Creating an FNI

You can create a flexible network interface (FNI) in the subnet of a Virtual Private Cloud (VPC ).

You can then attach the FNI to an instance located in the same subnet, if the instance is in the same Availability Zone (AZ). For more information, see Attaching an FNI to an Instance.

You also need to associate security groups with appropriate rules with your FNIs to allow access to and from them. For more information, see About Security Groups.

Creating an FNI Using Cockpit

  1. Click Network/Security > Flexible Network Interfaces.

  2. Click Create .
    The CREATE FNI dialog box appears.

  3. Specify the following information:

    1. In the Name field, type a name for the FNI.

      This action adds a Name tag of 255 characters maximum. You can use any character, including accented letters.

    2. (optional) In the Description field, type a description for the FNI.

      This description can contain up to 255 Unicode characters.

    3. From the Subnet list, select the subnet in which you want to create the FNI.

    4. (optional) In the Private IP field, type the primary private IP for the FNI.

      • This IP must be within the IP range of the subnet that you specified in the previous step.

      • If you do not specify this field, a random private IP is selected within the IP range of the subnet.

    5. (optional) From the Security Groups list, select one or more security groups for the FNI.

      If you do not specify any security group, the default security group of the VPC is associated.

  4. Click Create to validate.
    The FNI is created and appears on the Flexible Network Interfaces page.

Creating an FNI Using AWS CLI

To create an FNI, use the create-network-interface command following this syntax:

Request sample
$ aws ec2 create-network-interface \
  --profile YOUR_PROFILE \
  --subnet-id subnet-12345678 \
  --description my-FNI \
  --private-ip-address 10.0.0.4 \
  --groups sg-12345678 \
  --endpoint https://fcu.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • subnet-id: The ID of the subnet in which you want to create the FNI.

  • (optional) description: A description for the FNI.

    This description can contain any Unicode character, with no length limit.

  • (optional) private-ip-address: The primary private IP for the FNI.

    • This IP must be within the IP range of the subnet that you specified with the subnet-id attribute.

    • If you do not specify this attribute, a random private IP is selected within the IP range of the subnet.

  • (optional) groups: One or more IDs of security groups for the FNI.

    If you do not specify any security group, the default security group of the VPC is associated.

  • endpoint: The endpoint corresponding to the Region you want to send the request to.

The create-network-interface command returns the following elements:

  • NetworkInterface: Information about the newly created FNI. This element contains the following information:

    • AvailabilityZone: The AZ where the FNI is. For more information, see Regions, Endpoints and Availability Zones Reference.

    • Description: The description of the FNI.

    • Groups: Information about one or more security groups associated with the FNI. This element contains the following information:

      • GroupName: The name of the security group.

      • GroupId: The ID of the security group.

    • MacAddress: The Media Access Control (MAC) address of the FNI.

    • NetworkInterfaceId: The ID of the FNI.

    • OwnerId: The account ID of the owner of the FNI.

    • PrivateDnsName: The private DNS name associated with the primary private IP.

    • PrivateIpAddress: The primary private IP of the FNI.

    • PrivateIpAddresses: Information about the primary and secondary private IPs of the FNI. This element contains the following information:

      • Primary: If true, the private IP is the primary one. If false, it is a secondary private IP.

      • PrivateDnsName: The private DNS name associated with the private IP.

      • PrivateIpAddress: The private IP.

    • SourceDestCheck: If true, the traffic to or from the instance is validated. If false, it is not.

    • Status: The state of the FNI. For more information, see About FNIs > FNIs Attachment to Instances.

    • SubnetId: The ID of the subnet where the FNI is located.

    • TagSet: One or more tags associated with the FNI.

    • VpcId: The ID of the VPC where the FNI is located.

Result sample
 {
    "NetworkInterface": {
    "AvailabilityZone": "eu-west-2a",
        "Description": "my-FNI",
        "Groups": [
            {
                "GroupName": "SG1",
                "GroupId": "sg-12345678"
            }
        ],
        "MacAddress": "02:1A:80:41:52:9C",
        "NetworkInterfaceId": "eni-12345678",
        "OwnerId": "123456789000",
        "PrivateDnsName"; "ip-10-0-0-4.eu-west-2.compute.internal",
        "PrivateIpAddress": "10.0.0.4",
        "PrivateIpAddresses": [
            {
        "Primary": true,
                "PrivateDnsName": "ip-10-0-0-4.eu-west-2.compute.internal",
                "PrivateIpAddress": "10.0.0.4"
            }
        ],
        "SourceDestCheck": true,
        "Status": "available",
        "SubnetId": "subnet-12345678",
        "TagSet": [],
    "VpcId": "vpc-87654321"
    }
}

The FNI is created.

Related Pages

Corresponding API Method

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.