As far as high availability goes, what is the difference between using an Elastic IP or an Elastic Network Interface to mask instance failure? Is the only difference because ENIs can be used for private instances and Elastic IPs can't?

I'm trying to explain the advantages of both, so if someone can help me with this, I would appreciate it!

To achieve High Availability, you need the ability to redirect traffic in the case of instance failure. There are several options:

1. Use an Elastic Load Balancer

This is the preferred way to provide High Availability.

Run multiple Amazon EC2 instances, preferably in different Availability Zones (AZs). Users connect to the ELB (via the supplied DNS name), which redirects traffic to the EC2 instances. If an instance fails, ELB notices this via regular Health Checks, and will only direct traffic to the healthy instances.

Auto Scaling can be used to create these multiple instances across multiple Availability Zones, and it can also update the Load Balancing service when it adds/removes instances.

2. Redirect an Elastic IP address

Run multiple instances (preferably across multiple Availability Zones). Point an Elastic IP address to the instance you desire. Users connect via the Elastic IP address and are directed to the instance. If the instance fails, reassociate the Elastic IP address to a different instance, which will then start receiving the traffic immediately.

This method is not recommended because only one instance is receiving all the traffic while the other instance(s) are sitting idle. It also requires a mechanism to detect failure and reassociate the Elastic IP (which you must do yourself).

3. Reassign an Elastic Network Interface (ENI)

All EC2 instances have a primary ENI. They can optionally have additional ENIs.

It is possible to direct traffic to a secondary ENI and then move that secondary ENI to another instance. This is similar to reassigning an Elastic IP address.

This method is not recommended for the same reason as reassociating an Elastic IP address (above), but also because an ENI can only be reassigned within the same AZ. It cannot be used to direct traffic to an EC2 instance in a different AZ.

Bottom line: Use an Elastic Load Balancer. It provides true High Availability and can do it automatically.

See documentation: What Is Elastic Load Balancing?

Just to answer the question that was asked.

Primary and Secondary instance disposition

Elastic IPs can be assigned to instances in public subnets only.
Elastic Network Interface can be reattached between instances in the same AZ and same VPC only. (The doc also states they should be in different subnets.)

Limits Number of Elastic IPs is by default limited with 5 instances per account per region.
Number of Elastic Network Interfaces is generally limited only by CIDR capacity of your VPC.