How can I terminate my Amazon EC2 instance but retain the primary network interface?

Short description

The primary network interface is assigned to network card index 0. When an EC2 instance is in the running or stopped state, you can't detach the primary network interface from the instance. Instead, deactivate the Delete on instace termination option for the primary network interface, and then delete the instance. 

Note: You can attach or detach the secondary network interface when the instance is running or stopped.

Resolution

Identify the primary network interface

To identify the primary network interface, complete the following steps:

1. Open the Amazon EC2 console.
2. In the navigation pane, choose Network Interfaces.
3. Select the network interface that you want to review, and then choose Details.
4. Under Network interface attachment, review the network card index. If the network card index is 0, then this network interface is the primary one.

For more information, see Network cards.

Terminate your instance but retain the primary network interface

When you terminate an instance the primary network interface is also deleted by default. So to terminate your instance but retain the primary network interface, you must deactivate the Delete on instace termination option for the primary network interface:

1. Open the Amazon EC2 console.
2. In the navigation pane, choose Instances, and then select the instance that you want to terminate.
3. In the Networking tab, choose the primary network interface.
4. Choose Actions, and then choose Change termination behavior.
5. Clear Delete on instance termination.
6. (Optional) Enter a name for the network interface for reference.
7. Terminate the instance.
   Note: After the instance is terminated, you can't access the instance again. If required, back up the instance before you terminate it.

After you terminate the instance, the primary network interface isn't deleted. You can use this network interface in the same configuration to launch a new instance. The primary network interface keeps its configuration, such as its private IP address, virtual private cloud (VPC), subnets, and security groups. If the primary network interface has a public IP address, then the IP address is released when you terminate the instance.

Make the network interface the primary network interface for a new instance

To use the network interface from your terminated instance as a primary network interface for a new instance, complete the following steps:

1. Open the Amazon EC2 console.
2. In the navigation pane, choose Instances, and then choose Launch instances.
3. Under Names and tags, for Name, enter a name for your instance.
4. Under Application and OS Images (Amazon Machine Image), find the AMI that you want to use to launch a new instance.
5. Under Instance type, choose your instance type.
6. Under Key pair (login), for Key pair name, select a key pair or create a new one.
7. Under Network settings, choose Edit.
8. Choose the VPC and Subnet IDs that your network interface is located in.
9. For Auto-assign public IP, choose Disable.
   Note: You can set the Enable option only for new network interface. If the primary network interface had a public IP address, then the public IP address is assigned to the instance after instance launch.
10. For Firewall (security groups), choose Select existing security group. Don't specify a security group for Common security groups. The existing ENI uses the previously attached security group by default.
11. Expand Advanced configuration, and then under Network interface, search for the network interface that you want to use.
12. For a Windows AMI, the default storage setting is 30 GB/GP3 for instance launch. You can change settings, such as volume size and type, based on your requirements.
13. Under Summary, choose Launch instance.

Related information

Best practices for configuring network interfaces

Elastic network interfaces