- 최신
- 최다 투표
- 가장 많은 댓글
Hello.
Usually that error can occur if you don't have enough privileges to associate an Elastic IP.
Please make sure that the IAM policy described in the following document is attached to the IAM user you are using.
https://repost.aws/knowledge-center/ec2-troubleshoot-elastic-ip-addresses
Another question, in order to convert a public subnet to a private subnet, do we only need to remove the Internet gateways from Route tables? Thanks in advance.
Yes, to make it a private subnet you need to remove the route to the internet gateway from your route table.
Are you sure the network interface you try to attach EIP to, is from your instances you control, or could it be deployled by some AWS managed services like EFS that provision interfaces into your VPC but you still can not modify those.
The network interface is from my ECS task which is provisioned by terraform. The issue is that its subnets are public so the ECS task has it owns public IP. Now I would like to associate the network interface with an Elastic IP address I created. But unfortunately, I got that error.
I think ENIs you are trying to modify are ones created by ECS. And therefore you can not modify them.
See https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking-awsvpc.html
These ENIs are visible in the Amazon EC2 console for your account, but they can't be detached manually or modified by your account. This is to prevent accidental deletion of an ENI that is associated with a running task.
관련 콘텐츠
AWS 공식업데이트됨 일 년 전
Thank you for your help. I tried to add the following policy to my user but it does not still work: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ec2:AllocateAddress", "ec2:AssociateAddress" ], "Resource": "*" } ] }
Any suggestion on this?
Which resource is the ENI you are trying to configure Elastic IP associated with? As @Kallu says, if your account is an unmanaged ENI, the configuration may fail.