AWS Cloudformation: Conditionally create properties of resources

Perhaps I am misunderstanding but this sounds like a parameter use case rather than a condition use case. I say that because you do not say under what conditions you would like a public ip. Just "sometimes for debugging purposes" How would the template know that you are debugging? You have to tell it with a parameter.

check out the docs https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html

So you could have a public ip parameter and a subnet id parameter and pass in what you like at stack creation.

One way that conditions could be useful is to create a debug parameter that would toggle public/private ip and subnet. Is this what you were thinking of?

To use conditions on properties use the IF function

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-conditions.html

I suggest setting your public subnet to provide a public ip on launch, and of course ensuring your private subnet does not do that. Then just pass the subnet in as a parameter.

https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html#subnet-public-ip

This might be a little late, but I recently had a same question.

From AWS docs, you can use Fn::If to set properties accordingly.

The template will look like:

Properties:
  ImageId: !FindInMap [ MyAamiMap, 'myami', amiid ]
  InstanceType: "t2.2xlarge"
  # SubnetId: !Ref SBNDemo1
  # SecurityGroupIds: [!Ref SGInternalDemo]
  NetworkInterfaces:
    !If
    - YourCondition
    - 
      AssociatePublicIpAddress: "true"
      DeviceIndex: "0"
      GroupSet:
        - Ref: "SGInternalDemo"
      SubnetId:
        Ref: "SBNDemo1"
    - !Ref "AWS::NoValue"

AWS::NoValue means there will be no NetworkInterfaces properties set.