4

I have an existing stack that created an auto-scale group that uses a Launch Configuration. I am now trying to switch this stack so the auto-scale group will use a Launch Template instead of Launch Configuration, but the update is giving this error:

Incompatible launch template: The network interface's device index must be zero. (Service: AmazonAutoScaling; Status Code: 400; Error Code: InvalidQueryParameter; Request ID: 97bdf4cf-5c90-4035-v234-806367461438; Proxy: null)'

The launch configuration defined in the current CloudFormation template sets AssociatePublicIpAddress: true and the instance created by this template has a public IP. The launch template in the CloudFormation template I am trying to use for the update specifies AssociatePublicIpAddress: true under NetworkNetworkInterfaces.

What does this error mean and how do I fix it?

Relevant parts of template:

  LaunchTemplate:
    Type: AWS::EC2::LaunchTemplate
    Properties:
      LaunchTemplateName: my-launch-template
      LaunchTemplateData:
        EbsOptimized: false
        IamInstanceProfile:
          Arn: !GetAtt MyInstanceProfile.Arn
        ImageId: !FindInMap [RegionMap, !Ref "AWS::Region", AMI]
        InstanceType: !Ref InstanceType
        KeyName: !Ref KeyName
        NetworkInterfaces:
          - AssociatePublicIpAddress: true
Shawn
  • 8,374
  • 5
  • 37
  • 60
  • 1
    Can you show your template, or its relevant parts? – Marcin Sep 28 '20 at 22:41
  • Do you need to explicitly setup `NetworkInterfaces`? If you just remove it, your instance will get public IP anyway if it is launched in a public subnet. – Marcin Sep 28 '20 at 23:17

1 Answers1

1

If you want to explicitly set NetworkInterfaces, then it should be:

  LaunchTemplate:
    Type: AWS::EC2::LaunchTemplate
    Properties:
      LaunchTemplateName: my-launch-template
      LaunchTemplateData:
        EbsOptimized: false
        IamInstanceProfile:
          Arn: !GetAtt MyInstanceProfile.Arn
        ImageId: !FindInMap [RegionMap, !Ref "AWS::Region", AMI]
        InstanceType: !Ref InstanceType
        KeyName: !Ref KeyName
        NetworkInterfaces:
          - DeviceIndex: 0 
            AssociatePublicIpAddress: true
            Groups: [<security-group-id>]
Efren
  • 4,003
  • 4
  • 33
  • 75
Marcin
  • 215,873
  • 14
  • 235
  • 294
  • There must still be something going on I don't understand. I tried it like this, but then it gave this error: "Incompatible launch template: Auto Scaling does not support multiple network interfaces." I don't see where it is specifying multiple network interfaces. – Shawn Sep 29 '20 at 12:58
  • @Shawn Can you post the updated version of your template in the question? Nothing else that what I've posted should be required. – Marcin Sep 29 '20 at 22:28
  • 1
    I think the subsequent error was unrelated (I had to change TerminationPolicies: [ OldestLaunchConfiguration ] to be TerminationPolicies: [ OldestLaunchTemplate ] in my auto-scale group). Ultimately by adding DeviceIndex: 0 it worked for me. – Shawn Oct 01 '20 at 16:01
  • Trying to use this same config, but to force disabling public IP in public subnet, got "Invalid launch template: When a network interface is provided, the security groups must be a part of it." Although I can apparently create it through the UI. Is CFN template missing something? – Efren Apr 21 '23 at 04:45
  • 1
    @Efren Please make new question for your issue with relevant code and errors. – Marcin Apr 21 '23 at 04:46
  • Posted: https://stackoverflow.com/q/76070025/1736679 – Efren Apr 21 '23 at 05:01