EC2::EIPAssociation", "Properties" : { "AllocationId" : { "Fn::GetAtt" : [ "ControlPortAddress", "AllocationId" ]}, "NetworkInterfaceId" : { "Ref" : "controlXface" } } }, "WebPortAddress" : { "Type" : "AWS::EC2::EIP", "Properties" : { "Domain" : "vpc" } }, "AssociateWebPort" : { "Type" : "AWS::EC2::EIPAssociation", "Properties" : { "AllocationId" : { "Fn::GetAtt" : [ "WebPortAddress", "AllocationId" ]}, "NetworkInterfaceId" : { "Ref" : "webXface" } } }, "SSHSecurityGroup" : { "Type" : "AWS::EC2::SecurityGroup", "Properties" : { "VpcId" : { "Ref" : "VpcId" }, "GroupDescription" : "Enable SSH access via port 22", "SecurityGroupIngress" : [ { "IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0" } ] } }, "WebSecurityGroup" : { "Type" : "AWS::EC2::SecurityGroup", "Properties" : { "VpcId" : { "Ref" : "VpcId" }, "GroupDescription" : "Enable HTTP access via user defined port", "SecurityGroupIngress" : [ { "IpProtocol" : "tcp", "FromPort" : 80, "ToPort" : 80, "CidrIp" : "0.0.0.0/0" } ] } }, "controlXface" : { "Type" : "AWS::EC2::NetworkInterface", "Properties" : { "SubnetId" : { "Ref" : "SubnetId" }, "Description" :"Interface for control traffic such as SSH", "GroupSet" : [ {"Ref" : "SSHSecurityGroup"} ], "SourceDestCheck" : "true", "Tags" : [ {"Key" : "Network", "Value" : "Control"}] } }, "webXface" : { "Type" : "AWS::EC2::NetworkInterface", "Properties" : { "SubnetId" : { "Ref" : "SubnetId" }, "Description" :"Interface for web traffic", "GroupSet" : [ {"Ref" : "WebSecurityGroup"} ], "SourceDestCheck" : "true", "Tags" : [ {"Key" : "Network", "Value" : "Web"}] } }, "Ec2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]}, "KeyName" : { "Ref" : "KeyName" }, "NetworkInterfaces" : [ { "NetworkInterfaceId" : {"Ref" : "controlXface"}, "DeviceIndex" : "0" }, { "NetworkInterfaceId" : {"Ref" : "webXface"}, "DeviceIndex" : "1" }], "Tags" : [ {"Key" : "Role", "Value" : "Test Instance"}], "UserData" : {"Fn::Base64" : { "Fn::Join" : ["",["#!/bin/bash -ex","\n", "\n","yum install ec2-net-utils -y","\n", "ec2ifup eth1","\n", "service httpd start"]]}} } } }

YAML

Resources: ControlPortAddress: Type: AWS::EC2::EIP Properties: Domain: vpc AssociateControlPort: Type: AWS::EC2::EIPAssociation Properties: AllocationId: !GetAtt ControlPortAddress.AllocationId NetworkInterfaceId: !Ref controlXface WebPortAddress: Type: AWS::EC2::EIP Properties: Domain: vpc AssociateWebPort: Type: AWS::EC2::EIPAssociation Properties: AllocationId: !GetAtt WebPortAddress.AllocationId NetworkInterfaceId: !Ref webXface SSHSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !Ref VpcId GroupDescription: Enable SSH access via port 22 SecurityGroupIngress: - CidrIp: 0.0.0.0/0 FromPort: 22 IpProtocol: tcp ToPort: 22 WebSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !Ref VpcId GroupDescription: Enable HTTP access via user defined port SecurityGroupIngress: - CidrIp: 0.0.0.0/0 FromPort: 80 IpProtocol: tcp ToPort: 80 controlXface: Type: AWS::EC2::NetworkInterface Properties: SubnetId: !Ref SubnetId Description: Interface for controlling traffic such as SSH GroupSet: - !Ref SSHSecurityGroup SourceDestCheck: true Tags: - Key: Network Value: Control webXface: Type: AWS::EC2::NetworkInterface Properties: SubnetId: !Ref SubnetId Description: Interface for controlling traffic such as SSH GroupSet: - !Ref WebSecurityGroup SourceDestCheck: true Tags: - Key: Network Value: Web Ec2Instance: Type: AWS::EC2::Instance Properties: ImageId: !FindInMap [ RegionMap, !Ref 'AWS::Region', AMI ] KeyName: !Ref KeyName NetworkInterfaces: - NetworkInterfaceId: !Ref controlXface DeviceIndex: 0 - NetworkInterfaceId: !Ref webXface DeviceIndex: 1 Tags: - Key: Role Value: Test Instance UserData: Fn::Base64: !Sub | #!/bin/bash -xe yum install ec2-net-utils -y ec2ifup eth1 service httpd start