Can't associate elastic ip to network interface of public subnet

0

Logged in as root user. EC2 > Network Interfaces > Associate Elastic IP address

I select the elastic IPv4 (3.x.x.x) that is not yet in use (just allocated) and a private IPv4 (10.x.x.x) from a public subnet of a VPC created by the VPC Wizard, I even allow reassociation, but I get the error "You do not have permission to access the specified resource.".

  • Hello, I encounter the same behavior.

    I explain my context : I deployed an sFTP instance (AWS Transfer Family) and I configured this one to use the VPC integration (endpoint) to allow to have a private ip address. Through my private network I connect well to the private ip of the sFTP server. Now I need to allow to connect to this sFTP server through a public access. So I created an elastic ip and I want to associate this one to the network interface (attached to the VPC endpoint) of the sFTP server.

    But the association not work, I encounter the error "An error occurred (AuthFailure) when calling the AssociateAddress operation: You do not have permission to access the specified resource".

    I tried with the aws cli command and through the AWS console and I have the same error / behaviour.

    If anyone has encountered the same thing and fixed this one, I would be really interested !

  • My problem came from the configuration of my sFTP Transfer Family instance, I encountered this error because the association between my elastic ip and the network interface must be do at the moment when we change on the sFTP server (AWS Transfer Family) the access from "Internal" to "Internet Facing". At this time you can link the elastic ip to the subnet id.

wp
asked 2 years ago1144 views
1 Answer
0

That sounds like an IAM permission error: You don't have the appropriate permissions to do that - check what permissions have been assigned to you via roles, groups or directly to you as a user.

profile pictureAWS
EXPERT
answered 2 years ago
  • I'm logged in as root user.

  • If you're operating in a complex environment where the VPC is shared with you (or you're sharing it with another account) and the EC2 instances isn't in the same account then that's something you might trip across. If you're in a "simple" environment then this is a good time to create a support case as they can look at the resources for you and determine why the association is failing.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions