Elastic IP address on EC2 instance interface without 1:1 NAT

Is there a way to assign the public elastic IP address directly to the eth0 interface?

No, there is not. Internet traffic to/from EC2 instances always traverse the Elastic IP 1:1 NAT infrastructure.

If not, does anyone know a work around to using Vyatta in a VPC configured with an ipsec VPN?

I have all manner of IPsec operating in VPC (including IPSec tunnels that cross NAT boundaries) without issue. Why do you think you need to have the public address directly assigned to the host? That is not a requirement from IPsec's perspective.


As EEAA mentioned, you can't actually assign the elastic IP to an interface on your instance. That's not how EC2 publicly-routed IPs work.

I'm not sure how much it will help you, but if you do want to know the IP programatically, you can query it from the metadata "API":

curl -s http://169.254.169.254/latest/meta-data/public-ipv4

If an elastic IP is assigned to the instance, that will print it to standard out.