Portable network interfaces for authentication and license enforcement

What is claimed is: 1. A system, comprising: one or more computers configured to implement: a plurality of resource instances, including a producer resource instance configured to implement at least a portion of a network-accessible service; and an authentication coordinator; wherein the authentication coordinator is configured to: assign an interface record to the network-accessible service, wherein the interface record comprises one or more Internet Protocol (IP) addresses and a set of security properties that control authorization of a client to request attachment of the interface record to a consumer resource instance, and wherein attachment of the interface record to the consumer resource instance enables the consumer resource instance to transmit network messages from the one or more IP addresses of the interface record; and configure one or more security properties of the set to allow a client to request an attachment of the interface record to a consumer resource instance distinct from said producer resource instance, wherein after the attachment is completed, the consumer resource instance is enabled to transmit network messages from the one or more IP addresses of the interface record using one or more physical network interfaces of the consumer resource instance; and wherein the producer resource instance is configured to: subsequent to receipt of a network message from the consumer resource instance, initiate one or more authentication operations associated with the network-accessible service implemented by the producer resource instance, wherein an authentication operation includes use of an IP address of the message sender for the authentication operation, and wherein the IP address of the message sender is an IP address of the one or more IP addresses of the interface record. 2. The system as recited in claim 1 , wherein the consumer resource instance is a consumer of the network-accessible service, and wherein the one or more authentication operations comprise validating that a request for the network-accessible service was transmitted from an IP address of an interface record assigned to the network-accessible service. 3. The system as recited in claim 1 , wherein the interface record comprises an indication of a license for the network-accessible service, and wherein an authentication operation of the one or more authentication operations comprises verifying a validity of the license. 4. The system as recited in claim 1 , further comprising a billing coordinator configured to determine a billing amount to be charged to the client for the network-accessible service, wherein the billing amount is based at least in part on an amount of time the interface record is attached to the consumer resource instance. 5. The system as recited in claim 1 , wherein, as a result of a configuration of the one or more security properties, the client is allowed to request (a) a detachment of the interface record from the consumer resource instance and (b) an attachment of the interface record to another resource instance, and wherein, after the attachment of the interface record to the other resource instance, the other resource instance is enabled to transmit network messages associated with the network-accessible service from the one or more IP addresses using one or more physical network interfaces of the other resource instance. 6. The system as recited in claim 1 , wherein the authentication coordinator is further configured to: assign another interface record to another network-accessible service; and configure one or more security properties of the other interface record to allow another client to request an attachment of the other interface record to another resource instance of the plurality of resource instances, wherein the other resource instance is another producer resource instance configured to implement at least a portion of the other network-accessible service, wherein one or more authentication operations associated with the other network-accessible service comprise a transmission of a service continuation request from the other producer resource instance to the authentication coordinator requesting the authentication coordinator to determine whether the other producer resource instance is to continue providing the other network-accessible service, and wherein the authentication coordinator is configured to determine that the other producer resource instance is to continue providing the other network-accessible service based at least in part on validating that the service continuation request was transmitted from an IP address of an interface record assigned to the other network-accessible service. 7. A method, comprising: performing, by one or more computers: assigning an interface record to a network-accessible service, wherein the interface record comprises one or more Internet Protocol (IP) addresses and a set of security properties that control authorization of a client to request attachment of the interface record to a consumer resource instance, and wherein attachment of the interface record to the consumer resource instance enables the consumer resource instance to transmit network messages from the one or more IP addresses of the interface record; configuring one or more security properties of the set to allow a client to request an attachment of the interface record to a selected resource instance that is a consumer resource instance, wherein after the attachment is completed, the selected consumer resource instance is enabled to transmit network messages from the one or more IP addresses of the interface record using one or more physical network interfaces of the selected consumer resource instance; and initiating one or more authentication operations associated with the network-accessible service based on a use of the interface record assigned to the service, including using an IP address of the one or more IP addresses of the interface record for the authentication operation. 8. The method as recited in claim 7 , wherein the one or more authentication operations comprise validating that a request for the network-accessible service was transmitted from an IP address of an interface record assigned to the network-accessible service. 9. The method as recited in claim 7 , further comprising: determining a billing amount to be charged to the client for the network-accessible service based at least in part on an amount of time the interface record is attached to the selected resource instance. 10. The method as recited in claim 7 , further comprising: determining a billing amount to be charged to the client for the network-accessible service based at least in part on an amount of time that has elapsed since the interface record was first attached to the selected resource instance. 11. The method as recited in claim 7 , wherein said configuring the one or more security properties comprises: allowing the client to request (a) a detachment of the interface record from the selected resource instance to disable access to the network-accessible service from the selected resource instance and (b) an attachment of the interface record to another resource instance to enable access to the network-accessible service from the other resource instance. 12. The method as recited in claim 7 , wherein performing the one or more authentication operations comprise: transmitting a service continuation request from the selected resource instance to determine whether the selected resource instance is to continue providing the network-accessible service. 13. The method as recited in claim 7 , further comprising: in response to determining