New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to use --associate-public-ip-address #1019

Closed
lutnos opened this Issue Nov 21, 2014 · 4 comments

Comments

Projects
None yet
4 participants
@lutnos

lutnos commented Nov 21, 2014

I am unable to run an instance within a VPC, with a security group and associate a public IP address in awe cli version 1.5.1 .

When I run:

aws ec2 run-instances --image-id ami-4e75c339 --count 1 --instance-type t2.micro --key-name WTI --security-groups sg-ba71f1df --subnet-id vpc-53677f31 --associate-public-ip-address

I see:

A client error (InvalidParameterCombination) occurred when calling the RunInstances operation: Network interfaces and an instance-level security groups may not be specified on the same request

This look very much like a regression of #479, #502 & #516

I have the same problem on version 1.5.1 and the current version 1.6.3

(As a workaround I have to instead do a run-instances without the --associate-public-ip-address, then do an allocate-address with --domain vpc and then an associate-address .)

@jamesls

This comment has been minimized.

Show comment
Hide comment
@jamesls

jamesls Nov 25, 2014

Member

I believe what's going on here is that we need to update our logic for --asociate-public-ip-address. As in #502, when a user specifies certain parameters along with --asociate-public-ip-address, we need to move parameters such as the --subnet-id over to the --network-interfaces option. It looks like there's a few other cases where we need to apply this same logic. In this specific issue it's the security-groups option. Another workaround is to just use the --network-interfaces argument directly until this logic has been implemented in the AWS CLI.

Member

jamesls commented Nov 25, 2014

I believe what's going on here is that we need to update our logic for --asociate-public-ip-address. As in #502, when a user specifies certain parameters along with --asociate-public-ip-address, we need to move parameters such as the --subnet-id over to the --network-interfaces option. It looks like there's a few other cases where we need to apply this same logic. In this specific issue it's the security-groups option. Another workaround is to just use the --network-interfaces argument directly until this logic has been implemented in the AWS CLI.

@lutnos

This comment has been minimized.

Show comment
Hide comment
@lutnos

lutnos Nov 25, 2014

Thanks Jmaes, I would use the --network-interfaces option, but documentation of it is sparce, can you recommend a good source?

When I tried with --network-interface I could not get it to accept a true or false for "Associate an EIP", also it looked as though if I used it I would have to specify an internal IP address explicitly - which would mean calculating a free one.

ATB

lutnos commented Nov 25, 2014

Thanks Jmaes, I would use the --network-interfaces option, but documentation of it is sparce, can you recommend a good source?

When I tried with --network-interface I could not get it to accept a true or false for "Associate an EIP", also it looked as though if I used it I would have to specify an internal IP address explicitly - which would mean calculating a free one.

ATB

@ewanleith

This comment has been minimized.

Show comment
Hide comment
@ewanleith

ewanleith Jan 27, 2015

This command works for me:

aws ec2 run-instances --image-id ami-f0b11187 --key-name your-ssh-key-name --instance-type t2.micro --network-interfaces '[ { "DeviceIndex": 0, "Groups": ["sg-123456"], "SubnetId": "subnet-123456", "DeleteOnTermination": true, "AssociatePublicIpAddress": true } ]'

you'll obviously need to change the sg- value and the subnet- value to your own, and that particular AMI is Ubuntu in eu-west-1

This command works for me:

aws ec2 run-instances --image-id ami-f0b11187 --key-name your-ssh-key-name --instance-type t2.micro --network-interfaces '[ { "DeviceIndex": 0, "Groups": ["sg-123456"], "SubnetId": "subnet-123456", "DeleteOnTermination": true, "AssociatePublicIpAddress": true } ]'

you'll obviously need to change the sg- value and the subnet- value to your own, and that particular AMI is Ubuntu in eu-west-1

@kyleknap

This comment has been minimized.

Show comment
Hide comment
@kyleknap

kyleknap Mar 24, 2016

Member

I did some work with fixing some issues related to this customization in this PR: #1874. The problem is that you are using the --security-groups parameter instead of --security-group-ids parameter which gets mapped properly. So run something like this:

$ aws ec2 run-instances --image-id ami-4e75c339 --count 1 --instance-type t2.micro --key-name WTI --security-group-ids sg-ba71f1df --subnet-id vpc-53677f31 --associate-public-ip-address

Unfortunately we can never map --security-groups to the network interfaces because it only supports security group ids. I do not think it is possible to implement this and thus, closing.

Member

kyleknap commented Mar 24, 2016

I did some work with fixing some issues related to this customization in this PR: #1874. The problem is that you are using the --security-groups parameter instead of --security-group-ids parameter which gets mapped properly. So run something like this:

$ aws ec2 run-instances --image-id ami-4e75c339 --count 1 --instance-type t2.micro --key-name WTI --security-group-ids sg-ba71f1df --subnet-id vpc-53677f31 --associate-public-ip-address

Unfortunately we can never map --security-groups to the network interfaces because it only supports security group ids. I do not think it is possible to implement this and thus, closing.

@kyleknap kyleknap closed this Mar 24, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment