How can I change or retain my private IP or public IP address when I do an Amazon EC2 restore in AWS Backup?

Short description

When you launch an EC2 instance, a private IP address is assigned. A public IP address is also automatically assigned to the instance from the EC2-Classic public IPv4 address pool. Use the Amazon EC2 console or AWS Command Line Interface (AWS CLI) to retain or change the original IP address on a restored Amazon EC2 instance.

Note:

• The auto-assigned public IP address that's associated with the instance changes every time the instance is stopped and started.
• When an EC2 instance is restored, the private IP address is assigned from the subnet.
• A newly restored instance doesn't retain the original public IP address. However, you can modify the metadata to use the original IP address.
• An Elastic IP address is a static IP address that can associate or disassociate from the instance. It can't change or move to the EC2-Classic public IPv4 address pool.

Resolution

Use the Amazon EC2 console to reassociate your Elastic IP address to the restored EC2 instance

To reassociate the original Elastic IP address to the restored instance, you must associate an Elastic IP address with the instance. The Elastic IP address is then maintained after you stop and start your instance.

Use the AWS CLI to reassociate your Elastic IP address to the restored EC2 instance

Run the following associate-address AWS CLI command:

aws ec2 associate-address --instance-id i-07ffe74c7330ebf53 --public-ip 190.200.300.20

Note: If you receive errors when running AWS CLI commands, make sure that you're using the most recent AWS CLI version.

Retain a private IP address to the restored EC2 instance

To retain a private IP address before or during the restore, change the primary private IP address in the metadata output.

Complete the following steps:

1.    Run the get-recovery-point-restore-metadata AWS CLI command:

aws backup get-recovery-point-restore-metadata --backup-vault-name Default --recovery-point-arn arn:aws:ec2:us-east-1::image/ami-045669a87ca794507

You receive a metadata output similar to the following one:

{  
    "BackupVaultArn": "arn:aws:backup:us-east-1:111111111111:backup-vault:Default",  
    "RecoveryPointArn": "arn:aws:ec2:us-east-1::image/ami-045669a87ca794507",  
    "RestoreMetadata": {  
        "CapacityReservationSpecification": "{\"CapacityReservationPreference\":\"open\"}",  
        "CpuOptions": "{\"CoreCount\":1,\"ThreadsPerCore\":1}",  
        "CreditSpecification": "{\"CpuCredits\":\"standard\"}",  
        "DisableApiTermination": "false",  
        "EbsOptimized": "false",  
        "HibernationOptions": "{\"Configured\":false}",  
        "InstanceInitiatedShutdownBehavior": "stop",  
        "InstanceType": "t2.micro",  
        "Monitoring": "{\"State\":\"disabled\"}",  
        "NetworkInterfaces": "[{\"AssociatePublicIpAddress\":true,\"DeleteOnTermination\":true,\"Description\":\"\",\"DeviceIndex\":0,\"Groups\":[\"sg-0e6949a90d7d9ccce\"],\"Ipv6AddressCount\":0,\"Ipv6Addresses\":[],\"NetworkInterfaceId\":\"eni-08e89a5a35a5495fe\",\"PrivateIpAddress\":\"172.31.20.192\",\"PrivateIpAddresses\":[{\"Primary\":true,\"PrivateIpAddress\":\"172.31.20.192\"}],\"SecondaryPrivateIpAddressCount\":0,\"SubnetId\":\"subnet-7c4b4e31\",\"InterfaceType\":\"interface\",\"Ipv4Prefixes\":[],\"Ipv6Prefixes\":[]}]",  
        "Placement": "{\"AvailabilityZone\":\"us-east-1b\",\"GroupName\":\"\",\"Tenancy\":\"default\"}",  
        "RequireIMDSv2": "true",  
        "SecurityGroupIds": "[\"sg-0e6949a90d7d9ccce\"]",  
        "SubnetId": "subnet-7c4b4e31",  
        "VpcId": "vpc-555bdd28",  
        "aws:backup:request-id": "caf1f9d4-e26b-4685-87ce-20c96c99c79c"  
    }  
}

2.    Edit the metadata output to retain the original PrivateIpaddress, or change the Primary PrivateIpaddress to a different PrivateIpaddress in the NetworkInterfaces metadata field. The following example output is edited to retain the original PrivateIpaddress:

{  
    "VpcId": "vpc-555bdd28",  
    "Monitoring": "{\"State\":\"disabled\"}",  
    "CapacityReservationSpecification": "{\"CapacityReservationPreference\":\"open\"}",  
    "InstanceInitiatedShutdownBehavior": "stop",  
    "DisableApiTermination": "false",  
    "KeyName": "Testkey",  
    "CreditSpecification": "{\"CpuCredits\":\"standard\"}",  
    "HibernationOptions": "{\"Configured\":false}",  
    "EbsOptimized": "false",  
    "Placement": "{\"AvailabilityZone\":\"us-east-1b\",\"GroupName\":\"\",\"Tenancy\":\"default\"}",  
    "aws:backup:request-id": "caf1f9d4-e26b-4685-87ce-20c96c99c79c",  
    "InstanceType": "t2.micro",  
    "NetworkInterfaces": "[{\"DeleteOnTermination\":true,\"Description\":\"Primary network interface\",\"DeviceIndex\":0,\"Groups\":[\"sg-0e6949a90d7d9ccce\"],\"Ipv6AddressCount\":0,\"Ipv6Addresses\":[],\"PrivateIpAddresses\":[{\"Primary\":true,\"PrivateIpAddress\":\"172.31.20.192\"}],\"SecondaryPrivateIpAddressCount\":1,\"SubnetId\":\"subnet-7c4b4e31\",\"InterfaceType\":\"interface\"}]"  
}

3.    Save the edited metadata as a .json file. Then, run the following start-restore-job AWS CLI command pointing to the edited metadata file to restore the instance with the private IP address:

aws backup start-restore-job --region us-east-1 --recovery-point-arn "arn:aws:ec2:us-east-1::image/ami-045669a87ca794507" --iam-role-arn "arn:aws:iam::111111111111:role/service-role/AWSBackupDefaultServiceRole"  --metadata file://path_to_json_file

Related information

Restoring an Amazon EC2 instance

Amazon EC2 instance IP addressing