Error: Failure to assign Secondary Private IPs

│ Error: Failure to assign Secondary Private IPs: operation error EC2: AssignPrivateIpAddresses, https response error StatusCode: 400, RequestID: fa4def12–5db2–4a66-b956–34c51abe89e0, api error InvalidParameterValue: [100.***.xx.xx] assigned, but move is not allowed.

The above error comes when you are trying to hard code a secondary private ip, for example, to your EC2 instance which is already used by some other resource .

Solution:

Go to ec2 dashboard -> Network & Security -> Network Interfaces and search in the search bar for an ip that is available.

Get the subnet id where your ec2 is residing and fow which you need to provision a secondary ip and find out the last 10 or 20 ips for that subnet cidr block and check the availability and if that is not used then only provide it as an input in your terraform code and that should work.

You can also use a script to check the free ips:

#!/bin/bash

# Function to check if an IP is in use
export AWS_REGION="eu-central-1" #AS an example region is provided as Frankfurt
export AWS_PROFILE="__AWS_PROFILE__"
check_ip_aws() {
  local ip=$1
  local vpc_id="vpc-09876684e18dea11234"  # Hardcoded VPC ID

  # Query AWS EC2 for ENIs in the specified VPC and search for the given IP
  result=$(aws ec2 describe-network-interfaces \
    --filters "Name=vpc-id,Values=$vpc_id" \
    --query "NetworkInterfaces[*].PrivateIpAddresses[*].PrivateIpAddress" \
    --output text)

  # Check if the IP is in the list of IPs returned by the AWS CLI
  if echo "$result" | grep -w "$ip" > /dev/null; then
    echo "IP address $ip is in use."
  else
    echo "IP address $ip is available."
  fi
}

# Read input IP from the user
read -p "Enter the IP address to check: " ip_address

# Call the function to check IP availability in the hardcoded VPC
check_ip_aws "$ip_address"