responseFuture = getAsyncClient().runInstances(runRequest);
return responseFuture.thenCompose(response -> {
String instanceIdVal = response.instances().get(0).instanceId();
System.out.println("Going to start an EC2 instance and use a waiter to wait for it to be in running state");
return getAsyncClient().waiter()
.waitUntilInstanceExists(r -> r.instanceIds(instanceIdVal))
.thenCompose(waitResponse -> getAsyncClient().waiter()
.waitUntilInstanceRunning(r -> r.instanceIds(instanceIdVal))
.thenApply(runningResponse -> instanceIdVal));
}).exceptionally(throwable -> {
// Handle any exceptions that occurred during the async call
throw new RuntimeException("Failed to run EC2 instance: " + throwable.getMessage(), throwable);
});
}
/**
* Asynchronously retrieves the instance types available in the current AWS region.
*
* This method uses the AWS SDK's asynchronous API to fetch the available instance types
* and then processes the response. It logs the memory information, network information,
* and instance type for each instance type returned. Additionally, it returns a
* {@link CompletableFuture} that resolves to the instance type string for the "t2.2xlarge"
* instance type, if it is found in the response. If the "t2.2xlarge" instance type is not
* found, an empty string is returned.
*
*
* @return a {@link CompletableFuture} that resolves to the instance type string for the
* "t2.2xlarge" instance type, or an empty string if the instance type is not found
*/
public CompletableFuture getInstanceTypesAsync() {
DescribeInstanceTypesRequest typesRequest = DescribeInstanceTypesRequest.builder()
.maxResults(10)
.build();
CompletableFuture response = getAsyncClient().describeInstanceTypes(typesRequest);
response.whenComplete((resp, ex) -> {
if (resp != null) {
List instanceTypes = resp.instanceTypes();
for (InstanceTypeInfo type : instanceTypes) {
logger.info("The memory information of this type is " + type.memoryInfo().sizeInMiB());
logger.info("Network information is " + type.networkInfo().toString());
logger.info("Instance type is " + type.instanceType().toString());
}
} else {
throw (RuntimeException) ex;
}
});
return response.thenApply(resp -> {
for (InstanceTypeInfo type : resp.instanceTypes()) {
String instanceType = type.instanceType().toString();
if (instanceType.equals("t2.2xlarge")) {
return instanceType;
}
}
return "";
});
}
/**
* Asynchronously describes an AWS EC2 image with the specified image ID.
*
* @param imageId the ID of the image to be described
* @return a {@link CompletableFuture} that, when completed, contains the ID of the described image
* @throws RuntimeException if no images are found with the provided image ID, or if an error occurs during the AWS API call
*/
public CompletableFuture describeImageAsync(String imageId) {
DescribeImagesRequest imagesRequest = DescribeImagesRequest.builder()
.imageIds(imageId)
.build();
AtomicReference imageIdRef = new AtomicReference<>();
DescribeImagesPublisher paginator = getAsyncClient().describeImagesPaginator(imagesRequest);
return paginator.subscribe(response -> {
response.images().stream()
.filter(image -> image.imageId().equals(imageId))
.findFirst()
.ifPresent(image -> {
logger.info("The description of the image is " + image.description());
logger.info("The name of the image is " + image.name());
imageIdRef.set(image.imageId());
});
}).thenApply(v -> {
String id = imageIdRef.get();
if (id == null) {
throw new RuntimeException("No images found with the provided image ID.");
}
return id;
}).exceptionally(ex -> {
logger.info("Failed to describe image: " + ex.getMessage());
throw new RuntimeException("Failed to describe image", ex);
});
}
/**
* Retrieves the parameter values asynchronously using the AWS Systems Manager (SSM) API.
*
* @return a {@link CompletableFuture} that holds the response from the SSM API call to get parameters by path
*/
public CompletableFuture getParaValuesAsync() {
SsmAsyncClient ssmClient = SsmAsyncClient.builder()
.region(Region.US_EAST_1)
.build();
GetParametersByPathRequest parameterRequest = GetParametersByPathRequest.builder()
.path("/aws/service/ami-amazon-linux-latest")
.build();
// Create a CompletableFuture to hold the final result.
CompletableFuture responseFuture = new CompletableFuture<>();
ssmClient.getParametersByPath(parameterRequest)
.whenComplete((response, exception) -> {
if (exception != null) {
responseFuture.completeExceptionally(new RuntimeException("Failed to get parameters by path", exception));
} else {
responseFuture.complete(response);
}
});
return responseFuture;
}
/**
* Asynchronously describes the security groups for the specified group ID.
*
* @param groupName the name of the security group to describe
* @return a {@link CompletableFuture} that represents the asynchronous operation
* of describing the security groups. The future will complete with a
* {@link DescribeSecurityGroupsResponse} object that contains the
* security group information.
*/
public CompletableFuture describeSecurityGroupArnByNameAsync(String groupName) {
DescribeSecurityGroupsRequest request = DescribeSecurityGroupsRequest.builder()
.groupNames(groupName)
.build();
DescribeSecurityGroupsPublisher paginator = getAsyncClient().describeSecurityGroupsPaginator(request);
AtomicReference groupIdRef = new AtomicReference<>();
return paginator.subscribe(response -> {
response.securityGroups().stream()
.filter(securityGroup -> securityGroup.groupName().equals(groupName))
.findFirst()
.ifPresent(securityGroup -> groupIdRef.set(securityGroup.groupId()));
}).thenApply(v -> {
String groupId = groupIdRef.get();
if (groupId == null) {
throw new RuntimeException("No security group found with the name: " + groupName);
}
return groupId;
}).exceptionally(ex -> {
logger.info("Failed to describe security group: " + ex.getMessage());
throw new RuntimeException("Failed to describe security group", ex);
});
}
/**
* Creates a new security group asynchronously with the specified group name, description, and VPC ID. It also
* authorizes inbound traffic on ports 80 and 22 from the specified IP address.
*
* @param groupName the name of the security group to create
* @param groupDesc the description of the security group
* @param vpcId the ID of the VPC in which to create the security group
* @param myIpAddress the IP address from which to allow inbound traffic (e.g., "192.168.1.1/0" to allow traffic from
* any IP address in the 192.168.1.0/24 subnet)
* @return a CompletableFuture that, when completed, returns the ID of the created security group
* @throws RuntimeException if there was a failure creating the security group or authorizing the inbound traffic
*/
public CompletableFuture createSecurityGroupAsync(String groupName, String groupDesc, String vpcId, String myIpAddress) {
CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder()
.groupName(groupName)
.description(groupDesc)
.vpcId(vpcId)
.build();
return getAsyncClient().createSecurityGroup(createRequest)
.thenCompose(createResponse -> {
String groupId = createResponse.groupId();
IpRange ipRange = IpRange.builder()
.cidrIp(myIpAddress + "/32")
.build();
IpPermission ipPerm = IpPermission.builder()
.ipProtocol("tcp")
.toPort(80)
.fromPort(80)
.ipRanges(ipRange)
.build();
IpPermission ipPerm2 = IpPermission.builder()
.ipProtocol("tcp")
.toPort(22)
.fromPort(22)
.ipRanges(ipRange)
.build();
AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder()
.groupName(groupName)
.ipPermissions(ipPerm, ipPerm2)
.build();
return getAsyncClient().authorizeSecurityGroupIngress(authRequest)
.thenApply(authResponse -> groupId);
})
.whenComplete((result, exception) -> {
if (exception != null) {
if (exception instanceof CompletionException && exception.getCause() instanceof Ec2Exception) {
throw (Ec2Exception) exception.getCause();
} else {
throw new RuntimeException("Failed to create security group: " + exception.getMessage(), exception);
}
}
});
}
/**
* Asynchronously describes the key pairs associated with the current AWS account.
*
* @return a {@link CompletableFuture} containing the {@link DescribeKeyPairsResponse} object, which provides
* information about the key pairs.
*/
public CompletableFuture describeKeysAsync() {
CompletableFuture responseFuture = getAsyncClient().describeKeyPairs();
responseFuture.whenComplete((response, exception) -> {
if (exception != null) {
throw new RuntimeException("Failed to describe key pairs: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
/**
* Creates a new key pair asynchronously.
*
* @param keyName the name of the key pair to create
* @param fileName the name of the file to write the key material to
* @return a {@link CompletableFuture} that represents the asynchronous operation
* of creating the key pair and writing the key material to a file
*/
public CompletableFuture createKeyPairAsync(String keyName, String fileName) {
CreateKeyPairRequest request = CreateKeyPairRequest.builder()
.keyName(keyName)
.build();
CompletableFuture responseFuture = getAsyncClient().createKeyPair(request);
responseFuture.whenComplete((response, exception) -> {
if (response != null) {
try {
BufferedWriter writer = new BufferedWriter(new FileWriter(fileName));
writer.write(response.keyMaterial());
writer.close();
} catch (IOException e) {
throw new RuntimeException("Failed to write key material to file: " + e.getMessage(), e);
}
} else {
throw new RuntimeException("Failed to create key pair: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
/**
* Describes the first default VPC asynchronously and using a paginator.
*
* @return a {@link CompletableFuture} that, when completed, contains the first default VPC found.\
*/
public CompletableFuture describeFirstEC2VpcAsync() {
Filter myFilter = Filter.builder()
.name("is-default")
.values("true")
.build();
DescribeVpcsRequest request = DescribeVpcsRequest.builder()
.filters(myFilter)
.build();
DescribeVpcsPublisher paginator = getAsyncClient().describeVpcsPaginator(request);
AtomicReference vpcRef = new AtomicReference<>();
return paginator.subscribe(response -> {
response.vpcs().stream()
.findFirst()
.ifPresent(vpcRef::set);
}).thenApply(v -> {
Vpc vpc = vpcRef.get();
if (vpc == null) {
throw new RuntimeException("Default VPC not found");
}
return vpc;
}).exceptionally(ex -> {
logger.info("Failed to describe VPCs: " + ex.getMessage());
throw new RuntimeException("Failed to describe VPCs", ex);
});
}
/**
* Stops the EC2 instance with the specified ID asynchronously and waits for the instance to stop.
*
* @param instanceId the ID of the EC2 instance to stop
* @return a {@link CompletableFuture} that completes when the instance has been stopped, or exceptionally if an error occurs
*/
public CompletableFuture stopInstanceAsync(String instanceId) {
StopInstancesRequest stopRequest = StopInstancesRequest.builder()
.instanceIds(instanceId)
.build();
DescribeInstancesRequest describeRequest = DescribeInstancesRequest.builder()
.instanceIds(instanceId)
.build();
Ec2AsyncWaiter ec2Waiter = Ec2AsyncWaiter.builder()
.client(getAsyncClient())
.build();
CompletableFuture resultFuture = new CompletableFuture<>();
logger.info("Stopping instance " + instanceId + " and waiting for it to stop.");
getAsyncClient().stopInstances(stopRequest)
.thenCompose(response -> {
if (response.stoppingInstances().isEmpty()) {
return CompletableFuture.failedFuture(new RuntimeException("No instances were stopped. Please check the instance ID: " + instanceId));
}
return ec2Waiter.waitUntilInstanceStopped(describeRequest);
})
.thenAccept(waiterResponse -> {
logger.info("Successfully stopped instance " + instanceId);
resultFuture.complete(null);
})
.exceptionally(throwable -> {
logger.error("Failed to stop instance " + instanceId + ": " + throwable.getMessage(), throwable);
resultFuture.completeExceptionally(new RuntimeException("Failed to stop instance: " + throwable.getMessage(), throwable));
return null;
});
return resultFuture;
}
/**
* Starts an Amazon EC2 instance asynchronously and waits until it is in the "running" state.
*
* @param instanceId the ID of the instance to start
* @return a {@link CompletableFuture} that completes when the instance has been started and is in the "running" state, or exceptionally if an error occurs
*/
public CompletableFuture startInstanceAsync(String instanceId) {
StartInstancesRequest startRequest = StartInstancesRequest.builder()
.instanceIds(instanceId)
.build();
Ec2AsyncWaiter ec2Waiter = Ec2AsyncWaiter.builder()
.client(getAsyncClient())
.build();
DescribeInstancesRequest describeRequest = DescribeInstancesRequest.builder()
.instanceIds(instanceId)
.build();
logger.info("Starting instance " + instanceId + " and waiting for it to run.");
CompletableFuture resultFuture = new CompletableFuture<>();
return getAsyncClient().startInstances(startRequest)
.thenCompose(response ->
ec2Waiter.waitUntilInstanceRunning(describeRequest)
)
.thenAccept(waiterResponse -> {
logger.info("Successfully started instance " + instanceId);
resultFuture.complete(null);
})
.exceptionally(throwable -> {
resultFuture.completeExceptionally(new RuntimeException("Failed to start instance: " + throwable.getMessage(), throwable));
return null;
});
}
}
```
+ For API details, see the following topics in *AWS SDK for Java 2.x API Reference*.
+ [AllocateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AllocateAddress)
+ [AssociateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AssociateAddress)
+ [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AuthorizeSecurityGroupIngress)
+ [CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateKeyPair)
+ [CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateSecurityGroup)
+ [DeleteKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteKeyPair)
+ [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteSecurityGroup)
+ [DescribeImages](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeImages)
+ [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstanceTypes)
+ [DescribeInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstances)
+ [DescribeKeyPairs](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeKeyPairs)
+ [DescribeSecurityGroups](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeSecurityGroups)
+ [DisassociateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DisassociateAddress)
+ [ReleaseAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/ReleaseAddress)
+ [RunInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/RunInstances)
+ [StartInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/StartInstances)
+ [StopInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/StopInstances)
+ [TerminateInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/TerminateInstances)
+ [UnmonitorInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/UnmonitorInstances)
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
This file contains a list of common actions used with EC2. The steps are constructed with a Scenario framework that simplifies running an interactive example. For the full context, visit the GitHub repository.
```
import { tmpdir } from "node:os";
import { writeFile, mkdtemp, rm } from "node:fs/promises";
import { join } from "node:path";
import { get } from "node:http";
import {
AllocateAddressCommand,
AssociateAddressCommand,
AuthorizeSecurityGroupIngressCommand,
CreateKeyPairCommand,
CreateSecurityGroupCommand,
DeleteKeyPairCommand,
DeleteSecurityGroupCommand,
DisassociateAddressCommand,
paginateDescribeImages,
paginateDescribeInstances,
paginateDescribeInstanceTypes,
ReleaseAddressCommand,
RunInstancesCommand,
StartInstancesCommand,
StopInstancesCommand,
TerminateInstancesCommand,
waitUntilInstanceStatusOk,
waitUntilInstanceStopped,
waitUntilInstanceTerminated,
} from "@aws-sdk/client-ec2";
import {
ScenarioAction,
ScenarioInput,
ScenarioOutput,
} from "@aws-doc-sdk-examples/lib/scenario/index.js";
import { paginateGetParametersByPath, SSMClient } from "@aws-sdk/client-ssm";
/**
* @typedef {{
* ec2Client: import('@aws-sdk/client-ec2').EC2Client,
* errors: Error[],
* keyPairId?: string,
* tmpDirectory?: string,
* securityGroupId?: string,
* ipAddress?: string,
* images?: import('@aws-sdk/client-ec2').Image[],
* image?: import('@aws-sdk/client-ec2').Image,
* instanceTypes?: import('@aws-sdk/client-ec2').InstanceTypeInfo[],
* instanceId?: string,
* instanceIpAddress?: string,
* allocationId?: string,
* allocatedIpAddress?: string,
* associationId?: string,
* }} State
*/
/**
* A skip function provided to the `skipWhen` of a Step when you want
* to ignore that step if any errors have occurred.
* @param {State} state
*/
const skipWhenErrors = (state) => state.errors.length > 0;
const MAX_WAITER_TIME_IN_SECONDS = 60 * 8;
export const confirm = new ScenarioInput("confirmContinue", "Continue?", {
type: "confirm",
skipWhen: skipWhenErrors,
});
export const exitOnNoConfirm = new ScenarioAction(
"exitOnConfirmContinueFalse",
(/** @type { { earlyExit: boolean } & Record} */ state) => {
if (!state[confirm.name]) {
state.earlyExit = true;
}
},
{
skipWhen: skipWhenErrors,
},
);
export const greeting = new ScenarioOutput(
"greeting",
`
Welcome to the Amazon EC2 basic usage scenario.
Before you launch an instances, you'll need to provide a few things:
- A key pair - This is for SSH access to your EC2 instance. You only need to provide the name.
- A security group - This is used for configuring access to your instance. Again, only the name is needed.
- An IP address - Your public IP address will be fetched.
- An Amazon Machine Image (AMI)
- A compatible instance type`,
{ header: true, preformatted: true, skipWhen: skipWhenErrors },
);
export const provideKeyPairName = new ScenarioInput(
"keyPairName",
"Provide a name for a new key pair.",
{ type: "input", default: "ec2-example-key-pair", skipWhen: skipWhenErrors },
);
export const createKeyPair = new ScenarioAction(
"createKeyPair",
async (/** @type {State} */ state) => {
try {
// Create a key pair in Amazon EC2.
const { KeyMaterial, KeyPairId } = await state.ec2Client.send(
// A unique name for the key pair. Up to 255 ASCII characters.
new CreateKeyPairCommand({ KeyName: state[provideKeyPairName.name] }),
);
state.keyPairId = KeyPairId;
// Save the private key in a temporary location.
state.tmpDirectory = await mkdtemp(join(tmpdir(), "ec2-scenario-tmp"));
await writeFile(
`${state.tmpDirectory}/${state[provideKeyPairName.name]}.pem`,
KeyMaterial,
{
mode: 0o400,
},
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidKeyPair.Duplicate"
) {
caught.message = `${caught.message}. Try another key name.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logKeyPair = new ScenarioOutput(
"logKeyPair",
(/** @type {State} */ state) =>
`Created the key pair ${state[provideKeyPairName.name]}.`,
{ skipWhen: skipWhenErrors },
);
export const confirmDeleteKeyPair = new ScenarioInput(
"confirmDeleteKeyPair",
"Do you want to delete the key pair?",
{
type: "confirm",
// Don't do anything when a key pair was never created.
skipWhen: (/** @type {State} */ state) => !state.keyPairId,
},
);
export const maybeDeleteKeyPair = new ScenarioAction(
"deleteKeyPair",
async (/** @type {State} */ state) => {
try {
// Delete a key pair by name from EC2
await state.ec2Client.send(
new DeleteKeyPairCommand({ KeyName: state[provideKeyPairName.name] }),
);
} catch (caught) {
if (
caught instanceof Error &&
// Occurs when a required parameter (e.g. KeyName) is undefined.
caught.name === "MissingParameter"
) {
caught.message = `${caught.message}. Did you provide the required value?`;
}
state.errors.push(caught);
}
},
{
// Don't do anything when there's no key pair to delete or the user chooses
// to keep it.
skipWhen: (/** @type {State} */ state) =>
!state.keyPairId || !state[confirmDeleteKeyPair.name],
},
);
export const provideSecurityGroupName = new ScenarioInput(
"securityGroupName",
"Provide a name for a new security group.",
{ type: "input", default: "ec2-scenario-sg", skipWhen: skipWhenErrors },
);
export const createSecurityGroup = new ScenarioAction(
"createSecurityGroup",
async (/** @type {State} */ state) => {
try {
// Create a new security group that will be used to configure ingress/egress for
// an EC2 instance.
const { GroupId } = await state.ec2Client.send(
new CreateSecurityGroupCommand({
GroupName: state[provideSecurityGroupName.name],
Description: "A security group for the Amazon EC2 example.",
}),
);
state.securityGroupId = GroupId;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidGroup.Duplicate") {
caught.message = `${caught.message}. Please provide a different name for your security group.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logSecurityGroup = new ScenarioOutput(
"logSecurityGroup",
(/** @type {State} */ state) =>
`Created the security group ${state.securityGroupId}.`,
{ skipWhen: skipWhenErrors },
);
export const confirmDeleteSecurityGroup = new ScenarioInput(
"confirmDeleteSecurityGroup",
"Do you want to delete the security group?",
{
type: "confirm",
// Don't do anything when a security group was never created.
skipWhen: (/** @type {State} */ state) => !state.securityGroupId,
},
);
export const maybeDeleteSecurityGroup = new ScenarioAction(
"deleteSecurityGroup",
async (/** @type {State} */ state) => {
try {
// Delete the security group if the 'skipWhen' condition below is not met.
await state.ec2Client.send(
new DeleteSecurityGroupCommand({
GroupId: state.securityGroupId,
}),
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidGroupId.Malformed"
) {
caught.message = `${caught.message}. Please provide a valid GroupId.`;
}
state.errors.push(caught);
}
},
{
// Don't do anything when there's no security group to delete
// or the user chooses to keep it.
skipWhen: (/** @type {State} */ state) =>
!state.securityGroupId || !state[confirmDeleteSecurityGroup.name],
},
);
export const authorizeSecurityGroupIngress = new ScenarioAction(
"authorizeSecurity",
async (/** @type {State} */ state) => {
try {
// Get the public IP address of the machine running this example.
const ipAddress = await new Promise((res, rej) => {
get("http://checkip.amazonaws.com", (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => res(data.trim()));
}).on("error", (err) => {
rej(err);
});
});
state.ipAddress = ipAddress;
// Allow ingress from the IP address above to the security group.
// This will allow you to SSH into the EC2 instance.
const command = new AuthorizeSecurityGroupIngressCommand({
GroupId: state.securityGroupId,
IpPermissions: [
{
IpProtocol: "tcp",
FromPort: 22,
ToPort: 22,
IpRanges: [{ CidrIp: `${ipAddress}/32` }],
},
],
});
await state.ec2Client.send(command);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidGroupId.Malformed"
) {
caught.message = `${caught.message}. Please provide a valid GroupId.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logSecurityGroupIngress = new ScenarioOutput(
"logSecurityGroupIngress",
(/** @type {State} */ state) =>
`Allowed SSH access from your public IP: ${state.ipAddress}.`,
{ skipWhen: skipWhenErrors },
);
export const getImages = new ScenarioAction(
"images",
async (/** @type {State} */ state) => {
const AMIs = [];
// Some AWS services publish information about common artifacts as AWS Systems Manager (SSM)
// public parameters. For example, the Amazon Elastic Compute Cloud (Amazon EC2)
// service publishes information about Amazon Machine Images (AMIs) as public parameters.
// Create the paginator for getting images. Actions that return multiple pages of
// results have paginators to simplify those calls.
const getParametersByPathPaginator = paginateGetParametersByPath(
{
// Not storing this client in state since it's only used once.
client: new SSMClient({}),
},
{
// The path to the public list of the latest amazon-linux instances.
Path: "/aws/service/ami-amazon-linux-latest",
},
);
try {
for await (const page of getParametersByPathPaginator) {
for (const param of page.Parameters) {
// Filter by Amazon Linux 2
if (param.Name.includes("amzn2")) {
AMIs.push(param.Value);
}
}
}
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidFilterValue") {
caught.message = `${caught.message} Please provide a valid filter value for paginateGetParametersByPath.`;
}
state.errors.push(caught);
return;
}
const imageDetails = [];
const describeImagesPaginator = paginateDescribeImages(
{ client: state.ec2Client },
// The images found from the call to SSM.
{ ImageIds: AMIs },
);
try {
// Get more details for the images found above.
for await (const page of describeImagesPaginator) {
imageDetails.push(...(page.Images || []));
}
// Store the image details for later use.
state.images = imageDetails;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidAMIID.NotFound") {
caught.message = `${caught.message}. Please provide a valid image id.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const provideImage = new ScenarioInput(
"image",
"Select one of the following images.",
{
type: "select",
choices: (/** @type { State } */ state) =>
state.images.map((image) => ({
name: `${image.Description}`,
value: image,
})),
default: (/** @type { State } */ state) => state.images[0],
skipWhen: skipWhenErrors,
},
);
export const getCompatibleInstanceTypes = new ScenarioAction(
"getCompatibleInstanceTypes",
async (/** @type {State} */ state) => {
// Get more details about instance types that match the architecture of
// the provided image.
const paginator = paginateDescribeInstanceTypes(
{ client: state.ec2Client, pageSize: 25 },
{
Filters: [
{
Name: "processor-info.supported-architecture",
// The value selected from provideImage()
Values: [state.image.Architecture],
},
// Filter for smaller, less expensive, types.
{ Name: "instance-type", Values: ["*.micro", "*.small"] },
],
},
);
const instanceTypes = [];
try {
for await (const page of paginator) {
if (page.InstanceTypes.length) {
instanceTypes.push(...(page.InstanceTypes || []));
}
}
if (!instanceTypes.length) {
state.errors.push(
"No instance types matched the instance type filters.",
);
}
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
caught.message = `${caught.message}. Please check the provided values and try again.`;
}
state.errors.push(caught);
}
state.instanceTypes = instanceTypes;
},
{ skipWhen: skipWhenErrors },
);
export const provideInstanceType = new ScenarioInput(
"instanceType",
"Select an instance type.",
{
choices: (/** @type {State} */ state) =>
state.instanceTypes.map((instanceType) => ({
name: `${instanceType.InstanceType} - Memory:${instanceType.MemoryInfo.SizeInMiB}`,
value: instanceType.InstanceType,
})),
type: "select",
default: (/** @type {State} */ state) =>
state.instanceTypes[0].InstanceType,
skipWhen: skipWhenErrors,
},
);
export const runInstance = new ScenarioAction(
"runInstance",
async (/** @type { State } */ state) => {
const { Instances } = await state.ec2Client.send(
new RunInstancesCommand({
KeyName: state[provideKeyPairName.name],
SecurityGroupIds: [state.securityGroupId],
ImageId: state.image.ImageId,
InstanceType: state[provideInstanceType.name],
// Availability Zones have capacity limitations that may impact your ability to launch instances.
// The `RunInstances` operation will only succeed if it can allocate at least the `MinCount` of instances.
// However, EC2 will attempt to launch up to the `MaxCount` of instances, even if the full request cannot be satisfied.
// If you need a specific number of instances, use `MinCount` and `MaxCount` set to the same value.
// If you want to launch up to a certain number of instances, use `MaxCount` and let EC2 provision as many as possible.
// If you require a minimum number of instances, but do not want to exceed a maximum, use both `MinCount` and `MaxCount`.
MinCount: 1,
MaxCount: 1,
}),
);
state.instanceId = Instances[0].InstanceId;
try {
// Poll `DescribeInstanceStatus` until status is "ok".
await waitUntilInstanceStatusOk(
{
client: state.ec2Client,
maxWaitTime: MAX_WAITER_TIME_IN_SECONDS,
},
{ InstanceIds: [Instances[0].InstanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logRunInstance = new ScenarioOutput(
"logRunInstance",
"The next step is to run your EC2 instance for the first time. This can take a few minutes.",
{ header: true, skipWhen: skipWhenErrors },
);
export const describeInstance = new ScenarioAction(
"describeInstance",
async (/** @type { State } */ state) => {
/** @type { import("@aws-sdk/client-ec2").Instance[] } */
const instances = [];
try {
const paginator = paginateDescribeInstances(
{
client: state.ec2Client,
},
{
// Only get our created instance.
InstanceIds: [state.instanceId],
},
);
for await (const page of paginator) {
for (const reservation of page.Reservations) {
instances.push(...reservation.Instances);
}
}
if (instances.length !== 1) {
throw new Error(`Instance ${state.instanceId} not found.`);
}
// The only info we need is the IP address for SSH purposes.
state.instanceIpAddress = instances[0].PublicIpAddress;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
caught.message = `${caught.message}. Please check provided values and try again.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logSSHConnectionInfo = new ScenarioOutput(
"logSSHConnectionInfo",
(/** @type { State } */ state) =>
`You can now SSH into your instance using the following command:
ssh -i ${state.tmpDirectory}/${state[provideKeyPairName.name]}.pem ec2-user@${state.instanceIpAddress}`,
{ preformatted: true, skipWhen: skipWhenErrors },
);
export const logStopInstance = new ScenarioOutput(
"logStopInstance",
"Stopping your EC2 instance.",
{ skipWhen: skipWhenErrors },
);
export const stopInstance = new ScenarioAction(
"stopInstance",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new StopInstancesCommand({
InstanceIds: [state.instanceId],
}),
);
await waitUntilInstanceStopped(
{
client: state.ec2Client,
maxWaitTime: MAX_WAITER_TIME_IN_SECONDS,
},
{ InstanceIds: [state.instanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
// Don't try to stop an instance that doesn't exist.
{ skipWhen: (/** @type { State } */ state) => !state.instanceId },
);
export const logIpAddressBehavior = new ScenarioOutput(
"logIpAddressBehavior",
[
"When you run an instance, by default it's assigned an IP address.",
"That IP address is not static. It will change every time the instance is restarted.",
"The next step is to stop and restart your instance to demonstrate this behavior.",
].join(" "),
{ header: true, skipWhen: skipWhenErrors },
);
export const logStartInstance = new ScenarioOutput(
"logStartInstance",
(/** @type { State } */ state) => `Starting instance ${state.instanceId}`,
{ skipWhen: skipWhenErrors },
);
export const startInstance = new ScenarioAction(
"startInstance",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new StartInstancesCommand({
InstanceIds: [state.instanceId],
}),
);
await waitUntilInstanceStatusOk(
{
client: state.ec2Client,
maxWaitTime: MAX_WAITER_TIME_IN_SECONDS,
},
{ InstanceIds: [state.instanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logIpAllocation = new ScenarioOutput(
"logIpAllocation",
[
"It is possible to have a static IP address.",
"To demonstrate this, an IP will be allocated and associated to your EC2 instance.",
].join(" "),
{ header: true, skipWhen: skipWhenErrors },
);
export const allocateIp = new ScenarioAction(
"allocateIp",
async (/** @type { State } */ state) => {
try {
// An Elastic IP address is allocated to your AWS account, and is yours until you release it.
const { AllocationId, PublicIp } = await state.ec2Client.send(
new AllocateAddressCommand({}),
);
state.allocationId = AllocationId;
state.allocatedIpAddress = PublicIp;
} catch (caught) {
if (caught instanceof Error && caught.name === "MissingParameter") {
caught.message = `${caught.message}. Did you provide these values?`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const associateIp = new ScenarioAction(
"associateIp",
async (/** @type { State } */ state) => {
try {
// Associate an allocated IP address to an EC2 instance. An IP address can be allocated
// with the AllocateAddress action.
const { AssociationId } = await state.ec2Client.send(
new AssociateAddressCommand({
AllocationId: state.allocationId,
InstanceId: state.instanceId,
}),
);
state.associationId = AssociationId;
// Update the IP address that is being tracked to match
// the one just associated.
state.instanceIpAddress = state.allocatedIpAddress;
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
caught.message = `${caught.message}. Did you provide the ID of a valid Elastic IP address AllocationId?`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logStaticIpProof = new ScenarioOutput(
"logStaticIpProof",
"The IP address should remain the same even after stopping and starting the instance.",
{ header: true, skipWhen: skipWhenErrors },
);
export const logCleanUp = new ScenarioOutput(
"logCleanUp",
"That's it! You can choose to clean up the resources now, or clean them up on your own later.",
{ header: true, skipWhen: skipWhenErrors },
);
export const confirmDisassociateAddress = new ScenarioInput(
"confirmDisassociateAddress",
"Do you want to disassociate and release the static IP address created earlier?",
{
type: "confirm",
skipWhen: (/** @type { State } */ state) => !state.associationId,
},
);
export const maybeDisassociateAddress = new ScenarioAction(
"maybeDisassociateAddress",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new DisassociateAddressCommand({
AssociationId: state.associationId,
}),
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAssociationID.NotFound"
) {
caught.message = `${caught.message}. Please provide a valid association ID.`;
}
state.errors.push(caught);
}
},
{
skipWhen: (/** @type { State } */ state) =>
!state[confirmDisassociateAddress.name] || !state.associationId,
},
);
export const maybeReleaseAddress = new ScenarioAction(
"maybeReleaseAddress",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new ReleaseAddressCommand({
AllocationId: state.allocationId,
}),
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
caught.message = `${caught.message}. Please provide a valid AllocationID.`;
}
state.errors.push(caught);
}
},
{
skipWhen: (/** @type { State } */ state) =>
!state[confirmDisassociateAddress.name] || !state.allocationId,
},
);
export const confirmTerminateInstance = new ScenarioInput(
"confirmTerminateInstance",
"Do you want to terminate the instance?",
// Don't do anything when an instance was never run.
{
skipWhen: (/** @type { State } */ state) => !state.instanceId,
type: "confirm",
},
);
export const maybeTerminateInstance = new ScenarioAction(
"terminateInstance",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new TerminateInstancesCommand({
InstanceIds: [state.instanceId],
}),
);
await waitUntilInstanceTerminated(
{ client: state.ec2Client },
{ InstanceIds: [state.instanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
{
// Don't do anything when there's no instance to terminate or the
// use chooses not to terminate.
skipWhen: (/** @type { State } */ state) =>
!state.instanceId || !state[confirmTerminateInstance.name],
},
);
export const deleteTemporaryDirectory = new ScenarioAction(
"deleteTemporaryDirectory",
async (/** @type { State } */ state) => {
try {
await rm(state.tmpDirectory, { recursive: true });
} catch (caught) {
state.errors.push(caught);
}
},
);
export const logErrors = new ScenarioOutput(
"logErrors",
(/** @type {State}*/ state) => {
const errorList = state.errors
.map((err) => ` - ${err.name}: ${err.message}`)
.join("\n");
return `Scenario errors found:\n${errorList}`;
},
{
preformatted: true,
header: true,
// Don't log errors when there aren't any!
skipWhen: (/** @type {State} */ state) => state.errors.length === 0,
},
);
```
+ For API details, see the following topics in *AWS SDK for JavaScript API Reference*.
+ [AllocateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AllocateAddressCommand)
+ [AssociateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AssociateAddressCommand)
+ [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AuthorizeSecurityGroupIngressCommand)
+ [CreateKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateKeyPairCommand)
+ [CreateSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateSecurityGroupCommand)
+ [DeleteKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteKeyPairCommand)
+ [DeleteSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteSecurityGroupCommand)
+ [DescribeImages](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeImagesCommand)
+ [DescribeInstanceTypes](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstanceTypesCommand)
+ [DescribeInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstancesCommand)
+ [DescribeKeyPairs](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeKeyPairsCommand)
+ [DescribeSecurityGroups](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeSecurityGroupsCommand)
+ [DisassociateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DisassociateAddressCommand)
+ [ReleaseAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/ReleaseAddressCommand)
+ [RunInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/RunInstancesCommand)
+ [StartInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/StartInstancesCommand)
+ [StopInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/StopInstancesCommand)
+ [TerminateInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/TerminateInstancesCommand)
+ [UnmonitorInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/UnmonitorInstancesCommand)
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
/**
Before running this Kotlin code example, set up your development environment,
including your credentials.
For more information, see the following documentation topic:
https://docs.aws.amazon.com/sdk-for-kotlin/latest/developer-guide/setup.html
This Kotlin example performs the following tasks:
1. Creates an RSA key pair and saves the private key data as a .pem file.
2. Lists key pairs.
3. Creates a security group for the default VPC.
4. Displays security group information.
5. Gets a list of Amazon Linux 2 AMIs and selects one.
6. Gets more information about the image.
7. Gets a list of instance types that are compatible with the selected AMI’s architecture.
8. Creates an instance with the key pair, security group, AMI, and an instance type.
9. Displays information about the instance.
10. Stops the instance and waits for it to stop.
11. Starts the instance and waits for it to start.
12. Allocates an Elastic IP address and associates it with the instance.
13. Displays SSH connection info for the instance.
14. Disassociates and deletes the Elastic IP address.
15. Terminates the instance.
16. Deletes the security group.
17. Deletes the key pair.
*/
val DASHES = String(CharArray(80)).replace("\u0000", "-")
suspend fun main(args: Array) {
val usage = """
Usage:
Where:
keyName - A key pair name (for example, TestKeyPair).
fileName - A file name where the key information is written to.
groupName - The name of the security group.
groupDesc - The description of the security group.
vpcId - A VPC ID. You can get this value from the AWS Management Console.
myIpAddress - The IP address of your development machine.
"""
if (args.size != 6) {
println(usage)
exitProcess(0)
}
val keyName = args[0]
val fileName = args[1]
val groupName = args[2]
val groupDesc = args[3]
val vpcId = args[4]
val myIpAddress = args[5]
var newInstanceId: String? = ""
println(DASHES)
println("Welcome to the Amazon EC2 example scenario.")
println(DASHES)
println(DASHES)
println("1. Create an RSA key pair and save the private key material as a .pem file.")
createKeyPairSc(keyName, fileName)
println(DASHES)
println(DASHES)
println("2. List key pairs.")
describeEC2KeysSc()
println(DASHES)
println(DASHES)
println("3. Create a security group.")
val groupId = createEC2SecurityGroupSc(groupName, groupDesc, vpcId, myIpAddress)
println(DASHES)
println(DASHES)
println("4. Display security group info for the newly created security group.")
describeSecurityGroupsSc(groupId.toString())
println(DASHES)
println(DASHES)
println("5. Get a list of Amazon Linux 2 AMIs and select one with amzn2 in the name.")
val instanceId = getParaValuesSc()
if (instanceId == "") {
println("The instance Id value isn't valid.")
exitProcess(0)
}
println("The instance Id is $instanceId.")
println(DASHES)
println(DASHES)
println("6. Get more information about an amzn2 image and return the AMI value.")
val amiValue = instanceId?.let { describeImageSc(it) }
if (instanceId == "") {
println("The instance Id value is invalid.")
exitProcess(0)
}
println("The AMI value is $amiValue.")
println(DASHES)
println(DASHES)
println("7. Get a list of instance types.")
val instanceType = getInstanceTypesSc()
println(DASHES)
println(DASHES)
println("8. Create an instance.")
if (amiValue != null) {
newInstanceId = runInstanceSc(instanceType, keyName, groupName, amiValue)
println("The instance Id is $newInstanceId")
}
println(DASHES)
println(DASHES)
println("9. Display information about the running instance. ")
var ipAddress = describeEC2InstancesSc(newInstanceId)
println("You can SSH to the instance using this command:")
println("ssh -i " + fileName + "ec2-user@" + ipAddress)
println(DASHES)
println(DASHES)
println("10. Stop the instance.")
if (newInstanceId != null) {
stopInstanceSc(newInstanceId)
}
println(DASHES)
println(DASHES)
println("11. Start the instance.")
if (newInstanceId != null) {
startInstanceSc(newInstanceId)
}
ipAddress = describeEC2InstancesSc(newInstanceId)
println("You can SSH to the instance using this command:")
println("ssh -i " + fileName + "ec2-user@" + ipAddress)
println(DASHES)
println(DASHES)
println("12. Allocate an Elastic IP address and associate it with the instance.")
val allocationId = allocateAddressSc()
println("The allocation Id value is $allocationId")
val associationId = associateAddressSc(newInstanceId, allocationId)
println("The associate Id value is $associationId")
println(DASHES)
println(DASHES)
println("13. Describe the instance again.")
ipAddress = describeEC2InstancesSc(newInstanceId)
println("You can SSH to the instance using this command:")
println("ssh -i " + fileName + "ec2-user@" + ipAddress)
println(DASHES)
println(DASHES)
println("14. Disassociate and release the Elastic IP address.")
disassociateAddressSc(associationId)
releaseEC2AddressSc(allocationId)
println(DASHES)
println(DASHES)
println("15. Terminate the instance and use a waiter.")
if (newInstanceId != null) {
terminateEC2Sc(newInstanceId)
}
println(DASHES)
println(DASHES)
println("16. Delete the security group.")
if (groupId != null) {
deleteEC2SecGroupSc(groupId)
}
println(DASHES)
println(DASHES)
println("17. Delete the key pair.")
deleteKeysSc(keyName)
println(DASHES)
println(DASHES)
println("You successfully completed the Amazon EC2 scenario.")
println(DASHES)
}
suspend fun deleteKeysSc(keyPair: String) {
val request =
DeleteKeyPairRequest {
keyName = keyPair
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteKeyPair(request)
println("Successfully deleted key pair named $keyPair")
}
}
suspend fun deleteEC2SecGroupSc(groupIdVal: String) {
val request =
DeleteSecurityGroupRequest {
groupId = groupIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteSecurityGroup(request)
println("Successfully deleted security group with Id $groupIdVal")
}
}
suspend fun terminateEC2Sc(instanceIdVal: String) {
val ti =
TerminateInstancesRequest {
instanceIds = listOf(instanceIdVal)
}
println("Wait for the instance to terminate. This will take a few minutes.")
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.terminateInstances(ti)
ec2.waitUntilInstanceTerminated {
// suspend call
instanceIds = listOf(instanceIdVal)
}
println("$instanceIdVal is terminated!")
}
}
suspend fun releaseEC2AddressSc(allocId: String?) {
val request =
ReleaseAddressRequest {
allocationId = allocId
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.releaseAddress(request)
println("Successfully released Elastic IP address $allocId")
}
}
suspend fun disassociateAddressSc(associationIdVal: String?) {
val addressRequest =
DisassociateAddressRequest {
associationId = associationIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.disassociateAddress(addressRequest)
println("You successfully disassociated the address!")
}
}
suspend fun associateAddressSc(
instanceIdVal: String?,
allocationIdVal: String?,
): String? {
val associateRequest =
AssociateAddressRequest {
instanceId = instanceIdVal
allocationId = allocationIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val associateResponse = ec2.associateAddress(associateRequest)
return associateResponse.associationId
}
}
suspend fun allocateAddressSc(): String? {
val allocateRequest =
AllocateAddressRequest {
domain = DomainType.Vpc
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val allocateResponse = ec2.allocateAddress(allocateRequest)
return allocateResponse.allocationId
}
}
suspend fun startInstanceSc(instanceId: String) {
val request =
StartInstancesRequest {
instanceIds = listOf(instanceId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.startInstances(request)
println("Waiting until instance $instanceId starts. This will take a few minutes.")
ec2.waitUntilInstanceRunning {
// suspend call
instanceIds = listOf(instanceId)
}
println("Successfully started instance $instanceId")
}
}
suspend fun stopInstanceSc(instanceId: String) {
val request =
StopInstancesRequest {
instanceIds = listOf(instanceId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.stopInstances(request)
println("Waiting until instance $instanceId stops. This will take a few minutes.")
ec2.waitUntilInstanceStopped {
// suspend call
instanceIds = listOf(instanceId)
}
println("Successfully stopped instance $instanceId")
}
}
suspend fun describeEC2InstancesSc(newInstanceId: String?): String {
var pubAddress = ""
var isRunning = false
val request =
DescribeInstancesRequest {
instanceIds = listOf(newInstanceId.toString())
}
while (!isRunning) {
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstances(request)
val state =
response.reservations
?.get(0)
?.instances
?.get(0)
?.state
?.name
?. value
if (state != null) {
if (state.compareTo("running") == 0) {
println("Image id is ${response.reservations!!.get(0).instances?.get(0)?.imageId}")
println("Instance type is ${response.reservations!!.get(0).instances?.get(0)?.instanceType}")
println("Instance state is ${response.reservations!!.get(0).instances?.get(0)?.state}")
pubAddress =
response.reservations!!
.get(0)
.instances
?.get(0)
?.publicIpAddress
.toString()
println("Instance address is $pubAddress")
isRunning = true
}
}
}
}
return pubAddress
}
suspend fun runInstanceSc(
instanceTypeVal: String,
keyNameVal: String,
groupNameVal: String,
amiIdVal: String,
): String {
val runRequest =
RunInstancesRequest {
instanceType = InstanceType.fromValue(instanceTypeVal)
keyName = keyNameVal
securityGroups = listOf(groupNameVal)
maxCount = 1
minCount = 1
imageId = amiIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.runInstances(runRequest)
val instanceId = response.instances?.get(0)?.instanceId
println("Successfully started EC2 Instance $instanceId based on AMI $amiIdVal")
return instanceId.toString()
}
}
// Get a list of instance types.
suspend fun getInstanceTypesSc(): String {
var instanceType = ""
val filterObs = ArrayList()
val filter =
Filter {
name = "processor-info.supported-architecture"
values = listOf("arm64")
}
filterObs.add(filter)
val typesRequest =
DescribeInstanceTypesRequest {
filters = filterObs
maxResults = 10
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstanceTypes(typesRequest)
response.instanceTypes?.forEach { type ->
println("The memory information of this type is ${type.memoryInfo?.sizeInMib}")
println("Maximum number of network cards is ${type.networkInfo?.maximumNetworkCards}")
instanceType = type.instanceType.toString()
}
return instanceType
}
}
// Display the Description field that corresponds to the instance Id value.
suspend fun describeImageSc(instanceId: String): String? {
val imagesRequest =
DescribeImagesRequest {
imageIds = listOf(instanceId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeImages(imagesRequest)
println("The description of the first image is ${response.images?.get(0)?.description}")
println("The name of the first image is ${response.images?.get(0)?.name}")
// Return the image Id value.
return response.images?.get(0)?.imageId
}
}
// Get the Id value of an instance with amzn2 in the name.
suspend fun getParaValuesSc(): String? {
val parameterRequest =
GetParametersByPathRequest {
path = "/aws/service/ami-amazon-linux-latest"
}
SsmClient.fromEnvironment { region = "us-west-2" }.use { ssmClient ->
val response = ssmClient.getParametersByPath(parameterRequest)
response.parameters?.forEach { para ->
println("The name of the para is: ${para.name}")
println("The type of the para is: ${para.type}")
println("")
if (para.name?.let { filterName(it) } == true) {
return para.value
}
}
}
return ""
}
fun filterName(name: String): Boolean {
val parts = name.split("/").toTypedArray()
val myValue = parts[4]
return myValue.contains("amzn2")
}
suspend fun describeSecurityGroupsSc(groupId: String) {
val request =
DescribeSecurityGroupsRequest {
groupIds = listOf(groupId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeSecurityGroups(request)
for (group in response.securityGroups!!) {
println("Found Security Group with id " + group.groupId.toString() + " and group VPC " + group.vpcId)
}
}
}
suspend fun createEC2SecurityGroupSc(
groupNameVal: String?,
groupDescVal: String?,
vpcIdVal: String?,
myIpAddress: String?,
): String? {
val request =
CreateSecurityGroupRequest {
groupName = groupNameVal
description = groupDescVal
vpcId = vpcIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val resp = ec2.createSecurityGroup(request)
val ipRange =
IpRange {
cidrIp = "$myIpAddress/0"
}
val ipPerm =
IpPermission {
ipProtocol = "tcp"
toPort = 80
fromPort = 80
ipRanges = listOf(ipRange)
}
val ipPerm2 =
IpPermission {
ipProtocol = "tcp"
toPort = 22
fromPort = 22
ipRanges = listOf(ipRange)
}
val authRequest =
AuthorizeSecurityGroupIngressRequest {
groupName = groupNameVal
ipPermissions = listOf(ipPerm, ipPerm2)
}
ec2.authorizeSecurityGroupIngress(authRequest)
println("Successfully added ingress policy to Security Group $groupNameVal")
return resp.groupId
}
}
suspend fun describeEC2KeysSc() {
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeKeyPairs(DescribeKeyPairsRequest {})
response.keyPairs?.forEach { keyPair ->
println("Found key pair with name ${keyPair.keyName} and fingerprint ${ keyPair.keyFingerprint}")
}
}
}
suspend fun createKeyPairSc(
keyNameVal: String,
fileNameVal: String,
) {
val request =
CreateKeyPairRequest {
keyName = keyNameVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.createKeyPair(request)
val content = response.keyMaterial
if (content != null) {
File(fileNameVal).writeText(content)
}
println("Successfully created key pair named $keyNameVal")
}
}
```
+ For API details, see the following topics in *AWS SDK for Kotlin API reference*.
+ [AllocateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [AssociateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [CreateKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [CreateSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DeleteKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DeleteSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeImages](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeInstanceTypes](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeKeyPairs](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeSecurityGroups](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DisassociateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [ReleaseAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [RunInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [StartInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [StopInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [TerminateInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [UnmonitorInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
Run an interactive scenario at a command prompt.
```
class EC2InstanceScenario:
"""
A scenario that demonstrates how to use Boto3 to manage Amazon EC2 resources.
Covers creating a key pair, security group, launching an instance, associating
an Elastic IP, and cleaning up resources.
"""
def __init__(
self,
inst_wrapper: EC2InstanceWrapper,
key_wrapper: KeyPairWrapper,
sg_wrapper: SecurityGroupWrapper,
eip_wrapper: ElasticIpWrapper,
ssm_client: boto3.client,
remote_exec: bool = False,
):
"""
Initializes the EC2InstanceScenario with the necessary AWS service wrappers.
:param inst_wrapper: Wrapper for EC2 instance operations.
:param key_wrapper: Wrapper for key pair operations.
:param sg_wrapper: Wrapper for security group operations.
:param eip_wrapper: Wrapper for Elastic IP operations.
:param ssm_client: Boto3 client for accessing SSM to retrieve AMIs.
:param remote_exec: Flag to indicate if the scenario is running in a remote execution
environment. Defaults to False. If True, the script won't prompt
for user interaction.
"""
self.inst_wrapper = inst_wrapper
self.key_wrapper = key_wrapper
self.sg_wrapper = sg_wrapper
self.eip_wrapper = eip_wrapper
self.ssm_client = ssm_client
self.remote_exec = remote_exec
def create_and_list_key_pairs(self) -> None:
"""
Creates an RSA key pair for SSH access to the EC2 instance and lists available key pairs.
"""
console.print("**Step 1: Create a Secure Key Pair**", style="bold cyan")
console.print(
"Let's create a secure RSA key pair for connecting to your EC2 instance."
)
key_name = f"MyUniqueKeyPair-{uuid.uuid4().hex[:8]}"
console.print(f"- **Key Pair Name**: {key_name}")
# Create the key pair and simulate the process with a progress bar.
with alive_bar(1, title="Creating Key Pair") as bar:
self.key_wrapper.create(key_name)
time.sleep(0.4) # Simulate the delay in key creation
bar()
console.print(f"- **Private Key Saved to**: {self.key_wrapper.key_file_path}\n")
# List key pairs (simulated) and show a progress bar.
list_keys = True
if list_keys:
console.print("- Listing your key pairs...")
start_time = time.time()
with alive_bar(100, title="Listing Key Pairs") as bar:
while time.time() - start_time < 2:
time.sleep(0.2)
bar(10)
self.key_wrapper.list(5)
if time.time() - start_time > 2:
console.print(
"Taking longer than expected! Please wait...",
style="bold yellow",
)
def create_security_group(self) -> None:
"""
Creates a security group that controls access to the EC2 instance and adds a rule
to allow SSH access from the user's current public IP address.
"""
console.print("**Step 2: Create a Security Group**", style="bold cyan")
console.print(
"Security groups manage access to your instance. Let's create one."
)
sg_name = f"MySecurityGroup-{uuid.uuid4().hex[:8]}"
console.print(f"- **Security Group Name**: {sg_name}")
# Create the security group and simulate the process with a progress bar.
with alive_bar(1, title="Creating Security Group") as bar:
self.sg_wrapper.create(
sg_name, "Security group for example: get started with instances."
)
time.sleep(0.5)
bar()
console.print(f"- **Security Group ID**: {self.sg_wrapper.security_group}\n")
# Get the current public IP to set up SSH access.
ip_response = urllib.request.urlopen("http://checkip.amazonaws.com")
current_ip_address = ip_response.read().decode("utf-8").strip()
console.print(
"Let's add a rule to allow SSH only from your current IP address."
)
console.print(f"- **Your Public IP Address**: {current_ip_address}")
console.print("- Automatically adding SSH rule...")
# Update security group rules to allow SSH and simulate with a progress bar.
with alive_bar(1, title="Updating Security Group Rules") as bar:
response = self.sg_wrapper.authorize_ingress(current_ip_address)
time.sleep(0.4)
if response and response.get("Return"):
console.print("- **Security Group Rules Updated**.")
else:
console.print(
"- **Error**: Couldn't update security group rules.",
style="bold red",
)
bar()
self.sg_wrapper.describe(self.sg_wrapper.security_group)
def create_instance(self) -> None:
"""
Launches an EC2 instance using an Amazon Linux 2 AMI and the created key pair
and security group. Displays instance details and SSH connection information.
"""
# Retrieve Amazon Linux 2 AMIs from SSM.
ami_paginator = self.ssm_client.get_paginator("get_parameters_by_path")
ami_options = []
for page in ami_paginator.paginate(Path="/aws/service/ami-amazon-linux-latest"):
ami_options += page["Parameters"]
amzn2_images = self.inst_wrapper.get_images(
[opt["Value"] for opt in ami_options if "amzn2" in opt["Name"]]
)
console.print("\n**Step 3: Launch Your Instance**", style="bold cyan")
console.print(
"Let's create an instance from an Amazon Linux 2 AMI. Here are some options:"
)
image_choice = 0
console.print(f"- Selected AMI: {amzn2_images[image_choice]['ImageId']}\n")
# Display instance types compatible with the selected AMI
inst_types = self.inst_wrapper.get_instance_types(
amzn2_images[image_choice]["Architecture"]
)
inst_type_choice = 0
console.print(
f"- Selected instance type: {inst_types[inst_type_choice]['InstanceType']}\n"
)
console.print("Creating your instance and waiting for it to start...")
with alive_bar(1, title="Creating Instance") as bar:
self.inst_wrapper.create(
amzn2_images[image_choice]["ImageId"],
inst_types[inst_type_choice]["InstanceType"],
self.key_wrapper.key_pair["KeyName"],
[self.sg_wrapper.security_group],
)
time.sleep(21)
bar()
console.print(f"**Success! Your instance is ready:**\n", style="bold green")
self.inst_wrapper.display()
console.print(
"You can use SSH to connect to your instance. "
"If the connection attempt times out, you might have to manually update "
"the SSH ingress rule for your IP address in the AWS Management Console."
)
self._display_ssh_info()
def _display_ssh_info(self) -> None:
"""
Displays SSH connection information for the user to connect to the EC2 instance.
Handles the case where the instance does or does not have an associated public IP address.
"""
if (
not self.eip_wrapper.elastic_ips
or not self.eip_wrapper.elastic_ips[0].allocation_id
):
if self.inst_wrapper.instances:
instance = self.inst_wrapper.instances[0]
instance_id = instance["InstanceId"]
waiter = self.inst_wrapper.ec2_client.get_waiter("instance_running")
console.print(
"Waiting for the instance to be in a running state with a public IP...",
style="bold cyan",
)
with alive_bar(1, title="Waiting for Instance to Start") as bar:
waiter.wait(InstanceIds=[instance_id])
time.sleep(20)
bar()
instance = self.inst_wrapper.ec2_client.describe_instances(
InstanceIds=[instance_id]
)["Reservations"][0]["Instances"][0]
public_ip = instance.get("PublicIpAddress")
if public_ip:
console.print(
"\nTo connect via SSH, open another command prompt and run the following command:",
style="bold cyan",
)
console.print(
f"\tssh -i {self.key_wrapper.key_file_path} ec2-user@{public_ip}"
)
else:
console.print(
"Instance does not have a public IP address assigned.",
style="bold red",
)
else:
console.print(
"No instance available to retrieve public IP address.",
style="bold red",
)
else:
elastic_ip = self.eip_wrapper.elastic_ips[0]
elastic_ip_address = elastic_ip.public_ip
console.print(
f"\tssh -i {self.key_wrapper.key_file_path} ec2-user@{elastic_ip_address}"
)
if not self.remote_exec:
console.print("\nOpen a new terminal tab to try the above SSH command.")
input("Press Enter to continue...")
def associate_elastic_ip(self) -> None:
"""
Allocates an Elastic IP address and associates it with the EC2 instance.
Displays the Elastic IP address and SSH connection information.
"""
console.print("\n**Step 4: Allocate an Elastic IP Address**", style="bold cyan")
console.print(
"You can allocate an Elastic IP address and associate it with your instance\n"
"to keep a consistent IP address even when your instance restarts."
)
with alive_bar(1, title="Allocating Elastic IP") as bar:
elastic_ip = self.eip_wrapper.allocate()
time.sleep(0.5)
bar()
console.print(
f"- **Allocated Static Elastic IP Address**: {elastic_ip.public_ip}."
)
with alive_bar(1, title="Associating Elastic IP") as bar:
self.eip_wrapper.associate(
elastic_ip.allocation_id, self.inst_wrapper.instances[0]["InstanceId"]
)
time.sleep(2)
bar()
console.print(f"- **Associated Elastic IP with Your Instance**.")
console.print(
"You can now use SSH to connect to your instance by using the Elastic IP."
)
self._display_ssh_info()
def stop_and_start_instance(self) -> None:
"""
Stops and restarts the EC2 instance. Displays instance state and explains
changes that occur when the instance is restarted, such as the potential change
in the public IP address unless an Elastic IP is associated.
"""
console.print("\n**Step 5: Stop and Start Your Instance**", style="bold cyan")
console.print("Let's stop and start your instance to see what changes.")
console.print("- **Stopping your instance and waiting until it's stopped...**")
with alive_bar(1, title="Stopping Instance") as bar:
self.inst_wrapper.stop()
time.sleep(360)
bar()
console.print("- **Your instance is stopped. Restarting...**")
with alive_bar(1, title="Starting Instance") as bar:
self.inst_wrapper.start()
time.sleep(20)
bar()
console.print("**Your instance is running.**", style="bold green")
self.inst_wrapper.display()
elastic_ip = (
self.eip_wrapper.elastic_ips[0] if self.eip_wrapper.elastic_ips else None
)
if elastic_ip is None or elastic_ip.allocation_id is None:
console.print(
"- **Note**: Every time your instance is restarted, its public IP address changes."
)
else:
console.print(
f"Because you have associated an Elastic IP with your instance, you can \n"
f"connect by using a consistent IP address after the instance restarts: {elastic_ip.public_ip}"
)
self._display_ssh_info()
def cleanup(self) -> None:
"""
Cleans up all the resources created during the scenario, including disassociating
and releasing the Elastic IP, terminating the instance, deleting the security
group, and deleting the key pair.
"""
console.print("\n**Step 6: Clean Up Resources**", style="bold cyan")
console.print("Cleaning up resources:")
for elastic_ip in self.eip_wrapper.elastic_ips:
console.print(f"- **Elastic IP**: {elastic_ip.public_ip}")
with alive_bar(1, title="Disassociating Elastic IP") as bar:
self.eip_wrapper.disassociate(elastic_ip.allocation_id)
time.sleep(2)
bar()
console.print("\t- **Disassociated Elastic IP from the Instance**")
with alive_bar(1, title="Releasing Elastic IP") as bar:
self.eip_wrapper.release(elastic_ip.allocation_id)
time.sleep(1)
bar()
console.print("\t- **Released Elastic IP**")
console.print(f"- **Instance**: {self.inst_wrapper.instances[0]['InstanceId']}")
with alive_bar(1, title="Terminating Instance") as bar:
self.inst_wrapper.terminate()
time.sleep(380)
bar()
console.print("\t- **Terminated Instance**")
console.print(f"- **Security Group**: {self.sg_wrapper.security_group}")
with alive_bar(1, title="Deleting Security Group") as bar:
self.sg_wrapper.delete(self.sg_wrapper.security_group)
time.sleep(1)
bar()
console.print("\t- **Deleted Security Group**")
console.print(f"- **Key Pair**: {self.key_wrapper.key_pair['KeyName']}")
with alive_bar(1, title="Deleting Key Pair") as bar:
self.key_wrapper.delete(self.key_wrapper.key_pair["KeyName"])
time.sleep(0.4)
bar()
console.print("\t- **Deleted Key Pair**")
def run_scenario(self) -> None:
"""
Executes the entire EC2 instance scenario: creates key pairs, security groups,
launches an instance, associates an Elastic IP, and cleans up all resources.
"""
logging.basicConfig(level=logging.INFO, format="%(levelname)s: %(message)s")
console.print("-" * 88)
console.print(
"Welcome to the Amazon Elastic Compute Cloud (Amazon EC2) get started with instances demo.",
style="bold magenta",
)
console.print("-" * 88)
self.create_and_list_key_pairs()
self.create_security_group()
self.create_instance()
self.stop_and_start_instance()
self.associate_elastic_ip()
self.stop_and_start_instance()
self.cleanup()
console.print("\nThanks for watching!", style="bold green")
console.print("-" * 88)
if __name__ == "__main__":
try:
scenario = EC2InstanceScenario(
EC2InstanceWrapper.from_client(),
KeyPairWrapper.from_client(),
SecurityGroupWrapper.from_client(),
ElasticIpWrapper.from_client(),
boto3.client("ssm"),
)
scenario.run_scenario()
except Exception:
logging.exception("Something went wrong with the demo.")
```
Define a class that wraps key pair actions.
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def create(self, key_name: str) -> dict:
"""
Creates a key pair that can be used to securely connect to an EC2 instance.
The returned key pair contains private key information that cannot be retrieved
again. The private key data is stored as a .pem file.
:param key_name: The name of the key pair to create.
:return: A dictionary representing the Boto3 KeyPair object that represents the newly created key pair.
:raises ClientError: If there is an error in creating the key pair, for example, if a key pair with the same name already exists.
"""
try:
response = self.ec2_client.create_key_pair(KeyName=key_name)
self.key_pair = response
self.key_file_path = os.path.join(
self.key_file_dir.name, f"{self.key_pair['KeyName']}.pem"
)
with open(self.key_file_path, "w") as key_file:
key_file.write(self.key_pair["KeyMaterial"])
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidKeyPair.Duplicate":
logger.error(
f"A key pair called {key_name} already exists. "
"Please choose a different name for your key pair "
"or delete the existing key pair before creating."
)
raise
else:
return self.key_pair
def list(self, limit: Optional[int] = None) -> None:
"""
Displays a list of key pairs for the current account.
WARNING: Results are not paginated.
:param limit: The maximum number of key pairs to list. If not specified,
all key pairs will be listed.
:raises ClientError: If there is an error in listing the key pairs.
"""
try:
response = self.ec2_client.describe_key_pairs()
key_pairs = response.get("KeyPairs", [])
if limit:
key_pairs = key_pairs[:limit]
for key_pair in key_pairs:
logger.info(
f"Found {key_pair['KeyType']} key '{key_pair['KeyName']}' with fingerprint:"
)
logger.info(f"\t{key_pair['KeyFingerprint']}")
except ClientError as err:
logger.error(f"Failed to list key pairs: {str(err)}")
raise
def delete(self, key_name: str) -> bool:
"""
Deletes a key pair by its name.
:param key_name: The name of the key pair to delete.
:return: A boolean indicating whether the deletion was successful.
:raises ClientError: If there is an error in deleting the key pair, for example,
if the key pair does not exist.
"""
try:
self.ec2_client.delete_key_pair(KeyName=key_name)
logger.info(f"Successfully deleted key pair: {key_name}")
self.key_pair = None
return True
except self.ec2_client.exceptions.ClientError as err:
logger.error(f"Deletion failed for key pair: {key_name}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidKeyPair.NotFound":
logger.error(
f"The key pair '{key_name}' does not exist and cannot be deleted. "
"Please verify the key pair name and try again."
)
raise
```
Define a class that wraps security group actions.
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(self, group_name: str, group_description: str) -> str:
"""
Creates a security group in the default virtual private cloud (VPC) of the current account.
:param group_name: The name of the security group to create.
:param group_description: The description of the security group to create.
:return: The ID of the newly created security group.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
try:
response = self.ec2_client.create_security_group(
GroupName=group_name, Description=group_description
)
self.security_group = response["GroupId"]
except ClientError as err:
if err.response["Error"]["Code"] == "ResourceAlreadyExists":
logger.error(
f"Security group '{group_name}' already exists. Please choose a different name."
)
raise
else:
return self.security_group
def authorize_ingress(self, ssh_ingress_ip: str) -> Optional[Dict[str, Any]]:
"""
Adds a rule to the security group to allow access to SSH.
:param ssh_ingress_ip: The IP address that is granted inbound access to connect
to port 22 over TCP, used for SSH.
:return: The response to the authorization request. The 'Return' field of the
response indicates whether the request succeeded or failed, or None if no security group is set.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
if self.security_group is None:
logger.info("No security group to update.")
return None
try:
ip_permissions = [
{
# SSH ingress open to only the specified IP address.
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"IpRanges": [{"CidrIp": f"{ssh_ingress_ip}/32"}],
}
]
response = self.ec2_client.authorize_security_group_ingress(
GroupId=self.security_group, IpPermissions=ip_permissions
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidPermission.Duplicate":
logger.error(
f"The SSH ingress rule for IP {ssh_ingress_ip} already exists"
f"in security group '{self.security_group}'."
)
raise
else:
return response
def describe(self, security_group_id: Optional[str] = None) -> bool:
"""
Displays information about the specified security group or all security groups if no ID is provided.
:param security_group_id: The ID of the security group to describe.
If None, an open search is performed to describe all security groups.
:returns: True if the description is successful.
:raises ClientError: If there is an error describing the security group(s), such as an invalid security group ID.
"""
try:
paginator = self.ec2_client.get_paginator("describe_security_groups")
if security_group_id is None:
# If no ID is provided, return all security groups.
page_iterator = paginator.paginate()
else:
page_iterator = paginator.paginate(GroupIds=[security_group_id])
for page in page_iterator:
for security_group in page["SecurityGroups"]:
print(f"Security group: {security_group['GroupName']}")
print(f"\tID: {security_group['GroupId']}")
print(f"\tVPC: {security_group['VpcId']}")
if security_group["IpPermissions"]:
print("Inbound permissions:")
pp(security_group["IpPermissions"])
return True
except ClientError as err:
logger.error("Failed to describe security group(s).")
if err.response["Error"]["Code"] == "InvalidGroup.NotFound":
logger.error(
f"Security group {security_group_id} does not exist "
f"because the specified security group ID was not found."
)
raise
def delete(self, security_group_id: str) -> bool:
"""
Deletes the specified security group.
:param security_group_id: The ID of the security group to delete. Required.
:returns: True if the deletion is successful.
:raises ClientError: If the security group cannot be deleted due to an AWS service error.
"""
try:
self.ec2_client.delete_security_group(GroupId=security_group_id)
logger.info(f"Successfully deleted security group '{security_group_id}'")
return True
except ClientError as err:
logger.error(f"Deletion failed for security group '{security_group_id}'")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidGroup.NotFound":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it does not exist."
)
elif error_code == "DependencyViolation":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it is still in use."
" Verify that it is:"
"\n\t- Detached from resources"
"\n\t- Removed from references in other groups"
"\n\t- Removed from VPC's as a default group"
)
raise
```
Define a class that wraps instance actions.
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(
self,
image_id: str,
instance_type: str,
key_pair_name: str,
security_group_ids: Optional[List[str]] = None,
) -> List[Dict[str, Any]]:
"""
Creates a new EC2 instance in the default VPC of the current account.
The instance starts immediately after it is created.
:param image_id: The ID of the Amazon Machine Image (AMI) to use for the instance.
:param instance_type: The type of instance to create, such as 't2.micro'.
:param key_pair_name: The name of the key pair to use for SSH access.
:param security_group_ids: A list of security group IDs to associate with the instance.
If not specified, the default security group of the VPC is used.
:return: A list of dictionaries representing Boto3 Instance objects representing the newly created instances.
"""
try:
instance_params = {
"ImageId": image_id,
"InstanceType": instance_type,
"KeyName": key_pair_name,
}
if security_group_ids is not None:
instance_params["SecurityGroupIds"] = security_group_ids
response = self.ec2_client.run_instances(
**instance_params, MinCount=1, MaxCount=1
)
instance = response["Instances"][0]
self.instances.append(instance)
waiter = self.ec2_client.get_waiter("instance_running")
waiter.wait(InstanceIds=[instance["InstanceId"]])
except ClientError as err:
params_str = "\n\t".join(
f"{key}: {value}" for key, value in instance_params.items()
)
logger.error(
f"Failed to complete instance creation request.\nRequest details:{params_str}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InstanceLimitExceeded":
logger.error(
(
f"Insufficient capacity for instance type '{instance_type}'. "
"Terminate unused instances or contact AWS Support for a limit increase."
)
)
if error_code == "InsufficientInstanceCapacity":
logger.error(
(
f"Insufficient capacity for instance type '{instance_type}'. "
"Select a different instance type or launch in a different availability zone."
)
)
raise
return self.instances
def display(self, state_filter: Optional[str] = "running") -> None:
"""
Displays information about instances, filtering by the specified state.
:param state_filter: The instance state to include in the output. Only instances in this state
will be displayed. Default is 'running'. Example states: 'running', 'stopped'.
"""
if not self.instances:
logger.info("No instances to display.")
return
instance_ids = [instance["InstanceId"] for instance in self.instances]
paginator = self.ec2_client.get_paginator("describe_instances")
page_iterator = paginator.paginate(InstanceIds=instance_ids)
try:
for page in page_iterator:
for reservation in page["Reservations"]:
for instance in reservation["Instances"]:
instance_state = instance["State"]["Name"]
# Apply the state filter (default is 'running')
if state_filter and instance_state != state_filter:
continue # Skip this instance if it doesn't match the filter
# Create a formatted string with instance details
instance_info = (
f"• ID: {instance['InstanceId']}\n"
f"• Image ID: {instance['ImageId']}\n"
f"• Instance type: {instance['InstanceType']}\n"
f"• Key name: {instance['KeyName']}\n"
f"• VPC ID: {instance['VpcId']}\n"
f"• Public IP: {instance.get('PublicIpAddress', 'N/A')}\n"
f"• State: {instance_state}"
)
print(instance_info)
except ClientError as err:
logger.error(
f"Failed to display instance(s). : {' '.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
logger.error(
"One or more instance IDs do not exist. "
"Please verify the instance IDs and try again."
)
raise
def terminate(self) -> None:
"""
Terminates instances and waits for them to reach the terminated state.
"""
if not self.instances:
logger.info("No instances to terminate.")
return
instance_ids = [instance["InstanceId"] for instance in self.instances]
try:
self.ec2_client.terminate_instances(InstanceIds=instance_ids)
waiter = self.ec2_client.get_waiter("instance_terminated")
waiter.wait(InstanceIds=instance_ids)
self.instances.clear()
for instance_id in instance_ids:
print(f"• Instance ID: {instance_id}\n" f"• Action: Terminated")
except ClientError as err:
logger.error(
f"Failed instance termination details:\n\t{str(self.instances)}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
logger.error(
"One or more instance IDs do not exist. "
"Please verify the instance IDs and try again."
)
raise
def start(self) -> Optional[Dict[str, Any]]:
"""
Starts instances and waits for them to be in a running state.
:return: The response to the start request.
"""
if not self.instances:
logger.info("No instances to start.")
return None
instance_ids = [instance["InstanceId"] for instance in self.instances]
try:
start_response = self.ec2_client.start_instances(InstanceIds=instance_ids)
waiter = self.ec2_client.get_waiter("instance_running")
waiter.wait(InstanceIds=instance_ids)
return start_response
except ClientError as err:
logger.error(
f"Failed to start instance(s): {','.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "IncorrectInstanceState":
logger.error(
"Couldn't start instance(s) because they are in an incorrect state. "
"Ensure the instances are in a stopped state before starting them."
)
raise
def stop(self) -> Optional[Dict[str, Any]]:
"""
Stops instances and waits for them to be in a stopped state.
:return: The response to the stop request, or None if there are no instances to stop.
"""
if not self.instances:
logger.info("No instances to stop.")
return None
instance_ids = [instance["InstanceId"] for instance in self.instances]
try:
# Attempt to stop the instances
stop_response = self.ec2_client.stop_instances(InstanceIds=instance_ids)
waiter = self.ec2_client.get_waiter("instance_stopped")
waiter.wait(InstanceIds=instance_ids)
except ClientError as err:
logger.error(
f"Failed to stop instance(s): {','.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "IncorrectInstanceState":
logger.error(
"Couldn't stop instance(s) because they are in an incorrect state. "
"Ensure the instances are in a running state before stopping them."
)
raise
return stop_response
def get_images(self, image_ids: List[str]) -> List[Dict[str, Any]]:
"""
Gets information about Amazon Machine Images (AMIs) from a list of AMI IDs.
:param image_ids: The list of AMI IDs to look up.
:return: A list of dictionaries representing the requested AMIs.
"""
try:
response = self.ec2_client.describe_images(ImageIds=image_ids)
images = response["Images"]
except ClientError as err:
logger.error(f"Failed to stop AMI(s): {','.join(map(str, image_ids))}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidAMIID.NotFound":
logger.error("One or more of the AMI IDs does not exist.")
raise
return images
def get_instance_types(
self, architecture: str = "x86_64", sizes: List[str] = ["*.micro", "*.small"]
) -> List[Dict[str, Any]]:
"""
Gets instance types that support the specified architecture and size.
See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypes.html
for a list of allowable parameters.
:param architecture: The architecture supported by instance types. Default: 'x86_64'.
:param sizes: The size of instance types. Default: '*.micro', '*.small',
:return: A list of dictionaries representing instance types that support the specified architecture and size.
"""
try:
inst_types = []
paginator = self.ec2_client.get_paginator("describe_instance_types")
for page in paginator.paginate(
Filters=[
{
"Name": "processor-info.supported-architecture",
"Values": [architecture],
},
{"Name": "instance-type", "Values": sizes},
]
):
inst_types += page["InstanceTypes"]
except ClientError as err:
logger.error(
f"Failed to get instance types: {architecture}, {','.join(map(str, sizes))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidParameterValue":
logger.error(
"Parameters are invalid. "
"Ensure architecture and size strings conform to DescribeInstanceTypes API reference."
)
raise
else:
return inst_types
```
Define a class that wraps Elastic IP actions.
```
class ElasticIpWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Elastic IP address actions using the client interface."""
class ElasticIp:
"""Represents an Elastic IP and its associated instance."""
def __init__(
self, allocation_id: str, public_ip: str, instance_id: Optional[str] = None
) -> None:
"""
Initializes the ElasticIp object.
:param allocation_id: The allocation ID of the Elastic IP.
:param public_ip: The public IP address of the Elastic IP.
:param instance_id: The ID of the associated EC2 instance, if any.
"""
self.allocation_id = allocation_id
self.public_ip = public_ip
self.instance_id = instance_id
def __init__(self, ec2_client: Any) -> None:
"""
Initializes the ElasticIpWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
self.elastic_ips: List[ElasticIpWrapper.ElasticIp] = []
@classmethod
def from_client(cls) -> "ElasticIpWrapper":
"""
Creates an ElasticIpWrapper instance with a default EC2 client.
:return: An instance of ElasticIpWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def allocate(self) -> "ElasticIpWrapper.ElasticIp":
"""
Allocates an Elastic IP address that can be associated with an Amazon EC2
instance. By using an Elastic IP address, you can keep the public IP address
constant even when you restart the associated instance.
:return: The ElasticIp object for the newly created Elastic IP address.
:raises ClientError: If the allocation fails, such as reaching the maximum limit of Elastic IPs.
"""
try:
response = self.ec2_client.allocate_address(Domain="vpc")
elastic_ip = self.ElasticIp(
allocation_id=response["AllocationId"], public_ip=response["PublicIp"]
)
self.elastic_ips.append(elastic_ip)
except ClientError as err:
if err.response["Error"]["Code"] == "AddressLimitExceeded":
logger.error(
"Max IP's reached. Release unused addresses or contact AWS Support for an increase."
)
raise err
return elastic_ip
def associate(
self, allocation_id: str, instance_id: str
) -> Union[Dict[str, Any], None]:
"""
Associates an Elastic IP address with an instance. When this association is
created, the Elastic IP's public IP address is immediately used as the public
IP address of the associated instance.
:param allocation_id: The allocation ID of the Elastic IP.
:param instance_id: The ID of the Amazon EC2 instance.
:return: A response that contains the ID of the association, or None if no Elastic IP is found.
:raises ClientError: If the association fails, such as when the instance ID is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None:
logger.info(f"No Elastic IP found with allocation ID {allocation_id}.")
return None
try:
response = self.ec2_client.associate_address(
AllocationId=allocation_id, InstanceId=instance_id
)
elastic_ip.instance_id = (
instance_id # Track the instance associated with this Elastic IP.
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidInstanceID.NotFound":
logger.error(
f"Failed to associate Elastic IP {allocation_id} with {instance_id} "
"because the specified instance ID does not exist or has not propagated fully. "
"Verify the instance ID and try again, or wait a few moments before attempting to "
"associate the Elastic IP address."
)
raise
return response
def disassociate(self, allocation_id: str) -> None:
"""
Removes an association between an Elastic IP address and an instance. When the
association is removed, the instance is assigned a new public IP address.
:param allocation_id: The allocation ID of the Elastic IP to disassociate.
:raises ClientError: If the disassociation fails, such as when the association ID is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None or elastic_ip.instance_id is None:
logger.info(
f"No association found for Elastic IP with allocation ID {allocation_id}."
)
return
try:
# Retrieve the association ID before disassociating
response = self.ec2_client.describe_addresses(AllocationIds=[allocation_id])
association_id = response["Addresses"][0].get("AssociationId")
if association_id:
self.ec2_client.disassociate_address(AssociationId=association_id)
elastic_ip.instance_id = None # Remove the instance association
else:
logger.info(
f"No Association ID found for Elastic IP with allocation ID {allocation_id}."
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidAssociationID.NotFound":
logger.error(
f"Failed to disassociate Elastic IP {allocation_id} "
"because the specified association ID for the Elastic IP address was not found. "
"Verify the association ID and ensure the Elastic IP is currently associated with a "
"resource before attempting to disassociate it."
)
raise
def release(self, allocation_id: str) -> None:
"""
Releases an Elastic IP address. After the Elastic IP address is released,
it can no longer be used.
:param allocation_id: The allocation ID of the Elastic IP to release.
:raises ClientError: If the release fails, such as when the Elastic IP address is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None:
logger.info(f"No Elastic IP found with allocation ID {allocation_id}.")
return
try:
self.ec2_client.release_address(AllocationId=allocation_id)
self.elastic_ips.remove(elastic_ip) # Remove the Elastic IP from the list
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidAddress.NotFound":
logger.error(
f"Failed to release Elastic IP address {allocation_id} "
"because it could not be found. Verify the Elastic IP address "
"and ensure it is allocated to your account in the correct region "
"before attempting to release it."
)
raise
@staticmethod
def get_elastic_ip_by_allocation(
elastic_ips: List["ElasticIpWrapper.ElasticIp"], allocation_id: str
) -> Optional["ElasticIpWrapper.ElasticIp"]:
"""
Retrieves an Elastic IP object by its allocation ID from a given list of Elastic IPs.
:param elastic_ips: A list of ElasticIp objects.
:param allocation_id: The allocation ID of the Elastic IP to retrieve.
:return: The ElasticIp object associated with the allocation ID, or None if not found.
"""
return next(
(ip for ip in elastic_ips if ip.allocation_id == allocation_id), None
)
```
+ For API details, see the following topics in *AWS SDK for Python (Boto3) API Reference*.
+ [AllocateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AllocateAddress)
+ [AssociateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AssociateAddress)
+ [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AuthorizeSecurityGroupIngress)
+ [CreateKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateKeyPair)
+ [CreateSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateSecurityGroup)
+ [DeleteKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteKeyPair)
+ [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteSecurityGroup)
+ [DescribeImages](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeImages)
+ [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstanceTypes)
+ [DescribeInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstances)
+ [DescribeKeyPairs](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeKeyPairs)
+ [DescribeSecurityGroups](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeSecurityGroups)
+ [DisassociateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DisassociateAddress)
+ [ReleaseAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/ReleaseAddress)
+ [RunInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/RunInstances)
+ [StartInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/StartInstances)
+ [StopInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/StopInstances)
+ [TerminateInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/TerminateInstances)
+ [UnmonitorInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/UnmonitorInstances)
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
The EC2InstanceScenario implementation contains logic to run the example as a whole.
```
//! Scenario that uses the AWS SDK for Rust (the SDK) with Amazon Elastic Compute Cloud
//! (Amazon EC2) to do the following:
//!
//! * Create a key pair that is used to secure SSH communication between your computer and
//! an EC2 instance.
//! * Create a security group that acts as a virtual firewall for your EC2 instances to
//! control incoming and outgoing traffic.
//! * Find an Amazon Machine Image (AMI) and a compatible instance type.
//! * Create an instance that is created from the instance type and AMI you select, and
//! is configured to use the security group and key pair created in this example.
//! * Stop and restart the instance.
//! * Create an Elastic IP address and associate it as a consistent IP address for your instance.
//! * Connect to your instance with SSH, using both its public IP address and your Elastic IP
//! address.
//! * Clean up all of the resources created by this example.
use std::net::Ipv4Addr;
use crate::{
ec2::{EC2Error, EC2},
getting_started::{key_pair::KeyPairManager, util::Util},
ssm::SSM,
};
use aws_sdk_ssm::types::Parameter;
use super::{
elastic_ip::ElasticIpManager, instance::InstanceManager, security_group::SecurityGroupManager,
util::ScenarioImage,
};
pub struct Ec2InstanceScenario {
ec2: EC2,
ssm: SSM,
util: Util,
key_pair_manager: KeyPairManager,
security_group_manager: SecurityGroupManager,
instance_manager: InstanceManager,
elastic_ip_manager: ElasticIpManager,
}
impl Ec2InstanceScenario {
pub fn new(ec2: EC2, ssm: SSM, util: Util) -> Self {
Ec2InstanceScenario {
ec2,
ssm,
util,
key_pair_manager: Default::default(),
security_group_manager: Default::default(),
instance_manager: Default::default(),
elastic_ip_manager: Default::default(),
}
}
pub async fn run(&mut self) -> Result<(), EC2Error> {
self.create_and_list_key_pairs().await?;
self.create_security_group().await?;
self.create_instance().await?;
self.stop_and_start_instance().await?;
self.associate_elastic_ip().await?;
self.stop_and_start_instance().await?;
Ok(())
}
/// 1. Creates an RSA key pair and saves its private key data as a .pem file in secure
/// temporary storage. The private key data is deleted after the example completes.
/// 2. Optionally, lists the first five key pairs for the current account.
pub async fn create_and_list_key_pairs(&mut self) -> Result<(), EC2Error> {
println!( "Let's create an RSA key pair that you can be use to securely connect to your EC2 instance.");
let key_name = self.util.prompt_key_name()?;
self.key_pair_manager
.create(&self.ec2, &self.util, key_name)
.await?;
println!(
"Created a key pair {} and saved the private key to {:?}.",
self.key_pair_manager
.key_pair()
.key_name()
.ok_or_else(|| EC2Error::new("No key name after creating key"))?,
self.key_pair_manager
.key_file_path()
.ok_or_else(|| EC2Error::new("No key file after creating key"))?
);
if self.util.should_list_key_pairs()? {
for pair in self.key_pair_manager.list(&self.ec2).await? {
println!(
"Found {:?} key {} with fingerprint:\t{:?}",
pair.key_type(),
pair.key_name().unwrap_or("Unknown"),
pair.key_fingerprint()
);
}
}
Ok(())
}
/// 1. Creates a security group for the default VPC.
/// 2. Adds an inbound rule to allow SSH. The SSH rule allows only
/// inbound traffic from the current computer’s public IPv4 address.
/// 3. Displays information about the security group.
///
/// This function uses to get the current public IP
/// address of the computer that is running the example. This method works in most
/// cases. However, depending on how your computer connects to the internet, you
/// might have to manually add your public IP address to the security group by using
/// the AWS Management Console.
pub async fn create_security_group(&mut self) -> Result<(), EC2Error> {
println!("Let's create a security group to manage access to your instance.");
let group_name = self.util.prompt_security_group_name()?;
self.security_group_manager
.create(
&self.ec2,
&group_name,
"Security group for example: get started with instances.",
)
.await?;
println!(
"Created security group {} in your default VPC {}.",
self.security_group_manager.group_name(),
self.security_group_manager
.vpc_id()
.unwrap_or("(unknown vpc)")
);
let check_ip = self.util.do_get("https://checkip.amazonaws.com").await?;
let current_ip_address: Ipv4Addr = check_ip.trim().parse().map_err(|e| {
EC2Error::new(format!(
"Failed to convert response {} to IP Address: {e:?}",
check_ip
))
})?;
println!("Your public IP address seems to be {current_ip_address}");
if self.util.should_add_to_security_group() {
match self
.security_group_manager
.authorize_ingress(&self.ec2, current_ip_address)
.await
{
Ok(_) => println!("Security group rules updated"),
Err(err) => eprintln!("Couldn't update security group rules: {err:?}"),
}
}
println!("{}", self.security_group_manager);
Ok(())
}
/// 1. Gets a list of Amazon Linux 2 AMIs from AWS Systems Manager. Specifying the
/// '/aws/service/ami-amazon-linux-latest' path returns only the latest AMIs.
/// 2. Gets and displays information about the available AMIs and lets you select one.
/// 3. Gets a list of instance types that are compatible with the selected AMI and
/// lets you select one.
/// 4. Creates an instance with the previously created key pair and security group,
/// and the selected AMI and instance type.
/// 5. Waits for the instance to be running and then displays its information.
pub async fn create_instance(&mut self) -> Result<(), EC2Error> {
let ami = self.find_image().await?;
let instance_types = self
.ec2
.list_instance_types(&ami.0)
.await
.map_err(|e| e.add_message("Could not find instance types"))?;
println!(
"There are several instance types that support the {} architecture of the image.",
ami.0
.architecture
.as_ref()
.ok_or_else(|| EC2Error::new(format!("Missing architecture in {:?}", ami.0)))?
);
let instance_type = self.util.select_instance_type(instance_types)?;
println!("Creating your instance and waiting for it to start...");
self.instance_manager
.create(
&self.ec2,
ami.0
.image_id()
.ok_or_else(|| EC2Error::new("Could not find image ID"))?,
instance_type,
self.key_pair_manager.key_pair(),
self.security_group_manager
.security_group()
.map(|sg| vec![sg])
.ok_or_else(|| EC2Error::new("Could not find security group"))?,
)
.await
.map_err(|e| e.add_message("Scenario failed to create instance"))?;
while let Err(err) = self
.ec2
.wait_for_instance_ready(self.instance_manager.instance_id(), None)
.await
{
println!("{err}");
if !self.util.should_continue_waiting() {
return Err(err);
}
}
println!("Your instance is ready:\n{}", self.instance_manager);
self.display_ssh_info();
Ok(())
}
async fn find_image(&mut self) -> Result {
let params: Vec = self
.ssm
.list_path("/aws/service/ami-amazon-linux-latest")
.await
.map_err(|e| e.add_message("Could not find parameters for available images"))?
.into_iter()
.filter(|param| param.name().is_some_and(|name| name.contains("amzn2")))
.collect();
let amzn2_images: Vec = self
.ec2
.list_images(params)
.await
.map_err(|e| e.add_message("Could not find images"))?
.into_iter()
.map(ScenarioImage::from)
.collect();
println!("We will now create an instance from an Amazon Linux 2 AMI");
let ami = self.util.select_scenario_image(amzn2_images)?;
Ok(ami)
}
// 1. Stops the instance and waits for it to stop.
// 2. Starts the instance and waits for it to start.
// 3. Displays information about the instance.
// 4. Displays an SSH connection string. When an Elastic IP address is associated
// with the instance, the IP address stays consistent when the instance stops
// and starts.
pub async fn stop_and_start_instance(&self) -> Result<(), EC2Error> {
println!("Let's stop and start your instance to see what changes.");
println!("Stopping your instance and waiting until it's stopped...");
self.instance_manager.stop(&self.ec2).await?;
println!("Your instance is stopped. Restarting...");
self.instance_manager.start(&self.ec2).await?;
println!("Your instance is running.");
println!("{}", self.instance_manager);
if self.elastic_ip_manager.public_ip() == "0.0.0.0" {
println!("Every time your instance is restarted, its public IP address changes.");
} else {
println!(
"Because you have associated an Elastic IP with your instance, you can connect by using a consistent IP address after the instance restarts."
);
}
self.display_ssh_info();
Ok(())
}
/// 1. Allocates an Elastic IP address and associates it with the instance.
/// 2. Displays an SSH connection string that uses the Elastic IP address.
async fn associate_elastic_ip(&mut self) -> Result<(), EC2Error> {
self.elastic_ip_manager.allocate(&self.ec2).await?;
println!(
"Allocated static Elastic IP address: {}",
self.elastic_ip_manager.public_ip()
);
self.elastic_ip_manager
.associate(&self.ec2, self.instance_manager.instance_id())
.await?;
println!("Associated your Elastic IP with your instance.");
println!("You can now use SSH to connect to your instance by using the Elastic IP.");
self.display_ssh_info();
Ok(())
}
/// Displays an SSH connection string that can be used to connect to a running
/// instance.
fn display_ssh_info(&self) {
let ip_addr = if self.elastic_ip_manager.has_allocation() {
self.elastic_ip_manager.public_ip()
} else {
self.instance_manager.instance_ip()
};
let key_file_path = self.key_pair_manager.key_file_path().unwrap();
println!("To connect, open another command prompt and run the following command:");
println!("\nssh -i {} ec2-user@{ip_addr}\n", key_file_path.display());
let _ = self.util.enter_to_continue();
}
/// 1. Disassociate and delete the previously created Elastic IP.
/// 2. Terminate the previously created instance.
/// 3. Delete the previously created security group.
/// 4. Delete the previously created key pair.
pub async fn clean_up(self) {
println!("Let's clean everything up. This example created these resources:");
println!(
"\tKey pair: {}",
self.key_pair_manager
.key_pair()
.key_name()
.unwrap_or("(unknown key pair)")
);
println!(
"\tSecurity group: {}",
self.security_group_manager.group_name()
);
println!(
"\tInstance: {}",
self.instance_manager.instance_display_name()
);
if self.util.should_clean_resources() {
if let Err(err) = self.elastic_ip_manager.remove(&self.ec2).await {
eprintln!("{err}")
}
if let Err(err) = self.instance_manager.delete(&self.ec2).await {
eprintln!("{err}")
}
if let Err(err) = self.security_group_manager.delete(&self.ec2).await {
eprintln!("{err}");
}
if let Err(err) = self.key_pair_manager.delete(&self.ec2, &self.util).await {
eprintln!("{err}");
}
} else {
println!("Ok, not cleaning up any resources!");
}
}
}
pub async fn run(mut scenario: Ec2InstanceScenario) {
println!("--------------------------------------------------------------------------------");
println!(
"Welcome to the Amazon Elastic Compute Cloud (Amazon EC2) get started with instances demo."
);
println!("--------------------------------------------------------------------------------");
if let Err(err) = scenario.run().await {
eprintln!("There was an error running the scenario: {err}")
}
println!("--------------------------------------------------------------------------------");
scenario.clean_up().await;
println!("Thanks for running!");
println!("--------------------------------------------------------------------------------");
}
```
The EC2Impl struct serves as a an automock point for testing, and its functions wrap the EC2 SDK calls.
```
use std::{net::Ipv4Addr, time::Duration};
use aws_sdk_ec2::{
client::Waiters,
error::ProvideErrorMetadata,
operation::{
allocate_address::AllocateAddressOutput, associate_address::AssociateAddressOutput,
},
types::{
DomainType, Filter, Image, Instance, InstanceType, IpPermission, IpRange, KeyPairInfo,
SecurityGroup, Tag,
},
Client as EC2Client,
};
use aws_sdk_ssm::types::Parameter;
use aws_smithy_runtime_api::client::waiters::error::WaiterError;
#[cfg(test)]
use mockall::automock;
#[cfg(not(test))]
pub use EC2Impl as EC2;
#[cfg(test)]
pub use MockEC2Impl as EC2;
#[derive(Clone)]
pub struct EC2Impl {
pub client: EC2Client,
}
#[cfg_attr(test, automock)]
impl EC2Impl {
pub fn new(client: EC2Client) -> Self {
EC2Impl { client }
}
pub async fn create_key_pair(&self, name: String) -> Result<(KeyPairInfo, String), EC2Error> {
tracing::info!("Creating key pair {name}");
let output = self.client.create_key_pair().key_name(name).send().await?;
let info = KeyPairInfo::builder()
.set_key_name(output.key_name)
.set_key_fingerprint(output.key_fingerprint)
.set_key_pair_id(output.key_pair_id)
.build();
let material = output
.key_material
.ok_or_else(|| EC2Error::new("Create Key Pair has no key material"))?;
Ok((info, material))
}
pub async fn list_key_pair(&self) -> Result, EC2Error> {
let output = self.client.describe_key_pairs().send().await?;
Ok(output.key_pairs.unwrap_or_default())
}
pub async fn delete_key_pair(&self, key_name: &str) -> Result<(), EC2Error> {
let key_name: String = key_name.into();
tracing::info!("Deleting key pair {key_name}");
self.client
.delete_key_pair()
.key_name(key_name)
.send()
.await?;
Ok(())
}
pub async fn create_security_group(
&self,
name: &str,
description: &str,
) -> Result {
tracing::info!("Creating security group {name}");
let create_output = self
.client
.create_security_group()
.group_name(name)
.description(description)
.send()
.await
.map_err(EC2Error::from)?;
let group_id = create_output
.group_id
.ok_or_else(|| EC2Error::new("Missing security group id after creation"))?;
let group = self
.describe_security_group(&group_id)
.await?
.ok_or_else(|| {
EC2Error::new(format!("Could not find security group with id {group_id}"))
})?;
tracing::info!("Created security group {name} as {group_id}");
Ok(group)
}
/// Find a single security group, by ID. Returns Err if multiple groups are found.
pub async fn describe_security_group(
&self,
group_id: &str,
) -> Result, EC2Error> {
let group_id: String = group_id.into();
let describe_output = self
.client
.describe_security_groups()
.group_ids(&group_id)
.send()
.await?;
let mut groups = describe_output.security_groups.unwrap_or_default();
match groups.len() {
0 => Ok(None),
1 => Ok(Some(groups.remove(0))),
_ => Err(EC2Error::new(format!(
"Expected single group for {group_id}"
))),
}
}
/// Add an ingress rule to a security group explicitly allowing IPv4 address
/// as {ip}/32 over TCP port 22.
pub async fn authorize_security_group_ssh_ingress(
&self,
group_id: &str,
ingress_ips: Vec,
) -> Result<(), EC2Error> {
tracing::info!("Authorizing ingress for security group {group_id}");
self.client
.authorize_security_group_ingress()
.group_id(group_id)
.set_ip_permissions(Some(
ingress_ips
.into_iter()
.map(|ip| {
IpPermission::builder()
.ip_protocol("tcp")
.from_port(22)
.to_port(22)
.ip_ranges(IpRange::builder().cidr_ip(format!("{ip}/32")).build())
.build()
})
.collect(),
))
.send()
.await?;
Ok(())
}
pub async fn delete_security_group(&self, group_id: &str) -> Result<(), EC2Error> {
tracing::info!("Deleting security group {group_id}");
self.client
.delete_security_group()
.group_id(group_id)
.send()
.await?;
Ok(())
}
pub async fn list_images(&self, ids: Vec) -> Result, EC2Error> {
let image_ids = ids.into_iter().filter_map(|p| p.value).collect();
let output = self
.client
.describe_images()
.set_image_ids(Some(image_ids))
.send()
.await?;
let images = output.images.unwrap_or_default();
if images.is_empty() {
Err(EC2Error::new("No images for selected AMIs"))
} else {
Ok(images)
}
}
/// List instance types that match an image's architecture and are free tier eligible.
pub async fn list_instance_types(&self, image: &Image) -> Result, EC2Error> {
let architecture = format!(
"{}",
image.architecture().ok_or_else(|| EC2Error::new(format!(
"Image {:?} does not have a listed architecture",
image.image_id()
)))?
);
let free_tier_eligible_filter = Filter::builder()
.name("free-tier-eligible")
.values("false")
.build();
let supported_architecture_filter = Filter::builder()
.name("processor-info.supported-architecture")
.values(architecture)
.build();
let response = self
.client
.describe_instance_types()
.filters(free_tier_eligible_filter)
.filters(supported_architecture_filter)
.send()
.await?;
Ok(response
.instance_types
.unwrap_or_default()
.into_iter()
.filter_map(|iti| iti.instance_type)
.collect())
}
pub async fn create_instance<'a>(
&self,
image_id: &'a str,
instance_type: InstanceType,
key_pair: &'a KeyPairInfo,
security_groups: Vec<&'a SecurityGroup>,
) -> Result {
let run_instances = self
.client
.run_instances()
.image_id(image_id)
.instance_type(instance_type)
.key_name(
key_pair
.key_name()
.ok_or_else(|| EC2Error::new("Missing key name when launching instance"))?,
)
.set_security_group_ids(Some(
security_groups
.iter()
.filter_map(|sg| sg.group_id.clone())
.collect(),
))
.min_count(1)
.max_count(1)
.send()
.await?;
if run_instances.instances().is_empty() {
return Err(EC2Error::new("Failed to create instance"));
}
let instance_id = run_instances.instances()[0].instance_id().unwrap();
let response = self
.client
.create_tags()
.resources(instance_id)
.tags(
Tag::builder()
.key("Name")
.value("From SDK Examples")
.build(),
)
.send()
.await;
match response {
Ok(_) => tracing::info!("Created {instance_id} and applied tags."),
Err(err) => {
tracing::info!("Error applying tags to {instance_id}: {err:?}");
return Err(err.into());
}
}
tracing::info!("Instance is created.");
Ok(instance_id.to_string())
}
/// Wait for an instance to be ready and status ok (default wait 60 seconds)
pub async fn wait_for_instance_ready(
&self,
instance_id: &str,
duration: Option,
) -> Result<(), EC2Error> {
self.client
.wait_until_instance_status_ok()
.instance_ids(instance_id)
.wait(duration.unwrap_or(Duration::from_secs(60)))
.await
.map_err(|err| match err {
WaiterError::ExceededMaxWait(exceeded) => EC2Error(format!(
"Exceeded max time ({}s) waiting for instance to start.",
exceeded.max_wait().as_secs()
)),
_ => EC2Error::from(err),
})?;
Ok(())
}
pub async fn describe_instance(&self, instance_id: &str) -> Result {
let response = self
.client
.describe_instances()
.instance_ids(instance_id)
.send()
.await?;
let instance = response
.reservations()
.first()
.ok_or_else(|| EC2Error::new(format!("No instance reservations for {instance_id}")))?
.instances()
.first()
.ok_or_else(|| {
EC2Error::new(format!("No instances in reservation for {instance_id}"))
})?;
Ok(instance.clone())
}
pub async fn start_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Starting instance {instance_id}");
self.client
.start_instances()
.instance_ids(instance_id)
.send()
.await?;
tracing::info!("Started instance.");
Ok(())
}
pub async fn stop_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Stopping instance {instance_id}");
self.client
.stop_instances()
.instance_ids(instance_id)
.send()
.await?;
self.wait_for_instance_stopped(instance_id, None).await?;
tracing::info!("Stopped instance.");
Ok(())
}
pub async fn reboot_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Rebooting instance {instance_id}");
self.client
.reboot_instances()
.instance_ids(instance_id)
.send()
.await?;
Ok(())
}
pub async fn wait_for_instance_stopped(
&self,
instance_id: &str,
duration: Option,
) -> Result<(), EC2Error> {
self.client
.wait_until_instance_stopped()
.instance_ids(instance_id)
.wait(duration.unwrap_or(Duration::from_secs(60)))
.await
.map_err(|err| match err {
WaiterError::ExceededMaxWait(exceeded) => EC2Error(format!(
"Exceeded max time ({}s) waiting for instance to stop.",
exceeded.max_wait().as_secs(),
)),
_ => EC2Error::from(err),
})?;
Ok(())
}
pub async fn delete_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Deleting instance with id {instance_id}");
self.stop_instance(instance_id).await?;
self.client
.terminate_instances()
.instance_ids(instance_id)
.send()
.await?;
self.wait_for_instance_terminated(instance_id).await?;
tracing::info!("Terminated instance with id {instance_id}");
Ok(())
}
async fn wait_for_instance_terminated(&self, instance_id: &str) -> Result<(), EC2Error> {
self.client
.wait_until_instance_terminated()
.instance_ids(instance_id)
.wait(Duration::from_secs(60))
.await
.map_err(|err| match err {
WaiterError::ExceededMaxWait(exceeded) => EC2Error(format!(
"Exceeded max time ({}s) waiting for instance to terminate.",
exceeded.max_wait().as_secs(),
)),
_ => EC2Error::from(err),
})?;
Ok(())
}
pub async fn allocate_ip_address(&self) -> Result {
self.client
.allocate_address()
.domain(DomainType::Vpc)
.send()
.await
.map_err(EC2Error::from)
}
pub async fn deallocate_ip_address(&self, allocation_id: &str) -> Result<(), EC2Error> {
self.client
.release_address()
.allocation_id(allocation_id)
.send()
.await?;
Ok(())
}
pub async fn associate_ip_address(
&self,
allocation_id: &str,
instance_id: &str,
) -> Result {
let response = self
.client
.associate_address()
.allocation_id(allocation_id)
.instance_id(instance_id)
.send()
.await?;
Ok(response)
}
pub async fn disassociate_ip_address(&self, association_id: &str) -> Result<(), EC2Error> {
self.client
.disassociate_address()
.association_id(association_id)
.send()
.await?;
Ok(())
}
}
#[derive(Debug)]
pub struct EC2Error(String);
impl EC2Error {
pub fn new(value: impl Into) -> Self {
EC2Error(value.into())
}
pub fn add_message(self, message: impl Into) -> Self {
EC2Error(format!("{}: {}", message.into(), self.0))
}
}
impl From for EC2Error {
fn from(value: T) -> Self {
EC2Error(format!(
"{}: {}",
value
.code()
.map(String::from)
.unwrap_or("unknown code".into()),
value
.message()
.map(String::from)
.unwrap_or("missing reason".into()),
))
}
}
impl std::error::Error for EC2Error {}
impl std::fmt::Display for EC2Error {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{}", self.0)
}
}
```
The SSM struct serves as a an automock point for testing, and its functions wraps SSM SDK calls.
```
use aws_sdk_ssm::{types::Parameter, Client};
use aws_smithy_async::future::pagination_stream::TryFlatMap;
use crate::ec2::EC2Error;
#[cfg(test)]
use mockall::automock;
#[cfg(not(test))]
pub use SSMImpl as SSM;
#[cfg(test)]
pub use MockSSMImpl as SSM;
pub struct SSMImpl {
inner: Client,
}
#[cfg_attr(test, automock)]
impl SSMImpl {
pub fn new(inner: Client) -> Self {
SSMImpl { inner }
}
pub async fn list_path(&self, path: &str) -> Result, EC2Error> {
let maybe_params: Vec> = TryFlatMap::new(
self.inner
.get_parameters_by_path()
.path(path)
.into_paginator()
.send(),
)
.flat_map(|item| item.parameters.unwrap_or_default())
.collect()
.await;
// Fail on the first error
let params = maybe_params
.into_iter()
.collect::, _>>()?;
Ok(params)
}
}
```
The scenario uses several "Manager"-style structs to handle access to resources that are created and deleted throughout the scenario.
```
use aws_sdk_ec2::operation::{
allocate_address::AllocateAddressOutput, associate_address::AssociateAddressOutput,
};
use crate::ec2::{EC2Error, EC2};
/// ElasticIpManager tracks the lifecycle of a public IP address, including its
/// allocation from the global pool and association with a specific instance.
#[derive(Debug, Default)]
pub struct ElasticIpManager {
elastic_ip: Option,
association: Option,
}
impl ElasticIpManager {
pub fn has_allocation(&self) -> bool {
self.elastic_ip.is_some()
}
pub fn public_ip(&self) -> &str {
if let Some(allocation) = &self.elastic_ip {
if let Some(addr) = allocation.public_ip() {
return addr;
}
}
"0.0.0.0"
}
pub async fn allocate(&mut self, ec2: &EC2) -> Result<(), EC2Error> {
let allocation = ec2.allocate_ip_address().await?;
self.elastic_ip = Some(allocation);
Ok(())
}
pub async fn associate(&mut self, ec2: &EC2, instance_id: &str) -> Result<(), EC2Error> {
if let Some(allocation) = &self.elastic_ip {
if let Some(allocation_id) = allocation.allocation_id() {
let association = ec2.associate_ip_address(allocation_id, instance_id).await?;
self.association = Some(association);
return Ok(());
}
}
Err(EC2Error::new("No ip address allocation to associate"))
}
pub async fn remove(mut self, ec2: &EC2) -> Result<(), EC2Error> {
if let Some(association) = &self.association {
if let Some(association_id) = association.association_id() {
ec2.disassociate_ip_address(association_id).await?;
}
}
self.association = None;
if let Some(allocation) = &self.elastic_ip {
if let Some(allocation_id) = allocation.allocation_id() {
ec2.deallocate_ip_address(allocation_id).await?;
}
}
self.elastic_ip = None;
Ok(())
}
}
use std::fmt::Display;
use aws_sdk_ec2::types::{Instance, InstanceType, KeyPairInfo, SecurityGroup};
use crate::ec2::{EC2Error, EC2};
/// InstanceManager wraps the lifecycle of an EC2 Instance.
#[derive(Debug, Default)]
pub struct InstanceManager {
instance: Option,
}
impl InstanceManager {
pub fn instance_id(&self) -> &str {
if let Some(instance) = &self.instance {
if let Some(id) = instance.instance_id() {
return id;
}
}
"Unknown"
}
pub fn instance_name(&self) -> &str {
if let Some(instance) = &self.instance {
if let Some(tag) = instance.tags().iter().find(|e| e.key() == Some("Name")) {
if let Some(value) = tag.value() {
return value;
}
}
}
"Unknown"
}
pub fn instance_ip(&self) -> &str {
if let Some(instance) = &self.instance {
if let Some(public_ip_address) = instance.public_ip_address() {
return public_ip_address;
}
}
"0.0.0.0"
}
pub fn instance_display_name(&self) -> String {
format!("{} ({})", self.instance_name(), self.instance_id())
}
/// Create an EC2 instance with the given ID on a given type, using a
/// generated KeyPair and applying a list of security groups.
pub async fn create(
&mut self,
ec2: &EC2,
image_id: &str,
instance_type: InstanceType,
key_pair: &KeyPairInfo,
security_groups: Vec<&SecurityGroup>,
) -> Result<(), EC2Error> {
let instance_id = ec2
.create_instance(image_id, instance_type, key_pair, security_groups)
.await?;
let instance = ec2.describe_instance(&instance_id).await?;
self.instance = Some(instance);
Ok(())
}
/// Start the managed EC2 instance, if present.
pub async fn start(&self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.start_instance(self.instance_id()).await?;
}
Ok(())
}
/// Stop the managed EC2 instance, if present.
pub async fn stop(&self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.stop_instance(self.instance_id()).await?;
}
Ok(())
}
pub async fn reboot(&self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.reboot_instance(self.instance_id()).await?;
ec2.wait_for_instance_stopped(self.instance_id(), None)
.await?;
ec2.wait_for_instance_ready(self.instance_id(), None)
.await?;
}
Ok(())
}
/// Terminate and delete the managed EC2 instance, if present.
pub async fn delete(self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.delete_instance(self.instance_id()).await?;
}
Ok(())
}
}
impl Display for InstanceManager {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
if let Some(instance) = &self.instance {
writeln!(f, "\tID: {}", instance.instance_id().unwrap_or("(Unknown)"))?;
writeln!(
f,
"\tImage ID: {}",
instance.image_id().unwrap_or("(Unknown)")
)?;
writeln!(
f,
"\tInstance type: {}",
instance
.instance_type()
.map(|it| format!("{it}"))
.unwrap_or("(Unknown)".to_string())
)?;
writeln!(
f,
"\tKey name: {}",
instance.key_name().unwrap_or("(Unknown)")
)?;
writeln!(f, "\tVPC ID: {}", instance.vpc_id().unwrap_or("(Unknown)"))?;
writeln!(
f,
"\tPublic IP: {}",
instance.public_ip_address().unwrap_or("(Unknown)")
)?;
let instance_state = instance
.state
.as_ref()
.map(|is| {
is.name()
.map(|isn| format!("{isn}"))
.unwrap_or("(Unknown)".to_string())
})
.unwrap_or("(Unknown)".to_string());
writeln!(f, "\tState: {instance_state}")?;
} else {
writeln!(f, "\tNo loaded instance")?;
}
Ok(())
}
}
use std::{env, path::PathBuf};
use aws_sdk_ec2::types::KeyPairInfo;
use crate::ec2::{EC2Error, EC2};
use super::util::Util;
/// KeyPairManager tracks a KeyPairInfo and the path the private key has been
/// written to, if it's been created.
#[derive(Debug)]
pub struct KeyPairManager {
key_pair: KeyPairInfo,
key_file_path: Option,
key_file_dir: PathBuf,
}
impl KeyPairManager {
pub fn new() -> Self {
Self::default()
}
pub fn key_pair(&self) -> &KeyPairInfo {
&self.key_pair
}
pub fn key_file_path(&self) -> Option<&PathBuf> {
self.key_file_path.as_ref()
}
pub fn key_file_dir(&self) -> &PathBuf {
&self.key_file_dir
}
/// Creates a key pair that can be used to securely connect to an EC2 instance.
/// The returned key pair contains private key information that cannot be retrieved
/// again. The private key data is stored as a .pem file.
///
/// :param key_name: The name of the key pair to create.
pub async fn create(
&mut self,
ec2: &EC2,
util: &Util,
key_name: String,
) -> Result {
let (key_pair, material) = ec2.create_key_pair(key_name.clone()).await.map_err(|e| {
self.key_pair = KeyPairInfo::builder().key_name(key_name.clone()).build();
e.add_message(format!("Couldn't create key {key_name}"))
})?;
let path = self.key_file_dir.join(format!("{key_name}.pem"));
// Save the key_pair information immediately, so it can get cleaned up if write_secure fails.
self.key_file_path = Some(path.clone());
self.key_pair = key_pair.clone();
util.write_secure(&key_name, &path, material)?;
Ok(key_pair)
}
pub async fn delete(self, ec2: &EC2, util: &Util) -> Result<(), EC2Error> {
if let Some(key_name) = self.key_pair.key_name() {
ec2.delete_key_pair(key_name).await?;
if let Some(key_path) = self.key_file_path() {
if let Err(err) = util.remove(key_path) {
eprintln!("Failed to remove {key_path:?} ({err:?})");
}
}
}
Ok(())
}
pub async fn list(&self, ec2: &EC2) -> Result, EC2Error> {
ec2.list_key_pair().await
}
}
impl Default for KeyPairManager {
fn default() -> Self {
KeyPairManager {
key_pair: KeyPairInfo::builder().build(),
key_file_path: Default::default(),
key_file_dir: env::temp_dir(),
}
}
}
use std::net::Ipv4Addr;
use aws_sdk_ec2::types::SecurityGroup;
use crate::ec2::{EC2Error, EC2};
/// SecurityGroupManager tracks the lifecycle of a SecurityGroup for an instance,
/// including adding a rule to allow SSH from a public IP address.
#[derive(Debug, Default)]
pub struct SecurityGroupManager {
group_name: String,
group_description: String,
security_group: Option,
}
impl SecurityGroupManager {
pub async fn create(
&mut self,
ec2: &EC2,
group_name: &str,
group_description: &str,
) -> Result<(), EC2Error> {
self.group_name = group_name.into();
self.group_description = group_description.into();
self.security_group = Some(
ec2.create_security_group(group_name, group_description)
.await
.map_err(|e| e.add_message("Couldn't create security group"))?,
);
Ok(())
}
pub async fn authorize_ingress(&self, ec2: &EC2, ip_address: Ipv4Addr) -> Result<(), EC2Error> {
if let Some(sg) = &self.security_group {
ec2.authorize_security_group_ssh_ingress(
sg.group_id()
.ok_or_else(|| EC2Error::new("Missing security group ID"))?,
vec![ip_address],
)
.await?;
};
Ok(())
}
pub async fn delete(self, ec2: &EC2) -> Result<(), EC2Error> {
if let Some(sg) = &self.security_group {
ec2.delete_security_group(
sg.group_id()
.ok_or_else(|| EC2Error::new("Missing security group ID"))?,
)
.await?;
};
Ok(())
}
pub fn group_name(&self) -> &str {
&self.group_name
}
pub fn vpc_id(&self) -> Option<&str> {
self.security_group.as_ref().and_then(|sg| sg.vpc_id())
}
pub fn security_group(&self) -> Option<&SecurityGroup> {
self.security_group.as_ref()
}
}
impl std::fmt::Display for SecurityGroupManager {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match &self.security_group {
Some(sg) => {
writeln!(
f,
"Security group: {}",
sg.group_name().unwrap_or("(unknown group)")
)?;
writeln!(f, "\tID: {}", sg.group_id().unwrap_or("(unknown group id)"))?;
writeln!(f, "\tVPC: {}", sg.vpc_id().unwrap_or("(unknown group vpc)"))?;
if !sg.ip_permissions().is_empty() {
writeln!(f, "\tInbound Permissions:")?;
for permission in sg.ip_permissions() {
writeln!(f, "\t\t{permission:?}")?;
}
}
Ok(())
}
None => writeln!(f, "No security group loaded."),
}
}
}
```
The main entry point for the scenario.
```
use ec2_code_examples::{
ec2::EC2,
getting_started::{
scenario::{run, Ec2InstanceScenario},
util::UtilImpl,
},
ssm::SSM,
};
#[tokio::main]
async fn main() {
tracing_subscriber::fmt::init();
let sdk_config = aws_config::load_from_env().await;
let ec2 = EC2::new(aws_sdk_ec2::Client::new(&sdk_config));
let ssm = SSM::new(aws_sdk_ssm::Client::new(&sdk_config));
let util = UtilImpl {};
let scenario = Ec2InstanceScenario::new(ec2, ssm, util);
run(scenario).await;
}
```
+ For API details, see the following topics in *AWS SDK for Rust API reference*.
+ [AllocateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.allocate_address)
+ [AssociateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.associate_address)
+ [AuthorizeSecurityGroupIngress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.authorize_security_group_ingress)
+ [CreateKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_key_pair)
+ [CreateSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_security_group)
+ [DeleteKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_key_pair)
+ [DeleteSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_security_group)
+ [DescribeImages](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_images)
+ [DescribeInstanceTypes](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instance_types)
+ [DescribeInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instances)
+ [DescribeKeyPairs](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_key_pairs)
+ [DescribeSecurityGroups](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_security_groups)
+ [DisassociateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.disassociate_address)
+ [ReleaseAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.release_address)
+ [RunInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.run_instances)
+ [StartInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.start_instances)
+ [StopInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.stop_instances)
+ [TerminateInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.terminate_instances)
+ [UnmonitorInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.unmonitor_instances)
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
The `Package.swift` file.
```
// swift-tools-version: 5.9
//
// The swift-tools-version declares the minimum version of Swift required to
// build this package.
import PackageDescription
let package = Package(
name: "ec2-scenario",
// Let Xcode know the minimum Apple platforms supported.
platforms: [
.macOS(.v13),
.iOS(.v15)
],
dependencies: [
// Dependencies declare other packages that this package depends on.
.package(
url: "https://github.com/awslabs/aws-sdk-swift",
from: "1.4.0"),
.package(
url: "https://github.com/apple/swift-argument-parser.git",
branch: "main"
)
],
targets: [
// Targets are the basic building blocks of a package, defining a module or a test suite.
// Targets can depend on other targets in this package and products
// from dependencies.
.executableTarget(
name: "ec2-scenario",
dependencies: [
.product(name: "AWSEC2", package: "aws-sdk-swift"),
.product(name: "AWSSSM", package: "aws-sdk-swift"),
.product(name: "ArgumentParser", package: "swift-argument-parser")
],
path: "Sources")
]
)
```
The `entry.swift` file.
```
// An example that shows how to use the AWS SDK for Swift to perform a variety
// of operations using Amazon Elastic Compute Cloud (EC2).
//
import ArgumentParser
import Foundation
import AWSEC2
// Allow waiters to be used.
import class SmithyWaitersAPI.Waiter
import struct SmithyWaitersAPI.WaiterOptions
import AWSSSM
struct ExampleCommand: ParsableCommand {
@Option(help: "The AWS Region to run AWS API calls in.")
var awsRegion = "us-east-1"
@Option(
help: ArgumentHelp("The level of logging for the Swift SDK to perform."),
completion: .list([
"critical",
"debug",
"error",
"info",
"notice",
"trace",
"warning"
])
)
var logLevel: String = "error"
static var configuration = CommandConfiguration(
commandName: "ec2-scenario",
abstract: """
Performs various operations to demonstrate the use of Amazon EC2 using the
AWS SDK for Swift.
""",
discussion: """
"""
)
/// Called by ``main()`` to run the bulk of the example.
func runAsync() async throws {
let ssmConfig = try await SSMClient.SSMClientConfiguration(region: awsRegion)
let ssmClient = SSMClient(config: ssmConfig)
let ec2Config = try await EC2Client.EC2ClientConfiguration(region: awsRegion)
let ec2Client = EC2Client(config: ec2Config)
let example = Example(ec2Client: ec2Client, ssmClient: ssmClient)
await example.run()
}
}
class Example {
let ec2Client: EC2Client
let ssmClient: SSMClient
// Storage for AWS EC2 properties.
var keyName: String? = nil
var securityGroupId: String? = nil
var instanceId: String? = nil
var allocationId: String? = nil
var associationId: String? = nil
init(ec2Client: EC2Client, ssmClient: SSMClient) {
self.ec2Client = ec2Client
self.ssmClient = ssmClient
}
/// The example's main body.
func run() async {
//=====================================================================
// 1. Create an RSA key pair, saving the private key as a `.pem` file.
// Create a `defer` block that will delete the private key when the
// program exits.
//=====================================================================
print("Creating an RSA key pair...")
keyName = self.tempName(prefix: "ExampleKeyName")
let keyUrl = await self.createKeyPair(name: keyName!)
guard let keyUrl else {
print("*** Failed to create the key pair!")
return
}
print("Created the private key at: \(keyUrl.absoluteString)")
// Schedule deleting the private key file to occur automatically when
// the program exits, no matter how it exits.
defer {
do {
try FileManager.default.removeItem(at: keyUrl)
} catch {
print("*** Failed to delete the private key at \(keyUrl.absoluteString)")
}
}
//=====================================================================
// 2. List the key pairs by calling `DescribeKeyPairs`.
//=====================================================================
print("Describing available key pairs...")
await self.describeKeyPairs()
//=====================================================================
// 3. Create a security group for the default VPC, and add an inbound
// rule to allow SSH from the current computer's public IPv4
// address.
//=====================================================================
print("Creating the security group...")
let secGroupName = self.tempName(prefix: "ExampleSecurityGroup")
let ipAddress = self.getMyIPAddress()
guard let ipAddress else {
print("*** Unable to get the device's IP address.")
return
}
print("IP address is: \(ipAddress)")
securityGroupId = await self.createSecurityGroup(
name: secGroupName,
description: "An example security group created using the AWS SDK for Swift"
)
if securityGroupId == nil {
await cleanUp()
return
}
print("Created security group: \(securityGroupId ?? "")")
if !(await self.authorizeSecurityGroupIngress(groupId: securityGroupId!, ipAddress: ipAddress)) {
await cleanUp()
return
}
//=====================================================================
// 4. Display security group information for the new security group
// using DescribeSecurityGroups.
//=====================================================================
if !(await self.describeSecurityGroups(groupId: securityGroupId!)) {
await cleanUp()
return
}
//=====================================================================
// 5. Get a list of Amazon Linux 2023 AMIs and pick one (SSM is the
// best practice), using path and then filter the list after the
// fact to include "al2023" in the Name field
// (ssm.GetParametersByPath). Paginate to get all images.
//=====================================================================
print("Searching available images for Amazon Linux 2023 images...")
let options = await self.findAMIsMatchingFilter("al2023")
//=====================================================================
// 6. The information in the AMI options isn't great, so make a list
// of the image IDs (the "Value" field in the AMI options) and get
// more information about them from EC2. Display the Description
// field and select one of them (DescribeImages with ImageIds
// filter).
//=====================================================================
print("Images matching Amazon Linux 2023:")
var imageIds: [String] = []
for option in options {
guard let id = option.value else {
continue
}
imageIds.append(id)
}
let images = await self.describeImages(imageIds)
// This is where you would normally let the user choose which AMI to
// use. However, for this example, we're just going to use the first
// one, whatever it is.
let chosenImage = images[0]
//=====================================================================
// 7. Get a list of instance types that are compatible with the
// selected AMI's architecture (such as "x86_64") and are either
// small or micro. Select one (DescribeInstanceTypes).
//=====================================================================
print("Getting the instance types compatible with the selected image...")
guard let arch = chosenImage.architecture else {
print("*** The selected image doesn't have a valid architecture.")
await cleanUp()
return
}
let imageTypes = await self.getMatchingInstanceTypes(architecture: arch)
for type in imageTypes {
guard let instanceType = type.instanceType else {
continue
}
print(" \(instanceType.rawValue)")
}
// This example selects the first returned instance type. A real-world
// application would probably ask the user to select one here.
let chosenInstanceType = imageTypes[0]
//=====================================================================
// 8. Create an instance with the key pair, security group, AMI, and
// instance type (RunInstances).
//=====================================================================
print("Creating an instance...")
guard let imageId = chosenImage.imageId else {
print("*** Cannot start image without a valid image ID.")
await cleanUp()
return
}
guard let instanceType = chosenInstanceType.instanceType else {
print("*** Unable to start image without a valid image type.")
await cleanUp()
return
}
let instance = await self.runInstance(
imageId: imageId,
instanceType: instanceType,
keyPairName: keyName!,
securityGroups: [securityGroupId!]
)
guard let instance else {
await cleanUp()
return
}
instanceId = instance.instanceId
if instanceId == nil {
print("*** Instance is missing an ID. Canceling.")
await cleanUp()
return
}
//=====================================================================
// 9. Wait for the instance to be ready and then display its
// information (DescribeInstances).
//=====================================================================
print("Waiting a few seconds to let the instance come up...")
do {
try await Task.sleep(for: .seconds(20))
} catch {
print("*** Error pausing the task.")
}
print("Success! Your new instance is ready:")
//=====================================================================
// 10. Display SSH connection info for the instance.
//=====================================================================
var runningInstance = await self.describeInstance(instanceId: instanceId!)
if (runningInstance != nil) && (runningInstance!.publicIpAddress != nil) {
print("\nYou can SSH to this instance using the following command:")
print("ssh -i \(keyUrl.path) ec2-user@\(runningInstance!.publicIpAddress!)")
}
//=====================================================================
// 11. Stop the instance and wait for it to stop (StopInstances).
//=====================================================================
print("Stopping the instance...")
if !(await self.stopInstance(instanceId: instanceId!, waitUntilStopped: true)) {
await cleanUp()
return
}
//=====================================================================
// 12. Start the instance and wait for it to start (StartInstances).
//=====================================================================
print("Starting the instance again...")
if !(await self.startInstance(instanceId: instanceId!, waitUntilStarted: true)) {
await cleanUp()
return
}
//=====================================================================
// 13. Display SSH connection info for the instance. Note that it's
// changed.
//=====================================================================
runningInstance = await self.describeInstance(instanceId: instanceId!)
if (runningInstance != nil) && (runningInstance!.publicIpAddress != nil) {
print("\nYou can SSH to this instance using the following command.")
print("This is probably different from when the instance was running before.")
print("ssh -i \(keyUrl.path) ec2-user@\(runningInstance!.publicIpAddress!)")
}
//=====================================================================
// 14. Allocate an elastic IP and associate it with the instance
// (AllocateAddress and AssociateAddress).
//=====================================================================
allocationId = await self.allocateAddress()
if allocationId == nil {
await cleanUp()
return
}
associationId = await self.associateAddress(instanceId: instanceId!, allocationId: allocationId)
if associationId == nil {
await cleanUp()
return
}
//=====================================================================
// 15. Display SSH connection info for the connection. Note that the
// public IP is now the Elastic IP, which stays constant.
//=====================================================================
runningInstance = await self.describeInstance(instanceId: instanceId!)
if (runningInstance != nil) && (runningInstance!.publicIpAddress != nil) {
print("\nYou can SSH to this instance using the following command.")
print("This has changed again, and is now the Elastic IP.")
print("ssh -i \(keyUrl.path) ec2-user@\(runningInstance!.publicIpAddress!)")
}
//=====================================================================
// Handle all cleanup tasks
//=====================================================================
await cleanUp()
}
/// Clean up by discarding and closing down all allocated EC2 items:
///
/// * Elastic IP allocation and association
/// * Terminate the instance
/// * Delete the security group
/// * Delete the key pair
func cleanUp() async {
//=====================================================================
// 16. Disassociate and delete the Elastic IP (DisassociateAddress and
// ReleaseAddress).
//=====================================================================
if associationId != nil {
await self.disassociateAddress(associationId: associationId!)
}
if allocationId != nil {
await self.releaseAddress(allocationId: allocationId!)
}
//=====================================================================
// 17. Terminate the instance and wait for it to terminate
// (TerminateInstances).
//=====================================================================
if instanceId != nil {
print("Terminating the instance...")
_ = await self.terminateInstance(instanceId: instanceId!, waitUntilTerminated: true)
}
//=====================================================================
// 18. Delete the security group (DeleteSecurityGroup).
//=====================================================================
if securityGroupId != nil {
print("Deleting the security group...")
_ = await self.deleteSecurityGroup(groupId: securityGroupId!)
}
//=====================================================================
// 19. Delete the key pair (DeleteKeyPair).
//=====================================================================
if keyName != nil {
print("Deleting the key pair...")
_ = await self.deleteKeyPair(keyPair: keyName!)
}
}
/// Create a new RSA key pair and save the private key to a randomly-named
/// file in the temporary directory.
///
/// - Parameter name: The name of the key pair to create.
///
/// - Returns: The URL of the newly created `.pem` file or `nil` if unable
/// to create the key pair.
func createKeyPair(name: String) async -> URL? {
do {
let output = try await ec2Client.createKeyPair(
input: CreateKeyPairInput(
keyName: name
)
)
guard let keyMaterial = output.keyMaterial else {
return nil
}
// Build the URL of the temporary private key file.
let fileURL = URL.temporaryDirectory
.appendingPathComponent(name)
.appendingPathExtension("pem")
do {
try keyMaterial.write(to: fileURL, atomically: true, encoding: String.Encoding.utf8)
return fileURL
} catch {
print("*** Failed to write the private key.")
return nil
}
} catch {
print("*** Unable to create the key pair.")
return nil
}
}
/// Describe the key pairs associated with the user by outputting each key
/// pair's name and fingerprint.
func describeKeyPairs() async {
do {
let output = try await ec2Client.describeKeyPairs(
input: DescribeKeyPairsInput()
)
guard let keyPairs = output.keyPairs else {
print("*** No key pairs list available.")
return
}
for keyPair in keyPairs {
print(keyPair.keyName ?? "", ":", keyPair.keyFingerprint ?? "")
}
} catch {
print("*** Error: Unable to obtain a key pair list.")
}
}
/// Delete an EC2 key pair.
///
/// - Parameter keyPair: The name of the key pair to delete.
///
/// - Returns: `true` if the key pair is deleted successfully; otherwise
/// `false`.
func deleteKeyPair(keyPair: String) async -> Bool {
do {
_ = try await ec2Client.deleteKeyPair(
input: DeleteKeyPairInput(
keyName: keyPair
)
)
return true
} catch {
print("*** Error deleting the key pair: \(error.localizedDescription)")
return false
}
}
/// Return a list of AMI names that contain the specified string.
///
/// - Parameter filter: A string that must be contained in all returned
/// AMI names.
///
/// - Returns: An array of the parameters matching the specified substring.
func findAMIsMatchingFilter(_ filter: String) async -> [SSMClientTypes.Parameter] {
var parameterList: [SSMClientTypes.Parameter] = []
var matchingAMIs: [SSMClientTypes.Parameter] = []
do {
let pages = ssmClient.getParametersByPathPaginated(
input: GetParametersByPathInput(
path: "/aws/service/ami-amazon-linux-latest"
)
)
for try await page in pages {
guard let parameters = page.parameters else {
return matchingAMIs
}
for parameter in parameters {
parameterList.append(parameter)
}
}
print("Found \(parameterList.count) images total:")
for parameter in parameterList {
guard let name = parameter.name else {
continue
}
print(" \(name)")
if name.contains(filter) {
matchingAMIs.append(parameter)
}
}
} catch {
return matchingAMIs
}
return matchingAMIs
}
/// Return a list of instance types matching the specified architecture
/// and instance sizes.
///
/// - Parameters:
/// - architecture: The architecture of the instance types to return, as
/// a member of `EC2ClientTypes.ArchitectureValues`.
/// - sizes: An array of one or more strings identifying sizes of
/// instance type to accept.
///
/// - Returns: An array of `EC2ClientTypes.InstanceTypeInfo` records
/// describing the instance types matching the given requirements.
func getMatchingInstanceTypes(architecture: EC2ClientTypes.ArchitectureValues = EC2ClientTypes.ArchitectureValues.x8664,
sizes: [String] = ["*.micro", "*.small"]) async
-> [EC2ClientTypes.InstanceTypeInfo] {
var instanceTypes: [EC2ClientTypes.InstanceTypeInfo] = []
let archFilter = EC2ClientTypes.Filter(
name: "processor-info.supported-architecture",
values: [architecture.rawValue]
)
let sizeFilter = EC2ClientTypes.Filter(
name: "instance-type",
values: sizes
)
do {
let pages = ec2Client.describeInstanceTypesPaginated(
input: DescribeInstanceTypesInput(
filters: [archFilter, sizeFilter]
)
)
for try await page in pages {
guard let types = page.instanceTypes else {
return []
}
instanceTypes += types
}
} catch {
print("*** Error getting image types: \(error.localizedDescription)")
return []
}
return instanceTypes
}
/// Get the latest information about the specified instance and output it
/// to the screen, returning the instance details to the caller.
///
/// - Parameters:
/// - instanceId: The ID of the instance to provide details about.
/// - stateFilter: The state to require the instance to be in.
///
/// - Returns: The instance's details as an `EC2ClientTypes.Instance` object.
func describeInstance(instanceId: String,
stateFilter: EC2ClientTypes.InstanceStateName? = EC2ClientTypes.InstanceStateName.running) async
-> EC2ClientTypes.Instance? {
do {
let pages = ec2Client.describeInstancesPaginated(
input: DescribeInstancesInput(
instanceIds: [instanceId]
)
)
for try await page in pages {
guard let reservations = page.reservations else {
continue
}
for reservation in reservations {
guard let instances = reservation.instances else {
continue
}
for instance in instances {
guard let state = instance.state else {
print("*** Instance is missing its state...")
continue
}
let instanceState = state.name
if stateFilter != nil && (instanceState != stateFilter) {
continue
}
let instanceTypeName: String
if instance.instanceType == nil {
instanceTypeName = ""
} else {
instanceTypeName = instance.instanceType?.rawValue ?? ""
}
let instanceStateName: String
if instanceState == nil {
instanceStateName = ""
} else {
instanceStateName = instanceState?.rawValue ?? ""
}
print("""
Instance: \(instance.instanceId ?? "")
• Image ID: \(instance.imageId ?? "")
• Instance type: \(instanceTypeName)
• Key name: \(instance.keyName ?? "")
• VPC ID: \(instance.vpcId ?? "")
• Public IP: \(instance.publicIpAddress ?? "N/A")
• State: \(instanceStateName)
""")
return instance
}
}
}
} catch {
print("*** Error retrieving instance information to display: \(error.localizedDescription)")
return nil
}
return nil
}
/// Stop the specified instance.
///
/// - Parameters:
/// - instanceId: The ID of the instance to stop.
/// - waitUntilStopped: If `true`, execution waits until the instance
/// has stopped. Otherwise, execution continues and the instance stops
/// asynchronously.
///
/// - Returns: `true` if the image is successfully stopped (or is left to
/// stop asynchronously). `false` if the instance doesn't stop.
func stopInstance(instanceId: String, waitUntilStopped: Bool = false) async -> Bool {
let instanceList = [instanceId]
do {
_ = try await ec2Client.stopInstances(
input: StopInstancesInput(
instanceIds: instanceList
)
)
if waitUntilStopped {
print("Waiting for the instance to stop. Please be patient!")
let waitOptions = WaiterOptions(maxWaitTime: 600)
let output = try await ec2Client.waitUntilInstanceStopped(
options: waitOptions,
input: DescribeInstancesInput(
instanceIds: instanceList
)
)
switch output.result {
case .success:
return true
case .failure:
return false
}
} else {
return true
}
} catch {
print("*** Unable to stop the instance: \(error.localizedDescription)")
return false
}
}
/// Start the specified instance.
///
/// - Parameters:
/// - instanceId: The ID of the instance to start.
/// - waitUntilStarted: If `true`, execution waits until the instance
/// has started. Otherwise, execution continues and the instance starts
/// asynchronously.
///
/// - Returns: `true` if the image is successfully started (or is left to
/// start asynchronously). `false` if the instance doesn't start.
func startInstance(instanceId: String, waitUntilStarted: Bool = false) async -> Bool {
let instanceList = [instanceId]
do {
_ = try await ec2Client.startInstances(
input: StartInstancesInput(
instanceIds: instanceList
)
)
if waitUntilStarted {
print("Waiting for the instance to start...")
let waitOptions = WaiterOptions(maxWaitTime: 60.0)
let output = try await ec2Client.waitUntilInstanceRunning(
options: waitOptions,
input: DescribeInstancesInput(
instanceIds: instanceList
)
)
switch output.result {
case .success:
return true
case .failure:
return false
}
} else {
return true
}
} catch {
print("*** Unable to start the instance: \(error.localizedDescription)")
return false
}
}
/// Terminate the specified instance.
///
/// - Parameters:
/// - instanceId: The instance to terminate.
/// - waitUntilTerminated: Whether or not to wait until the instance is
/// terminated before returning.
///
/// - Returns: `true` if terminated successfully. `false` if not or if an
/// error occurs.
func terminateInstance(instanceId: String, waitUntilTerminated: Bool = false) async -> Bool {
let instanceList = [instanceId]
do {
_ = try await ec2Client.terminateInstances(
input: TerminateInstancesInput(
instanceIds: instanceList
)
)
if waitUntilTerminated {
print("Waiting for the instance to terminate...")
let waitOptions = WaiterOptions(maxWaitTime: 600.0)
let output = try await ec2Client.waitUntilInstanceTerminated(
options: waitOptions,
input: DescribeInstancesInput(
instanceIds: instanceList
)
)
switch output.result {
case .success:
return true
case .failure:
return false
}
} else {
return true
}
} catch {
print("*** Unable to terminate the instance: \(error.localizedDescription)")
return false
}
}
/// Return an array of `EC2ClientTypes.Image` objects describing all of
/// the images in the specified array.
///
/// - Parameter idList: A list of image ID strings indicating the images
/// to return details about.
///
/// - Returns: An array of the images.
func describeImages(_ idList: [String]) async -> [EC2ClientTypes.Image] {
do {
let output = try await ec2Client.describeImages(
input: DescribeImagesInput(
imageIds: idList
)
)
guard let images = output.images else {
print("*** No images found.")
return []
}
for image in images {
guard let id = image.imageId else {
continue
}
print(" \(id): \(image.description ?? "")")
}
return images
} catch {
print("*** Error getting image descriptions: \(error.localizedDescription)")
return []
}
}
/// Create and return a new EC2 instance.
///
/// - Parameters:
/// - imageId: The image ID of the AMI to use when creating the instance.
/// - instanceType: The type of instance to create.
/// - keyPairName: The RSA key pair's name to use to secure the instance.
/// - securityGroups: The security group or groups to add the instance
/// to.
///
/// - Returns: The EC2 instance as an `EC2ClientTypes.Instance` object.
func runInstance(imageId: String, instanceType: EC2ClientTypes.InstanceType,
keyPairName: String, securityGroups: [String]?) async -> EC2ClientTypes.Instance? {
do {
let output = try await ec2Client.runInstances(
input: RunInstancesInput(
imageId: imageId,
instanceType: instanceType,
keyName: keyPairName,
maxCount: 1,
minCount: 1,
securityGroupIds: securityGroups
)
)
guard let instances = output.instances else {
print("*** Unable to create the instance.")
return nil
}
return instances[0]
} catch {
print("*** Error creating the instance: \(error.localizedDescription)")
return nil
}
}
/// Return the device's external IP address.
///
/// - Returns: A string containing the device's IP address.
func getMyIPAddress() -> String? {
guard let url = URL(string: "http://checkip.amazonaws.com") else {
print("Couldn't create the URL")
return nil
}
do {
print("Getting the IP address...")
return try String(contentsOf: url, encoding: String.Encoding.utf8).trim()
} catch {
print("*** Unable to get your public IP address.")
return nil
}
}
/// Create a new security group.
///
/// - Parameters:
/// - groupName: The name of the group to create.
/// - groupDescription: A description of the new security group.
///
/// - Returns: The ID string of the new security group.
func createSecurityGroup(name groupName: String, description groupDescription: String) async -> String? {
do {
let output = try await ec2Client.createSecurityGroup(
input: CreateSecurityGroupInput(
description: groupDescription,
groupName: groupName
)
)
return output.groupId
} catch {
print("*** Error creating the security group: \(error.localizedDescription)")
return nil
}
}
/// Authorize ingress of connections for the security group.
///
/// - Parameters:
/// - groupId: The group ID of the security group to authorize access for.
/// - ipAddress: The IP address of the device to grant access to.
///
/// - Returns: `true` if access is successfully granted; otherwise `false`.
func authorizeSecurityGroupIngress(groupId: String, ipAddress: String) async -> Bool {
let ipRange = EC2ClientTypes.IpRange(cidrIp: "\(ipAddress)/0")
let httpPermission = EC2ClientTypes.IpPermission(
fromPort: 80,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 80
)
let sshPermission = EC2ClientTypes.IpPermission(
fromPort: 22,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 22
)
do {
_ = try await ec2Client.authorizeSecurityGroupIngress(
input: AuthorizeSecurityGroupIngressInput(
groupId: groupId,
ipPermissions: [httpPermission, sshPermission]
)
)
return true
} catch {
print("*** Error authorizing ingress for the security group: \(error.localizedDescription)")
return false
}
}
func describeSecurityGroups(groupId: String) async -> Bool {
do {
let output = try await ec2Client.describeSecurityGroups(
input: DescribeSecurityGroupsInput(
groupIds: [groupId]
)
)
guard let securityGroups = output.securityGroups else {
print("No security groups found.")
return true
}
for group in securityGroups {
print("Group \(group.groupId ?? "") found with VPC \(group.vpcId ?? "")")
}
return true
} catch {
print("*** Error getting security group details: \(error.localizedDescription)")
return false
}
}
/// Delete a security group.
///
/// - Parameter groupId: The ID of the security group to delete.
///
/// - Returns: `true` on successful deletion; `false` on error.
func deleteSecurityGroup(groupId: String) async -> Bool {
do {
_ = try await ec2Client.deleteSecurityGroup(
input: DeleteSecurityGroupInput(
groupId: groupId
)
)
return true
} catch {
print("*** Error deleting the security group: \(error.localizedDescription)")
return false
}
}
/// Allocate an Elastic IP address.
///
/// - Returns: A string containing the ID of the Elastic IP.
func allocateAddress() async -> String? {
do {
let output = try await ec2Client.allocateAddress(
input: AllocateAddressInput(
domain: EC2ClientTypes.DomainType.vpc
)
)
guard let allocationId = output.allocationId else {
return nil
}
return allocationId
} catch {
print("*** Unable to allocate the IP address: \(error.localizedDescription)")
return nil
}
}
/// Associate the specified allocated Elastic IP to a given instance.
///
/// - Parameters:
/// - instanceId: The instance to associate the Elastic IP with.
/// - allocationId: The ID of the allocated Elastic IP to associate with
/// the instance.
///
/// - Returns: The association ID of the association.
func associateAddress(instanceId: String?, allocationId: String?) async -> String? {
do {
let output = try await ec2Client.associateAddress(
input: AssociateAddressInput(
allocationId: allocationId,
instanceId: instanceId
)
)
return output.associationId
} catch {
print("*** Unable to associate the IP address: \(error.localizedDescription)")
return nil
}
}
/// Disassociate an Elastic IP.
///
/// - Parameter associationId: The ID of the association to end.
func disassociateAddress(associationId: String?) async {
do {
_ = try await ec2Client.disassociateAddress(
input: DisassociateAddressInput(
associationId: associationId
)
)
} catch {
print("*** Unable to disassociate the IP address: \(error.localizedDescription)")
}
}
/// Release an allocated Elastic IP.
///
/// - Parameter allocationId: The allocation ID of the Elastic IP to
/// release.
func releaseAddress(allocationId: String?) async {
do {
_ = try await ec2Client.releaseAddress(
input: ReleaseAddressInput(
allocationId: allocationId
)
)
} catch {
print("*** Unable to release the IP address: \(error.localizedDescription)")
}
}
/// Generate and return a unique file name that begins with the specified
/// string.
///
/// - Parameters:
/// - prefix: Text to use at the beginning of the returned name.
///
/// - Returns: A string containing a unique filename that begins with the
/// specified `prefix`.
///
/// The returned name uses a random number between 1 million and 1 billion to
/// provide reasonable certainty of uniqueness for the purposes of this
/// example.
func tempName(prefix: String) -> String {
return "\(prefix)-\(Int.random(in: 1000000..<1000000000))"
}
}
/// The program's asynchronous entry point.
@main
struct Main {
static func main() async {
let args = Array(CommandLine.arguments.dropFirst())
do {
let command = try ExampleCommand.parse(args)
try await command.runAsync()
} catch {
ExampleCommand.exit(withError: error)
}
}
}
```
+ For API details, see the following topics in *AWS SDK for Swift API reference*.
+ [AllocateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/allocateaddress(input:))
+ [AssociateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/associateaddress(input:))
+ [AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/authorizesecuritygroupingress(input:))
+ [CreateKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createkeypair(input:))
+ [CreateSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createsecuritygroup(input:))
+ [DeleteKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletekeypair(input:))
+ [DeleteSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletesecuritygroup(input:))
+ [DescribeImages](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeimages(input:))
+ [DescribeInstanceTypes](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeinstancetypes(input:))
+ [DescribeInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeinstances(input:))
+ [DescribeKeyPairs](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describekeypairs(input:))
+ [DescribeSecurityGroups](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describesecuritygroups(input:))
+ [DisassociateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/disassociateaddress(input:))
+ [ReleaseAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/releaseaddress(input:))
+ [RunInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/runinstances(input:))
+ [StartInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/startinstances(input:))
+ [StopInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/stopinstances(input:))
+ [TerminateInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/terminateinstances(input:))
+ [UnmonitorInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/unmonitorinstances(input:))
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Actions for Amazon EC2 using AWS SDKs
The following code examples demonstrate how to perform individual Amazon EC2 actions with AWS SDKs. Each example includes a link to GitHub, where you can find instructions for setting up and running the code.
These excerpts call the Amazon EC2 API and are code excerpts from larger programs that must be run in context. You can see actions in context in [Scenarios for Amazon EC2 using AWS SDKs](service_code_examples_scenarios.md).
The following examples include only the most commonly used actions. For a complete list, see the [Amazon Elastic Compute Cloud API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Welcome.html).
**Topics**
+ [`AcceptVpcPeeringConnection`](example_ec2_AcceptVpcPeeringConnection_section.md)
+ [`AllocateAddress`](example_ec2_AllocateAddress_section.md)
+ [`AllocateHosts`](example_ec2_AllocateHosts_section.md)
+ [`AssignPrivateIpAddresses`](example_ec2_AssignPrivateIpAddresses_section.md)
+ [`AssociateAddress`](example_ec2_AssociateAddress_section.md)
+ [`AssociateDhcpOptions`](example_ec2_AssociateDhcpOptions_section.md)
+ [`AssociateRouteTable`](example_ec2_AssociateRouteTable_section.md)
+ [`AttachInternetGateway`](example_ec2_AttachInternetGateway_section.md)
+ [`AttachNetworkInterface`](example_ec2_AttachNetworkInterface_section.md)
+ [`AttachVolume`](example_ec2_AttachVolume_section.md)
+ [`AttachVpnGateway`](example_ec2_AttachVpnGateway_section.md)
+ [`AuthorizeSecurityGroupEgress`](example_ec2_AuthorizeSecurityGroupEgress_section.md)
+ [`AuthorizeSecurityGroupIngress`](example_ec2_AuthorizeSecurityGroupIngress_section.md)
+ [`CancelCapacityReservation`](example_ec2_CancelCapacityReservation_section.md)
+ [`CancelImportTask`](example_ec2_CancelImportTask_section.md)
+ [`CancelSpotFleetRequests`](example_ec2_CancelSpotFleetRequests_section.md)
+ [`CancelSpotInstanceRequests`](example_ec2_CancelSpotInstanceRequests_section.md)
+ [`ConfirmProductInstance`](example_ec2_ConfirmProductInstance_section.md)
+ [`CopyImage`](example_ec2_CopyImage_section.md)
+ [`CopySnapshot`](example_ec2_CopySnapshot_section.md)
+ [`CreateCapacityReservation`](example_ec2_CreateCapacityReservation_section.md)
+ [`CreateCustomerGateway`](example_ec2_CreateCustomerGateway_section.md)
+ [`CreateDhcpOptions`](example_ec2_CreateDhcpOptions_section.md)
+ [`CreateFlowLogs`](example_ec2_CreateFlowLogs_section.md)
+ [`CreateImage`](example_ec2_CreateImage_section.md)
+ [`CreateInstanceExportTask`](example_ec2_CreateInstanceExportTask_section.md)
+ [`CreateInternetGateway`](example_ec2_CreateInternetGateway_section.md)
+ [`CreateKeyPair`](example_ec2_CreateKeyPair_section.md)
+ [`CreateLaunchTemplate`](example_ec2_CreateLaunchTemplate_section.md)
+ [`CreateNetworkAcl`](example_ec2_CreateNetworkAcl_section.md)
+ [`CreateNetworkAclEntry`](example_ec2_CreateNetworkAclEntry_section.md)
+ [`CreateNetworkInterface`](example_ec2_CreateNetworkInterface_section.md)
+ [`CreatePlacementGroup`](example_ec2_CreatePlacementGroup_section.md)
+ [`CreateRoute`](example_ec2_CreateRoute_section.md)
+ [`CreateRouteTable`](example_ec2_CreateRouteTable_section.md)
+ [`CreateSecurityGroup`](example_ec2_CreateSecurityGroup_section.md)
+ [`CreateSnapshot`](example_ec2_CreateSnapshot_section.md)
+ [`CreateSpotDatafeedSubscription`](example_ec2_CreateSpotDatafeedSubscription_section.md)
+ [`CreateSubnet`](example_ec2_CreateSubnet_section.md)
+ [`CreateTags`](example_ec2_CreateTags_section.md)
+ [`CreateVolume`](example_ec2_CreateVolume_section.md)
+ [`CreateVpc`](example_ec2_CreateVpc_section.md)
+ [`CreateVpcEndpoint`](example_ec2_CreateVpcEndpoint_section.md)
+ [`CreateVpnConnection`](example_ec2_CreateVpnConnection_section.md)
+ [`CreateVpnConnectionRoute`](example_ec2_CreateVpnConnectionRoute_section.md)
+ [`CreateVpnGateway`](example_ec2_CreateVpnGateway_section.md)
+ [`DeleteCustomerGateway`](example_ec2_DeleteCustomerGateway_section.md)
+ [`DeleteDhcpOptions`](example_ec2_DeleteDhcpOptions_section.md)
+ [`DeleteFlowLogs`](example_ec2_DeleteFlowLogs_section.md)
+ [`DeleteInternetGateway`](example_ec2_DeleteInternetGateway_section.md)
+ [`DeleteKeyPair`](example_ec2_DeleteKeyPair_section.md)
+ [`DeleteLaunchTemplate`](example_ec2_DeleteLaunchTemplate_section.md)
+ [`DeleteNetworkAcl`](example_ec2_DeleteNetworkAcl_section.md)
+ [`DeleteNetworkAclEntry`](example_ec2_DeleteNetworkAclEntry_section.md)
+ [`DeleteNetworkInterface`](example_ec2_DeleteNetworkInterface_section.md)
+ [`DeletePlacementGroup`](example_ec2_DeletePlacementGroup_section.md)
+ [`DeleteRoute`](example_ec2_DeleteRoute_section.md)
+ [`DeleteRouteTable`](example_ec2_DeleteRouteTable_section.md)
+ [`DeleteSecurityGroup`](example_ec2_DeleteSecurityGroup_section.md)
+ [`DeleteSnapshot`](example_ec2_DeleteSnapshot_section.md)
+ [`DeleteSpotDatafeedSubscription`](example_ec2_DeleteSpotDatafeedSubscription_section.md)
+ [`DeleteSubnet`](example_ec2_DeleteSubnet_section.md)
+ [`DeleteTags`](example_ec2_DeleteTags_section.md)
+ [`DeleteVolume`](example_ec2_DeleteVolume_section.md)
+ [`DeleteVpc`](example_ec2_DeleteVpc_section.md)
+ [`DeleteVpcEndpoints`](example_ec2_DeleteVpcEndpoints_section.md)
+ [`DeleteVpnConnection`](example_ec2_DeleteVpnConnection_section.md)
+ [`DeleteVpnConnectionRoute`](example_ec2_DeleteVpnConnectionRoute_section.md)
+ [`DeleteVpnGateway`](example_ec2_DeleteVpnGateway_section.md)
+ [`DeregisterImage`](example_ec2_DeregisterImage_section.md)
+ [`DescribeAccountAttributes`](example_ec2_DescribeAccountAttributes_section.md)
+ [`DescribeAddresses`](example_ec2_DescribeAddresses_section.md)
+ [`DescribeAvailabilityZones`](example_ec2_DescribeAvailabilityZones_section.md)
+ [`DescribeBundleTasks`](example_ec2_DescribeBundleTasks_section.md)
+ [`DescribeCapacityReservations`](example_ec2_DescribeCapacityReservations_section.md)
+ [`DescribeCustomerGateways`](example_ec2_DescribeCustomerGateways_section.md)
+ [`DescribeDhcpOptions`](example_ec2_DescribeDhcpOptions_section.md)
+ [`DescribeFlowLogs`](example_ec2_DescribeFlowLogs_section.md)
+ [`DescribeHostReservationOfferings`](example_ec2_DescribeHostReservationOfferings_section.md)
+ [`DescribeHosts`](example_ec2_DescribeHosts_section.md)
+ [`DescribeIamInstanceProfileAssociations`](example_ec2_DescribeIamInstanceProfileAssociations_section.md)
+ [`DescribeIdFormat`](example_ec2_DescribeIdFormat_section.md)
+ [`DescribeIdentityIdFormat`](example_ec2_DescribeIdentityIdFormat_section.md)
+ [`DescribeImageAttribute`](example_ec2_DescribeImageAttribute_section.md)
+ [`DescribeImages`](example_ec2_DescribeImages_section.md)
+ [`DescribeImportImageTasks`](example_ec2_DescribeImportImageTasks_section.md)
+ [`DescribeImportSnapshotTasks`](example_ec2_DescribeImportSnapshotTasks_section.md)
+ [`DescribeInstanceAttribute`](example_ec2_DescribeInstanceAttribute_section.md)
+ [`DescribeInstanceStatus`](example_ec2_DescribeInstanceStatus_section.md)
+ [`DescribeInstanceTypes`](example_ec2_DescribeInstanceTypes_section.md)
+ [`DescribeInstances`](example_ec2_DescribeInstances_section.md)
+ [`DescribeInternetGateways`](example_ec2_DescribeInternetGateways_section.md)
+ [`DescribeKeyPairs`](example_ec2_DescribeKeyPairs_section.md)
+ [`DescribeNetworkAcls`](example_ec2_DescribeNetworkAcls_section.md)
+ [`DescribeNetworkInterfaceAttribute`](example_ec2_DescribeNetworkInterfaceAttribute_section.md)
+ [`DescribeNetworkInterfaces`](example_ec2_DescribeNetworkInterfaces_section.md)
+ [`DescribePlacementGroups`](example_ec2_DescribePlacementGroups_section.md)
+ [`DescribePrefixLists`](example_ec2_DescribePrefixLists_section.md)
+ [`DescribeRegions`](example_ec2_DescribeRegions_section.md)
+ [`DescribeRouteTables`](example_ec2_DescribeRouteTables_section.md)
+ [`DescribeScheduledInstanceAvailability`](example_ec2_DescribeScheduledInstanceAvailability_section.md)
+ [`DescribeScheduledInstances`](example_ec2_DescribeScheduledInstances_section.md)
+ [`DescribeSecurityGroups`](example_ec2_DescribeSecurityGroups_section.md)
+ [`DescribeSnapshotAttribute`](example_ec2_DescribeSnapshotAttribute_section.md)
+ [`DescribeSnapshots`](example_ec2_DescribeSnapshots_section.md)
+ [`DescribeSpotDatafeedSubscription`](example_ec2_DescribeSpotDatafeedSubscription_section.md)
+ [`DescribeSpotFleetInstances`](example_ec2_DescribeSpotFleetInstances_section.md)
+ [`DescribeSpotFleetRequestHistory`](example_ec2_DescribeSpotFleetRequestHistory_section.md)
+ [`DescribeSpotFleetRequests`](example_ec2_DescribeSpotFleetRequests_section.md)
+ [`DescribeSpotInstanceRequests`](example_ec2_DescribeSpotInstanceRequests_section.md)
+ [`DescribeSpotPriceHistory`](example_ec2_DescribeSpotPriceHistory_section.md)
+ [`DescribeSubnets`](example_ec2_DescribeSubnets_section.md)
+ [`DescribeTags`](example_ec2_DescribeTags_section.md)
+ [`DescribeVolumeAttribute`](example_ec2_DescribeVolumeAttribute_section.md)
+ [`DescribeVolumeStatus`](example_ec2_DescribeVolumeStatus_section.md)
+ [`DescribeVolumes`](example_ec2_DescribeVolumes_section.md)
+ [`DescribeVpcAttribute`](example_ec2_DescribeVpcAttribute_section.md)
+ [`DescribeVpcClassicLink`](example_ec2_DescribeVpcClassicLink_section.md)
+ [`DescribeVpcClassicLinkDnsSupport`](example_ec2_DescribeVpcClassicLinkDnsSupport_section.md)
+ [`DescribeVpcEndpointServices`](example_ec2_DescribeVpcEndpointServices_section.md)
+ [`DescribeVpcEndpoints`](example_ec2_DescribeVpcEndpoints_section.md)
+ [`DescribeVpcs`](example_ec2_DescribeVpcs_section.md)
+ [`DescribeVpnConnections`](example_ec2_DescribeVpnConnections_section.md)
+ [`DescribeVpnGateways`](example_ec2_DescribeVpnGateways_section.md)
+ [`DetachInternetGateway`](example_ec2_DetachInternetGateway_section.md)
+ [`DetachNetworkInterface`](example_ec2_DetachNetworkInterface_section.md)
+ [`DetachVolume`](example_ec2_DetachVolume_section.md)
+ [`DetachVpnGateway`](example_ec2_DetachVpnGateway_section.md)
+ [`DisableVgwRoutePropagation`](example_ec2_DisableVgwRoutePropagation_section.md)
+ [`DisableVpcClassicLink`](example_ec2_DisableVpcClassicLink_section.md)
+ [`DisableVpcClassicLinkDnsSupport`](example_ec2_DisableVpcClassicLinkDnsSupport_section.md)
+ [`DisassociateAddress`](example_ec2_DisassociateAddress_section.md)
+ [`DisassociateRouteTable`](example_ec2_DisassociateRouteTable_section.md)
+ [`EnableVgwRoutePropagation`](example_ec2_EnableVgwRoutePropagation_section.md)
+ [`EnableVolumeIo`](example_ec2_EnableVolumeIo_section.md)
+ [`EnableVpcClassicLink`](example_ec2_EnableVpcClassicLink_section.md)
+ [`EnableVpcClassicLinkDnsSupport`](example_ec2_EnableVpcClassicLinkDnsSupport_section.md)
+ [`GetConsoleOutput`](example_ec2_GetConsoleOutput_section.md)
+ [`GetHostReservationPurchasePreview`](example_ec2_GetHostReservationPurchasePreview_section.md)
+ [`GetPasswordData`](example_ec2_GetPasswordData_section.md)
+ [`ImportImage`](example_ec2_ImportImage_section.md)
+ [`ImportKeyPair`](example_ec2_ImportKeyPair_section.md)
+ [`ImportSnapshot`](example_ec2_ImportSnapshot_section.md)
+ [`ModifyCapacityReservation`](example_ec2_ModifyCapacityReservation_section.md)
+ [`ModifyHosts`](example_ec2_ModifyHosts_section.md)
+ [`ModifyIdFormat`](example_ec2_ModifyIdFormat_section.md)
+ [`ModifyImageAttribute`](example_ec2_ModifyImageAttribute_section.md)
+ [`ModifyInstanceAttribute`](example_ec2_ModifyInstanceAttribute_section.md)
+ [`ModifyInstanceCreditSpecification`](example_ec2_ModifyInstanceCreditSpecification_section.md)
+ [`ModifyNetworkInterfaceAttribute`](example_ec2_ModifyNetworkInterfaceAttribute_section.md)
+ [`ModifyReservedInstances`](example_ec2_ModifyReservedInstances_section.md)
+ [`ModifySnapshotAttribute`](example_ec2_ModifySnapshotAttribute_section.md)
+ [`ModifySpotFleetRequest`](example_ec2_ModifySpotFleetRequest_section.md)
+ [`ModifySubnetAttribute`](example_ec2_ModifySubnetAttribute_section.md)
+ [`ModifyVolumeAttribute`](example_ec2_ModifyVolumeAttribute_section.md)
+ [`ModifyVpcAttribute`](example_ec2_ModifyVpcAttribute_section.md)
+ [`MonitorInstances`](example_ec2_MonitorInstances_section.md)
+ [`MoveAddressToVpc`](example_ec2_MoveAddressToVpc_section.md)
+ [`PurchaseHostReservation`](example_ec2_PurchaseHostReservation_section.md)
+ [`PurchaseScheduledInstances`](example_ec2_PurchaseScheduledInstances_section.md)
+ [`RebootInstances`](example_ec2_RebootInstances_section.md)
+ [`RegisterImage`](example_ec2_RegisterImage_section.md)
+ [`RejectVpcPeeringConnection`](example_ec2_RejectVpcPeeringConnection_section.md)
+ [`ReleaseAddress`](example_ec2_ReleaseAddress_section.md)
+ [`ReleaseHosts`](example_ec2_ReleaseHosts_section.md)
+ [`ReplaceIamInstanceProfileAssociation`](example_ec2_ReplaceIamInstanceProfileAssociation_section.md)
+ [`ReplaceNetworkAclAssociation`](example_ec2_ReplaceNetworkAclAssociation_section.md)
+ [`ReplaceNetworkAclEntry`](example_ec2_ReplaceNetworkAclEntry_section.md)
+ [`ReplaceRoute`](example_ec2_ReplaceRoute_section.md)
+ [`ReplaceRouteTableAssociation`](example_ec2_ReplaceRouteTableAssociation_section.md)
+ [`ReportInstanceStatus`](example_ec2_ReportInstanceStatus_section.md)
+ [`RequestSpotFleet`](example_ec2_RequestSpotFleet_section.md)
+ [`RequestSpotInstances`](example_ec2_RequestSpotInstances_section.md)
+ [`ResetImageAttribute`](example_ec2_ResetImageAttribute_section.md)
+ [`ResetInstanceAttribute`](example_ec2_ResetInstanceAttribute_section.md)
+ [`ResetNetworkInterfaceAttribute`](example_ec2_ResetNetworkInterfaceAttribute_section.md)
+ [`ResetSnapshotAttribute`](example_ec2_ResetSnapshotAttribute_section.md)
+ [`RevokeSecurityGroupEgress`](example_ec2_RevokeSecurityGroupEgress_section.md)
+ [`RevokeSecurityGroupIngress`](example_ec2_RevokeSecurityGroupIngress_section.md)
+ [`RunInstances`](example_ec2_RunInstances_section.md)
+ [`RunScheduledInstances`](example_ec2_RunScheduledInstances_section.md)
+ [`StartInstances`](example_ec2_StartInstances_section.md)
+ [`StopInstances`](example_ec2_StopInstances_section.md)
+ [`TerminateInstances`](example_ec2_TerminateInstances_section.md)
+ [`UnassignPrivateIpAddresses`](example_ec2_UnassignPrivateIpAddresses_section.md)
+ [`UnmonitorInstances`](example_ec2_UnmonitorInstances_section.md)
+ [`UpdateSecurityGroupRuleDescriptionsIngress`](example_ec2_UpdateSecurityGroupRuleDescriptionsIngress_section.md)
# Use `AcceptVpcPeeringConnection` with a CLI
The following code examples show how to use `AcceptVpcPeeringConnection`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Working with VPC peering connections](example_ec2_GettingStarted_015_section.md)
------
#### [ CLI ]
**AWS CLI**
**To accept a VPC peering connection**
This example accepts the specified VPC peering connection request.
Command:
```
aws ec2 accept-vpc-peering-connection --vpc-peering-connection-id pcx-1a2b3c4d
```
Output:
```
{
"VpcPeeringConnection": {
"Status": {
"Message": "Provisioning",
"Code": "provisioning"
},
"Tags": [],
"AccepterVpcInfo": {
"OwnerId": "444455556666",
"VpcId": "vpc-44455566",
"CidrBlock": "10.0.1.0/28"
},
"VpcPeeringConnectionId": "pcx-1a2b3c4d",
"RequesterVpcInfo": {
"OwnerId": "444455556666",
"VpcId": "vpc-111abc45",
"CidrBlock": "10.0.0.0/28"
}
}
}
```
+ For API details, see [AcceptVpcPeeringConnection](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/accept-vpc-peering-connection.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example approves the requested VpcPeeringConnectionId pcx-1dfad234b56ff78be**
```
Approve-EC2VpcPeeringConnection -VpcPeeringConnectionId pcx-1dfad234b56ff78be
```
**Output:**
```
AccepterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
ExpirationTime : 1/1/0001 12:00:00 AM
RequesterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
Status : Amazon.EC2.Model.VpcPeeringConnectionStateReason
Tags : {}
VpcPeeringConnectionId : pcx-1dfad234b56ff78be
```
+ For API details, see [AcceptVpcPeeringConnection](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example approves the requested VpcPeeringConnectionId pcx-1dfad234b56ff78be**
```
Approve-EC2VpcPeeringConnection -VpcPeeringConnectionId pcx-1dfad234b56ff78be
```
**Output:**
```
AccepterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
ExpirationTime : 1/1/0001 12:00:00 AM
RequesterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
Status : Amazon.EC2.Model.VpcPeeringConnectionStateReason
Tags : {}
VpcPeeringConnectionId : pcx-1dfad234b56ff78be
```
+ For API details, see [AcceptVpcPeeringConnection](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AllocateAddress` with an AWS SDK or CLI
The following code examples show how to use `AllocateAddress`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon EC2](example_ec2_GettingStarted_013_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples).
```
///
/// Allocates an Elastic IP address that can be associated with an Amazon EC2
// instance. By using an Elastic IP address, you can keep the public IP address
// constant even when you restart the associated instance.
///
/// The response object for the allocated address.
public async Task AllocateAddress()
{
var request = new AllocateAddressRequest();
try
{
var response = await _amazonEC2.AllocateAddressAsync(request);
Console.WriteLine($"Allocated IP: {response.PublicIp} with allocation ID {response.AllocationId}.");
return response;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "AddressLimitExceeded")
{
// For more information on Elastic IP address quotas, see:
// https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-limit
_logger.LogError($"Unable to allocate Elastic IP, address limit exceeded. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while allocating Elastic IP.: {ex.Message}");
throw;
}
}
```
+ For API details, see [AllocateAddress](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/AllocateAddress) in *AWS SDK for .NET API Reference*.
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# function ec2_allocate_address
#
# This function allocates an Elastic IP address for use with Amazon Elastic Compute Cloud (Amazon EC2) instances in a specific AWS Region.
#
# Parameters:
# -d domain - The domain for the Elastic IP address (either 'vpc' or 'standard').
#
# Returns:
# The allocated Elastic IP address, or an error message if the operation fails.
# And:
# 0 - If successful.
# 1 - If it fails.
#
###############################################################################
function ec2_allocate_address() {
local domain response
# Function to display usage information
function usage() {
echo "function ec2_allocate_address"
echo "Allocates an Elastic IP address for use with Amazon Elastic Compute Cloud (Amazon EC2) instances in a specific AWS Region."
echo " -d domain - The domain for the Elastic IP address (either 'vpc' or 'standard')."
echo ""
}
# Parse the command-line arguments
while getopts "d:h" option; do
case "${option}" in
d) domain="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
# Validate the input parameters
if [[ -z "$domain" ]]; then
errecho "ERROR: You must provide a domain with the -d parameter (either 'vpc' or 'standard')."
return 1
fi
if [[ "$domain" != "vpc" && "$domain" != "standard" ]]; then
errecho "ERROR: Invalid domain value. Must be either 'vpc' or 'standard'."
return 1
fi
# Allocate the Elastic IP address
response=$(aws ec2 allocate-address \
--domain "$domain" \
--query "[PublicIp,AllocationId]" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports allocate-address operation failed."
errecho "$response"
return 1
}
echo "$response"
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [AllocateAddress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/AllocateAddress) in *AWS CLI Command Reference*.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! Allocate an Elastic IP address and associate it with an Amazon Elastic Compute Cloud
//! (Amazon EC2) instance.
/*!
\param instanceID: An EC2 instance ID.
\param[out] publicIPAddress: String to return the public IP address.
\param[out] allocationID: String to return the allocation ID.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::allocateAndAssociateAddress(const Aws::String &instanceId, Aws::String &publicIPAddress,
Aws::String &allocationID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::AllocateAddressRequest request;
request.SetDomain(Aws::EC2::Model::DomainType::vpc);
const Aws::EC2::Model::AllocateAddressOutcome outcome =
ec2Client.AllocateAddress(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to allocate Elastic IP address:" <<
outcome.GetError().GetMessage() << std::endl;
return false;
}
const Aws::EC2::Model::AllocateAddressResponse &response = outcome.GetResult();
allocationID = response.GetAllocationId();
publicIPAddress = response.GetPublicIp();
return true;
}
```
+ For API details, see [AllocateAddress](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/AllocateAddress) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To allocate an Elastic IP address from Amazon's address pool**
The following `allocate-address` example allocates an Elastic IP address. Amazon EC2 selects the address from Amazon's address pool.
```
aws ec2 allocate-address
```
Output:
```
{
"PublicIp": "70.224.234.241",
"AllocationId": "eipalloc-01435ba59eEXAMPLE",
"PublicIpv4Pool": "amazon",
"NetworkBorderGroup": "us-west-2",
"Domain": "vpc"
}
```
For more information, see [Elastic IP addresses](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) in the *Amazon EC2 User Guide*.
**Example 2: To allocate an Elastic IP address and associate it with a network border group**
The following `allocate-address` example allocates an Elastic IP address and associates it with the specified network border group.
```
aws ec2 allocate-address \
--network-border-group us-west-2-lax-1
```
Output:
```
{
"PublicIp": "70.224.234.241",
"AllocationId": "eipalloc-e03dd489ceEXAMPLE",
"PublicIpv4Pool": "amazon",
"NetworkBorderGroup": "us-west-2-lax-1",
"Domain": "vpc"
}
```
For more information, see [Elastic IP addresses](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) in the *Amazon EC2 User Guide*.
**Example 3: To allocate an Elastic IP address from an address pool that you own**
The following `allocate-address` example allocates an Elastic IP address from an address pool that you have brought to your Amazon Web Services account. Amazon EC2 selects the address from the address pool.
```
aws ec2 allocate-address \
--public-ipv4-pool ipv4pool-ec2-1234567890abcdef0
```
Output:
```
{
"AllocationId": "eipalloc-02463d08ceEXAMPLE",
"NetworkBorderGroup": "us-west-2",
"CustomerOwnedIp": "18.218.95.81",
"CustomerOwnedIpv4Pool": "ipv4pool-ec2-1234567890abcdef0",
"Domain": "vpc"
"NetworkBorderGroup": "us-west-2",
}
```
For more information, see [Elastic IP addresses](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) in the *Amazon EC2 User Guide*.
**Example 4: To allocate an Elastic IP address from an IPAM pool**
The following `allocate-address` example allocates a specific /32 Elastic IP address from an Amazon VPC IP Address Manager (IPAM) pool.
```
aws ec2 allocate-address \
--region us-east-1 \
--ipam-pool-id ipam-pool-1234567890abcdef0 \
--address 192.0.2.0
```
Output:
```
{
"PublicIp": "192.0.2.0",
"AllocationId": "eipalloc-abcdef01234567890",
"PublicIpv4Pool": "ipam-pool-1234567890abcdef0",
"NetworkBorderGroup": "us-east-1",
"Domain": "vpc"
}
```
For more information, see [Allocate sequential Elastic IP addresses from an IPAM pool](https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-eip-pool.html) in the *Amazon VPC IPAM User Guide*.
+ For API details, see [AllocateAddress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/allocate-address.html) in *AWS CLI Command Reference*.
------
#### [ Java ]
**SDK for Java 2.x**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples).
```
/**
* Allocates an Elastic IP address asynchronously in the VPC domain.
*
* @return a {@link CompletableFuture} containing the allocation ID of the allocated Elastic IP address
*/
public CompletableFuture allocateAddressAsync() {
AllocateAddressRequest allocateRequest = AllocateAddressRequest.builder()
.domain(DomainType.VPC)
.build();
CompletableFuture responseFuture = getAsyncClient().allocateAddress(allocateRequest);
return responseFuture.thenApply(AllocateAddressResponse::allocationId).whenComplete((result, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to allocate address", ex);
}
});
}
```
+ For API details, see [AllocateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AllocateAddress) in *AWS SDK for Java 2.x API Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { AllocateAddressCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Allocates an Elastic IP address to your AWS account.
*/
export const main = async () => {
const client = new EC2Client({});
const command = new AllocateAddressCommand({});
try {
const { AllocationId, PublicIp } = await client.send(command);
console.log("A new IP address has been allocated to your account:");
console.log(`ID: ${AllocationId} Public IP: ${PublicIp}`);
console.log(
"You can view your IP addresses in the AWS Management Console for Amazon EC2. Look under Network & Security > Elastic IPs",
);
} catch (caught) {
if (caught instanceof Error && caught.name === "MissingParameter") {
console.warn(`${caught.message}. Did you provide these values?`);
} else {
throw caught;
}
}
};
import { fileURLToPath } from "node:url";
// Call function if run directly.
if (process.argv[1] === fileURLToPath(import.meta.url)) {
main();
}
```
+ For API details, see [AllocateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AllocateAddressCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
suspend fun getAllocateAddress(instanceIdVal: String?): String? {
val allocateRequest =
AllocateAddressRequest {
domain = DomainType.Vpc
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val allocateResponse = ec2.allocateAddress(allocateRequest)
val allocationIdVal = allocateResponse.allocationId
val request =
AssociateAddressRequest {
instanceId = instanceIdVal
allocationId = allocationIdVal
}
val associateResponse = ec2.associateAddress(request)
return associateResponse.associationId
}
}
```
+ For API details, see [AllocateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html) in *AWS SDK for Kotlin API reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example allocates an Elastic IP address to use with an instance in a VPC.**
```
New-EC2Address -Domain Vpc
```
**Output:**
```
AllocationId Domain PublicIp
------------ ------ --------
eipalloc-12345678 vpc 198.51.100.2
```
**Example 2: This example allocates an Elastic IP address to use with an instance in EC2-Classic.**
```
New-EC2Address
```
**Output:**
```
AllocationId Domain PublicIp
------------ ------ --------
standard 203.0.113.17
```
+ For API details, see [AllocateAddress](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example allocates an Elastic IP address to use with an instance in a VPC.**
```
New-EC2Address -Domain Vpc
```
**Output:**
```
AllocationId Domain PublicIp
------------ ------ --------
eipalloc-12345678 vpc 198.51.100.2
```
**Example 2: This example allocates an Elastic IP address to use with an instance in EC2-Classic.**
```
New-EC2Address
```
**Output:**
```
AllocationId Domain PublicIp
------------ ------ --------
standard 203.0.113.17
```
+ For API details, see [AllocateAddress](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class ElasticIpWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Elastic IP address actions using the client interface."""
class ElasticIp:
"""Represents an Elastic IP and its associated instance."""
def __init__(
self, allocation_id: str, public_ip: str, instance_id: Optional[str] = None
) -> None:
"""
Initializes the ElasticIp object.
:param allocation_id: The allocation ID of the Elastic IP.
:param public_ip: The public IP address of the Elastic IP.
:param instance_id: The ID of the associated EC2 instance, if any.
"""
self.allocation_id = allocation_id
self.public_ip = public_ip
self.instance_id = instance_id
def __init__(self, ec2_client: Any) -> None:
"""
Initializes the ElasticIpWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
self.elastic_ips: List[ElasticIpWrapper.ElasticIp] = []
@classmethod
def from_client(cls) -> "ElasticIpWrapper":
"""
Creates an ElasticIpWrapper instance with a default EC2 client.
:return: An instance of ElasticIpWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def allocate(self) -> "ElasticIpWrapper.ElasticIp":
"""
Allocates an Elastic IP address that can be associated with an Amazon EC2
instance. By using an Elastic IP address, you can keep the public IP address
constant even when you restart the associated instance.
:return: The ElasticIp object for the newly created Elastic IP address.
:raises ClientError: If the allocation fails, such as reaching the maximum limit of Elastic IPs.
"""
try:
response = self.ec2_client.allocate_address(Domain="vpc")
elastic_ip = self.ElasticIp(
allocation_id=response["AllocationId"], public_ip=response["PublicIp"]
)
self.elastic_ips.append(elastic_ip)
except ClientError as err:
if err.response["Error"]["Code"] == "AddressLimitExceeded":
logger.error(
"Max IP's reached. Release unused addresses or contact AWS Support for an increase."
)
raise err
return elastic_ip
```
+ For API details, see [AllocateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AllocateAddress) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Ruby ]
**SDK for Ruby**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples).
```
# Creates an Elastic IP address in Amazon Virtual Private Cloud (Amazon VPC).
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @return [String] The allocation ID corresponding to the Elastic IP address.
# @example
# puts allocate_elastic_ip_address(Aws::EC2::Client.new(region: 'us-west-2'))
def allocate_elastic_ip_address(ec2_client)
response = ec2_client.allocate_address(domain: 'vpc')
response.allocation_id
rescue StandardError => e
puts "Error allocating Elastic IP address: #{e.message}"
'Error'
end
```
+ For API details, see [AllocateAddress](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/AllocateAddress) in *AWS SDK for Ruby API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
```
pub async fn allocate_ip_address(&self) -> Result {
self.client
.allocate_address()
.domain(DomainType::Vpc)
.send()
.await
.map_err(EC2Error::from)
}
```
+ For API details, see [AllocateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.allocate_address) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
oo_result = lo_ec2->allocateaddress( iv_domain = 'vpc' ). " oo_result is returned for testing purposes. "
MESSAGE 'Allocated an Elastic IP address.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [AllocateAddress](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
```
import AWSEC2
/// Allocate an Elastic IP address.
///
/// - Returns: A string containing the ID of the Elastic IP.
func allocateAddress() async -> String? {
do {
let output = try await ec2Client.allocateAddress(
input: AllocateAddressInput(
domain: EC2ClientTypes.DomainType.vpc
)
)
guard let allocationId = output.allocationId else {
return nil
}
return allocationId
} catch {
print("*** Unable to allocate the IP address: \(error.localizedDescription)")
return nil
}
}
```
+ For API details, see [AllocateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/allocateaddress(input:)) in *AWS SDK for Swift API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AllocateHosts` with a CLI
The following code examples show how to use `AllocateHosts`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To allocate a Dedicated Host**
The following `allocate-hosts` example allocates a single Dedicated Host in the `eu-west-1a` Availability Zone, onto which you can launch `m5.large` instances. By default, the Dedicated Host accepts only target instance launches, and does not support host recovery.
```
aws ec2 allocate-hosts \
--instance-type m5.large \
--availability-zone eu-west-1a \
--quantity 1
```
Output:
```
{
"HostIds": [
"h-07879acf49EXAMPLE"
]
}
```
**Example 2: To allocate a Dedicated Host with auto-placement and host recovery enabled**
The following `allocate-hosts` example allocates a single Dedicated Host in the `eu-west-1a` Availability Zone with auto-placement and host recovery enabled.
```
aws ec2 allocate-hosts \
--instance-type m5.large \
--availability-zone eu-west-1a \
--auto-placement on \
--host-recovery on \
--quantity 1
```
Output:
```
{
"HostIds": [
"h-07879acf49EXAMPLE"
]
}
```
**Example 3: To allocate a Dedicated Host with tags**
The following `allocate-hosts` example allocates a single Dedicated Host and applies a tag with a key named `purpose` and a value of `production`.
```
aws ec2 allocate-hosts \
--instance-type m5.large \
--availability-zone eu-west-1a \
--quantity 1 \
--tag-specifications 'ResourceType=dedicated-host,Tags={Key=purpose,Value=production}'
```
Output:
```
{
"HostIds": [
"h-07879acf49EXAMPLE"
]
}
```
For more information, see [Allocate a Dedicated Host](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-allocating.html) in the *Amazon EC2 User Guide*.
+ For API details, see [AllocateHosts](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/allocate-hosts.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example allocates a Dedicated Host to your account for the given instance type and availability zone**
```
New-EC2Host -AutoPlacement on -AvailabilityZone eu-west-1b -InstanceType m4.xlarge -Quantity 1
```
**Output:**
```
h-01e23f4cd567890f3
```
+ For API details, see [AllocateHosts](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example allocates a Dedicated Host to your account for the given instance type and availability zone**
```
New-EC2Host -AutoPlacement on -AvailabilityZone eu-west-1b -InstanceType m4.xlarge -Quantity 1
```
**Output:**
```
h-01e23f4cd567890f3
```
+ For API details, see [AllocateHosts](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AssignPrivateIpAddresses` with a CLI
The following code examples show how to use `AssignPrivateIpAddresses`.
------
#### [ CLI ]
**AWS CLI**
**To assign a specific secondary private IP address a network interface**
This example assigns the specified secondary private IP address to the specified network interface. If the command succeeds, no output is returned.
Command:
```
aws ec2 assign-private-ip-addresses --network-interface-id eni-e5aa89a3 --private-ip-addresses 10.0.0.82
```
**To assign secondary private IP addresses that Amazon EC2 selects to a network interface**
This example assigns two secondary private IP addresses to the specified network interface. Amazon EC2 automatically assigns these IP addresses from the available IP addresses in the CIDR block range of the subnet the network interface is associated with. If the command succeeds, no output is returned.
Command:
```
aws ec2 assign-private-ip-addresses --network-interface-id eni-e5aa89a3 --secondary-private-ip-address-count 2
```
+ For API details, see [AssignPrivateIpAddresses](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/assign-private-ip-addresses.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example assigns the specified secondary private IP address to the specified network interface.**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -PrivateIpAddress 10.0.0.82
```
**Example 2: This example creates two secondary private IP addresses and assigns them to the specified network interface.**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -SecondaryPrivateIpAddressCount 2
```
+ For API details, see [AssignPrivateIpAddresses](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example assigns the specified secondary private IP address to the specified network interface.**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -PrivateIpAddress 10.0.0.82
```
**Example 2: This example creates two secondary private IP addresses and assigns them to the specified network interface.**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -SecondaryPrivateIpAddressCount 2
```
+ For API details, see [AssignPrivateIpAddresses](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AssociateAddress` with an AWS SDK or CLI
The following code examples show how to use `AssociateAddress`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
+ [Getting started with Amazon EC2](example_ec2_GettingStarted_013_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples).
```
///
/// Associates an Elastic IP address with an instance. When this association is
/// created, the Elastic IP's public IP address is immediately used as the public
/// IP address of the associated instance.
///
/// The allocation Id of an Elastic IP address.
/// The instance Id of the EC2 instance to
/// associate the address with.
/// The association Id that represents
/// the association of the Elastic IP address with an instance.
public async Task AssociateAddress(string allocationId, string instanceId)
{
try
{
var request = new AssociateAddressRequest
{
AllocationId = allocationId,
InstanceId = instanceId
};
var response = await _amazonEC2.AssociateAddressAsync(request);
return response.AssociationId;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidInstanceId")
{
_logger.LogError(
$"InstanceId is invalid, unable to associate address. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while associating the Elastic IP.: {ex.Message}");
throw;
}
}
```
+ For API details, see [AssociateAddress](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/AssociateAddress) in *AWS SDK for .NET API Reference*.
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# function ec2_associate_address
#
# This function associates an Elastic IP address with an Amazon Elastic Compute Cloud (Amazon EC2) instance.
#
# Parameters:
# -a allocation_id - The allocation ID of the Elastic IP address to associate.
# -i instance_id - The ID of the EC2 instance to associate the Elastic IP address with.
#
# Returns:
# 0 - If successful.
# 1 - If it fails.
#
###############################################################################
function ec2_associate_address() {
local allocation_id instance_id response
# Function to display usage information
function usage() {
echo "function ec2_associate_address"
echo "Associates an Elastic IP address with an Amazon Elastic Compute Cloud (Amazon EC2) instance."
echo " -a allocation_id - The allocation ID of the Elastic IP address to associate."
echo " -i instance_id - The ID of the EC2 instance to associate the Elastic IP address with."
echo ""
}
# Parse the command-line arguments
while getopts "a:i:h" option; do
case "${option}" in
a) allocation_id="${OPTARG}" ;;
i) instance_id="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
# Validate the input parameters
if [[ -z "$allocation_id" ]]; then
errecho "ERROR: You must provide an allocation ID with the -a parameter."
return 1
fi
if [[ -z "$instance_id" ]]; then
errecho "ERROR: You must provide an instance ID with the -i parameter."
return 1
fi
# Associate the Elastic IP address
response=$(aws ec2 associate-address \
--allocation-id "$allocation_id" \
--instance-id "$instance_id" \
--query "AssociationId" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports associate-address operation failed."
errecho "$response"
return 1
}
echo "$response"
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [AssociateAddress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/AssociateAddress) in *AWS CLI Command Reference*.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
Aws::EC2::EC2Client ec2Client(clientConfiguration);
//! Associate an Elastic IP address with an EC2 instance.
/*!
\param instanceId: An EC2 instance ID.
\param allocationId: An Elastic IP allocation ID.
\param[out] associationID: String to receive the association ID.
\param clientConfiguration: AWS client configuration.
\return bool: True if the address was associated with the instance; otherwise, false.
*/
bool AwsDoc::EC2::associateAddress(const Aws::String &instanceId, const Aws::String &allocationId,
Aws::String &associationID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::AssociateAddressRequest request;
request.SetInstanceId(instanceId);
request.SetAllocationId(allocationId);
Aws::EC2::Model::AssociateAddressOutcome outcome = ec2Client.AssociateAddress(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to associate address " << allocationId <<
" with instance " << instanceId << ": " <<
outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully associated address " << allocationId <<
" with instance " << instanceId << std::endl;
associationID = outcome.GetResult().GetAssociationId();
}
return outcome.IsSuccess();
}
```
+ For API details, see [AssociateAddress](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/AssociateAddress) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To associate an Elastic IP address with an instance**
The following `associate-address` example associates an Elastic IP address with the specified EC2 instance.
```
aws ec2 associate-address \
--instance-id i-0b263919b6498b123 \
--allocation-id eipalloc-64d5890a
```
Output:
```
{
"AssociationId": "eipassoc-2bebb745"
}
```
**Example 2: To associate an Elastic IP address with a network interface**
The following `associate-address` example associates the specified Elastic IP address with the specified network interface.
```
aws ec2 associate-address
--allocation-id eipalloc-64d5890a \
--network-interface-id eni-1a2b3c4d
```
Output:
```
{
"AssociationId": "eipassoc-2bebb745"
}
```
**Example 3: To associate an Elastic IP address with a private IP address**
The following `associate-address` example associates the specified Elastic IP address with the specified private IP address in the specified network interface.
```
aws ec2 associate-address \
--allocation-id eipalloc-64d5890a \
--network-interface-id eni-1a2b3c4d \
--private-ip-address 10.0.0.85
```
Output:
```
{
"AssociationId": "eipassoc-2bebb745"
}
```
For more information, see [Elastic IP addresses](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) in the *Amazon EC2 User Guide*.
+ For API details, see [AssociateAddress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/associate-address.html) in *AWS CLI Command Reference*.
------
#### [ Java ]
**SDK for Java 2.x**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples).
```
/**
* Associates an Elastic IP address with an EC2 instance asynchronously.
*
* @param instanceId the ID of the EC2 instance to associate the Elastic IP address with
* @param allocationId the allocation ID of the Elastic IP address to associate
* @return a {@link CompletableFuture} that completes with the association ID when the operation is successful,
* or throws a {@link RuntimeException} if the operation fails
*/
public CompletableFuture associateAddressAsync(String instanceId, String allocationId) {
AssociateAddressRequest associateRequest = AssociateAddressRequest.builder()
.instanceId(instanceId)
.allocationId(allocationId)
.build();
CompletableFuture responseFuture = getAsyncClient().associateAddress(associateRequest);
return responseFuture.thenApply(response -> {
if (response.associationId() != null) {
return response.associationId();
} else {
throw new RuntimeException("Association ID is null after associating address.");
}
}).whenComplete((result, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to associate address", ex);
}
});
}
```
+ For API details, see [AssociateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AssociateAddress) in *AWS SDK for Java 2.x API Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { AssociateAddressCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Associates an Elastic IP address, or carrier IP address (for instances that are in subnets in Wavelength Zones)
* with an instance or a network interface.
* @param {{ instanceId: string, allocationId: string }} options
*/
export const main = async ({ instanceId, allocationId }) => {
const client = new EC2Client({});
const command = new AssociateAddressCommand({
// You need to allocate an Elastic IP address before associating it with an instance.
// You can do that with the AllocateAddressCommand.
AllocationId: allocationId,
// You need to create an EC2 instance before an IP address can be associated with it.
// You can do that with the RunInstancesCommand.
InstanceId: instanceId,
});
try {
const { AssociationId } = await client.send(command);
console.log(
`Address with allocation ID ${allocationId} is now associated with instance ${instanceId}.`,
`The association ID is ${AssociationId}.`,
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
console.warn(
`${caught.message}. Did you provide the ID of a valid Elastic IP address AllocationId?`,
);
} else {
throw caught;
}
}
};
```
+ For API details, see [AssociateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AssociateAddressCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
suspend fun associateAddressSc(
instanceIdVal: String?,
allocationIdVal: String?,
): String? {
val associateRequest =
AssociateAddressRequest {
instanceId = instanceIdVal
allocationId = allocationIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val associateResponse = ec2.associateAddress(associateRequest)
return associateResponse.associationId
}
}
```
+ For API details, see [AssociateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html) in *AWS SDK for Kotlin API reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example associates the specified Elastic IP address with the specified instance in a VPC.**
```
C:\> Register-EC2Address -InstanceId i-12345678 -AllocationId eipalloc-12345678
```
**Output:**
```
eipassoc-12345678
```
**Example 2: This example associates the specified Elastic IP address with the specified instance in EC2-Classic.**
```
C:\> Register-EC2Address -InstanceId i-12345678 -PublicIp 203.0.113.17
```
+ For API details, see [AssociateAddress](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example associates the specified Elastic IP address with the specified instance in a VPC.**
```
C:\> Register-EC2Address -InstanceId i-12345678 -AllocationId eipalloc-12345678
```
**Output:**
```
eipassoc-12345678
```
**Example 2: This example associates the specified Elastic IP address with the specified instance in EC2-Classic.**
```
C:\> Register-EC2Address -InstanceId i-12345678 -PublicIp 203.0.113.17
```
+ For API details, see [AssociateAddress](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class ElasticIpWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Elastic IP address actions using the client interface."""
class ElasticIp:
"""Represents an Elastic IP and its associated instance."""
def __init__(
self, allocation_id: str, public_ip: str, instance_id: Optional[str] = None
) -> None:
"""
Initializes the ElasticIp object.
:param allocation_id: The allocation ID of the Elastic IP.
:param public_ip: The public IP address of the Elastic IP.
:param instance_id: The ID of the associated EC2 instance, if any.
"""
self.allocation_id = allocation_id
self.public_ip = public_ip
self.instance_id = instance_id
def __init__(self, ec2_client: Any) -> None:
"""
Initializes the ElasticIpWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
self.elastic_ips: List[ElasticIpWrapper.ElasticIp] = []
@classmethod
def from_client(cls) -> "ElasticIpWrapper":
"""
Creates an ElasticIpWrapper instance with a default EC2 client.
:return: An instance of ElasticIpWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def associate(
self, allocation_id: str, instance_id: str
) -> Union[Dict[str, Any], None]:
"""
Associates an Elastic IP address with an instance. When this association is
created, the Elastic IP's public IP address is immediately used as the public
IP address of the associated instance.
:param allocation_id: The allocation ID of the Elastic IP.
:param instance_id: The ID of the Amazon EC2 instance.
:return: A response that contains the ID of the association, or None if no Elastic IP is found.
:raises ClientError: If the association fails, such as when the instance ID is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None:
logger.info(f"No Elastic IP found with allocation ID {allocation_id}.")
return None
try:
response = self.ec2_client.associate_address(
AllocationId=allocation_id, InstanceId=instance_id
)
elastic_ip.instance_id = (
instance_id # Track the instance associated with this Elastic IP.
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidInstanceID.NotFound":
logger.error(
f"Failed to associate Elastic IP {allocation_id} with {instance_id} "
"because the specified instance ID does not exist or has not propagated fully. "
"Verify the instance ID and try again, or wait a few moments before attempting to "
"associate the Elastic IP address."
)
raise
return response
```
+ For API details, see [AssociateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AssociateAddress) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Ruby ]
**SDK for Ruby**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples).
```
# Associates an Elastic IP address with an Amazon Elastic Compute Cloud
# (Amazon EC2) instance.
#
# Prerequisites:
#
# - The allocation ID corresponding to the Elastic IP address.
# - The Amazon EC2 instance.
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @param allocation_id [String] The ID of the allocation corresponding to
# the Elastic IP address.
# @param instance_id [String] The ID of the instance.
# @return [String] The assocation ID corresponding to the association of the
# Elastic IP address to the instance.
# @example
# puts allocate_elastic_ip_address(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'eipalloc-04452e528a66279EX',
# 'i-033c48ef067af3dEX')
def associate_elastic_ip_address_with_instance(
ec2_client,
allocation_id,
instance_id
)
response = ec2_client.associate_address(
allocation_id: allocation_id,
instance_id: instance_id
)
response.association_id
rescue StandardError => e
puts "Error associating Elastic IP address with instance: #{e.message}"
'Error'
end
```
+ For API details, see [AssociateAddress](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/AssociateAddress) in *AWS SDK for Ruby API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
```
pub async fn associate_ip_address(
&self,
allocation_id: &str,
instance_id: &str,
) -> Result {
let response = self
.client
.associate_address()
.allocation_id(allocation_id)
.instance_id(instance_id)
.send()
.await?;
Ok(response)
}
```
+ For API details, see [AssociateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.associate_address) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
oo_result = lo_ec2->associateaddress( " oo_result is returned for testing purposes. "
iv_allocationid = iv_allocation_id
iv_instanceid = iv_instance_id ).
MESSAGE 'Associated an Elastic IP address with an EC2 instance.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [AssociateAddress](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
```
import AWSEC2
/// Associate the specified allocated Elastic IP to a given instance.
///
/// - Parameters:
/// - instanceId: The instance to associate the Elastic IP with.
/// - allocationId: The ID of the allocated Elastic IP to associate with
/// the instance.
///
/// - Returns: The association ID of the association.
func associateAddress(instanceId: String?, allocationId: String?) async -> String? {
do {
let output = try await ec2Client.associateAddress(
input: AssociateAddressInput(
allocationId: allocationId,
instanceId: instanceId
)
)
return output.associationId
} catch {
print("*** Unable to associate the IP address: \(error.localizedDescription)")
return nil
}
}
```
+ For API details, see [AssociateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/associateaddress(input:)) in *AWS SDK for Swift API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AssociateDhcpOptions` with a CLI
The following code examples show how to use `AssociateDhcpOptions`.
------
#### [ CLI ]
**AWS CLI**
**To associate a DHCP options set with your VPC**
This example associates the specified DHCP options set with the specified VPC. If the command succeeds, no output is returned.
Command:
```
aws ec2 associate-dhcp-options --dhcp-options-id dopt-d9070ebb --vpc-id vpc-a01106c2
```
**To associate the default DHCP options set with your VPC**
This example associates the default DHCP options set with the specified VPC. If the command succeeds, no output is returned.
Command:
```
aws ec2 associate-dhcp-options --dhcp-options-id default --vpc-id vpc-a01106c2
```
+ For API details, see [AssociateDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/associate-dhcp-options.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example associates the specified DHCP options set with the specified VPC.**
```
Register-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d -VpcId vpc-12345678
```
**Example 2: This example associates the default DHCP options set with the specified VPC.**
```
Register-EC2DhcpOption -DhcpOptionsId default -VpcId vpc-12345678
```
+ For API details, see [AssociateDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example associates the specified DHCP options set with the specified VPC.**
```
Register-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d -VpcId vpc-12345678
```
**Example 2: This example associates the default DHCP options set with the specified VPC.**
```
Register-EC2DhcpOption -DhcpOptionsId default -VpcId vpc-12345678
```
+ For API details, see [AssociateDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AssociateRouteTable` with a CLI
The following code examples show how to use `AssociateRouteTable`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
+ [Working with VPC peering connections](example_ec2_GettingStarted_015_section.md)
------
#### [ CLI ]
**AWS CLI**
**To associate a route table with a subnet**
This example associates the specified route table with the specified subnet.
Command:
```
aws ec2 associate-route-table --route-table-id rtb-22574640 --subnet-id subnet-9d4a7b6c
```
Output:
```
{
"AssociationId": "rtbassoc-781d0d1a"
}
```
+ For API details, see [AssociateRouteTable](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/associate-route-table.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example associates the specified route table with the specified subnet.**
```
Register-EC2RouteTable -RouteTableId rtb-1a2b3c4d -SubnetId subnet-1a2b3c4d
```
**Output:**
```
rtbassoc-12345678
```
+ For API details, see [AssociateRouteTable](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example associates the specified route table with the specified subnet.**
```
Register-EC2RouteTable -RouteTableId rtb-1a2b3c4d -SubnetId subnet-1a2b3c4d
```
**Output:**
```
rtbassoc-12345678
```
+ For API details, see [AssociateRouteTable](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AttachInternetGateway` with a CLI
The following code examples show how to use `AttachInternetGateway`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ CLI ]
**AWS CLI**
**To attach an internet gateway to your VPC**
The following `attach-internet-gateway` example attaches the specified internet gateway to the specific VPC.
```
aws ec2 attach-internet-gateway \
--internet-gateway-id igw-0d0fb496b3EXAMPLE \
--vpc-id vpc-0a60eb65b4EXAMPLE
```
This command produces no output.
For more information, see [Internet gateways](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html) in the *Amazon VPC User Guide*.
+ For API details, see [AttachInternetGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-internet-gateway.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example attaches the specified Internet gateway to the specified VPC.**
```
Add-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d -VpcId vpc-12345678
```
**Example 2: This example creates a VPC and an Internet gateway, and then attaches the Internet gateway to the VPC.**
```
$vpc = New-EC2Vpc -CidrBlock 10.0.0.0/16
New-EC2InternetGateway | Add-EC2InternetGateway -VpcId $vpc.VpcId
```
+ For API details, see [AttachInternetGateway](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example attaches the specified Internet gateway to the specified VPC.**
```
Add-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d -VpcId vpc-12345678
```
**Example 2: This example creates a VPC and an Internet gateway, and then attaches the Internet gateway to the VPC.**
```
$vpc = New-EC2Vpc -CidrBlock 10.0.0.0/16
New-EC2InternetGateway | Add-EC2InternetGateway -VpcId $vpc.VpcId
```
+ For API details, see [AttachInternetGateway](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AttachNetworkInterface` with a CLI
The following code examples show how to use `AttachNetworkInterface`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To attach a network interface to an instance**
The following `attach-network-interface` example attaches the specified network interface to the specified instance.
```
aws ec2 attach-network-interface \
--network-interface-id eni-0dc56a8d4640ad10a \
--instance-id i-1234567890abcdef0 \
--device-index 1
```
Output:
```
{
"AttachmentId": "eni-attach-01a8fc87363f07cf9"
}
```
For more information, see [Elastic network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html) in the *Amazon EC2 User Guide*.
**Example 2: To attach a network interface to an instance with multiple network cards**
The following `attach-network-interface` example attaches the specified network interface to the specified instance and network card.
```
aws ec2 attach-network-interface \
--network-interface-id eni-07483b1897541ad83 \
--instance-id i-01234567890abcdef \
--network-card-index 1 \
--device-index 1
```
Output:
```
{
"AttachmentId": "eni-attach-0fbd7ee87a88cd06c"
}
```
For more information, see [Elastic network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html) in the *Amazon EC2 User Guide*.
+ For API details, see [AttachNetworkInterface](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-network-interface.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example attaches the specified network interface to the specified instance.**
```
Add-EC2NetworkInterface -NetworkInterfaceId eni-12345678 -InstanceId i-1a2b3c4d -DeviceIndex 1
```
**Output:**
```
eni-attach-1a2b3c4d
```
+ For API details, see [AttachNetworkInterface](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example attaches the specified network interface to the specified instance.**
```
Add-EC2NetworkInterface -NetworkInterfaceId eni-12345678 -InstanceId i-1a2b3c4d -DeviceIndex 1
```
**Output:**
```
eni-attach-1a2b3c4d
```
+ For API details, see [AttachNetworkInterface](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AttachVolume` with a CLI
The following code examples show how to use `AttachVolume`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Creating and managing Amazon EBS volumes](example_ec2_GettingStarted_020_section.md)
------
#### [ CLI ]
**AWS CLI**
**To attach a volume to an instance**
This example command attaches a volume (`vol-1234567890abcdef0`) to an instance (`i-01474ef662b89480`) as `/dev/sdf`.
Command:
```
aws ec2 attach-volume --volume-id vol-1234567890abcdef0 --instance-id i-01474ef662b89480 --device /dev/sdf
```
Output:
```
{
"AttachTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"InstanceId": "i-01474ef662b89480",
"VolumeId": "vol-1234567890abcdef0",
"State": "attaching",
"Device": "/dev/sdf"
}
```
+ For API details, see [AttachVolume](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-volume.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example attaches the specified volume to the specified instance and exposes it with the specified device name.**
```
Add-EC2Volume -VolumeId vol-12345678 -InstanceId i-1a2b3c4d -Device /dev/sdh
```
**Output:**
```
AttachTime : 12/22/2015 1:53:58 AM
DeleteOnTermination : False
Device : /dev/sdh
InstanceId : i-1a2b3c4d
State : attaching
VolumeId : vol-12345678
```
+ For API details, see [AttachVolume](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example attaches the specified volume to the specified instance and exposes it with the specified device name.**
```
Add-EC2Volume -VolumeId vol-12345678 -InstanceId i-1a2b3c4d -Device /dev/sdh
```
**Output:**
```
AttachTime : 12/22/2015 1:53:58 AM
DeleteOnTermination : False
Device : /dev/sdh
InstanceId : i-1a2b3c4d
State : attaching
VolumeId : vol-12345678
```
+ For API details, see [AttachVolume](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AttachVpnGateway` with a CLI
The following code examples show how to use `AttachVpnGateway`.
------
#### [ CLI ]
**AWS CLI**
**To attach a virtual private gateway to your VPC**
The following `attach-vpn-gateway` example attaches the specified virtual private gateway to the specified VPC.
```
aws ec2 attach-vpn-gateway \
--vpn-gateway-id vgw-9a4cacf3 \
--vpc-id vpc-a01106c2
```
Output:
```
{
"VpcAttachment": {
"State": "attaching",
"VpcId": "vpc-a01106c2"
}
}
```
+ For API details, see [AttachVpnGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-vpn-gateway.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example attaches the specified virtual private gateway to the specified VPC.**
```
Add-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d -VpcId vpc-12345678
```
**Output:**
```
State VpcId
----- -----
attaching vpc-12345678
```
+ For API details, see [AttachVpnGateway](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example attaches the specified virtual private gateway to the specified VPC.**
```
Add-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d -VpcId vpc-12345678
```
**Output:**
```
State VpcId
----- -----
attaching vpc-12345678
```
+ For API details, see [AttachVpnGateway](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AuthorizeSecurityGroupEgress` with a CLI
The following code examples show how to use `AuthorizeSecurityGroupEgress`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To add a rule that allows outbound traffic to a specific address range**
The following `authorize-security-group-egress` example adds a rule that grants access to the specified address ranges on TCP port 80.
```
aws ec2 authorize-security-group-egress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges=[{CidrIp=10.0.0.0/16}]'
```
Output:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0b15794cdb17bf29c",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": true,
"IpProtocol": "tcp",
"FromPort": 80,
"ToPort": 80,
"CidrIpv4": "10.0.0.0/16"
}
]
}
```
**Example 2: To add a rule that allows outbound traffic to a specific security group**
The following `authorize-security-group-egress` example adds a rule that grants access to the specified security group on TCP port 80.
```
aws ec2 authorize-security-group-egress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=80,ToPort=80,UserIdGroupPairs=[{GroupId=sg-0aad1c26bbeec5c22}]'
```
Output:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0b5dd815afcea9cc3",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": true,
"IpProtocol": "tcp",
"FromPort": 80,
"ToPort": 80,
"ReferencedGroupInfo": {
"GroupId": "sg-0aad1c26bbeec5c22",
"UserId": "123456789012"
}
}
]
}
```
For more information, see [Security groups](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html) in the *Amazon VPC User Guide*.
+ For API details, see [AuthorizeSecurityGroupEgress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/authorize-security-group-egress.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example defines an egress rule for the specified security group for EC2-VPC. The rule grants access to the specified IP address range on TCP port 80. The syntax used by this example requires PowerShell version 3 or higher.**
```
$ip = @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; IpRanges="203.0.113.0/24" }
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**Example 2: With PowerShell version 2, you must use New-Object to create the IpPermission object.**
```
$ip = New-Object Amazon.EC2.Model.IpPermission
$ip.IpProtocol = "tcp"
$ip.FromPort = 80
$ip.ToPort = 80
$ip.IpRanges.Add("203.0.113.0/24")
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**Example 3: This example grants access to the specified source security group on TCP port 80.**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; UserIdGroupPairs=$ug } )
```
+ For API details, see [AuthorizeSecurityGroupEgress](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example defines an egress rule for the specified security group for EC2-VPC. The rule grants access to the specified IP address range on TCP port 80. The syntax used by this example requires PowerShell version 3 or higher.**
```
$ip = @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; IpRanges="203.0.113.0/24" }
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**Example 2: With PowerShell version 2, you must use New-Object to create the IpPermission object.**
```
$ip = New-Object Amazon.EC2.Model.IpPermission
$ip.IpProtocol = "tcp"
$ip.FromPort = 80
$ip.ToPort = 80
$ip.IpRanges.Add("203.0.113.0/24")
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**Example 3: This example grants access to the specified source security group on TCP port 80.**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; UserIdGroupPairs=$ug } )
```
+ For API details, see [AuthorizeSecurityGroupEgress](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `AuthorizeSecurityGroupIngress` with an AWS SDK or CLI
The following code examples show how to use `AuthorizeSecurityGroupIngress`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
+ [Configure Amazon ECS Service Connect](example_ecs_ServiceConnect_085_section.md)
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Create an Amazon ECS Linux task for the Fargate launch type](example_ecs_GettingStarted_086_section.md)
+ [Creating an Amazon ECS service for the EC2 launch type](example_ecs_GettingStarted_018_section.md)
+ [Creating an Amazon RDS DB instance](example_rds_GettingStarted_036_section.md)
+ [Creating and managing Amazon EBS volumes](example_ec2_GettingStarted_020_section.md)
+ [Get started with Marketplace Buyer](example_ec2_GettingStarted_030_section.md)
+ [Getting started with Amazon DocumentDB](example_docdb_GettingStarted_025_section.md)
+ [Getting started with Amazon EC2](example_ec2_GettingStarted_013_section.md)
+ [Getting started with Amazon ElastiCache](example_ec2_GettingStarted_065_section.md)
+ [Getting started with Amazon MSK](example_ec2_GettingStarted_057_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [Getting started with Elastic Load Balancing](example_elastic_load_balancing_v2_GettingStarted_058_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples).
```
///
/// Authorize the local computer ingress to EC2 instances associated
/// with the virtual private cloud (VPC) security group.
///
/// The name of the security group.
/// A Boolean value indicating the success of the action.
public async Task AuthorizeSecurityGroupIngress(string groupName)
{
try
{
// Get the IP address for the local computer.
var ipAddress = await GetIpAddress();
Console.WriteLine($"Your IP address is: {ipAddress}");
var ipRanges =
new List { new IpRange { CidrIp = $"{ipAddress}/32" } };
var permission = new IpPermission
{
Ipv4Ranges = ipRanges,
IpProtocol = "tcp",
FromPort = 22,
ToPort = 22
};
var permissions = new List { permission };
var response = await _amazonEC2.AuthorizeSecurityGroupIngressAsync(
new AuthorizeSecurityGroupIngressRequest(groupName, permissions));
return response.HttpStatusCode == HttpStatusCode.OK;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidPermission.Duplicate")
{
_logger.LogError(
$"The ingress rule already exists. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while authorizing ingress.: {ex.Message}");
throw;
}
}
///
/// Authorize the local computer for ingress to
/// the Amazon EC2 SecurityGroup.
///
/// The IPv4 address of the computer running the scenario.
private static async Task GetIpAddress()
{
var httpClient = new HttpClient();
var ipString = await httpClient.GetStringAsync("https://checkip.amazonaws.com");
// The IP address is returned with a new line
// character on the end. Trim off the whitespace and
// return the value to the caller.
return ipString.Trim();
}
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/AuthorizeSecurityGroupIngress) in *AWS SDK for .NET API Reference*.
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# function ec2_authorize_security_group_ingress
#
# This function authorizes an ingress rule for an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Parameters:
# -g security_group_id - The ID of the security group.
# -i ip_address - The IP address or CIDR block to authorize.
# -p protocol - The protocol to authorize (e.g., tcp, udp, icmp).
# -f from_port - The start of the port range to authorize.
# -t to_port - The end of the port range to authorize.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_authorize_security_group_ingress() {
local security_group_id ip_address protocol from_port to_port response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_authorize_security_group_ingress"
echo "Authorizes an ingress rule for an Amazon Elastic Compute Cloud (Amazon EC2) security group."
echo " -g security_group_id - The ID of the security group."
echo " -i ip_address - The IP address or CIDR block to authorize."
echo " -p protocol - The protocol to authorize (e.g., tcp, udp, icmp)."
echo " -f from_port - The start of the port range to authorize."
echo " -t to_port - The end of the port range to authorize."
echo ""
}
# Retrieve the calling parameters.
while getopts "g:i:p:f:t:h" option; do
case "${option}" in
g) security_group_id="${OPTARG}" ;;
i) ip_address="${OPTARG}" ;;
p) protocol="${OPTARG}" ;;
f) from_port="${OPTARG}" ;;
t) to_port="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$security_group_id" ]]; then
errecho "ERROR: You must provide a security group ID with the -g parameter."
usage
return 1
fi
if [[ -z "$ip_address" ]]; then
errecho "ERROR: You must provide an IP address or CIDR block with the -i parameter."
usage
return 1
fi
if [[ -z "$protocol" ]]; then
errecho "ERROR: You must provide a protocol with the -p parameter."
usage
return 1
fi
if [[ -z "$from_port" ]]; then
errecho "ERROR: You must provide a start port with the -f parameter."
usage
return 1
fi
if [[ -z "$to_port" ]]; then
errecho "ERROR: You must provide an end port with the -t parameter."
usage
return 1
fi
response=$(aws ec2 authorize-security-group-ingress \
--group-id "$security_group_id" \
--cidr "${ip_address}/32" \
--protocol "$protocol" \
--port "$from_port-$to_port" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports authorize-security-group-ingress operation failed.$response"
return 1
}
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/AuthorizeSecurityGroupIngress) in *AWS CLI Command Reference*.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! Authorize ingress to an Amazon Elastic Compute Cloud (Amazon EC2) group.
/*!
\param groupID: The EC2 group ID.
\param clientConfiguration: The ClientConfiguration object.
\return bool: True if the operation was successful, false otherwise.
*/
bool
AwsDoc::EC2::authorizeSecurityGroupIngress(const Aws::String &groupID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest;
authorizeSecurityGroupIngressRequest.SetGroupId(groupID);
buildSampleIngressRule(authorizeSecurityGroupIngressRequest);
Aws::EC2::Model::AuthorizeSecurityGroupIngressOutcome authorizeSecurityGroupIngressOutcome =
ec2Client.AuthorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest);
if (authorizeSecurityGroupIngressOutcome.IsSuccess()) {
std::cout << "Successfully authorized security group ingress." << std::endl;
} else {
std::cerr << "Error authorizing security group ingress: "
<< authorizeSecurityGroupIngressOutcome.GetError().GetMessage() << std::endl;
}
return authorizeSecurityGroupIngressOutcome.IsSuccess();
}
```
Utility function to build an ingress rule.
```
//! Build a sample ingress rule.
/*!
\param authorize_request: An 'AuthorizeSecurityGroupIngressRequest' instance.
\return void:
*/
void buildSampleIngressRule(
Aws::EC2::Model::AuthorizeSecurityGroupIngressRequest &authorize_request) {
Aws::String ingressIPRange = "203.0.113.0/24"; // Configure this for your allowed IP range.
Aws::EC2::Model::IpRange ip_range;
ip_range.SetCidrIp(ingressIPRange);
Aws::EC2::Model::IpPermission permission1;
permission1.SetIpProtocol("tcp");
permission1.SetToPort(80);
permission1.SetFromPort(80);
permission1.AddIpRanges(ip_range);
authorize_request.AddIpPermissions(permission1);
Aws::EC2::Model::IpPermission permission2;
permission2.SetIpProtocol("tcp");
permission2.SetToPort(22);
permission2.SetFromPort(22);
permission2.AddIpRanges(ip_range);
authorize_request.AddIpPermissions(permission2);
}
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/AuthorizeSecurityGroupIngress) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To add a rule that allows inbound SSH traffic**
The following `authorize-security-group-ingress` example adds a rule that allows inbound traffic on TCP port 22 (SSH).
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--protocol tcp \
--port 22 \
--cidr 203.0.113.0/24
```
Output:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-01afa97ef3e1bedfc",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"CidrIpv4": "203.0.113.0/24"
}
]
}
```
**Example 2: To add a rule that allows inbound HTTP traffic from another security group**
The following `authorize-security-group-ingress` example adds a rule that allows inbound access on TCP port 80 from the source security group `sg-1a2b3c4d`. The source group must be in the same VPC or in a peer VPC (requires a VPC peering connection). Incoming traffic is allowed based on the private IP addresses of instances that are associated with the source security group (not the public IP address or Elastic IP address).
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--protocol tcp \
--port 80 \
--source-group sg-1a2b3c4d
```
Output:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-01f4be99110f638a7",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 80,
"ToPort": 80,
"ReferencedGroupInfo": {
"GroupId": "sg-1a2b3c4d",
"UserId": "123456789012"
}
}
]
}
```
**Example 3: To add multiple rules in the same call**
The following `authorize-security-group-ingress` example uses the `ip-permissions` parameter to add two inbound rules, one that enables inbound access on TCP port 3389 (RDP) and the other that enables ping/ICMP.
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges=[{CidrIp=172.31.0.0/16}]' 'IpProtocol=icmp,FromPort=-1,ToPort=-1,IpRanges=[{CidrIp=172.31.0.0/16}]'
```
Output:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-00e06e5d3690f29f3",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 3389,
"ToPort": 3389,
"CidrIpv4": "172.31.0.0/16"
},
{
"SecurityGroupRuleId": "sgr-0a133dd4493944b87",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": -1,
"ToPort": -1,
"CidrIpv4": "172.31.0.0/16"
}
]
}
```
**Example 4: To add a rule for ICMP traffic**
The following `authorize-security-group-ingress` example uses the `ip-permissions` parameter to add an inbound rule that allows the ICMP message `Destination Unreachable: Fragmentation Needed and Don't Fragment was Set` (Type 3, Code 4) from anywhere.
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=icmp,FromPort=3,ToPort=4,IpRanges=[{CidrIp=0.0.0.0/0}]'
```
Output:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0de3811019069b787",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "icmp",
"FromPort": 3,
"ToPort": 4,
"CidrIpv4": "0.0.0.0/0"
}
]
}
```
**Example 5: To add a rule for IPv6 traffic**
The following `authorize-security-group-ingress` example uses the `ip-permissions` parameter to add an inbound rule that allows SSH access (port 22) from the IPv6 range `2001:db8:1234:1a00::/64`.
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=22,ToPort=22,Ipv6Ranges=[{CidrIpv6=2001:db8:1234:1a00::/64}]'
```
Output:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0455bc68b60805563",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"CidrIpv6": "2001:db8:1234:1a00::/64"
}
]
}
```
**Example 6: To add a rule for ICMPv6 traffic**
The following `authorize-security-group-ingress` example uses the `ip-permissions` parameter to add an inbound rule that allows ICMPv6 traffic from anywhere.
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=icmpv6,Ipv6Ranges=[{CidrIpv6=::/0}]'
```
Output:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-04b612d9363ab6327",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "icmpv6",
"FromPort": -1,
"ToPort": -1,
"CidrIpv6": "::/0"
}
]
}
```
**Example 7: Add a rule with a description**
The following `authorize-security-group-ingress` example uses the `ip-permissions` parameter to add an inbound rule that allows RDP traffic from the specified IPv4 address range. The rule includes a description to help you identify it later.
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges=[{CidrIp=203.0.113.0/24,Description='RDP access from NY office'}]'
```
Output:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0397bbcc01e974db3",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 3389,
"ToPort": 3389,
"CidrIpv4": "203.0.113.0/24",
"Description": "RDP access from NY office"
}
]
}
```
**Example 8: To add an inbound rule that uses a prefix list**
The following `authorize-security-group-ingress` example uses the `ip-permissions` parameter to add an inbound rule that allows all traffic for the CIDR ranges in the specified prefix list.
```
aws ec2 authorize-security-group-ingress \
--group-id sg-04a351bfe432d4e71 \
--ip-permissions 'IpProtocol=all,PrefixListIds=[{PrefixListId=pl-002dc3ec097de1514}]'
```
Output:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-09c74b32f677c6c7c",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "-1",
"FromPort": -1,
"ToPort": -1,
"PrefixListId": "pl-0721453c7ac4ec009"
}
]
}
```
For more information, see [Security groups](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html) in the *Amazon VPC User Guide*.
+ For API details, see [AuthorizeSecurityGroupIngress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/authorize-security-group-ingress.html) in *AWS CLI Command Reference*.
------
#### [ Java ]
**SDK for Java 2.x**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples).
```
/**
* Creates a new security group asynchronously with the specified group name, description, and VPC ID. It also
* authorizes inbound traffic on ports 80 and 22 from the specified IP address.
*
* @param groupName the name of the security group to create
* @param groupDesc the description of the security group
* @param vpcId the ID of the VPC in which to create the security group
* @param myIpAddress the IP address from which to allow inbound traffic (e.g., "192.168.1.1/0" to allow traffic from
* any IP address in the 192.168.1.0/24 subnet)
* @return a CompletableFuture that, when completed, returns the ID of the created security group
* @throws RuntimeException if there was a failure creating the security group or authorizing the inbound traffic
*/
public CompletableFuture createSecurityGroupAsync(String groupName, String groupDesc, String vpcId, String myIpAddress) {
CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder()
.groupName(groupName)
.description(groupDesc)
.vpcId(vpcId)
.build();
return getAsyncClient().createSecurityGroup(createRequest)
.thenCompose(createResponse -> {
String groupId = createResponse.groupId();
IpRange ipRange = IpRange.builder()
.cidrIp(myIpAddress + "/32")
.build();
IpPermission ipPerm = IpPermission.builder()
.ipProtocol("tcp")
.toPort(80)
.fromPort(80)
.ipRanges(ipRange)
.build();
IpPermission ipPerm2 = IpPermission.builder()
.ipProtocol("tcp")
.toPort(22)
.fromPort(22)
.ipRanges(ipRange)
.build();
AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder()
.groupName(groupName)
.ipPermissions(ipPerm, ipPerm2)
.build();
return getAsyncClient().authorizeSecurityGroupIngress(authRequest)
.thenApply(authResponse -> groupId);
})
.whenComplete((result, exception) -> {
if (exception != null) {
if (exception instanceof CompletionException && exception.getCause() instanceof Ec2Exception) {
throw (Ec2Exception) exception.getCause();
} else {
throw new RuntimeException("Failed to create security group: " + exception.getMessage(), exception);
}
}
});
}
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AuthorizeSecurityGroupIngress) in *AWS SDK for Java 2.x API Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import {
AuthorizeSecurityGroupIngressCommand,
EC2Client,
} from "@aws-sdk/client-ec2";
/**
* Adds the specified inbound (ingress) rules to a security group.
* @param {{ groupId: string, ipAddress: string }} options
*/
export const main = async ({ groupId, ipAddress }) => {
const client = new EC2Client({});
const command = new AuthorizeSecurityGroupIngressCommand({
// Use a group ID from the AWS console or
// the DescribeSecurityGroupsCommand.
GroupId: groupId,
IpPermissions: [
{
IpProtocol: "tcp",
FromPort: 22,
ToPort: 22,
// The IP address to authorize.
// For more information on this notation, see
// https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation
IpRanges: [{ CidrIp: `${ipAddress}/32` }],
},
],
});
try {
const { SecurityGroupRules } = await client.send(command);
console.log(JSON.stringify(SecurityGroupRules, null, 2));
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidGroupId.Malformed") {
console.warn(`${caught.message}. Please provide a valid GroupId.`);
} else {
throw caught;
}
}
};
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AuthorizeSecurityGroupIngressCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
suspend fun createEC2SecurityGroupSc(
groupNameVal: String?,
groupDescVal: String?,
vpcIdVal: String?,
myIpAddress: String?,
): String? {
val request =
CreateSecurityGroupRequest {
groupName = groupNameVal
description = groupDescVal
vpcId = vpcIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val resp = ec2.createSecurityGroup(request)
val ipRange =
IpRange {
cidrIp = "$myIpAddress/0"
}
val ipPerm =
IpPermission {
ipProtocol = "tcp"
toPort = 80
fromPort = 80
ipRanges = listOf(ipRange)
}
val ipPerm2 =
IpPermission {
ipProtocol = "tcp"
toPort = 22
fromPort = 22
ipRanges = listOf(ipRange)
}
val authRequest =
AuthorizeSecurityGroupIngressRequest {
groupName = groupNameVal
ipPermissions = listOf(ipPerm, ipPerm2)
}
ec2.authorizeSecurityGroupIngress(authRequest)
println("Successfully added ingress policy to Security Group $groupNameVal")
return resp.groupId
}
}
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/kotlin/api/latest/index.html) in *AWS SDK for Kotlin API reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example defines ingress rules for a security group for EC2-VPC. These rules grant access to a specific IP address for SSH (port 22) and RDC (port 3389). Note that you must identify security groups for EC2-VPC using the security group ID not the security group name. The syntax used by this example requires PowerShell version 3 or higher.**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**Example 2: With PowerShell version 2, you must use New-Object to create the IpPermission objects.**
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**Example 3: This example defines ingress rules for a security group for EC2-Classic. These rules grant access to a specific IP address for SSH (port 22) and RDC (port 3389). The syntax used by this example requires PowerShell version 3 or higher.**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**Example 4: With PowerShell version 2, you must use New-Object to create the IpPermission objects.**
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**Example 5: This example grants TCP port 8081 access from the specified source security group (sg-1a2b3c4d) to the specified security group (sg-12345678).**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="8081"; ToPort="8081"; UserIdGroupPairs=$ug } )
```
**Example 6: This example adds the CIDR 5.5.5.5/32 to the Ingress rules of security Group sg-1234abcd for TCP port 22 traffic with a description.**
```
$IpRange = New-Object -TypeName Amazon.EC2.Model.IpRange
$IpRange.CidrIp = "5.5.5.5/32"
$IpRange.Description = "SSH from Office"
$IpPermission = New-Object Amazon.EC2.Model.IpPermission
$IpPermission.IpProtocol = "tcp"
$IpPermission.ToPort = 22
$IpPermission.FromPort = 22
$IpPermission.Ipv4Ranges = $IpRange
Grant-EC2SecurityGroupIngress -GroupId sg-1234abcd -IpPermission $IpPermission
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example defines ingress rules for a security group for EC2-VPC. These rules grant access to a specific IP address for SSH (port 22) and RDC (port 3389). Note that you must identify security groups for EC2-VPC using the security group ID not the security group name. The syntax used by this example requires PowerShell version 3 or higher.**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**Example 2: With PowerShell version 2, you must use New-Object to create the IpPermission objects.**
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**Example 3: This example defines ingress rules for a security group for EC2-Classic. These rules grant access to a specific IP address for SSH (port 22) and RDC (port 3389). The syntax used by this example requires PowerShell version 3 or higher.**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**Example 4: With PowerShell version 2, you must use New-Object to create the IpPermission objects.**
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**Example 5: This example grants TCP port 8081 access from the specified source security group (sg-1a2b3c4d) to the specified security group (sg-12345678).**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="8081"; ToPort="8081"; UserIdGroupPairs=$ug } )
```
**Example 6: This example adds the CIDR 5.5.5.5/32 to the Ingress rules of security Group sg-1234abcd for TCP port 22 traffic with a description.**
```
$IpRange = New-Object -TypeName Amazon.EC2.Model.IpRange
$IpRange.CidrIp = "5.5.5.5/32"
$IpRange.Description = "SSH from Office"
$IpPermission = New-Object Amazon.EC2.Model.IpPermission
$IpPermission.IpProtocol = "tcp"
$IpPermission.ToPort = 22
$IpPermission.FromPort = 22
$IpPermission.Ipv4Ranges = $IpRange
Grant-EC2SecurityGroupIngress -GroupId sg-1234abcd -IpPermission $IpPermission
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def authorize_ingress(self, ssh_ingress_ip: str) -> Optional[Dict[str, Any]]:
"""
Adds a rule to the security group to allow access to SSH.
:param ssh_ingress_ip: The IP address that is granted inbound access to connect
to port 22 over TCP, used for SSH.
:return: The response to the authorization request. The 'Return' field of the
response indicates whether the request succeeded or failed, or None if no security group is set.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
if self.security_group is None:
logger.info("No security group to update.")
return None
try:
ip_permissions = [
{
# SSH ingress open to only the specified IP address.
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"IpRanges": [{"CidrIp": f"{ssh_ingress_ip}/32"}],
}
]
response = self.ec2_client.authorize_security_group_ingress(
GroupId=self.security_group, IpPermissions=ip_permissions
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidPermission.Duplicate":
logger.error(
f"The SSH ingress rule for IP {ssh_ingress_ip} already exists"
f"in security group '{self.security_group}'."
)
raise
else:
return response
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AuthorizeSecurityGroupIngress) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
```
/// Add an ingress rule to a security group explicitly allowing IPv4 address
/// as {ip}/32 over TCP port 22.
pub async fn authorize_security_group_ssh_ingress(
&self,
group_id: &str,
ingress_ips: Vec,
) -> Result<(), EC2Error> {
tracing::info!("Authorizing ingress for security group {group_id}");
self.client
.authorize_security_group_ingress()
.group_id(group_id)
.set_ip_permissions(Some(
ingress_ips
.into_iter()
.map(|ip| {
IpPermission::builder()
.ip_protocol("tcp")
.from_port(22)
.to_port(22)
.ip_ranges(IpRange::builder().cidr_ip(format!("{ip}/32")).build())
.build()
})
.collect(),
))
.send()
.await?;
Ok(())
}
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.authorize_security_group_ingress) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
" Create IP permissions for SSH access (port 22)
" iv_cidr_ip = '192.0.2.0/24'
DATA lt_ip_permissions TYPE /aws1/cl_ec2ippermission=>tt_ippermissionlist.
DATA(lo_ip_permission) = NEW /aws1/cl_ec2ippermission(
iv_ipprotocol = 'tcp'
iv_fromport = 22
iv_toport = 22
it_ipranges = VALUE /aws1/cl_ec2iprange=>tt_iprangelist(
( NEW /aws1/cl_ec2iprange( iv_cidrip = iv_cidr_ip ) )
)
).
APPEND lo_ip_permission TO lt_ip_permissions.
TRY.
oo_result = lo_ec2->authsecuritygroupingress( " oo_result is returned for testing purposes. "
iv_groupid = iv_group_id
it_ippermissions = lt_ip_permissions ).
MESSAGE 'Authorized ingress rule for security group.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
```
import AWSEC2
/// Authorize ingress of connections for the security group.
///
/// - Parameters:
/// - groupId: The group ID of the security group to authorize access for.
/// - ipAddress: The IP address of the device to grant access to.
///
/// - Returns: `true` if access is successfully granted; otherwise `false`.
func authorizeSecurityGroupIngress(groupId: String, ipAddress: String) async -> Bool {
let ipRange = EC2ClientTypes.IpRange(cidrIp: "\(ipAddress)/0")
let httpPermission = EC2ClientTypes.IpPermission(
fromPort: 80,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 80
)
let sshPermission = EC2ClientTypes.IpPermission(
fromPort: 22,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 22
)
do {
_ = try await ec2Client.authorizeSecurityGroupIngress(
input: AuthorizeSecurityGroupIngressInput(
groupId: groupId,
ipPermissions: [httpPermission, sshPermission]
)
)
return true
} catch {
print("*** Error authorizing ingress for the security group: \(error.localizedDescription)")
return false
}
}
```
+ For API details, see [AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/authorizesecuritygroupingress(input:)) in *AWS SDK for Swift API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CancelCapacityReservation` with a CLI
The following code examples show how to use `CancelCapacityReservation`.
------
#### [ CLI ]
**AWS CLI**
**To cancel a capacity reservation**
The following `cancel-capacity-reservation` example cancels the specified capacity reservation.
```
aws ec2 cancel-capacity-reservation \
--capacity-reservation-id cr-1234abcd56EXAMPLE
```
Output:
```
{
"Return": true
}
```
For more information, see [Cancel a Capacity Reservation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-release.html) in the *Amazon EC2 User Guide*.
+ For API details, see [CancelCapacityReservation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-capacity-reservation.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example cancels the capacity reservation cr-0c1f2345db6f7cdba**
```
Remove-EC2CapacityReservation -CapacityReservationId cr-0c1f2345db6f7cdba
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2CapacityReservation (CancelCapacityReservation)" on target "cr-0c1f2345db6f7cdba".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y
True
```
+ For API details, see [CancelCapacityReservation](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example cancels the capacity reservation cr-0c1f2345db6f7cdba**
```
Remove-EC2CapacityReservation -CapacityReservationId cr-0c1f2345db6f7cdba
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2CapacityReservation (CancelCapacityReservation)" on target "cr-0c1f2345db6f7cdba".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y
True
```
+ For API details, see [CancelCapacityReservation](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CancelImportTask` with a CLI
The following code examples show how to use `CancelImportTask`.
------
#### [ CLI ]
**AWS CLI**
**To cancel an import task**
The following `cancel-import-task` example cancels the specified import image task.
```
aws ec2 cancel-import-task \
--import-task-id import-ami-1234567890abcdef0
```
Output:
```
{
"ImportTaskId": "import-ami-1234567890abcdef0",
"PreviousState": "active",
"State": "deleting"
}
```
+ For API details, see [CancelImportTask](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-import-task.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example cancels the specified import task (either snapshot or image import). If required, a reason can be providing using the `-CancelReason` parameter.**
```
Stop-EC2ImportTask -ImportTaskId import-ami-abcdefgh
```
+ For API details, see [CancelImportTask](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example cancels the specified import task (either snapshot or image import). If required, a reason can be providing using the `-CancelReason` parameter.**
```
Stop-EC2ImportTask -ImportTaskId import-ami-abcdefgh
```
+ For API details, see [CancelImportTask](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CancelSpotFleetRequests` with a CLI
The following code examples show how to use `CancelSpotFleetRequests`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To cancel a Spot fleet request and terminate the associated instances**
The following `cancel-spot-fleet-requests` example cancels a Spot Fleet request and terminates the associated On-Demand Instances and Spot Instances.
```
aws ec2 cancel-spot-fleet-requests \
--spot-fleet-request-ids sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE \
--terminate-instances
```
Output:
```
{
"SuccessfulFleetRequests": [
{
"SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE",
"CurrentSpotFleetRequestState": "cancelled_terminating",
"PreviousSpotFleetRequestState": "active"
}
],
"UnsuccessfulFleetRequests": []
}
```
**Example 2: To cancel a Spot fleet request without terminating the associated instances**
The following `cancel-spot-fleet-requests` example cancels a Spot Fleet request without terminating the associated On-Demand Instances and Spot Instances.
```
aws ec2 cancel-spot-fleet-requests \
--spot-fleet-request-ids sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE \
--no-terminate-instances
```
Output:
```
{
"SuccessfulFleetRequests": [
{
"SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE",
"CurrentSpotFleetRequestState": "cancelled_running",
"PreviousSpotFleetRequestState": "active"
}
],
"UnsuccessfulFleetRequests": []
}
```
For more information, see [Cancel a Spot Fleet request](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cancel-spot-fleet.html) in the *Amazon EC2 User Guide*.
+ For API details, see [CancelSpotFleetRequests](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-spot-fleet-requests.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example cancels the specified Spot fleet request and terminates the associated Spot instances.**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $true
```
**Example 2: This example cancels the specified Spot fleet request without terminating the associated Spot instances.**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $false
```
+ For API details, see [CancelSpotFleetRequests](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example cancels the specified Spot fleet request and terminates the associated Spot instances.**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $true
```
**Example 2: This example cancels the specified Spot fleet request without terminating the associated Spot instances.**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $false
```
+ For API details, see [CancelSpotFleetRequests](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CancelSpotInstanceRequests` with a CLI
The following code examples show how to use `CancelSpotInstanceRequests`.
------
#### [ CLI ]
**AWS CLI**
**To cancel Spot Instance requests**
This example command cancels a Spot Instance request.
Command:
```
aws ec2 cancel-spot-instance-requests --spot-instance-request-ids sir-08b93456
```
Output:
```
{
"CancelledSpotInstanceRequests": [
{
"State": "cancelled",
"SpotInstanceRequestId": "sir-08b93456"
}
]
}
```
+ For API details, see [CancelSpotInstanceRequests](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-spot-instance-requests.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example cancels the specified Spot instance request.**
```
Stop-EC2SpotInstanceRequest -SpotInstanceRequestId sir-12345678
```
**Output:**
```
SpotInstanceRequestId State
--------------------- -----
sir-12345678 cancelled
```
+ For API details, see [CancelSpotInstanceRequests](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example cancels the specified Spot instance request.**
```
Stop-EC2SpotInstanceRequest -SpotInstanceRequestId sir-12345678
```
**Output:**
```
SpotInstanceRequestId State
--------------------- -----
sir-12345678 cancelled
```
+ For API details, see [CancelSpotInstanceRequests](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `ConfirmProductInstance` with a CLI
The following code examples show how to use `ConfirmProductInstance`.
------
#### [ CLI ]
**AWS CLI**
**To confirm the product instance**
This example determines whether the specified product code is associated with the specified instance.
Command:
```
aws ec2 confirm-product-instance --product-code 774F4FF8 --instance-id i-1234567890abcdef0
```
Output:
```
{
"OwnerId": "123456789012"
}
```
+ For API details, see [ConfirmProductInstance](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/confirm-product-instance.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example determines whether the specified product code is associated with the specified instance.**
```
Confirm-EC2ProductInstance -ProductCode 774F4FF8 -InstanceId i-12345678
```
+ For API details, see [ConfirmProductInstance](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example determines whether the specified product code is associated with the specified instance.**
```
Confirm-EC2ProductInstance -ProductCode 774F4FF8 -InstanceId i-12345678
```
+ For API details, see [ConfirmProductInstance](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CopyImage` with a CLI
The following code examples show how to use `CopyImage`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To copy an AMI to another Region**
The following `copy-image` example command copies the specified AMI from the `us-west-2` Region to the `us-east-1` Region and adds a short description.
```
aws ec2 copy-image \
--region us-east-1 \
--name ami-name \
--source-region us-west-2 \
--source-image-id ami-066877671789bd71b \
--description "This is my copied image."
```
Output:
```
{
"ImageId": "ami-0123456789abcdefg"
}
```
For more information, see [Copy an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html) in the *Amazon EC2 User Guide*.
**Example 2: To copy an AMI to another Region and encrypt the backing snapshot**
The following `copy-image` command copies the specified AMI from the `us-west-2` Region to the current Region and encrypts the backing snapshot using the specified KMS key.
```
aws ec2 copy-image \
--source-region us-west-2 \
--name ami-name \
--source-image-id ami-066877671789bd71b \
--encrypted \
--kms-key-id alias/my-kms-key
```
Output:
```
{
"ImageId": "ami-0123456789abcdefg"
}
```
For more information, see [Copy an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html) in the *Amazon EC2 User Guide*.
**Example 3: To include your user-defined AMI tags when copying an AMI**
The following `copy-image` command uses the `--copy-image-tags` parameter to copy your user-defined AMI tags when copying the AMI.
```
aws ec2 copy-image \
--region us-east-1 \
--name ami-name \
--source-region us-west-2 \
--source-image-id ami-066877671789bd71b \
--description "This is my copied image."
--copy-image-tags
```
Output:
```
{
"ImageId": "ami-0123456789abcdefg"
}
```
For more information, see [Copy an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html) in the *Amazon EC2 User Guide*.
+ For API details, see [CopyImage](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/copy-image.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example copies the specified AMI in the 'EU (Ireland)' region to the 'US West (Oregon)' region. If -Region is not specified, the current default region is used as the destination region.**
```
Copy-EC2Image -SourceRegion eu-west-1 -SourceImageId ami-12345678 -Region us-west-2 -Name "Copy of ami-12345678"
```
**Output:**
```
ami-87654321
```
+ For API details, see [CopyImage](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example copies the specified AMI in the 'EU (Ireland)' region to the 'US West (Oregon)' region. If -Region is not specified, the current default region is used as the destination region.**
```
Copy-EC2Image -SourceRegion eu-west-1 -SourceImageId ami-12345678 -Region us-west-2 -Name "Copy of ami-12345678"
```
**Output:**
```
ami-87654321
```
+ For API details, see [CopyImage](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CopySnapshot` with a CLI
The following code examples show how to use `CopySnapshot`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To copy a snapshot to another Region**
The following `copy-snapshot` example command copies the specified snapshot from the `us-west-2` Region to the `us-east-1` Region and adds a short description.
```
aws ec2 copy-snapshot \
--region us-east-1 \
--source-region us-west-2 \
--source-snapshot-id snap-066877671789bd71b \
--description 'This is my copied snapshot.'
```
Output:
```
{
"SnapshotId": "snap-066877671789bd71b"
}
```
**Example 2: To copy an unencrypted snapshot and encrypt the new snapshot**
The following `copy-snapshot` command copies the specified unencrypted snapshot from the `us-west-2` Region to the current Region and encrypts the new snapshot using the specified KMS key.
```
aws ec2 copy-snapshot \
--source-region us-west-2 \
--source-snapshot-id snap-066877671789bd71b \
--encrypted \
--kms-key-id alias/my-kms-key
```
Output:
```
{
"SnapshotId": "snap-066877671789bd71b"
}
```
For more information, see [Copy an Amazon EBS snapshot](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-copy-snapshot.html) in the *Amazon EBS User Guide*.
+ For API details, see [CopySnapshot](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/copy-snapshot.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example copies the specified snapshot from the EU (Ireland) region to the US West (Oregon) region.**
```
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678 -Region us-west-2
```
**Example 2: If you set a default region and omit the Region parameter, the default destination region is the default region.**
```
Set-DefaultAWSRegion us-west-2
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678
```
+ For API details, see [CopySnapshot](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example copies the specified snapshot from the EU (Ireland) region to the US West (Oregon) region.**
```
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678 -Region us-west-2
```
**Example 2: If you set a default region and omit the Region parameter, the default destination region is the default region.**
```
Set-DefaultAWSRegion us-west-2
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678
```
+ For API details, see [CopySnapshot](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateCapacityReservation` with a CLI
The following code examples show how to use `CreateCapacityReservation`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To create a Capacity Reservation**
The following `create-capacity-reservation` example creates a capacity reservation in the `eu-west-1a` Availability Zone, into which you can launch three `t2.medium` instances running a Linux/Unix operating system. By default, the capacity reservation is created with open instance matching criteria and no support for ephemeral storage, and it remains active until you manually cancel it.
```
aws ec2 create-capacity-reservation \
--availability-zone eu-west-1a \
--instance-type t2.medium \
--instance-platform Linux/UNIX \
--instance-count 3
```
Output:
```
{
"CapacityReservation": {
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"EndDateType": "unlimited",
"AvailabilityZone": "eu-west-1a",
"InstanceMatchCriteria": "open",
"EphemeralStorage": false,
"CreateDate": "2019-08-16T09:27:35.000Z",
"AvailableInstanceCount": 3,
"InstancePlatform": "Linux/UNIX",
"TotalInstanceCount": 3,
"State": "active",
"Tenancy": "default",
"EbsOptimized": false,
"InstanceType": "t2.medium"
}
}
```
**Example 2: To create a Capacity Reservation that automatically ends at a specified date/time**
The following `create-capacity-reservation` example creates a capacity reservation in the `eu-west-1a` Availability Zone, into which you can launch three `m5.large` instances running a Linux/Unix operating system. This capacity reservation automatically ends on 08/31/2019 at 23:59:59.
```
aws ec2 create-capacity-reservation \
--availability-zone eu-west-1a \
--instance-type m5.large \
--instance-platform Linux/UNIX \
--instance-count 3 \
--end-date-type limited \
--end-date 2019-08-31T23:59:59Z
```
Output:
```
{
"CapacityReservation": {
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"EndDateType": "limited",
"AvailabilityZone": "eu-west-1a",
"EndDate": "2019-08-31T23:59:59.000Z",
"InstanceMatchCriteria": "open",
"EphemeralStorage": false,
"CreateDate": "2019-08-16T10:15:53.000Z",
"AvailableInstanceCount": 3,
"InstancePlatform": "Linux/UNIX",
"TotalInstanceCount": 3,
"State": "active",
"Tenancy": "default",
"EbsOptimized": false,
"InstanceType": "m5.large"
}
}
```
**Example 3: To create a Capacity Reservation that accepts only targeted instance launches**
The following `create-capacity-reservation` example creates a capacity reservation that accepts only targeted instance launches.
```
aws ec2 create-capacity-reservation \
--availability-zone eu-west-1a \
--instance-type m5.large \
--instance-platform Linux/UNIX \
--instance-count 3 \
--instance-match-criteria targeted
```
Output:
```
{
"CapacityReservation": {
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"EndDateType": "unlimited",
"AvailabilityZone": "eu-west-1a",
"InstanceMatchCriteria": "targeted",
"EphemeralStorage": false,
"CreateDate": "2019-08-16T10:21:57.000Z",
"AvailableInstanceCount": 3,
"InstancePlatform": "Linux/UNIX",
"TotalInstanceCount": 3,
"State": "active",
"Tenancy": "default",
"EbsOptimized": false,
"InstanceType": "m5.large"
}
}
```
For more information, see [Create a Capacity Reservation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html) in the *Amazon EC2 User Guide*.
+ For API details, see [CreateCapacityReservation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-capacity-reservation.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a new Capacity Reservation with the specified attributes**
```
Add-EC2CapacityReservation -InstanceType m4.xlarge -InstanceCount 2 -AvailabilityZone eu-west-1b -EbsOptimized True -InstancePlatform Windows
```
**Output:**
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ For API details, see [CreateCapacityReservation](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a new Capacity Reservation with the specified attributes**
```
Add-EC2CapacityReservation -InstanceType m4.xlarge -InstanceCount 2 -AvailabilityZone eu-west-1b -EbsOptimized True -InstancePlatform Windows
```
**Output:**
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ For API details, see [CreateCapacityReservation](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateCustomerGateway` with a CLI
The following code examples show how to use `CreateCustomerGateway`.
------
#### [ CLI ]
**AWS CLI**
**To create a customer gateway**
This example creates a customer gateway with the specified IP address for its outside interface.
Command:
```
aws ec2 create-customer-gateway --type ipsec.1 --public-ip 12.1.2.3 --bgp-asn 65534
```
Output:
```
{
"CustomerGateway": {
"CustomerGatewayId": "cgw-0e11f167",
"IpAddress": "12.1.2.3",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65534"
}
}
```
+ For API details, see [CreateCustomerGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-customer-gateway.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates the specified customer gateway.**
```
New-EC2CustomerGateway -Type ipsec.1 -PublicIp 203.0.113.12 -BgpAsn 65534
```
**Output:**
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
+ For API details, see [CreateCustomerGateway](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates the specified customer gateway.**
```
New-EC2CustomerGateway -Type ipsec.1 -PublicIp 203.0.113.12 -BgpAsn 65534
```
**Output:**
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
+ For API details, see [CreateCustomerGateway](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateDhcpOptions` with a CLI
The following code examples show how to use `CreateDhcpOptions`.
------
#### [ CLI ]
**AWS CLI**
**To create a set of DHCP options**
The following `create-dhcp-options` example creates a set of DHCP options that specifies the domain name, the domain name servers, and the NetBIOS node type.
```
aws ec2 create-dhcp-options \
--dhcp-configuration \
"Key=domain-name-servers,Values=10.2.5.1,10.2.5.2" \
"Key=domain-name,Values=example.com" \
"Key=netbios-node-type,Values=2"
```
Output:
```
{
"DhcpOptions": {
"DhcpConfigurations": [
{
"Key": "domain-name",
"Values": [
{
"Value": "example.com"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "10.2.5.1"
},
{
"Value": "10.2.5.2"
}
]
},
{
"Key": "netbios-node-type",
"Values": [
{
"Value": "2"
}
]
}
],
"DhcpOptionsId": "dopt-06d52773eff4c55f3"
}
}
```
+ For API details, see [CreateDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-dhcp-options.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates the specified set of DHCP options. The syntax used by this example requires PowerShell version 3 or later.**
```
$options = @( @{Key="domain-name";Values=@("abc.local")}, @{Key="domain-name-servers";Values=@("10.0.0.101","10.0.0.102")})
New-EC2DhcpOption -DhcpConfiguration $options
```
**Output:**
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
```
**Example 2: With PowerShell version 2, you must use New-Object to create each DHCP option.**
```
$option1 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option1.Key = "domain-name"
$option1.Values = "abc.local"
$option2 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option2.Key = "domain-name-servers"
$option2.Values = @("10.0.0.101","10.0.0.102")
New-EC2DhcpOption -DhcpConfiguration @($option1, $option2)
```
**Output:**
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
```
+ For API details, see [CreateDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates the specified set of DHCP options. The syntax used by this example requires PowerShell version 3 or later.**
```
$options = @( @{Key="domain-name";Values=@("abc.local")}, @{Key="domain-name-servers";Values=@("10.0.0.101","10.0.0.102")})
New-EC2DhcpOption -DhcpConfiguration $options
```
**Output:**
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
```
**Example 2: With PowerShell version 2, you must use New-Object to create each DHCP option.**
```
$option1 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option1.Key = "domain-name"
$option1.Values = "abc.local"
$option2 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option2.Key = "domain-name-servers"
$option2.Values = @("10.0.0.101","10.0.0.102")
New-EC2DhcpOption -DhcpConfiguration @($option1, $option2)
```
**Output:**
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
```
+ For API details, see [CreateDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateFlowLogs` with a CLI
The following code examples show how to use `CreateFlowLogs`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To create a flow log**
The following `create-flow-logs` example creates a flow log that captures all rejected traffic for the specified network interface. The flow logs are delivered to a log group in CloudWatch Logs using the permissions in the specified IAM role.
```
aws ec2 create-flow-logs \
--resource-type NetworkInterface \
--resource-ids eni-11223344556677889 \
--traffic-type REJECT \
--log-group-name my-flow-logs \
--deliver-logs-permission-arn arn:aws:iam::123456789101:role/publishFlowLogs
```
Output:
```
{
"ClientToken": "so0eNA2uSHUNlHI0S2cJ305GuIX1CezaRdGtexample",
"FlowLogIds": [
"fl-12345678901234567"
],
"Unsuccessful": []
}
```
For more information, see [VPC Flow Logs](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html) in the *Amazon VPC User Guide*.
**Example 2: To create a flow log with a custom format**
The following `create-flow-logs` example creates a flow log that captures all traffic for the specified VPC and delivers the flow logs to an Amazon S3 bucket. The `--log-format` parameter specifies a custom format for the flow log records. To run this command on Windows, change the single quotes (') to double quotes (").
```
aws ec2 create-flow-logs \
--resource-type VPC \
--resource-ids vpc-00112233344556677 \
--traffic-type ALL \
--log-destination-type s3 \
--log-destination arn:aws:s3:::flow-log-bucket/my-custom-flow-logs/ \
--log-format '${version} ${vpc-id} ${subnet-id} ${instance-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${tcp-flags} ${type} ${pkt-srcaddr} ${pkt-dstaddr}'
```
For more information, see [VPC Flow Logs](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html) in the *Amazon VPC User Guide*.
**Example 3: To create a flow log with a one-minute maximum aggregation interval**
The following `create-flow-logs` example creates a flow log that captures all traffic for the specified VPC and delivers the flow logs to an Amazon S3 bucket. The `--max-aggregation-interval` parameter specifies a maximum aggregation interval of 60 seconds (1 minute).
```
aws ec2 create-flow-logs \
--resource-type VPC \
--resource-ids vpc-00112233344556677 \
--traffic-type ALL \
--log-destination-type s3 \
--log-destination arn:aws:s3:::flow-log-bucket/my-custom-flow-logs/ \
--max-aggregation-interval 60
```
For more information, see [VPC Flow Logs](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html) in the *Amazon VPC User Guide*.
+ For API details, see [CreateFlowLogs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-flow-logs.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates EC2 flowlog for the subnet subnet-1d234567 to the cloud-watch-log named 'subnet1-log' for all 'REJECT' traffic using the perimssions of the 'Admin' role**
```
New-EC2FlowLog -ResourceId "subnet-1d234567" -LogDestinationType cloud-watch-logs -LogGroupName subnet1-log -TrafficType "REJECT" -ResourceType Subnet -DeliverLogsPermissionArn "arn:aws:iam::98765432109:role/Admin"
```
**Output:**
```
ClientToken FlowLogIds Unsuccessful
----------- ---------- ------------
m1VN2cxP3iB4qo//VUKl5EU6cF7gQLOxcqNefvjeTGw= {fl-012fc34eed5678c9d} {}
```
+ For API details, see [CreateFlowLogs](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates EC2 flowlog for the subnet subnet-1d234567 to the cloud-watch-log named 'subnet1-log' for all 'REJECT' traffic using the perimssions of the 'Admin' role**
```
New-EC2FlowLog -ResourceId "subnet-1d234567" -LogDestinationType cloud-watch-logs -LogGroupName subnet1-log -TrafficType "REJECT" -ResourceType Subnet -DeliverLogsPermissionArn "arn:aws:iam::98765432109:role/Admin"
```
**Output:**
```
ClientToken FlowLogIds Unsuccessful
----------- ---------- ------------
m1VN2cxP3iB4qo//VUKl5EU6cF7gQLOxcqNefvjeTGw= {fl-012fc34eed5678c9d} {}
```
+ For API details, see [CreateFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateImage` with a CLI
The following code examples show how to use `CreateImage`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To create an AMI from an Amazon EBS-backed instance**
The following `create-image` example creates an AMI from the specified instance.
```
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--description "An AMI for my server"
```
Output:
```
{
"ImageId": "ami-abcdef01234567890"
}
```
For more information about specifying a block device mapping for your AMI, see [Specifying a block device mapping for an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#create-ami-bdm) in the *Amazon EC2 User Guide*.
**Example 2: To create an AMI from an Amazon EBS-backed instance without reboot**
The following `create-image` example creates an AMI and sets the --no-reboot parameter, so that the instance is not rebooted before the image is created.
```
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--no-reboot
```
Output:
```
{
"ImageId": "ami-abcdef01234567890"
}
```
For more information about specifying a block device mapping for your AMI, see [Specifying a block device mapping for an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#create-ami-bdm) in the *Amazon EC2 User Guide*.
**Example 3: To tag an AMI and snapshots on creation**
The following `create-image` example creates an AMI, and tags the AMI and the snapshots with the same tag `cost-center=cc123`
```
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--tag-specifications "ResourceType=image,Tags=[{Key=cost-center,Value=cc123}]" "ResourceType=snapshot,Tags=[{Key=cost-center,Value=cc123}]"
```
Output:
```
{
"ImageId": "ami-abcdef01234567890"
}
```
For more information about tagging your resources on creation, see [Add tags on resource creation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-on-create-examples) in the *Amazon EC2 User Guide*.
+ For API details, see [CreateImage](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-image.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates an AMI with the specified name and description, from the specified instance. Amazon EC2 attempts to cleanly shut down the instance before creating the image, and restarts the instance on completion.**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI"
```
**Example 2: This example creates an AMI with the specified name and description, from the specified instance. Amazon EC2 creates the image without shutting down and restarting the instance; therefore, file system integrity on the created image can't be guaranteed.**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -NoReboot $true
```
**Example 3: This example creates an AMI with three volumes. The first volume is based on an Amazon EBS snapshot. The second volume is an empty 100 GiB Amazon EBS volume. The third volume is an instance store volume. The syntax used by this example requires PowerShell version 3 or higher.**
```
$ebsBlock1 = @{SnapshotId="snap-1a2b3c4d"}
$ebsBlock2 = @{VolumeSize=100}
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -BlockDeviceMapping @( @{DeviceName="/dev/sdf";Ebs=$ebsBlock1}, @{DeviceName="/dev/sdg";Ebs=$ebsBlock2}, @{DeviceName="/dev/sdc";VirtualName="ephemeral0"})
```
+ For API details, see [CreateImage](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates an AMI with the specified name and description, from the specified instance. Amazon EC2 attempts to cleanly shut down the instance before creating the image, and restarts the instance on completion.**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI"
```
**Example 2: This example creates an AMI with the specified name and description, from the specified instance. Amazon EC2 creates the image without shutting down and restarting the instance; therefore, file system integrity on the created image can't be guaranteed.**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -NoReboot $true
```
**Example 3: This example creates an AMI with three volumes. The first volume is based on an Amazon EBS snapshot. The second volume is an empty 100 GiB Amazon EBS volume. The third volume is an instance store volume. The syntax used by this example requires PowerShell version 3 or higher.**
```
$ebsBlock1 = @{SnapshotId="snap-1a2b3c4d"}
$ebsBlock2 = @{VolumeSize=100}
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -BlockDeviceMapping @( @{DeviceName="/dev/sdf";Ebs=$ebsBlock1}, @{DeviceName="/dev/sdg";Ebs=$ebsBlock2}, @{DeviceName="/dev/sdc";VirtualName="ephemeral0"})
```
+ For API details, see [CreateImage](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateInstanceExportTask` with a CLI
The following code examples show how to use `CreateInstanceExportTask`.
------
#### [ CLI ]
**AWS CLI**
**To export an instance**
This example command creates a task to export the instance i-1234567890abcdef0 to the Amazon S3 bucket myexportbucket.
Command:
```
aws ec2 create-instance-export-task --description "RHEL5 instance" --instance-id i-1234567890abcdef0 --target-environment vmware --export-to-s3-task DiskImageFormat=vmdk,ContainerFormat=ova,S3Bucket=myexportbucket,S3Prefix=RHEL5
```
Output:
```
{
"ExportTask": {
"State": "active",
"InstanceExportDetails": {
"InstanceId": "i-1234567890abcdef0",
"TargetEnvironment": "vmware"
},
"ExportToS3Task": {
"S3Bucket": "myexportbucket",
"S3Key": "RHEL5export-i-fh8sjjsq.ova",
"DiskImageFormat": "vmdk",
"ContainerFormat": "ova"
},
"Description": "RHEL5 instance",
"ExportTaskId": "export-i-fh8sjjsq"
}
}
```
+ For API details, see [CreateInstanceExportTask](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-instance-export-task.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example exports a stopped instance, `i-0800b00a00EXAMPLE`, as a virtual hard disk (VHD) to the S3 bucket `testbucket-export-instances-2019`. The target environment is `Microsoft`, and the region parameter is added because the instance is in the `us-east-1` region, while the user's default AWS Region is not us-east-1. To get the status of the export task, copy the `ExportTaskId` value from the results of this command, then run `Get-EC2ExportTask -ExportTaskId export_task_ID_from_results.`**
```
New-EC2InstanceExportTask -InstanceId i-0800b00a00EXAMPLE -ExportToS3Task_DiskImageFormat VHD -ExportToS3Task_S3Bucket "amzn-s3-demo-bucket" -TargetEnvironment Microsoft -Region us-east-1
```
**Output:**
```
Description :
ExportTaskId : export-i-077c73108aEXAMPLE
ExportToS3Task : Amazon.EC2.Model.ExportToS3Task
InstanceExportDetails : Amazon.EC2.Model.InstanceExportDetails
State : active
StatusMessage :
```
+ For API details, see [CreateInstanceExportTask](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example exports a stopped instance, `i-0800b00a00EXAMPLE`, as a virtual hard disk (VHD) to the S3 bucket `testbucket-export-instances-2019`. The target environment is `Microsoft`, and the region parameter is added because the instance is in the `us-east-1` region, while the user's default AWS Region is not us-east-1. To get the status of the export task, copy the `ExportTaskId` value from the results of this command, then run `Get-EC2ExportTask -ExportTaskId export_task_ID_from_results.`**
```
New-EC2InstanceExportTask -InstanceId i-0800b00a00EXAMPLE -ExportToS3Task_DiskImageFormat VHD -ExportToS3Task_S3Bucket "amzn-s3-demo-bucket" -TargetEnvironment Microsoft -Region us-east-1
```
**Output:**
```
Description :
ExportTaskId : export-i-077c73108aEXAMPLE
ExportToS3Task : Amazon.EC2.Model.ExportToS3Task
InstanceExportDetails : Amazon.EC2.Model.InstanceExportDetails
State : active
StatusMessage :
```
+ For API details, see [CreateInstanceExportTask](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateInternetGateway` with a CLI
The following code examples show how to use `CreateInternetGateway`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ CLI ]
**AWS CLI**
**To create an internet gateway**
The following `create-internet-gateway` example creates an internet gateway with the tag `Name=my-igw`.
```
aws ec2 create-internet-gateway \
--tag-specifications ResourceType=internet-gateway,Tags=[{Key=Name,Value=my-igw}]
```
Output:
```
{
"InternetGateway": {
"Attachments": [],
"InternetGatewayId": "igw-0d0fb496b3994d755",
"OwnerId": "123456789012",
"Tags": [
{
"Key": "Name",
"Value": "my-igw"
}
]
}
}
```
For more information, see [Internet gateways](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html) in the *Amazon VPC User Guide*.
+ For API details, see [CreateInternetGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-internet-gateway.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates an Internet gateway.**
```
New-EC2InternetGateway
```
**Output:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{} igw-1a2b3c4d {}
```
+ For API details, see [CreateInternetGateway](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates an Internet gateway.**
```
New-EC2InternetGateway
```
**Output:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{} igw-1a2b3c4d {}
```
+ For API details, see [CreateInternetGateway](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateKeyPair` with an AWS SDK or CLI
The following code examples show how to use `CreateKeyPair`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Creating an Amazon ECS service for the EC2 launch type](example_ecs_GettingStarted_018_section.md)
+ [Get started with Marketplace Buyer](example_ec2_GettingStarted_030_section.md)
+ [Getting started with Amazon EC2](example_ec2_GettingStarted_013_section.md)
+ [Getting started with Amazon EMR](example_emr_GettingStarted_037_section.md)
+ [Getting started with Amazon MSK](example_ec2_GettingStarted_057_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples).
```
///
/// Create an Amazon EC2 key pair with a specified name.
///
/// The name for the new key pair.
/// The Amazon EC2 key pair created.
public async Task CreateKeyPair(string keyPairName)
{
try
{
var request = new CreateKeyPairRequest { KeyName = keyPairName, };
var response = await _amazonEC2.CreateKeyPairAsync(request);
var kp = response.KeyPair;
// Return the key pair so it can be saved if needed.
// Wait until the key pair exists.
int retries = 5;
while (retries-- > 0)
{
Console.WriteLine($"Checking for new KeyPair {keyPairName}...");
var keyPairs = await DescribeKeyPairs(keyPairName);
if (keyPairs.Any())
{
return kp;
}
Thread.Sleep(5000);
retries--;
}
_logger.LogError($"Unable to find newly created KeyPair {keyPairName}.");
throw new DoesNotExistException("KeyPair not found");
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidKeyPair.Duplicate")
{
_logger.LogError(
$"A key pair called {keyPairName} already exists.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while creating the key pair.: {ex.Message}");
throw;
}
}
///
/// Save KeyPair information to a temporary file.
///
/// The name of the key pair.
/// The full path to the temporary file.
public string SaveKeyPair(KeyPair keyPair)
{
var tempPath = Path.GetTempPath();
var tempFileName = $"{tempPath}\\{Path.GetRandomFileName()}";
var pemFileName = Path.ChangeExtension(tempFileName, "pem");
// Save the key pair to a file in a temporary folder.
using var stream = new FileStream(pemFileName, FileMode.Create);
using var writer = new StreamWriter(stream);
writer.WriteLine(keyPair.KeyMaterial);
return pemFileName;
}
```
+ For API details, see [CreateKeyPair](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/CreateKeyPair) in *AWS SDK for .NET API Reference*.
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# function ec2_create_keypair
#
# This function creates an Amazon Elastic Compute Cloud (Amazon EC2) ED25519 or 2048-bit RSA key pair
# and writes it to a file.
#
# Parameters:
# -n key_pair_name - A key pair name.
# -f file_path - File to store the key pair.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_create_keypair() {
local key_pair_name file_path response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_create_keypair"
echo "Creates an Amazon Elastic Compute Cloud (Amazon EC2) ED25519 or 2048-bit RSA key pair"
echo " and writes it to a file."
echo " -n key_pair_name - A key pair name."
echo " -f file_path - File to store the key pair."
echo ""
}
# Retrieve the calling parameters.
while getopts "n:f:h" option; do
case "${option}" in
n) key_pair_name="${OPTARG}" ;;
f) file_path="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$key_pair_name" ]]; then
errecho "ERROR: You must provide a key name with the -n parameter."
usage
return 1
fi
if [[ -z "$file_path" ]]; then
errecho "ERROR: You must provide a file path with the -f parameter."
usage
return 1
fi
response=$(aws ec2 create-key-pair \
--key-name "$key_pair_name" \
--query 'KeyMaterial' \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports create-access-key operation failed.$response"
return 1
}
if [[ -n "$file_path" ]]; then
echo "$response" >"$file_path"
fi
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [CreateKeyPair](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/CreateKeyPair) in *AWS CLI Command Reference*.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! Create an Amazon Elastic Compute Cloud (Amazon EC2) instance key pair.
/*!
\param keyPairName: A name for a key pair.
\param keyFilePath: File path where the credentials are stored. Ignored if it is an empty string;
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::createKeyPair(const Aws::String &keyPairName, const Aws::String &keyFilePath,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::CreateKeyPairRequest request;
request.SetKeyName(keyPairName);
Aws::EC2::Model::CreateKeyPairOutcome outcome = ec2Client.CreateKeyPair(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to create key pair - " << keyPairName << ". " <<
outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully created key pair named " <<
keyPairName << std::endl;
if (!keyFilePath.empty()) {
std::ofstream keyFile(keyFilePath.c_str());
keyFile << outcome.GetResult().GetKeyMaterial();
keyFile.close();
std::cout << "Keys written to the file " <<
keyFilePath << std::endl;
}
}
return outcome.IsSuccess();
}
```
+ For API details, see [CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/CreateKeyPair) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**To create a key pair**
This example creates a key pair named `MyKeyPair`.
Command:
```
aws ec2 create-key-pair --key-name MyKeyPair
```
The output is an ASCII version of the private key and key fingerprint. You need to save the key to a file.
For more information, see Using Key Pairs in the *AWS Command Line Interface User Guide*.
+ For API details, see [CreateKeyPair](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-key-pair.html) in *AWS CLI Command Reference*.
------
#### [ Java ]
**SDK for Java 2.x**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples).
```
/**
* Creates a new key pair asynchronously.
*
* @param keyName the name of the key pair to create
* @param fileName the name of the file to write the key material to
* @return a {@link CompletableFuture} that represents the asynchronous operation
* of creating the key pair and writing the key material to a file
*/
public CompletableFuture createKeyPairAsync(String keyName, String fileName) {
CreateKeyPairRequest request = CreateKeyPairRequest.builder()
.keyName(keyName)
.build();
CompletableFuture responseFuture = getAsyncClient().createKeyPair(request);
responseFuture.whenComplete((response, exception) -> {
if (response != null) {
try {
BufferedWriter writer = new BufferedWriter(new FileWriter(fileName));
writer.write(response.keyMaterial());
writer.close();
} catch (IOException e) {
throw new RuntimeException("Failed to write key material to file: " + e.getMessage(), e);
}
} else {
throw new RuntimeException("Failed to create key pair: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
```
+ For API details, see [CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateKeyPair) in *AWS SDK for Java 2.x API Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { CreateKeyPairCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Creates an ED25519 or 2048-bit RSA key pair with the specified name and in the specified PEM or PPK format.
* Amazon EC2 stores the public key and displays the private key for you to save to a file.
* @param {{ keyName: string }} options
*/
export const main = async ({ keyName }) => {
const client = new EC2Client({});
const command = new CreateKeyPairCommand({
KeyName: keyName,
});
try {
const { KeyMaterial, KeyName } = await client.send(command);
console.log(KeyName);
console.log(KeyMaterial);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidKeyPair.Duplicate") {
console.warn(`${caught.message}. Try another key name.`);
} else {
throw caught;
}
}
};
```
+ For API details, see [CreateKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateKeyPairCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
suspend fun createEC2KeyPair(keyNameVal: String) {
val request =
CreateKeyPairRequest {
keyName = keyNameVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.createKeyPair(request)
println("The key ID is ${response.keyPairId}")
}
}
```
+ For API details, see [CreateKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html) in *AWS SDK for Kotlin API reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a key pair and captures the PEM-encoded RSA private key in a file with the specified name. When you are using PowerShell, the encoding must be set to ascii to generate a valid key. For more information, see Create, Display, and Delete Amazon EC2 Key Pairs (https://docs.aws.amazon.com/cli/latest/userguide/cli-services-ec2-keypairs.html) in the AWS Command Line Interface User Guide.**
```
(New-EC2KeyPair -KeyName "my-key-pair").KeyMaterial | Out-File -Encoding ascii -FilePath C:\path\my-key-pair.pem
```
+ For API details, see [CreateKeyPair](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a key pair and captures the PEM-encoded RSA private key in a file with the specified name. When you are using PowerShell, the encoding must be set to ascii to generate a valid key. For more information, see Create, Display, and Delete Amazon EC2 Key Pairs (https://docs.aws.amazon.com/cli/latest/userguide/cli-services-ec2-keypairs.html) in the AWS Command Line Interface User Guide.**
```
(New-EC2KeyPair -KeyName "my-key-pair").KeyMaterial | Out-File -Encoding ascii -FilePath C:\path\my-key-pair.pem
```
+ For API details, see [CreateKeyPair](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def create(self, key_name: str) -> dict:
"""
Creates a key pair that can be used to securely connect to an EC2 instance.
The returned key pair contains private key information that cannot be retrieved
again. The private key data is stored as a .pem file.
:param key_name: The name of the key pair to create.
:return: A dictionary representing the Boto3 KeyPair object that represents the newly created key pair.
:raises ClientError: If there is an error in creating the key pair, for example, if a key pair with the same name already exists.
"""
try:
response = self.ec2_client.create_key_pair(KeyName=key_name)
self.key_pair = response
self.key_file_path = os.path.join(
self.key_file_dir.name, f"{self.key_pair['KeyName']}.pem"
)
with open(self.key_file_path, "w") as key_file:
key_file.write(self.key_pair["KeyMaterial"])
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidKeyPair.Duplicate":
logger.error(
f"A key pair called {key_name} already exists. "
"Please choose a different name for your key pair "
"or delete the existing key pair before creating."
)
raise
else:
return self.key_pair
```
+ For API details, see [CreateKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateKeyPair) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Ruby ]
**SDK for Ruby**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples).
```
# This code example does the following:
# 1. Creates a key pair in Amazon Elastic Compute Cloud (Amazon EC2).
# 2. Displays information about available key pairs.
# 3. Deletes the key pair.
require 'aws-sdk-ec2'
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @param key_pair_name [String] The name for the key pair and private
# key file.
# @return [Boolean] true if the key pair and private key file were
# created; otherwise, false.
# @example
# exit 1 unless key_pair_created?(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'my-key-pair'
# )
def key_pair_created?(ec2_client, key_pair_name)
key_pair = ec2_client.create_key_pair(key_name: key_pair_name)
puts "Created key pair '#{key_pair.key_name}' with fingerprint " \
"'#{key_pair.key_fingerprint}' and ID '#{key_pair.key_pair_id}'."
filename = File.join(Dir.home, "#{key_pair_name}.pem")
File.open(filename, 'w') { |file| file.write(key_pair.key_material) }
puts "Private key file saved locally as '#{filename}'."
true
rescue Aws::EC2::Errors::InvalidKeyPairDuplicate
puts "Error creating key pair: a key pair named '#{key_pair_name}' " \
'already exists.'
false
rescue StandardError => e
puts "Error creating key pair or saving private key file: #{e.message}"
false
end
# Displays information about available key pairs in
# Amazon Elastic Compute Cloud (Amazon EC2).
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @example
# describe_key_pairs(Aws::EC2::Client.new(region: 'us-west-2'))
def describe_key_pairs(ec2_client)
result = ec2_client.describe_key_pairs
if result.key_pairs.count.zero?
puts 'No key pairs found.'
else
puts 'Key pair names:'
result.key_pairs.each do |key_pair|
puts key_pair.key_name
end
end
rescue StandardError => e
puts "Error getting information about key pairs: #{e.message}"
end
# Deletes a key pair in Amazon Elastic Compute Cloud (Amazon EC2).
#
# Prerequisites:
#
# - The key pair to delete.
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @param key_pair_name [String] The name of the key pair to delete.
# @return [Boolean] true if the key pair was deleted; otherwise, false.
# @example
# exit 1 unless key_pair_deleted?(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'my-key-pair'
# )
def key_pair_deleted?(ec2_client, key_pair_name)
ec2_client.delete_key_pair(key_name: key_pair_name)
true
rescue StandardError => e
puts "Error deleting key pair: #{e.message}"
false
end
# Example usage:
def run_me
key_pair_name = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-key-pairs.rb KEY_PAIR_NAME REGION'
puts 'Example: ruby ec2-ruby-example-key-pairs.rb my-key-pair us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
elsif ARGV.count.zero?
key_pair_name = 'my-key-pair'
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
key_pair_name = ARGV[0]
region = ARGV[1]
end
ec2_client = Aws::EC2::Client.new(region: region)
puts 'Displaying existing key pair names before creating this key pair...'
describe_key_pairs(ec2_client)
puts '-' * 10
puts 'Creating key pair...'
unless key_pair_created?(ec2_client, key_pair_name)
puts 'Stopping program.'
exit 1
end
puts '-' * 10
puts 'Displaying existing key pair names after creating this key pair...'
describe_key_pairs(ec2_client)
puts '-' * 10
puts 'Deleting key pair...'
unless key_pair_deleted?(ec2_client, key_pair_name)
puts 'Stopping program. You must delete the key pair yourself.'
exit 1
end
puts 'Key pair deleted.'
puts '-' * 10
puts 'Now that the key pair is deleted, ' \
'also deleting the related private key pair file...'
filename = File.join(Dir.home, "#{key_pair_name}.pem")
File.delete(filename)
if File.exist?(filename)
puts "Could not delete file at '#{filename}'. You must delete it yourself."
else
puts 'File deleted.'
end
puts '-' * 10
puts 'Displaying existing key pair names after deleting this key pair...'
describe_key_pairs(ec2_client)
end
run_me if $PROGRAM_NAME == __FILE__
```
+ For API details, see [CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateKeyPair) in *AWS SDK for Ruby API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
Rust implementation that calls the EC2 Client's create\$1key\$1pair and extracts the returned material.
```
pub async fn create_key_pair(&self, name: String) -> Result<(KeyPairInfo, String), EC2Error> {
tracing::info!("Creating key pair {name}");
let output = self.client.create_key_pair().key_name(name).send().await?;
let info = KeyPairInfo::builder()
.set_key_name(output.key_name)
.set_key_fingerprint(output.key_fingerprint)
.set_key_pair_id(output.key_pair_id)
.build();
let material = output
.key_material
.ok_or_else(|| EC2Error::new("Create Key Pair has no key material"))?;
Ok((info, material))
}
```
A function that calls the create\$1key impl and securely saves the PEM private key.
```
/// Creates a key pair that can be used to securely connect to an EC2 instance.
/// The returned key pair contains private key information that cannot be retrieved
/// again. The private key data is stored as a .pem file.
///
/// :param key_name: The name of the key pair to create.
pub async fn create(
&mut self,
ec2: &EC2,
util: &Util,
key_name: String,
) -> Result {
let (key_pair, material) = ec2.create_key_pair(key_name.clone()).await.map_err(|e| {
self.key_pair = KeyPairInfo::builder().key_name(key_name.clone()).build();
e.add_message(format!("Couldn't create key {key_name}"))
})?;
let path = self.key_file_dir.join(format!("{key_name}.pem"));
// Save the key_pair information immediately, so it can get cleaned up if write_secure fails.
self.key_file_path = Some(path.clone());
self.key_pair = key_pair.clone();
util.write_secure(&key_name, &path, material)?;
Ok(key_pair)
}
```
+ For API details, see [CreateKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_key_pair) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
oo_result = lo_ec2->createkeypair( iv_keyname = iv_key_name ). " oo_result is returned for testing purposes. "
MESSAGE 'Amazon EC2 key pair created.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [CreateKeyPair](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
```
import AWSEC2
/// Create a new RSA key pair and save the private key to a randomly-named
/// file in the temporary directory.
///
/// - Parameter name: The name of the key pair to create.
///
/// - Returns: The URL of the newly created `.pem` file or `nil` if unable
/// to create the key pair.
func createKeyPair(name: String) async -> URL? {
do {
let output = try await ec2Client.createKeyPair(
input: CreateKeyPairInput(
keyName: name
)
)
guard let keyMaterial = output.keyMaterial else {
return nil
}
// Build the URL of the temporary private key file.
let fileURL = URL.temporaryDirectory
.appendingPathComponent(name)
.appendingPathExtension("pem")
do {
try keyMaterial.write(to: fileURL, atomically: true, encoding: String.Encoding.utf8)
return fileURL
} catch {
print("*** Failed to write the private key.")
return nil
}
} catch {
print("*** Unable to create the key pair.")
return nil
}
}
```
+ For API details, see [CreateKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createkeypair(input:)) in *AWS SDK for Swift API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateLaunchTemplate` with an AWS SDK or CLI
The following code examples show how to use `CreateLaunchTemplate`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Build and manage a resilient service](example_cross_ResilientService_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples).
```
///
/// Creates an Amazon EC2 launch template to use with Amazon EC2 Auto Scaling.
/// The launch template specifies a Bash script in its user data field that runs after
/// the instance is started. This script installs the Python packages and starts a Python
/// web server on the instance.
///
/// The path to a Bash script file that is run.
/// The path to a permissions policy to create and attach to the profile.
/// The template object.
public async Task CreateTemplate(string startupScriptPath, string instancePolicyPath)
{
try
{
await CreateKeyPair(_keyPairName);
await CreateInstanceProfileWithName(_instancePolicyName, _instanceRoleName,
_instanceProfileName, instancePolicyPath);
var startServerText = await File.ReadAllTextAsync(startupScriptPath);
var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(startServerText);
var amiLatest = await _amazonSsm.GetParameterAsync(
new GetParameterRequest() { Name = _amiParam });
var amiId = amiLatest.Parameter.Value;
var launchTemplateResponse = await _amazonEc2.CreateLaunchTemplateAsync(
new CreateLaunchTemplateRequest()
{
LaunchTemplateName = _launchTemplateName,
LaunchTemplateData = new RequestLaunchTemplateData()
{
InstanceType = _instanceType,
ImageId = amiId,
IamInstanceProfile =
new
LaunchTemplateIamInstanceProfileSpecificationRequest()
{
Name = _instanceProfileName
},
KeyName = _keyPairName,
UserData = System.Convert.ToBase64String(plainTextBytes)
}
});
return launchTemplateResponse.LaunchTemplate;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidLaunchTemplateName.AlreadyExistsException")
{
_logger.LogError($"Could not create the template, the name {_launchTemplateName} already exists. " +
$"Please try again with a unique name.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while creating the template.: {ex.Message}");
throw;
}
}
```
+ For API details, see [CreateLaunchTemplate](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/CreateLaunchTemplate) in *AWS SDK for .NET API Reference*.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To create a launch template**
The following `create-launch-template` example creates a launch template that specifies the subnet in which to launch the instance , assigns a public IP address and an IPv6 address to the instance, and creates a tag for the instance.
```
aws ec2 create-launch-template \
--launch-template-name TemplateForWebServer \
--version-description WebVersion1 \
--launch-template-data '{"NetworkInterfaces":[{"AssociatePublicIpAddress":true,"DeviceIndex":0,"Ipv6AddressCount":1,"SubnetId":"subnet-7b16de0c"}],"ImageId":"ami-8c1be5f6","InstanceType":"t2.small","TagSpecifications":[{"ResourceType":"instance","Tags":[{"Key":"purpose","Value":"webserver"}]}]}'
```
Output:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 1,
"LaunchTemplateId": "lt-01238c059e3466abc",
"LaunchTemplateName": "TemplateForWebServer",
"DefaultVersionNumber": 1,
"CreatedBy": "arn:aws:iam::123456789012:user/Bob",
"CreateTime": "2019-01-27T09:13:24.000Z"
}
}
```
For more information, see Launching an Instance from a Launch Template in the *Amazon Elastic Compute Cloud User Guide*. For information about quoting JSON-formatted parameters, see Quoting Strings in the *AWS Command Line Interface User Guide*.
**Example 2: To create a launch template for Amazon EC2 Auto Scaling**
The following `create-launch-template` example creates a launch template with multiple tags and a block device mapping to specify an additional EBS volume when an instance launches. Specify a value for `Groups` that corresponds to security groups for the VPC that your Auto Scaling group will launch instances into. Specify the VPC and subnets as properties of the Auto Scaling group.
```
aws ec2 create-launch-template \
--launch-template-name TemplateForAutoScaling \
--version-description AutoScalingVersion1 \
--launch-template-data '{"NetworkInterfaces":[{"DeviceIndex":0,"AssociatePublicIpAddress":true,"Groups":["sg-7c227019,sg-903004f8"],"DeleteOnTermination":true}],"ImageId":"ami-b42209de","InstanceType":"m4.large","TagSpecifications":[{"ResourceType":"instance","Tags":[{"Key":"environment","Value":"production"},{"Key":"purpose","Value":"webserver"}]},{"ResourceType":"volume","Tags":[{"Key":"environment","Value":"production"},{"Key":"cost-center","Value":"cc123"}]}],"BlockDeviceMappings":[{"DeviceName":"/dev/sda1","Ebs":{"VolumeSize":100}}]}' --region us-east-1
```
Output:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 1,
"LaunchTemplateId": "lt-0123c79c33a54e0abc",
"LaunchTemplateName": "TemplateForAutoScaling",
"DefaultVersionNumber": 1,
"CreatedBy": "arn:aws:iam::123456789012:user/Bob",
"CreateTime": "2019-04-30T18:16:06.000Z"
}
}
```
For more information, see Creating a Launch Template for an Auto Scaling Group in the *Amazon EC2 Auto Scaling User Guide*. For information about quoting JSON-formatted parameters, see Quoting Strings in the *AWS Command Line Interface User Guide*.
**Example 3: To create a launch template that specifies encryption of EBS volumes**
The following `create-launch-template` example creates a launch template that includes encrypted EBS volumes created from an unencrypted snapshot. It also tags the volumes during creation. If encryption by default is disabled, you must specify the `"Encrypted"` option as shown in the following example. If you use the `"KmsKeyId"` option to specify a customer managed CMK, you also must specify the `"Encrypted"` option even if encryption by default is enabled.
```
aws ec2 create-launch-template \
--launch-template-name TemplateForEncryption \
--launch-template-data file://config.json
```
Contents of `config.json`:
```
{
"BlockDeviceMappings":[
{
"DeviceName":"/dev/sda1",
"Ebs":{
"VolumeType":"gp2",
"DeleteOnTermination":true,
"SnapshotId":"snap-066877671789bd71b",
"Encrypted":true,
"KmsKeyId":"arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef"
}
}
],
"ImageId":"ami-00068cd7555f543d5",
"InstanceType":"c5.large",
"TagSpecifications":[
{
"ResourceType":"volume",
"Tags":[
{
"Key":"encrypted",
"Value":"yes"
}
]
}
]
}
```
Output:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 1,
"LaunchTemplateId": "lt-0d5bd51bcf8530abc",
"LaunchTemplateName": "TemplateForEncryption",
"DefaultVersionNumber": 1,
"CreatedBy": "arn:aws:iam::123456789012:user/Bob",
"CreateTime": "2020-01-07T19:08:36.000Z"
}
}
```
For more information, see Restoring an Amazon EBS Volume from a Snapshot and Encryption by Default in the *Amazon Elastic Compute Cloud User Guide*.
+ For API details, see [CreateLaunchTemplate](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-launch-template.html) in *AWS CLI Command Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cross-services/wkflw-resilient-service#code-examples).
```
const ssmClient = new SSMClient({});
const { Parameter } = await ssmClient.send(
new GetParameterCommand({
Name: "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2",
}),
);
const ec2Client = new EC2Client({});
await ec2Client.send(
new CreateLaunchTemplateCommand({
LaunchTemplateName: NAMES.launchTemplateName,
LaunchTemplateData: {
InstanceType: "t3.micro",
ImageId: Parameter.Value,
IamInstanceProfile: { Name: NAMES.instanceProfileName },
UserData: readFileSync(
join(RESOURCES_PATH, "server_startup_script.sh"),
).toString("base64"),
KeyName: NAMES.keyPairName,
},
}),
```
+ For API details, see [CreateLaunchTemplate](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateLaunchTemplateCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
This example creates a launch template that includes an instance profile that grants specific permissions to the instance, and a user data Bash script that runs on the instance after it starts.
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def create_template(
self, server_startup_script_file: str, instance_policy_file: str
) -> Dict[str, Any]:
"""
Creates an Amazon EC2 launch template to use with Amazon EC2 Auto Scaling. The
launch template specifies a Bash script in its user data field that runs after
the instance is started. This script installs Python packages and starts a
Python web server on the instance.
:param server_startup_script_file: The path to a Bash script file that is run
when an instance starts.
:param instance_policy_file: The path to a file that defines a permissions policy
to create and attach to the instance profile.
:return: Information about the newly created template.
"""
template = {}
try:
# Create key pair and instance profile
self.create_key_pair(self.key_pair_name)
self.create_instance_profile(
instance_policy_file,
self.instance_policy_name,
self.instance_role_name,
self.instance_profile_name,
)
# Read the startup script
with open(server_startup_script_file) as file:
start_server_script = file.read()
# Get the latest AMI ID
ami_latest = self.ssm_client.get_parameter(Name=self.ami_param)
ami_id = ami_latest["Parameter"]["Value"]
# Create the launch template
lt_response = self.ec2_client.create_launch_template(
LaunchTemplateName=self.launch_template_name,
LaunchTemplateData={
"InstanceType": self.inst_type,
"ImageId": ami_id,
"IamInstanceProfile": {"Name": self.instance_profile_name},
"UserData": base64.b64encode(
start_server_script.encode(encoding="utf-8")
).decode(encoding="utf-8"),
"KeyName": self.key_pair_name,
},
)
template = lt_response["LaunchTemplate"]
log.info(
f"Created launch template {self.launch_template_name} for AMI {ami_id} on {self.inst_type}."
)
except ClientError as err:
log.error(f"Failed to create launch template {self.launch_template_name}.")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidLaunchTemplateName.AlreadyExistsException":
log.info(
f"Launch template {self.launch_template_name} already exists, nothing to do."
)
log.error(f"Full error:\n\t{err}")
return template
```
+ For API details, see [CreateLaunchTemplate](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateLaunchTemplate) in *AWS SDK for Python (Boto3) API Reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateNetworkAcl` with a CLI
The following code examples show how to use `CreateNetworkAcl`.
------
#### [ CLI ]
**AWS CLI**
**To create a network ACL**
This example creates a network ACL for the specified VPC.
Command:
```
aws ec2 create-network-acl --vpc-id vpc-a01106c2
```
Output:
```
{
"NetworkAcl": {
"Associations": [],
"NetworkAclId": "acl-5fb85d36",
"VpcId": "vpc-a01106c2",
"Tags": [],
"Entries": [
{
"CidrBlock": "0.0.0.0/0",
"RuleNumber": 32767,
"Protocol": "-1",
"Egress": true,
"RuleAction": "deny"
},
{
"CidrBlock": "0.0.0.0/0",
"RuleNumber": 32767,
"Protocol": "-1",
"Egress": false,
"RuleAction": "deny"
}
],
"IsDefault": false
}
}
```
+ For API details, see [CreateNetworkAcl](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-network-acl.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a network ACL for the specified VPC.**
```
New-EC2NetworkAcl -VpcId vpc-12345678
```
**Output:**
```
Associations : {}
Entries : {Amazon.EC2.Model.NetworkAclEntry, Amazon.EC2.Model.NetworkAclEntry}
IsDefault : False
NetworkAclId : acl-12345678
Tags : {}
VpcId : vpc-12345678
```
+ For API details, see [CreateNetworkAcl](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a network ACL for the specified VPC.**
```
New-EC2NetworkAcl -VpcId vpc-12345678
```
**Output:**
```
Associations : {}
Entries : {Amazon.EC2.Model.NetworkAclEntry, Amazon.EC2.Model.NetworkAclEntry}
IsDefault : False
NetworkAclId : acl-12345678
Tags : {}
VpcId : vpc-12345678
```
+ For API details, see [CreateNetworkAcl](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateNetworkAclEntry` with a CLI
The following code examples show how to use `CreateNetworkAclEntry`.
------
#### [ CLI ]
**AWS CLI**
**To create a network ACL entry**
This example creates an entry for the specified network ACL. The rule allows ingress traffic from any IPv4 address (0.0.0.0/0) on UDP port 53 (DNS) into any associated subnet. If the command succeeds, no output is returned.
Command:
```
aws ec2 create-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 100 --protocol udp --port-range From=53,To=53 --cidr-block 0.0.0.0/0 --rule-action allow
```
This example creates a rule for the specified network ACL that allows ingress traffic from any IPv6 address (::/0) on TCP port 80 (HTTP).
Command:
```
aws ec2 create-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 120 --protocol tcp --port-range From=80,To=80 --ipv6-cidr-block ::/0 --rule-action allow
```
+ For API details, see [CreateNetworkAclEntry](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-network-acl-entry.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates an entry for the specified network ACL. The rule allows inbound traffic from anywhere (0.0.0.0/0) on UDP port 53 (DNS) into any associated subnet.**
```
New-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100 -Protocol 17 -PortRange_From 53 -PortRange_To 53 -CidrBlock 0.0.0.0/0 -RuleAction allow
```
+ For API details, see [CreateNetworkAclEntry](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates an entry for the specified network ACL. The rule allows inbound traffic from anywhere (0.0.0.0/0) on UDP port 53 (DNS) into any associated subnet.**
```
New-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100 -Protocol 17 -PortRange_From 53 -PortRange_To 53 -CidrBlock 0.0.0.0/0 -RuleAction allow
```
+ For API details, see [CreateNetworkAclEntry](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateNetworkInterface` with a CLI
The following code examples show how to use `CreateNetworkInterface`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To specify an IPv4 address for a network interface**
The following `create-network-interface` example creates a network interface for the specified subnet with the specified primary IPv4 address.
```
aws ec2 create-network-interface \
--subnet-id subnet-00a24d0d67acf6333 \
--description "my network interface" \
--groups sg-09dfba7ed20cda78b \
--private-ip-address 10.0.8.17
```
Output:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"Description": "my network interface",
"Groups": [
{
"GroupName": "my-security-group",
"GroupId": "sg-09dfba7ed20cda78b"
}
],
"InterfaceType": "interface",
"Ipv6Addresses": [],
"MacAddress": "06:6a:0f:9a:49:37",
"NetworkInterfaceId": "eni-0492b355f0cf3b3f8",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.17",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-17.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.17"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b"
}
}
```
**Example 2: To create a network interface with an IPv4 address and an IPv6 address**
The following `create-network-interface` example creates a network interface for the specified subnet with an IPv4 address and an IPv6 address that are selected by Amazon EC2.
```
aws ec2 create-network-interface \
--subnet-id subnet-00a24d0d67acf6333 \
--description "my dual stack network interface" \
--ipv6-address-count 1 \
--groups sg-09dfba7ed20cda78b
```
Output:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"Description": "my dual stack network interface",
"Groups": [
{
"GroupName": "my-security-group",
"GroupId": "sg-09dfba7ed20cda78b"
}
],
"InterfaceType": "interface",
"Ipv6Addresses": [
{
"Ipv6Address": "2600:1f13:cfe:3650:a1dc:237c:393a:4ba7",
"IsPrimaryIpv6": false
}
],
"MacAddress": "06:b8:68:d2:b2:2d",
"NetworkInterfaceId": "eni-05da417453f9a84bf",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.18",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.18"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b",
"Ipv6Address": "2600:1f13:cfe:3650:a1dc:237c:393a:4ba7"
}
}
```
**Example 3: To create a network interface with connection tracking configuration options**
The following `create-network-interface` example creates a network interface and configures the idle connection tracking timeouts.
```
aws ec2 create-network-interface \
--subnet-id subnet-00a24d0d67acf6333 \
--groups sg-02e57dbcfe0331c1b \
--connection-tracking-specification TcpEstablishedTimeout=86400,UdpTimeout=60
```
Output:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"ConnectionTrackingConfiguration": {
"TcpEstablishedTimeout": 86400,
"UdpTimeout": 60
},
"Description": "",
"Groups": [
{
"GroupName": "my-security-group",
"GroupId": "sg-02e57dbcfe0331c1b"
}
],
"InterfaceType": "interface",
"Ipv6Addresses": [],
"MacAddress": "06:4c:53:de:6d:91",
"NetworkInterfaceId": "eni-0c133586e08903d0b",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-94.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.94",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-94.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.94"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b"
}
}
```
**Example 4: To create an Elastic Fabric Adapter**
The following `create-network-interface` example creates an EFA.
```
aws ec2 create-network-interface \
--interface-type efa \
--subnet-id subnet-00a24d0d67acf6333 \
--description "my efa" \
--groups sg-02e57dbcfe0331c1b
```
Output:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"Description": "my efa",
"Groups": [
{
"GroupName": "my-efa-sg",
"GroupId": "sg-02e57dbcfe0331c1b"
}
],
"InterfaceType": "efa",
"Ipv6Addresses": [],
"MacAddress": "06:d7:a4:f7:4d:57",
"NetworkInterfaceId": "eni-034acc2885e862b65",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-180.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.180",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-180.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.180"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b"
}
}
```
For more information, see [Elastic network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html) in the *Amazon EC2 User Guide*.
+ For API details, see [CreateNetworkInterface](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-network-interface.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates the specified network interface.**
```
New-EC2NetworkInterface -SubnetId subnet-1a2b3c4d -Description "my network interface" -Group sg-12345678 -PrivateIpAddress 10.0.0.17
```
**Output:**
```
Association :
Attachment :
AvailabilityZone : us-west-2c
Description : my network interface
Groups : {my-security-group}
MacAddress : 0a:72:bc:1a:cd:7f
NetworkInterfaceId : eni-12345678
OwnerId : 123456789012
PrivateDnsName : ip-10-0-0-17.us-west-2.compute.internal
PrivateIpAddress : 10.0.0.17
PrivateIpAddresses : {}
RequesterId :
RequesterManaged : False
SourceDestCheck : True
Status : pending
SubnetId : subnet-1a2b3c4d
TagSet : {}
VpcId : vpc-12345678
```
+ For API details, see [CreateNetworkInterface](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates the specified network interface.**
```
New-EC2NetworkInterface -SubnetId subnet-1a2b3c4d -Description "my network interface" -Group sg-12345678 -PrivateIpAddress 10.0.0.17
```
**Output:**
```
Association :
Attachment :
AvailabilityZone : us-west-2c
Description : my network interface
Groups : {my-security-group}
MacAddress : 0a:72:bc:1a:cd:7f
NetworkInterfaceId : eni-12345678
OwnerId : 123456789012
PrivateDnsName : ip-10-0-0-17.us-west-2.compute.internal
PrivateIpAddress : 10.0.0.17
PrivateIpAddresses : {}
RequesterId :
RequesterManaged : False
SourceDestCheck : True
Status : pending
SubnetId : subnet-1a2b3c4d
TagSet : {}
VpcId : vpc-12345678
```
+ For API details, see [CreateNetworkInterface](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreatePlacementGroup` with a CLI
The following code examples show how to use `CreatePlacementGroup`.
------
#### [ CLI ]
**AWS CLI**
**To create a placement group**
This example command creates a placement group with the specified name.
Command:
```
aws ec2 create-placement-group --group-name my-cluster --strategy cluster
```
**To create a partition placement group**
This example command creates a partition placement group named `HDFS-Group-A` with five partitions.
Command:
```
aws ec2 create-placement-group --group-name HDFS-Group-A --strategy partition --partition-count 5
```
+ For API details, see [CreatePlacementGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-placement-group.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a placement group with the specified name.**
```
New-EC2PlacementGroup -GroupName my-placement-group -Strategy cluster
```
+ For API details, see [CreatePlacementGroup](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a placement group with the specified name.**
```
New-EC2PlacementGroup -GroupName my-placement-group -Strategy cluster
```
+ For API details, see [CreatePlacementGroup](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateRoute` with a CLI
The following code examples show how to use `CreateRoute`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [Getting started with Amazon VPC Transit Gateway](example_vpc_TransitGatewayGettingStarted_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
+ [Working with VPC peering connections](example_ec2_GettingStarted_015_section.md)
------
#### [ CLI ]
**AWS CLI**
**To create a route**
This example creates a route for the specified route table. The route matches all IPv4 traffic (`0.0.0.0/0`) and routes it to the specified Internet gateway. If the command succeeds, no output is returned.
Command:
```
aws ec2 create-route --route-table-id rtb-22574640 --destination-cidr-block 0.0.0.0/0 --gateway-id igw-c0a643a9
```
This example command creates a route in route table rtb-g8ff4ea2. The route matches traffic for the IPv4 CIDR block 10.0.0.0/16 and routes it to VPC peering connection, pcx-111aaa22. This route enables traffic to be directed to the peer VPC in the VPC peering connection. If the command succeeds, no output is returned.
Command:
```
aws ec2 create-route --route-table-id rtb-g8ff4ea2 --destination-cidr-block 10.0.0.0/16 --vpc-peering-connection-id pcx-1a2b3c4d
```
This example creates a route in the specified route table that matches all IPv6 traffic (`::/0`) and routes it to the specified egress-only Internet gateway.
Command:
```
aws ec2 create-route --route-table-id rtb-dce620b8 --destination-ipv6-cidr-block ::/0 --egress-only-internet-gateway-id eigw-01eadbd45ecd7943f
```
+ For API details, see [CreateRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-route.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates the specified route for the specified route table. The route matches all traffic and sends it to the specified Internet gateway.**
```
New-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0 -GatewayId igw-1a2b3c4d
```
**Output:**
```
True
```
+ For API details, see [CreateRoute](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates the specified route for the specified route table. The route matches all traffic and sends it to the specified Internet gateway.**
```
New-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0 -GatewayId igw-1a2b3c4d
```
**Output:**
```
True
```
+ For API details, see [CreateRoute](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateRouteTable` with an AWS SDK or CLI
The following code examples show how to use `CreateRouteTable`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
+ [Working with VPC peering connections](example_ec2_GettingStarted_015_section.md)
------
#### [ CLI ]
**AWS CLI**
**To create a route table**
This example creates a route table for the specified VPC.
Command:
```
aws ec2 create-route-table --vpc-id vpc-a01106c2
```
Output:
```
{
"RouteTable": {
"Associations": [],
"RouteTableId": "rtb-22574640",
"VpcId": "vpc-a01106c2",
"PropagatingVgws": [],
"Tags": [],
"Routes": [
{
"GatewayId": "local",
"DestinationCidrBlock": "10.0.0.0/16",
"State": "active"
}
]
}
}
```
+ For API details, see [CreateRouteTable](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-route-table.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a route table for the specified VPC.**
```
New-EC2RouteTable -VpcId vpc-12345678
```
**Output:**
```
Associations : {}
PropagatingVgws : {}
Routes : {}
RouteTableId : rtb-1a2b3c4d
Tags : {}
VpcId : vpc-12345678
```
+ For API details, see [CreateRouteTable](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a route table for the specified VPC.**
```
New-EC2RouteTable -VpcId vpc-12345678
```
**Output:**
```
Associations : {}
PropagatingVgws : {}
Routes : {}
RouteTableId : rtb-1a2b3c4d
Tags : {}
VpcId : vpc-12345678
```
+ For API details, see [CreateRouteTable](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Ruby ]
**SDK for Ruby**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples).
```
require 'aws-sdk-ec2'
# Prerequisites:
#
# - A VPC in Amazon VPC.
# - A subnet in that VPC.
# - A gateway attached to that subnet.
#
# @param ec2_resource [Aws::EC2::Resource] An initialized
# Amazon Elastic Compute Cloud (Amazon EC2) resource object.
# @param vpc_id [String] The ID of the VPC for the route table.
# @param subnet_id [String] The ID of the subnet for the route table.
# @param gateway_id [String] The ID of the gateway for the route.
# @param destination_cidr_block [String] The destination CIDR block
# for the route.
# @param tag_key [String] The key portion of the tag for the route table.
# @param tag_value [String] The value portion of the tag for the route table.
# @return [Boolean] true if the route table was created and associated;
# otherwise, false.
# @example
# exit 1 unless route_table_created_and_associated?(
# Aws::EC2::Resource.new(region: 'us-west-2'),
# 'vpc-0b6f769731EXAMPLE',
# 'subnet-03d9303b57EXAMPLE',
# 'igw-06ca90c011EXAMPLE',
# '0.0.0.0/0',
# 'my-key',
# 'my-value'
# )
def route_table_created_and_associated?(
ec2_resource,
vpc_id,
subnet_id,
gateway_id,
destination_cidr_block,
tag_key,
tag_value
)
route_table = ec2_resource.create_route_table(vpc_id: vpc_id)
puts "Created route table with ID '#{route_table.id}'."
route_table.create_tags(
tags: [
{
key: tag_key,
value: tag_value
}
]
)
puts 'Added tags to route table.'
route_table.create_route(
destination_cidr_block: destination_cidr_block,
gateway_id: gateway_id
)
puts 'Created route with destination CIDR block ' \
"'#{destination_cidr_block}' and associated with gateway " \
"with ID '#{gateway_id}'."
route_table.associate_with_subnet(subnet_id: subnet_id)
puts "Associated route table with subnet with ID '#{subnet_id}'."
true
rescue StandardError => e
puts "Error creating or associating route table: #{e.message}"
puts 'If the route table was created but not associated, you should ' \
'clean up by deleting the route table.'
false
end
# Example usage:
def run_me
vpc_id = ''
subnet_id = ''
gateway_id = ''
destination_cidr_block = ''
tag_key = ''
tag_value = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-create-route-table.rb ' \
'VPC_ID SUBNET_ID GATEWAY_ID DESTINATION_CIDR_BLOCK ' \
'TAG_KEY TAG_VALUE REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-create-route-table.rb ' \
'vpc-0b6f769731EXAMPLE subnet-03d9303b57EXAMPLE igw-06ca90c011EXAMPLE ' \
"'0.0.0.0/0' my-key my-value us-west-2"
exit 1
# If no values are specified at the command prompt, use these default values.
elsif ARGV.count.zero?
vpc_id = 'vpc-0b6f769731EXAMPLE'
subnet_id = 'subnet-03d9303b57EXAMPLE'
gateway_id = 'igw-06ca90c011EXAMPLE'
destination_cidr_block = '0.0.0.0/0'
tag_key = 'my-key'
tag_value = 'my-value'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
vpc_id = ARGV[0]
subnet_id = ARGV[1]
gateway_id = ARGV[2]
destination_cidr_block = ARGV[3]
tag_key = ARGV[4]
tag_value = ARGV[5]
region = ARGV[6]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
if route_table_created_and_associated?(
ec2_resource,
vpc_id,
subnet_id,
gateway_id,
destination_cidr_block,
tag_key,
tag_value
)
puts 'Route table created and associated.'
else
puts 'Route table not created or not associated.'
end
end
run_me if $PROGRAM_NAME == __FILE__
```
+ For API details, see [CreateRouteTable](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateRouteTable) in *AWS SDK for Ruby API Reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateSecurityGroup` with an AWS SDK or CLI
The following code examples show how to use `CreateSecurityGroup`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
+ [Configure Amazon ECS Service Connect](example_ecs_ServiceConnect_085_section.md)
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Create an Amazon ECS Linux task for the Fargate launch type](example_ecs_GettingStarted_086_section.md)
+ [Creating an Amazon ECS service for the EC2 launch type](example_ecs_GettingStarted_018_section.md)
+ [Creating an Amazon RDS DB instance](example_rds_GettingStarted_036_section.md)
+ [Creating and managing Amazon EBS volumes](example_ec2_GettingStarted_020_section.md)
+ [Get started with Marketplace Buyer](example_ec2_GettingStarted_030_section.md)
+ [Getting started with Amazon EC2](example_ec2_GettingStarted_013_section.md)
+ [Getting started with Amazon MSK](example_ec2_GettingStarted_057_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [Getting started with Elastic Load Balancing](example_elastic_load_balancing_v2_GettingStarted_058_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples).
```
///
/// Create an Amazon EC2 security group with a specified name and description.
///
/// The name for the new security group.
/// A description of the new security group.
/// The group Id of the new security group.
public async Task CreateSecurityGroup(string groupName, string groupDescription)
{
try
{
var response = await _amazonEC2.CreateSecurityGroupAsync(
new CreateSecurityGroupRequest(groupName, groupDescription));
// Wait until the security group exists.
int retries = 5;
while (retries-- > 0)
{
var groups = await DescribeSecurityGroups(response.GroupId);
if (groups.Any())
{
return response.GroupId;
}
Thread.Sleep(5000);
retries--;
}
_logger.LogError($"Unable to find newly created group {groupName}.");
throw new DoesNotExistException("security group not found");
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "ResourceAlreadyExists")
{
_logger.LogError(
$"A security group with the name {groupName} already exists. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while creating the security group.: {ex.Message}");
throw;
}
}
```
+ For API details, see [CreateSecurityGroup](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/CreateSecurityGroup) in *AWS SDK for .NET API Reference*.
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# function ec2_create_security_group
#
# This function creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Parameters:
# -n security_group_name - The name of the security group.
# -d security_group_description - The description of the security group.
#
# Returns:
# The ID of the created security group, or an error message if the operation fails.
# And:
# 0 - If successful.
# 1 - If it fails.
#
###############################################################################
function ec2_create_security_group() {
local security_group_name security_group_description response
# Function to display usage information
function usage() {
echo "function ec2_create_security_group"
echo "Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group."
echo " -n security_group_name - The name of the security group."
echo " -d security_group_description - The description of the security group."
echo ""
}
# Parse the command-line arguments
while getopts "n:d:h" option; do
case "${option}" in
n) security_group_name="${OPTARG}" ;;
d) security_group_description="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
# Validate the input parameters
if [[ -z "$security_group_name" ]]; then
errecho "ERROR: You must provide a security group name with the -n parameter."
return 1
fi
if [[ -z "$security_group_description" ]]; then
errecho "ERROR: You must provide a security group description with the -d parameter."
return 1
fi
# Create the security group
response=$(aws ec2 create-security-group \
--group-name "$security_group_name" \
--description "$security_group_description" \
--query "GroupId" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports create-security-group operation failed."
errecho "$response"
return 1
}
echo "$response"
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [CreateSecurityGroup](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/CreateSecurityGroup) in *AWS CLI Command Reference*.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! Create a security group.
/*!
\param groupName: A security group name.
\param description: A description.
\param vpcID: A virtual private cloud (VPC) ID.
\param[out] groupIDResult: A string to receive the group ID.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::createSecurityGroup(const Aws::String &groupName,
const Aws::String &description,
const Aws::String &vpcID,
Aws::String &groupIDResult,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::CreateSecurityGroupRequest request;
request.SetGroupName(groupName);
request.SetDescription(description);
request.SetVpcId(vpcID);
const Aws::EC2::Model::CreateSecurityGroupOutcome outcome =
ec2Client.CreateSecurityGroup(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to create security group:" <<
outcome.GetError().GetMessage() << std::endl;
return false;
}
std::cout << "Successfully created security group named " << groupName <<
std::endl;
groupIDResult = outcome.GetResult().GetGroupId();
return true;
}
```
+ For API details, see [CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/CreateSecurityGroup) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**To create a security group for EC2-Classic**
This example creates a security group named `MySecurityGroup`.
Command:
```
aws ec2 create-security-group --group-name MySecurityGroup --description "My security group"
```
Output:
```
{
"GroupId": "sg-903004f8"
}
```
**To create a security group for EC2-VPC**
This example creates a security group named `MySecurityGroup` for the specified VPC.
Command:
```
aws ec2 create-security-group --group-name MySecurityGroup --description "My security group" --vpc-id vpc-1a2b3c4d
```
Output:
```
{
"GroupId": "sg-903004f8"
}
```
For more information, see Using Security Groups in the *AWS Command Line Interface User Guide*.
+ For API details, see [CreateSecurityGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-security-group.html) in *AWS CLI Command Reference*.
------
#### [ Java ]
**SDK for Java 2.x**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples).
```
/**
* Creates a new security group asynchronously with the specified group name, description, and VPC ID. It also
* authorizes inbound traffic on ports 80 and 22 from the specified IP address.
*
* @param groupName the name of the security group to create
* @param groupDesc the description of the security group
* @param vpcId the ID of the VPC in which to create the security group
* @param myIpAddress the IP address from which to allow inbound traffic (e.g., "192.168.1.1/0" to allow traffic from
* any IP address in the 192.168.1.0/24 subnet)
* @return a CompletableFuture that, when completed, returns the ID of the created security group
* @throws RuntimeException if there was a failure creating the security group or authorizing the inbound traffic
*/
public CompletableFuture createSecurityGroupAsync(String groupName, String groupDesc, String vpcId, String myIpAddress) {
CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder()
.groupName(groupName)
.description(groupDesc)
.vpcId(vpcId)
.build();
return getAsyncClient().createSecurityGroup(createRequest)
.thenCompose(createResponse -> {
String groupId = createResponse.groupId();
IpRange ipRange = IpRange.builder()
.cidrIp(myIpAddress + "/32")
.build();
IpPermission ipPerm = IpPermission.builder()
.ipProtocol("tcp")
.toPort(80)
.fromPort(80)
.ipRanges(ipRange)
.build();
IpPermission ipPerm2 = IpPermission.builder()
.ipProtocol("tcp")
.toPort(22)
.fromPort(22)
.ipRanges(ipRange)
.build();
AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder()
.groupName(groupName)
.ipPermissions(ipPerm, ipPerm2)
.build();
return getAsyncClient().authorizeSecurityGroupIngress(authRequest)
.thenApply(authResponse -> groupId);
})
.whenComplete((result, exception) -> {
if (exception != null) {
if (exception instanceof CompletionException && exception.getCause() instanceof Ec2Exception) {
throw (Ec2Exception) exception.getCause();
} else {
throw new RuntimeException("Failed to create security group: " + exception.getMessage(), exception);
}
}
});
}
```
+ For API details, see [CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateSecurityGroup) in *AWS SDK for Java 2.x API Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { CreateSecurityGroupCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Creates a security group.
* @param {{ groupName: string, description: string }} options
*/
export const main = async ({ groupName, description }) => {
const client = new EC2Client({});
const command = new CreateSecurityGroupCommand({
// Up to 255 characters in length. Cannot start with sg-.
GroupName: groupName,
// Up to 255 characters in length.
Description: description,
});
try {
const { GroupId } = await client.send(command);
console.log(GroupId);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}.`);
} else {
throw caught;
}
}
};
```
+ For API details, see [CreateSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateSecurityGroupCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
suspend fun createEC2SecurityGroup(
groupNameVal: String?,
groupDescVal: String?,
vpcIdVal: String?,
): String? {
val request =
CreateSecurityGroupRequest {
groupName = groupNameVal
description = groupDescVal
vpcId = vpcIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val resp = ec2.createSecurityGroup(request)
val ipRange =
IpRange {
cidrIp = "0.0.0.0/0"
}
val ipPerm =
IpPermission {
ipProtocol = "tcp"
toPort = 80
fromPort = 80
ipRanges = listOf(ipRange)
}
val ipPerm2 =
IpPermission {
ipProtocol = "tcp"
toPort = 22
fromPort = 22
ipRanges = listOf(ipRange)
}
val authRequest =
AuthorizeSecurityGroupIngressRequest {
groupName = groupNameVal
ipPermissions = listOf(ipPerm, ipPerm2)
}
ec2.authorizeSecurityGroupIngress(authRequest)
println("Successfully added ingress policy to Security Group $groupNameVal")
return resp.groupId
}
}
```
+ For API details, see [CreateSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html) in *AWS SDK for Kotlin API reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a security group for the specified VPC.**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group" -VpcId vpc-12345678
```
**Output:**
```
sg-12345678
```
**Example 2: This example creates a security group for EC2-Classic.**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group"
```
**Output:**
```
sg-45678901
```
+ For API details, see [CreateSecurityGroup](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a security group for the specified VPC.**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group" -VpcId vpc-12345678
```
**Output:**
```
sg-12345678
```
**Example 2: This example creates a security group for EC2-Classic.**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group"
```
**Output:**
```
sg-45678901
```
+ For API details, see [CreateSecurityGroup](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(self, group_name: str, group_description: str) -> str:
"""
Creates a security group in the default virtual private cloud (VPC) of the current account.
:param group_name: The name of the security group to create.
:param group_description: The description of the security group to create.
:return: The ID of the newly created security group.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
try:
response = self.ec2_client.create_security_group(
GroupName=group_name, Description=group_description
)
self.security_group = response["GroupId"]
except ClientError as err:
if err.response["Error"]["Code"] == "ResourceAlreadyExists":
logger.error(
f"Security group '{group_name}' already exists. Please choose a different name."
)
raise
else:
return self.security_group
```
+ For API details, see [CreateSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateSecurityGroup) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Ruby ]
**SDK for Ruby**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples).
```
# This code example does the following:
# 1. Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.
# 2. Adds inbound rules to the security group.
# 3. Displays information about available security groups.
# 4. Deletes the security group.
require 'aws-sdk-ec2'
# Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Prerequisites:
#
# - A VPC in Amazon Virtual Private Cloud (Amazon VPC).
#
# @param ec2_client [Aws::EC2::Client] An initialized
# Amazon EC2 client.
# @param group_name [String] A name for the security group.
# @param description [String] A description for the security group.
# @param vpc_id [String] The ID of the VPC for the security group.
# @return [String] The ID of security group that was created.
# @example
# puts create_security_group(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'my-security-group',
# 'This is my security group.',
# 'vpc-6713dfEX'
# )
def create_security_group(ec2_client, group_name, description, vpc_id)
security_group = ec2_client.create_security_group(
group_name: group_name,
description: description,
vpc_id: vpc_id
)
puts "Created security group '#{group_name}' with ID " \
"'#{security_group.group_id}' in VPC with ID '#{vpc_id}'."
security_group.group_id
rescue StandardError => e
puts "Error creating security group: #{e.message}"
'Error'
end
# Adds an inbound rule to an Amazon Elastic Compute Cloud (Amazon EC2)
# security group.
#
# Prerequisites:
#
# - The security group.
#
# @param ec2_client [Aws::EC2::Client] An initialized Amazon EC2 client.
# @param security_group_id [String] The ID of the security group.
# @param ip_protocol [String] The network protocol for the inbound rule.
# @param from_port [String] The originating port for the inbound rule.
# @param to_port [String] The destination port for the inbound rule.
# @param cidr_ip_range [String] The CIDR IP range for the inbound rule.
# @return
# @example
# exit 1 unless security_group_ingress_authorized?(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'sg-030a858e078f1b9EX',
# 'tcp',
# '80',
# '80',
# '0.0.0.0/0'
# )
def security_group_ingress_authorized?(
ec2_client, security_group_id, ip_protocol, from_port, to_port, cidr_ip_range
)
ec2_client.authorize_security_group_ingress(
group_id: security_group_id,
ip_permissions: [
{
ip_protocol: ip_protocol,
from_port: from_port,
to_port: to_port,
ip_ranges: [
{
cidr_ip: cidr_ip_range
}
]
}
]
)
puts "Added inbound rule to security group '#{security_group_id}' for protocol " \
"'#{ip_protocol}' from port '#{from_port}' to port '#{to_port}' " \
"with CIDR IP range '#{cidr_ip_range}'."
true
rescue StandardError => e
puts "Error adding inbound rule to security group: #{e.message}"
false
end
# Refactored method to simplify complexity for describing security group permissions
def format_port_information(perm)
from_port_str = perm.from_port == '-1' || perm.from_port == -1 ? 'All' : perm.from_port.to_s
to_port_str = perm.to_port == '-1' || perm.to_port == -1 ? 'All' : perm.to_port.to_s
{ from_port: from_port_str, to_port: to_port_str }
end
# Displays information about a security group's IP permissions set in
# Amazon Elastic Compute Cloud (Amazon EC2).
def describe_security_group_permissions(perm)
ports = format_port_information(perm)
print " Protocol: #{perm.ip_protocol == '-1' ? 'All' : perm.ip_protocol}"
print ", From: #{ports[:from_port]}, To: #{ports[:to_port]}"
print ", CIDR IPv6: #{perm.ipv_6_ranges[0].cidr_ipv_6}" if perm.key?(:ipv_6_ranges) && perm.ipv_6_ranges.count.positive?
print ", CIDR IPv4: #{perm.ip_ranges[0].cidr_ip}" if perm.key?(:ip_ranges) && perm.ip_ranges.count.positive?
print "\n"
end
# Displays information about available security groups in
# Amazon Elastic Compute Cloud (Amazon EC2).
def describe_security_groups(ec2_client)
response = ec2_client.describe_security_groups
if response.security_groups.count.positive?
response.security_groups.each do |sg|
display_group_details(sg)
end
else
puts 'No security groups found.'
end
rescue StandardError => e
puts "Error getting information about security groups: #{e.message}"
end
# Helper method to display the details of security groups
def display_group_details(sg)
puts '-' * (sg.group_name.length + 13)
puts "Name: #{sg.group_name}"
puts "Description: #{sg.description}"
puts "Group ID: #{sg.group_id}"
puts "Owner ID: #{sg.owner_id}"
puts "VPC ID: #{sg.vpc_id}"
display_group_tags(sg.tags) if sg.tags.count.positive?
display_group_permissions(sg)
end
def display_group_tags(tags)
puts 'Tags:'
tags.each do |tag|
puts " Key: #{tag.key}, Value: #{tag.value}"
end
end
def display_group_permissions(sg)
if sg.ip_permissions.count.positive?
puts 'Inbound rules:'
sg.ip_permissions.each do |p|
describe_security_group_permissions(p)
end
end
return if sg.ip_permissions_egress.empty?
puts 'Outbound rules:'
sg.ip_permissions_egress.each do |p|
describe_security_group_permissions(p)
end
end
# Deletes an Amazon Elastic Compute Cloud (Amazon EC2)
# security group.
def security_group_deleted?(ec2_client, security_group_id)
ec2_client.delete_security_group(group_id: security_group_id)
puts "Deleted security group '#{security_group_id}'."
true
rescue StandardError => e
puts "Error deleting security group: #{e.message}"
false
end
# Example usage with refactored run_me to reduce complexity
def run_me
group_name, description, vpc_id, ip_protocol_http, from_port_http, to_port_http, \
cidr_ip_range_http, ip_protocol_ssh, from_port_ssh, to_port_ssh, \
cidr_ip_range_ssh, region = process_arguments
ec2_client = Aws::EC2::Client.new(region: region)
security_group_id = attempt_create_security_group(ec2_client, group_name, description, vpc_id)
security_group_exists = security_group_id != 'Error'
if security_group_exists
add_inbound_rules(ec2_client, security_group_id, ip_protocol_http, from_port_http, to_port_http, cidr_ip_range_http)
add_inbound_rules(ec2_client, security_group_id, ip_protocol_ssh, from_port_ssh, to_port_ssh, cidr_ip_range_ssh)
end
describe_security_groups(ec2_client)
attempt_delete_security_group(ec2_client, security_group_id) if security_group_exists
end
def process_arguments
if ARGV[0] == '--help' || ARGV[0] == '-h'
display_help
exit 1
elsif ARGV.count.zero?
default_values
else
ARGV
end
end
def attempt_create_security_group(ec2_client, group_name, description, vpc_id)
puts 'Attempting to create security group...'
security_group_id = create_security_group(ec2_client, group_name, description, vpc_id)
puts 'Could not create security group. Skipping this step.' if security_group_id == 'Error'
security_group_id
end
def add_inbound_rules(ec2_client, security_group_id, ip_protocol, from_port, to_port, cidr_ip_range)
puts 'Attempting to add inbound rules to security group...'
return if security_group_ingress_authorized?(ec2_client, security_group_id, ip_protocol, from_port, to_port,
cidr_ip_range)
puts 'Could not add inbound rule to security group. Skipping this step.'
end
def attempt_delete_security_group(ec2_client, security_group_id)
puts "\nAttempting to delete security group..."
return if security_group_deleted?(ec2_client, security_group_id)
puts 'Could not delete security group. You must delete it yourself.'
end
def display_help
puts 'Usage: ruby ec2-ruby-example-security-group.rb ' \
'GROUP_NAME DESCRIPTION VPC_ID IP_PROTOCOL_1 FROM_PORT_1 TO_PORT_1 ' \
'CIDR_IP_RANGE_1 IP_PROTOCOL_2 FROM_PORT_2 TO_PORT_2 ' \
'CIDR_IP_RANGE_2 REGION'
puts 'Example: ruby ec2-ruby-example-security-group.rb ' \
"my-security-group 'This is my security group.' vpc-6713dfEX " \
"tcp 80 80 '0.0.0.0/0' tcp 22 22 '0.0.0.0/0' us-west-2"
end
def default_values
[
'my-security-group', 'This is my security group.', 'vpc-6713dfEX', 'tcp', '80', '80',
'0.0.0.0/0', 'tcp', '22', '22', '0.0.0.0/0', 'us-west-2'
]
end
run_me if $PROGRAM_NAME == __FILE__
```
+ For API details, see [CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateSecurityGroup) in *AWS SDK for Ruby API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
```
pub async fn create_security_group(
&self,
name: &str,
description: &str,
) -> Result {
tracing::info!("Creating security group {name}");
let create_output = self
.client
.create_security_group()
.group_name(name)
.description(description)
.send()
.await
.map_err(EC2Error::from)?;
let group_id = create_output
.group_id
.ok_or_else(|| EC2Error::new("Missing security group id after creation"))?;
let group = self
.describe_security_group(&group_id)
.await?
.ok_or_else(|| {
EC2Error::new(format!("Could not find security group with id {group_id}"))
})?;
tracing::info!("Created security group {name} as {group_id}");
Ok(group)
}
```
+ For API details, see [CreateSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_security_group) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
oo_result = lo_ec2->createsecuritygroup( " oo_result is returned for testing purposes. "
iv_description = 'Security group example'
iv_groupname = iv_security_group_name
iv_vpcid = iv_vpc_id ).
MESSAGE 'Security group created.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [CreateSecurityGroup](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
```
import AWSEC2
/// Create a new security group.
///
/// - Parameters:
/// - groupName: The name of the group to create.
/// - groupDescription: A description of the new security group.
///
/// - Returns: The ID string of the new security group.
func createSecurityGroup(name groupName: String, description groupDescription: String) async -> String? {
do {
let output = try await ec2Client.createSecurityGroup(
input: CreateSecurityGroupInput(
description: groupDescription,
groupName: groupName
)
)
return output.groupId
} catch {
print("*** Error creating the security group: \(error.localizedDescription)")
return nil
}
}
```
+ For API details, see [CreateSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createsecuritygroup(input:)) in *AWS SDK for Swift API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateSnapshot` with a CLI
The following code examples show how to use `CreateSnapshot`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Working with Amazon EBS encryption, snapshots, and volume initialization](example_ec2_GettingStarted_022_section.md)
------
#### [ CLI ]
**AWS CLI**
**To create a snapshot**
This example command creates a snapshot of the volume with a volume ID of `vol-1234567890abcdef0` and a short description to identify the snapshot.
Command:
```
aws ec2 create-snapshot --volume-id vol-1234567890abcdef0 --description "This is my root volume snapshot"
```
Output:
```
{
"Description": "This is my root volume snapshot",
"Tags": [],
"Encrypted": false,
"VolumeId": "vol-1234567890abcdef0",
"State": "pending",
"VolumeSize": 8,
"StartTime": "2018-02-28T21:06:01.000Z",
"Progress": "",
"OwnerId": "012345678910",
"SnapshotId": "snap-066877671789bd71b"
}
```
**To create a snapshot with tags**
This example command creates a snapshot and applies two tags: purpose=prod and costcenter=123.
Command:
```
aws ec2 create-snapshot --volume-id vol-1234567890abcdef0 --description 'Prod backup' --tag-specifications 'ResourceType=snapshot,Tags=[{Key=purpose,Value=prod},{Key=costcenter,Value=123}]'
```
Output:
```
{
"Description": "Prod backup",
"Tags": [
{
"Value": "prod",
"Key": "purpose"
},
{
"Value": "123",
"Key": "costcenter"
}
],
"Encrypted": false,
"VolumeId": "vol-1234567890abcdef0",
"State": "pending",
"VolumeSize": 8,
"StartTime": "2018-02-28T21:06:06.000Z",
"Progress": "",
"OwnerId": "012345678910",
"SnapshotId": "snap-09ed24a70bc19bbe4"
}
```
+ For API details, see [CreateSnapshot](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-snapshot.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a snapshot of the specified volume.**
```
New-EC2Snapshot -VolumeId vol-12345678 -Description "This is a test"
```
**Output:**
```
DataEncryptionKeyId :
Description : This is a test
Encrypted : False
KmsKeyId :
OwnerAlias :
OwnerId : 123456789012
Progress :
SnapshotId : snap-12345678
StartTime : 12/22/2015 1:28:42 AM
State : pending
StateMessage :
Tags : {}
VolumeId : vol-12345678
VolumeSize : 20
```
+ For API details, see [CreateSnapshot](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a snapshot of the specified volume.**
```
New-EC2Snapshot -VolumeId vol-12345678 -Description "This is a test"
```
**Output:**
```
DataEncryptionKeyId :
Description : This is a test
Encrypted : False
KmsKeyId :
OwnerAlias :
OwnerId : 123456789012
Progress :
SnapshotId : snap-12345678
StartTime : 12/22/2015 1:28:42 AM
State : pending
StateMessage :
Tags : {}
VolumeId : vol-12345678
VolumeSize : 20
```
+ For API details, see [CreateSnapshot](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateSpotDatafeedSubscription` with a CLI
The following code examples show how to use `CreateSpotDatafeedSubscription`.
------
#### [ CLI ]
**AWS CLI**
**To create a Spot Instance data feed**
The following `create-spot-datafeed-subscription` example creates a Spot Instance data feed.
```
aws ec2 create-spot-datafeed-subscription \
--bucket amzn-s3-demo-bucket \
--prefix spot-data-feed
```
Output:
```
{
"SpotDatafeedSubscription": {
"Bucket": "amzn-s3-demo-bucket",
"OwnerId": "123456789012",
"Prefix": "spot-data-feed",
"State": "Active"
}
}
```
The data feed is stored in the Amazon S3 bucket that you specified. The file names for this data feed have the following format.
```
amzn-s3-demo-bucket.s3.amazonaws.com/spot-data-feed/123456789012.YYYY-MM-DD-HH.n.abcd1234.gz
```
For more information, see [Spot Instance data feed](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html) in the *Amazon EC2 User Guide*.
+ For API details, see [CreateSpotDatafeedSubscription](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-spot-datafeed-subscription.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a Spot instance data feed.**
```
New-EC2SpotDatafeedSubscription -Bucket amzn-s3-demo-bucket -Prefix spotdata
```
**Output:**
```
Bucket : amzn-s3-demo-bucket
Fault :
OwnerId : 123456789012
Prefix : spotdata
State : Active
```
+ For API details, see [CreateSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a Spot instance data feed.**
```
New-EC2SpotDatafeedSubscription -Bucket amzn-s3-demo-bucket -Prefix spotdata
```
**Output:**
```
Bucket : amzn-s3-demo-bucket
Fault :
OwnerId : 123456789012
Prefix : spotdata
State : Active
```
+ For API details, see [CreateSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateSubnet` with an AWS SDK or CLI
The following code examples show how to use `CreateSubnet`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [Getting started with Amazon VPC Transit Gateway](example_vpc_TransitGatewayGettingStarted_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
+ [Working with VPC peering connections](example_ec2_GettingStarted_015_section.md)
------
#### [ CLI ]
**AWS CLI**
**Example 1: To create a subnet with an IPv4 CIDR block only**
The following `create-subnet` example creates a subnet in the specified VPC with the specified IPv4 CIDR block.
```
aws ec2 create-subnet \
--vpc-id vpc-081ec835f3EXAMPLE \
--cidr-block 10.0.0.0/24 \
--tag-specifications ResourceType=subnet,Tags=[{Key=Name,Value=my-ipv4-only-subnet}]
```
Output:
```
{
"Subnet": {
"AvailabilityZone": "us-west-2a",
"AvailabilityZoneId": "usw2-az2",
"AvailableIpAddressCount": 251,
"CidrBlock": "10.0.0.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-0e99b93155EXAMPLE",
"VpcId": "vpc-081ec835f3EXAMPLE",
"OwnerId": "123456789012",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [],
"Tags": [
{
"Key": "Name",
"Value": "my-ipv4-only-subnet"
}
],
"SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0e99b93155EXAMPLE"
}
}
```
**Example 2: To create a subnet with both IPv4 and IPv6 CIDR blocks**
The following `create-subnet` example creates a subnet in the specified VPC with the specified IPv4 and IPv6 CIDR blocks.
```
aws ec2 create-subnet \
--vpc-id vpc-081ec835f3EXAMPLE \
--cidr-block 10.0.0.0/24 \
--ipv6-cidr-block 2600:1f16:cfe:3660::/64 \
--tag-specifications ResourceType=subnet,Tags=[{Key=Name,Value=my-ipv4-ipv6-subnet}]
```
Output:
```
{
"Subnet": {
"AvailabilityZone": "us-west-2a",
"AvailabilityZoneId": "usw2-az2",
"AvailableIpAddressCount": 251,
"CidrBlock": "10.0.0.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-0736441d38EXAMPLE",
"VpcId": "vpc-081ec835f3EXAMPLE",
"OwnerId": "123456789012",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [
{
"AssociationId": "subnet-cidr-assoc-06c5f904499fcc623",
"Ipv6CidrBlock": "2600:1f13:cfe:3660::/64",
"Ipv6CidrBlockState": {
"State": "associating"
}
}
],
"Tags": [
{
"Key": "Name",
"Value": "my-ipv4-ipv6-subnet"
}
],
"SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0736441d38EXAMPLE"
}
}
```
**Example 3: To create a subnet with an IPv6 CIDR block only**
The following `create-subnet` example creates a subnet in the specified VPC with the specified IPv6 CIDR block.
```
aws ec2 create-subnet \
--vpc-id vpc-081ec835f3EXAMPLE \
--ipv6-native \
--ipv6-cidr-block 2600:1f16:115:200::/64 \
--tag-specifications ResourceType=subnet,Tags=[{Key=Name,Value=my-ipv6-only-subnet}]
```
Output:
```
{
"Subnet": {
"AvailabilityZone": "us-west-2a",
"AvailabilityZoneId": "usw2-az2",
"AvailableIpAddressCount": 0,
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-03f720e7deEXAMPLE",
"VpcId": "vpc-081ec835f3EXAMPLE",
"OwnerId": "123456789012",
"AssignIpv6AddressOnCreation": true,
"Ipv6CidrBlockAssociationSet": [
{
"AssociationId": "subnet-cidr-assoc-01ef639edde556709",
"Ipv6CidrBlock": "2600:1f13:cfe:3660::/64",
"Ipv6CidrBlockState": {
"State": "associating"
}
}
],
"Tags": [
{
"Key": "Name",
"Value": "my-ipv6-only-subnet"
}
],
"SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-03f720e7deEXAMPLE"
}
}
```
For more information, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide*.
+ For API details, see [CreateSubnet](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-subnet.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a subnet with the specified CIDR.**
```
New-EC2Subnet -VpcId vpc-12345678 -CidrBlock 10.0.0.0/24
```
**Output:**
```
AvailabilityZone : us-west-2c
AvailableIpAddressCount : 251
CidrBlock : 10.0.0.0/24
DefaultForAz : False
MapPublicIpOnLaunch : False
State : pending
SubnetId : subnet-1a2b3c4d
Tag : {}
VpcId : vpc-12345678
```
+ For API details, see [CreateSubnet](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a subnet with the specified CIDR.**
```
New-EC2Subnet -VpcId vpc-12345678 -CidrBlock 10.0.0.0/24
```
**Output:**
```
AvailabilityZone : us-west-2c
AvailableIpAddressCount : 251
CidrBlock : 10.0.0.0/24
DefaultForAz : False
MapPublicIpOnLaunch : False
State : pending
SubnetId : subnet-1a2b3c4d
Tag : {}
VpcId : vpc-12345678
```
+ For API details, see [CreateSubnet](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Ruby ]
**SDK for Ruby**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples).
```
require 'aws-sdk-ec2'
# Creates a subnet within a virtual private cloud (VPC) in
# Amazon Virtual Private Cloud (Amazon VPC) and then tags
# the subnet.
#
# Prerequisites:
#
# - A VPC in Amazon VPC.
#
# @param ec2_resource [Aws::EC2::Resource] An initialized
# Amazon Elastic Compute Cloud (Amazon EC2) resource object.
# @param vpc_id [String] The ID of the VPC for the subnet.
# @param cidr_block [String] The IPv4 CIDR block for the subnet.
# @param availability_zone [String] The ID of the Availability Zone
# for the subnet.
# @param tag_key [String] The key portion of the tag for the subnet.
# @param tag_vlue [String] The value portion of the tag for the subnet.
# @return [Boolean] true if the subnet was created and tagged;
# otherwise, false.
# @example
# exit 1 unless subnet_created_and_tagged?(
# Aws::EC2::Resource.new(region: 'us-west-2'),
# 'vpc-6713dfEX',
# '10.0.0.0/24',
# 'us-west-2a',
# 'my-key',
# 'my-value'
# )
def subnet_created_and_tagged?(
ec2_resource,
vpc_id,
cidr_block,
availability_zone,
tag_key,
tag_value
)
subnet = ec2_resource.create_subnet(
vpc_id: vpc_id,
cidr_block: cidr_block,
availability_zone: availability_zone
)
subnet.create_tags(
tags: [
{
key: tag_key,
value: tag_value
}
]
)
puts "Subnet created with ID '#{subnet.id}' in VPC with ID '#{vpc_id}' " \
"and CIDR block '#{cidr_block}' in availability zone " \
"'#{availability_zone}' and tagged with key '#{tag_key}' and " \
"value '#{tag_value}'."
true
rescue StandardError => e
puts "Error creating or tagging subnet: #{e.message}"
false
end
# Example usage:
def run_me
vpc_id = ''
cidr_block = ''
availability_zone = ''
tag_key = ''
tag_value = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-create-subnet.rb ' \
'VPC_ID CIDR_BLOCK AVAILABILITY_ZONE TAG_KEY TAG_VALUE REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-create-subnet.rb ' \
'vpc-6713dfEX 10.0.0.0/24 us-west-2a my-key my-value us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
elsif ARGV.count.zero?
vpc_id = 'vpc-6713dfEX'
cidr_block = '10.0.0.0/24'
availability_zone = 'us-west-2a'
tag_key = 'my-key'
tag_value = 'my-value'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
vpc_id = ARGV[0]
cidr_block = ARGV[1]
availability_zone = ARGV[2]
tag_key = ARGV[3]
tag_value = ARGV[4]
region = ARGV[5]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
if subnet_created_and_tagged?(
ec2_resource,
vpc_id,
cidr_block,
availability_zone,
tag_key,
tag_value
)
puts 'Subnet created and tagged.'
else
puts 'Subnet not created or not tagged.'
end
end
run_me if $PROGRAM_NAME == __FILE__
```
+ For API details, see [CreateSubnet](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateSubnet) in *AWS SDK for Ruby API Reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateTags` with an AWS SDK or CLI
The following code examples show how to use `CreateTags`.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! Add or overwrite only the specified tags for the specified Amazon Elastic Compute Cloud (Amazon EC2) resource or resources.
/*!
\param resources: The resources for the tags.
\param tags: Vector of tags.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::createTags(const Aws::Vector &resources,
const Aws::Vector &tags,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::CreateTagsRequest createTagsRequest;
createTagsRequest.SetResources(resources);
createTagsRequest.SetTags(tags);
Aws::EC2::Model::CreateTagsOutcome outcome = ec2Client.CreateTags(createTagsRequest);
if (outcome.IsSuccess()) {
std::cout << "Successfully created tags for resources" << std::endl;
} else {
std::cerr << "Failed to create tags for resources, " << outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ For API details, see [CreateTags](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/CreateTags) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To add a tag to a resource**
The following `create-tags` example adds the tag `Stack=production` to the specified image, or overwrites an existing tag for the AMI where the tag key is `Stack`.
```
aws ec2 create-tags \
--resources ami-1234567890abcdef0 \
--tags Key=Stack,Value=production
```
This command produces no output
**Example 2: To add tags to multiple resources**
The following `create-tags` example adds (or overwrites) two tags for an AMI and an instance. One of the tags has a key (`webserver`) but no value (value is set to an empty string). The other tag has a key (`stack`) and a value (`Production`).
```
aws ec2 create-tags \
--resources ami-1a2b3c4d i-1234567890abcdef0 \
--tags Key=webserver,Value= Key=stack,Value=Production
```
This command produces no output
**Example 3: To add tags containing special characters**
The following `create-tags` examples add the tag `[Group]=test` for an instance. The square brackets ([ and ]) are special characters, and must be escaped. The following examples also use the line continuation character appropriate for each environment.
If you are using Windows, surround the element that has special characters with double quotes ("), and then precede each double quote character with a backslash (\$1) as follows.
```
aws ec2 create-tags ^
--resources i-1234567890abcdef0 ^
--tags Key=\"[Group]\",Value=test
```
If you are using Windows PowerShell, surround the element the value that has special characters with double quotes ("), precede each double quote character with a backslash (\$1), and then surround the entire key and value structure with single quotes (') as follows.
```
aws ec2 create-tags `
--resources i-1234567890abcdef0 `
--tags 'Key=\"[Group]\",Value=test'
```
If you are using Linux or OS X, surround the element that has special characters with double quotes ("), and then surround the entire key and value structure with single quotes (') as follows.
```
aws ec2 create-tags \
--resources i-1234567890abcdef0 \
--tags 'Key="[Group]",Value=test'
```
For more information, see [Tag your Amazon EC2 resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) in the *Amazon EC2 User Guide*.
+ For API details, see [CreateTags](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-tags.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example adds a single tag to the specified resource. The tag key is 'myTag' and the tag value is 'myTagValue'. The syntax used by this example requires PowerShell version 3 or higher.**
```
New-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag"; Value="myTagValue" }
```
**Example 2: This example updates or adds the specified tags to the specified resource. The syntax used by this example requires PowerShell version 3 or higher.**
```
New-EC2Tag -Resource i-12345678 -Tag @( @{ Key="myTag"; Value="newTagValue" }, @{ Key="test"; Value="anotherTagValue" } )
```
**Example 3: With PowerShell version 2, you must use New-Object to create the tag for the Tag parameter.**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
New-EC2Tag -Resource i-12345678 -Tag $tag
```
+ For API details, see [CreateTags](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example adds a single tag to the specified resource. The tag key is 'myTag' and the tag value is 'myTagValue'. The syntax used by this example requires PowerShell version 3 or higher.**
```
New-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag"; Value="myTagValue" }
```
**Example 2: This example updates or adds the specified tags to the specified resource. The syntax used by this example requires PowerShell version 3 or higher.**
```
New-EC2Tag -Resource i-12345678 -Tag @( @{ Key="myTag"; Value="newTagValue" }, @{ Key="test"; Value="anotherTagValue" } )
```
**Example 3: With PowerShell version 2, you must use New-Object to create the tag for the Tag parameter.**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
New-EC2Tag -Resource i-12345678 -Tag $tag
```
+ For API details, see [CreateTags](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
This example applies the Name tag After creating an instance.
```
pub async fn create_instance<'a>(
&self,
image_id: &'a str,
instance_type: InstanceType,
key_pair: &'a KeyPairInfo,
security_groups: Vec<&'a SecurityGroup>,
) -> Result {
let run_instances = self
.client
.run_instances()
.image_id(image_id)
.instance_type(instance_type)
.key_name(
key_pair
.key_name()
.ok_or_else(|| EC2Error::new("Missing key name when launching instance"))?,
)
.set_security_group_ids(Some(
security_groups
.iter()
.filter_map(|sg| sg.group_id.clone())
.collect(),
))
.min_count(1)
.max_count(1)
.send()
.await?;
if run_instances.instances().is_empty() {
return Err(EC2Error::new("Failed to create instance"));
}
let instance_id = run_instances.instances()[0].instance_id().unwrap();
let response = self
.client
.create_tags()
.resources(instance_id)
.tags(
Tag::builder()
.key("Name")
.value("From SDK Examples")
.build(),
)
.send()
.await;
match response {
Ok(_) => tracing::info!("Created {instance_id} and applied tags."),
Err(err) => {
tracing::info!("Error applying tags to {instance_id}: {err:?}");
return Err(err.into());
}
}
tracing::info!("Instance is created.");
Ok(instance_id.to_string())
}
```
+ For API details, see [CreateTags](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_tags) in *AWS SDK for Rust API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateVolume` with a CLI
The following code examples show how to use `CreateVolume`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Creating and managing Amazon EBS volumes](example_ec2_GettingStarted_020_section.md)
+ [Working with Amazon EBS encryption, snapshots, and volume initialization](example_ec2_GettingStarted_022_section.md)
------
#### [ CLI ]
**AWS CLI**
**To create an empty General Purpose SSD (gp2) volume**
The following `create-volume` example creates an 80 GiB General Purpose SSD (gp2) volume in the specified Availability Zone. Note that the current Region must be `us-east-1`, or you can add the `--region` parameter to specify the Region for the command.
```
aws ec2 create-volume \
--volume-type gp2 \
--size 80 \
--availability-zone us-east-1a
```
Output:
```
{
"AvailabilityZone": "us-east-1a",
"Tags": [],
"Encrypted": false,
"VolumeType": "gp2",
"VolumeId": "vol-1234567890abcdef0",
"State": "creating",
"Iops": 240,
"SnapshotId": "",
"CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"Size": 80
}
```
If you do not specify a volume type, the default volume type is `gp2`.
```
aws ec2 create-volume \
--size 80 \
--availability-zone us-east-1a
```
**Example 2: To create a Provisioned IOPS SSD (io1) volume from a snapshot**
The following `create-volume` example creates a Provisioned IOPS SSD (io1) volume with 1000 provisioned IOPS in the specified Availability Zone using the specified snapshot.
```
aws ec2 create-volume \
--volume-type io1 \
--iops 1000 \
--snapshot-id snap-066877671789bd71b \
--availability-zone us-east-1a
```
Output:
```
{
"AvailabilityZone": "us-east-1a",
"Tags": [],
"Encrypted": false,
"VolumeType": "io1",
"VolumeId": "vol-1234567890abcdef0",
"State": "creating",
"Iops": 1000,
"SnapshotId": "snap-066877671789bd71b",
"CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"Size": 500
}
```
**Example 3: To create an encrypted volume**
The following `create-volume` example creates an encrypted volume using the default CMK for EBS encryption. If encryption by default is disabled, you must specify the `--encrypted` parameter as follows.
```
aws ec2 create-volume \
--size 80 \
--encrypted \
--availability-zone us-east-1a
```
Output:
```
{
"AvailabilityZone": "us-east-1a",
"Tags": [],
"Encrypted": true,
"VolumeType": "gp2",
"VolumeId": "vol-1234567890abcdef0",
"State": "creating",
"Iops": 240,
"SnapshotId": "",
"CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"Size": 80
}
```
If encryption by default is enabled, the following example command creates an encrypted volume, even without the `--encrypted` parameter.
```
aws ec2 create-volume \
--size 80 \
--availability-zone us-east-1a
```
If you use the `--kms-key-id` parameter to specify a customer managed CMK, you must specify the `--encrypted` parameter even if encryption by default is enabled.
```
aws ec2 create-volume \
--volume-type gp2 \
--size 80 \
--encrypted \
--kms-key-id 0ea3fef3-80a7-4778-9d8c-1c0c6EXAMPLE \
--availability-zone us-east-1a
```
**Example 4: To create a volume with tags**
The following `create-volume` example creates a volume and adds two tags.
```
aws ec2 create-volume \
--availability-zone us-east-1a \
--volume-type gp2 \
--size 80 \
--tag-specifications 'ResourceType=volume,Tags=[{Key=purpose,Value=production},{Key=cost-center,Value=cc123}]'
```
+ For API details, see [CreateVolume](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-volume.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates the specified volume.**
```
New-EC2Volume -Size 50 -AvailabilityZone us-west-2a -VolumeType gp2
```
**Output:**
```
Attachments : {}
AvailabilityZone : us-west-2a
CreateTime : 12/22/2015 1:42:07 AM
Encrypted : False
Iops : 150
KmsKeyId :
Size : 50
SnapshotId :
State : creating
Tags : {}
VolumeId : vol-12345678
VolumeType : gp2
```
**Example 2: This example request creates a volume and applies a tag with a key of stack and a value of production.**
```
$tag = @{ Key="stack"; Value="production" }
$tagspec = new-object Amazon.EC2.Model.TagSpecification
$tagspec.ResourceType = "volume"
$tagspec.Tags.Add($tag)
New-EC2Volume -Size 80 -AvailabilityZone "us-west-2a" -TagSpecification $tagspec
```
+ For API details, see [CreateVolume](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates the specified volume.**
```
New-EC2Volume -Size 50 -AvailabilityZone us-west-2a -VolumeType gp2
```
**Output:**
```
Attachments : {}
AvailabilityZone : us-west-2a
CreateTime : 12/22/2015 1:42:07 AM
Encrypted : False
Iops : 150
KmsKeyId :
Size : 50
SnapshotId :
State : creating
Tags : {}
VolumeId : vol-12345678
VolumeType : gp2
```
**Example 2: This example request creates a volume and applies a tag with a key of stack and a value of production.**
```
$tag = @{ Key="stack"; Value="production" }
$tagspec = new-object Amazon.EC2.Model.TagSpecification
$tagspec.ResourceType = "volume"
$tagspec.Tags.Add($tag)
New-EC2Volume -Size 80 -AvailabilityZone "us-west-2a" -TagSpecification $tagspec
```
+ For API details, see [CreateVolume](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateVpc` with an AWS SDK or CLI
The following code examples show how to use `CreateVpc`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [Getting started with Amazon VPC Transit Gateway](example_vpc_TransitGatewayGettingStarted_section.md)
+ [VPC with IPAM](example_vpc_GettingStartedIpam_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
+ [Working with VPC peering connections](example_ec2_GettingStarted_015_section.md)
------
#### [ CLI ]
**AWS CLI**
**Example 1: To create a VPC**
The following `create-vpc` example creates a VPC with the specified IPv4 CIDR block and a Name tag.
```
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--tag-specifications ResourceType=vpc,Tags=[{Key=Name,Value=MyVpc}]
```
Output:
```
{
"Vpc": {
"CidrBlock": "10.0.0.0/16",
"DhcpOptionsId": "dopt-5EXAMPLE",
"State": "pending",
"VpcId": "vpc-0a60eb65b4EXAMPLE",
"OwnerId": "123456789012",
"InstanceTenancy": "default",
"Ipv6CidrBlockAssociationSet": [],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-07501b79ecEXAMPLE",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false,
"Tags": [
{
"Key": "Name",
"Value": MyVpc"
}
]
}
}
```
**Example 2: To create a VPC with dedicated tenancy**
The following `create-vpc` example creates a VPC with the specified IPv4 CIDR block and dedicated tenancy.
```
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--instance-tenancy dedicated
```
Output:
```
{
"Vpc": {
"CidrBlock": "10.0.0.0/16",
"DhcpOptionsId": "dopt-19edf471",
"State": "pending",
"VpcId": "vpc-0a53287fa4EXAMPLE",
"OwnerId": "111122223333",
"InstanceTenancy": "dedicated",
"Ipv6CidrBlockAssociationSet": [],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-00b24cc1c2EXAMPLE",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false
}
}
```
**Example 3: To create a VPC with an IPv6 CIDR block**
The following `create-vpc` example creates a VPC with an Amazon-provided IPv6 CIDR block.
```
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--amazon-provided-ipv6-cidr-block
```
Output:
```
{
"Vpc": {
"CidrBlock": "10.0.0.0/16",
"DhcpOptionsId": "dopt-dEXAMPLE",
"State": "pending",
"VpcId": "vpc-0fc5e3406bEXAMPLE",
"OwnerId": "123456789012",
"InstanceTenancy": "default",
"Ipv6CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-068432c60bEXAMPLE",
"Ipv6CidrBlock": "",
"Ipv6CidrBlockState": {
"State": "associating"
},
"Ipv6Pool": "Amazon",
"NetworkBorderGroup": "us-west-2"
}
],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-0669f8f9f5EXAMPLE",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false
}
}
```
**Example 4: To create a VPC with a CIDR from an IPAM pool**
The following `create-vpc` example creates a VPC with a CIDR from an Amazon VPC IP Address Manager (IPAM) pool.
Linux and macOS:
```
aws ec2 create-vpc \
--ipv4-ipam-pool-id ipam-pool-0533048da7d823723 \
--tag-specifications ResourceType=vpc,Tags='[{Key=Environment,Value="Preprod"},{Key=Owner,Value="Build Team"}]'
```
Windows:
```
aws ec2 create-vpc ^
--ipv4-ipam-pool-id ipam-pool-0533048da7d823723 ^
--tag-specifications ResourceType=vpc,Tags=[{Key=Environment,Value="Preprod"},{Key=Owner,Value="Build Team"}]
```
Output:
```
{
"Vpc": {
"CidrBlock": "10.0.1.0/24",
"DhcpOptionsId": "dopt-2afccf50",
"State": "pending",
"VpcId": "vpc-010e1791024eb0af9",
"OwnerId": "123456789012",
"InstanceTenancy": "default",
"Ipv6CidrBlockAssociationSet": [],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-0a77de1d803226d4b",
"CidrBlock": "10.0.1.0/24",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false,
"Tags": [
{
"Key": "Environment",
"Value": "Preprod"
},
{
"Key": "Owner",
"Value": "Build Team"
}
]
}
}
```
For more information, see [Create a VPC that uses an IPAM pool CIDR](https://docs.aws.amazon.com/vpc/latest/ipam/create-vpc-ipam.html) in the *Amazon VPC IPAM User Guide*.
+ For API details, see [CreateVpc](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpc.html) in *AWS CLI Command Reference*.
------
#### [ PHP ]
**SDK for PHP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples).
```
/**
* @param string $cidr
* @return array
*/
public function createVpc(string $cidr): array
{
try {
$result = $this->ec2Client->createVpc([
"CidrBlock" => $cidr,
]);
return $result['Vpc'];
}catch(Ec2Exception $caught){
echo "There was a problem creating the VPC: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ For API details, see [CreateVpc](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/CreateVpc) in *AWS SDK for PHP API Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a VPC with the specified CIDR. Amazon VPC also creates the following for the VPC: a default DHCP options set, a main route table, and a default network ACL.**
```
New-EC2VPC -CidrBlock 10.0.0.0/16
```
**Output:**
```
CidrBlock : 10.0.0.0/16
DhcpOptionsId : dopt-1a2b3c4d
InstanceTenancy : default
IsDefault : False
State : pending
Tags : {}
VpcId : vpc-12345678
```
+ For API details, see [CreateVpc](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a VPC with the specified CIDR. Amazon VPC also creates the following for the VPC: a default DHCP options set, a main route table, and a default network ACL.**
```
New-EC2VPC -CidrBlock 10.0.0.0/16
```
**Output:**
```
CidrBlock : 10.0.0.0/16
DhcpOptionsId : dopt-1a2b3c4d
InstanceTenancy : default
IsDefault : False
State : pending
Tags : {}
VpcId : vpc-12345678
```
+ For API details, see [CreateVpc](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(self, cidr_block: str) -> str:
"""
Creates a new Amazon VPC with the specified CIDR block.
:param cidr_block: The CIDR block for the new VPC, such as '10.0.0.0/16'.
:return: The ID of the new VPC.
"""
try:
response = self.ec2_client.create_vpc(CidrBlock=cidr_block)
vpc_id = response["Vpc"]["VpcId"]
waiter = self.ec2_client.get_waiter("vpc_available")
waiter.wait(VpcIds=[vpc_id])
return vpc_id
except ClientError as client_error:
logging.error(
"Couldn't create the vpc. Here's why: %s",
client_error.response["Error"]["Message"],
)
raise
```
+ For API details, see [CreateVpc](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateVpc) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Ruby ]
**SDK for Ruby**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples).
```
require 'aws-sdk-ec2'
# Creates a virtual private cloud (VPC) in
# Amazon Virtual Private Cloud (Amazon VPC) and then tags
# the VPC.
#
# @param ec2_resource [Aws::EC2::Resource] An initialized
# Amazon Elastic Compute Cloud (Amazon EC2) resource object.
# @param cidr_block [String] The IPv4 CIDR block for the subnet.
# @param tag_key [String] The key portion of the tag for the VPC.
# @param tag_value [String] The value portion of the tag for the VPC.
# @return [Boolean] true if the VPC was created and tagged;
# otherwise, false.
# @example
# exit 1 unless vpc_created_and_tagged?(
# Aws::EC2::Resource.new(region: 'us-west-2'),
# '10.0.0.0/24',
# 'my-key',
# 'my-value'
# )
def vpc_created_and_tagged?(
ec2_resource,
cidr_block,
tag_key,
tag_value
)
vpc = ec2_resource.create_vpc(cidr_block: cidr_block)
# Create a public DNS by enabling DNS support and DNS hostnames.
vpc.modify_attribute(enable_dns_support: { value: true })
vpc.modify_attribute(enable_dns_hostnames: { value: true })
vpc.create_tags(tags: [{ key: tag_key, value: tag_value }])
puts "Created VPC with ID '#{vpc.id}' and tagged with key " \
"'#{tag_key}' and value '#{tag_value}'."
true
rescue StandardError => e
puts e.message
false
end
# Example usage:
def run_me
cidr_block = ''
tag_key = ''
tag_value = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-create-vpc.rb ' \
'CIDR_BLOCK TAG_KEY TAG_VALUE REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-create-vpc.rb ' \
'10.0.0.0/24 my-key my-value us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
elsif ARGV.count.zero?
cidr_block = '10.0.0.0/24'
tag_key = 'my-key'
tag_value = 'my-value'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
cidr_block = ARGV[0]
tag_key = ARGV[1]
tag_value = ARGV[2]
region = ARGV[3]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
if vpc_created_and_tagged?(
ec2_resource,
cidr_block,
tag_key,
tag_value
)
puts 'VPC created and tagged.'
else
puts 'VPC not created or not tagged.'
end
end
run_me if $PROGRAM_NAME == __FILE__
```
+ For API details, see [CreateVpc](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateVpc) in *AWS SDK for Ruby API Reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
" iv_cidr_block = '10.0.0.0/16'
TRY.
oo_result = lo_ec2->createvpc( iv_cidrblock = iv_cidr_block ). " oo_result is returned for testing purposes. "
DATA(lv_vpc_id) = oo_result->get_vpc( )->get_vpcid( ).
MESSAGE 'Created VPC.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [CreateVpc](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateVpcEndpoint` with an AWS SDK or CLI
The following code examples show how to use `CreateVpcEndpoint`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ CLI ]
**AWS CLI**
**Example 1: To create a gateway endpoint**
The following `create-vpc-endpoint` example creates a gateway VPC endpoint between VPC `vpc-1a2b3c4d` and Amazon S3 in the `us-east-1` region, and associates route table `rtb-11aa22bb` with the endpoint.
```
aws ec2 create-vpc-endpoint \
--vpc-id vpc-1a2b3c4d \
--service-name com.amazonaws.us-east-1.s3 \
--route-table-ids rtb-11aa22bb
```
Output:
```
{
"VpcEndpoint": {
"PolicyDocument": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"\*\",\"Action\":\"\*\",\"Resource\":\"\*\"}]}",
"VpcId": "vpc-1a2b3c4d",
"State": "available",
"ServiceName": "com.amazonaws.us-east-1.s3",
"RouteTableIds": [
"rtb-11aa22bb"
],
"VpcEndpointId": "vpc-1a2b3c4d",
"CreationTimestamp": "2015-05-15T09:40:50Z"
}
}
```
For more information, see [Create a gateway endpoint](https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html#create-gateway-endpoint-s3) in the *AWS PrivateLink User Guide*.
**Example 2: To create an interface endpoint**
The following `create-vpc-endpoint` example creates an interface VPC endpoint between VPC `vpc-1a2b3c4d` and Amazon S3 in the `us-east-1` region. The command creates the endpoint in subnet `subnet-1a2b3c4d`, associates it with security group `sg-1a2b3c4d`, and adds a tag with a key of "Service" and a Value of "S3".
```
aws ec2 create-vpc-endpoint \
--vpc-id vpc-1a2b3c4d \
--vpc-endpoint-type Interface \
--service-name com.amazonaws.us-east-1.s3 \
--subnet-ids subnet-7b16de0c \
--security-group-id sg-1a2b3c4d \
--tag-specifications ResourceType=vpc-endpoint,Tags=[{Key=service,Value=S3}]
```
Output:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-1a2b3c4d5e6f1a2b3",
"VpcEndpointType": "Interface",
"VpcId": "vpc-1a2b3c4d",
"ServiceName": "com.amazonaws.us-east-1.s3",
"State": "pending",
"RouteTableIds": [],
"SubnetIds": [
"subnet-1a2b3c4d"
],
"Groups": [
{
"GroupId": "sg-1a2b3c4d",
"GroupName": "default"
}
],
"PrivateDnsEnabled": false,
"RequesterManaged": false,
"NetworkInterfaceIds": [
"eni-0b16f0581c8ac6877"
],
"DnsEntries": [
{
"DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg.s3.us-east-1.vpce.amazonaws.com",
"HostedZoneId": "Z7HUB22UULQXV"
},
{
"DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg-us-east-1c.s3.us-east-1.vpce.amazonaws.com",
"HostedZoneId": "Z7HUB22UULQXV"
}
],
"CreationTimestamp": "2021-03-05T14:46:16.030000+00:00",
"Tags": [
{
"Key": "service",
"Value": "S3"
}
],
"OwnerId": "123456789012"
}
}
```
For more information, see [Create an interface VPC endpoint](https://docs.aws.amazon.com/vpc/latest/privatelink/create-interface-endpoint.html) in the *AWS PrivateLink User Guide*.
**Example 3: To create a Gateway Load Balancer endpoint**
The following `create-vpc-endpoint` example creates a Gateway Load Balancer endpoint between VPC `vpc-111122223333aabbc` and and a service that is configured using a Gateway Load Balancer.
```
aws ec2 create-vpc-endpoint \
--service-name com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123 \
--vpc-endpoint-type GatewayLoadBalancer \
--vpc-id vpc-111122223333aabbc \
--subnet-ids subnet-0011aabbcc2233445
```
Output:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-aabbaabbaabbaabba",
"VpcEndpointType": "GatewayLoadBalancer",
"VpcId": "vpc-111122223333aabbc",
"ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123",
"State": "pending",
"SubnetIds": [
"subnet-0011aabbcc2233445"
],
"RequesterManaged": false,
"NetworkInterfaceIds": [
"eni-01010120203030405"
],
"CreationTimestamp": "2020-11-11T08:06:03.522Z",
"OwnerId": "123456789012"
}
}
```
For more information, see [Gateway Load Balancer endpoints](https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-load-balancer-endpoints.html) in the *AWS PrivateLink User Guide*.
**Example 4: To create a resource endpoint**
The following `create-vpc-endpoint` example creates a resource endpoint.
```
aws ec2 create-vpc-endpoint \
--vpc-endpoint-type Resource \
--vpc-id vpc-111122223333aabbc \
--subnet-ids subnet-0011aabbcc2233445 \
--resource-configuration-arn arn:aws:vpc-lattice-us-east-1:123456789012:resourceconfiguration/rcfg-0123abcde98765432
```
Output:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-00939a7ed9EXAMPLE",
"VpcEndpointType": "Resource",
"VpcId": "vpc-111122223333aabbc",
"State": "Pending",
"SubnetIds": [
"subnet-0011aabbcc2233445"
],
"Groups": [
{
"GroupId": "sg-03e2f15fbfc09b000",
"GroupName": "default"
}
],
"IpAddressType": "IPV4",
"PrivateDnsEnabled": false,
"CreationTimestamp": "2025-02-06T23:38:49.525000+00:00",
"Tags": [],
"OwnerId": "123456789012",
"ResourceConfigurationArn": "arn:aws:vpc-lattice:us-east-1:123456789012:resourceconfiguration/rcfg-0123abcde98765432"
}
}
```
For more information, see [Resource endpoints](https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-resources.html) in the *AWS PrivateLink User Guide*.
**Example 5: To create a service network endpoint**
The following `create-vpc-endpoint` example creates a service network endpoint.
```
aws ec2 create-vpc-endpoint \
--vpc-endpoint-type ServiceNetwork \
--vpc-id vpc-111122223333aabbc \
--subnet-ids subnet-0011aabbcc2233445 \
--service-network-arn arn:aws:vpc-lattice:us-east-1:123456789012:servicenetwork/sn-0101abcd5432abcd0 \
--security-group-ids sg-0123456789012abcd
```
Output:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-0f00567fa8EXAMPLE",
"VpcEndpointType": "ServiceNetwork",
"VpcId": "vpc-111122223333aabbc",
"State": "Pending",
"SubnetIds": [
"subnet-0011aabbcc2233445"
],
"Groups": [
{
"GroupId": "sg-0123456789012abcd",
"GroupName": "my-security-group"
}
],
"IpAddressType": "IPV4",
"PrivateDnsEnabled": false,
"CreationTimestamp": "2025-02-06T23:44:20.449000+00:00",
"Tags": [],
"OwnerId": "123456789012",
"ServiceNetworkArn": "arn:aws:vpc-lattice:us-east-1:123456789012:servicenetwork/sn-0101abcd5432abcd0"
}
}
```
For more information, see [Service network endpoints](https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-service-networks.html) in the *AWS PrivateLink User Guide*.
+ For API details, see [CreateVpcEndpoint](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpc-endpoint.html) in *AWS CLI Command Reference*.
------
#### [ PHP ]
**SDK for PHP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples).
```
/**
* @param string $serviceName
* @param string $vpcId
* @param array $routeTableIds
* @return array
*/
public function createVpcEndpoint(string $serviceName, string $vpcId, array $routeTableIds): array
{
try {
$result = $this->ec2Client->createVpcEndpoint([
'ServiceName' => $serviceName,
'VpcId' => $vpcId,
'RouteTableIds' => $routeTableIds,
]);
return $result["VpcEndpoint"];
} catch(Ec2Exception $caught){
echo "There was a problem creating the VPC Endpoint: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ For API details, see [CreateVpcEndpoint](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/CreateVpcEndpoint) in *AWS SDK for PHP API Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example create a new VPC Endpoint for the service com.amazonaws.eu-west-1.s3 in the VPC vpc-0fc1ff23f45b678eb**
```
New-EC2VpcEndpoint -ServiceName com.amazonaws.eu-west-1.s3 -VpcId vpc-0fc1ff23f45b678eb
```
**Output:**
```
ClientToken VpcEndpoint
----------- -----------
Amazon.EC2.Model.VpcEndpoint
```
+ For API details, see [CreateVpcEndpoint](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example create a new VPC Endpoint for the service com.amazonaws.eu-west-1.s3 in the VPC vpc-0fc1ff23f45b678eb**
```
New-EC2VpcEndpoint -ServiceName com.amazonaws.eu-west-1.s3 -VpcId vpc-0fc1ff23f45b678eb
```
**Output:**
```
ClientToken VpcEndpoint
----------- -----------
Amazon.EC2.Model.VpcEndpoint
```
+ For API details, see [CreateVpcEndpoint](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create_vpc_endpoint(
self, vpc_id: str, service_name: str, route_table_ids: list[str]
) -> Dict[str, Any]:
"""
Creates a new VPC endpoint for the specified service and associates it with the specified route tables.
:param vpc_id: The ID of the VPC to create the endpoint in.
:param service_name: The name of the service to create the endpoint for.
:param route_table_ids: A list of IDs of the route tables to associate with the endpoint.
:return: A dictionary representing the newly created VPC endpoint.
"""
try:
response = self.ec2_client.create_vpc_endpoint(
VpcId=vpc_id,
ServiceName=service_name,
RouteTableIds=route_table_ids,
)
return response["VpcEndpoint"]
except ClientError as err:
logger.error(
"Couldn't create VPC endpoint for service %s. Here's why: %s: %s",
service_name,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
```
+ For API details, see [CreateVpcEndpoint](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateVpcEndpoint) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
" iv_vpc_id = 'vpc-abc123'
" iv_service_name = 'com.amazonaws.region.service'
TRY.
oo_result = lo_ec2->createvpcendpoint( " oo_result is returned for testing purposes. "
iv_vpcid = iv_vpc_id
iv_servicename = iv_service_name
it_routetableids = it_route_table_ids ).
DATA(lv_vpc_endpoint_id) = oo_result->get_vpcendpoint( )->get_vpcendpointid( ).
MESSAGE 'Created VPC endpoint.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [CreateVpcEndpoint](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateVpnConnection` with a CLI
The following code examples show how to use `CreateVpnConnection`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To create a VPN connection with dynamic routing**
The following `create-vpn-connection` example creates a VPN connection between the specified virtual private gateway and the specified customer gateway, and applies tags to the VPN connection. The output includes the configuration information for your customer gateway device, in XML format.
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--customer-gateway-id cgw-001122334455aabbc \
--vpn-gateway-id vgw-1a1a1a1a1a1a2b2b2 \
--tag-specification 'ResourceType=vpn-connection,Tags=[{Key=Name,Value=BGP-VPN}]'
```
Output:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "...configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-123123123123abcab",
"VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": false,
"LocalIpv4NetworkCidr": "0.0.0.0/0",
"RemoteIpv4NetworkCidr": "0.0.0.0/0",
"TunnelInsideIpVersion": "ipv4",
"TunnelOptions": [
{},
{}
]
},
"Routes": [],
"Tags": [
{
"Key": "Name",
"Value": "BGP-VPN"
}
]
}
}
```
For more information, see [How AWS Site-to-Site VPN works](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html) in the *AWS Site-to-Site VPN User Guide*.
**Example 2: To create a VPN connection with static routing**
The following `create-vpn-connection` example creates a VPN connection between the specified virtual private gateway and the specified customer gateway. The options specify static routing. The output includes the configuration information for your customer gateway device, in XML format.
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--customer-gateway-id cgw-001122334455aabbc \
--vpn-gateway-id vgw-1a1a1a1a1a1a2b2b2 \
--options "{\"StaticRoutesOnly\":true}"
```
Output:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "..configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-123123123123abcab",
"VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": true,
"LocalIpv4NetworkCidr": "0.0.0.0/0",
"RemoteIpv4NetworkCidr": "0.0.0.0/0",
"TunnelInsideIpVersion": "ipv4",
"TunnelOptions": [
{},
{}
]
},
"Routes": [],
"Tags": []
}
}
```
For more information, see [How AWS Site-to-Site VPN works](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html) in the *AWS Site-to-Site VPN User Guide*.
**Example 3: To create a VPN connection and specify your own inside CIDR and pre-shared key**
The following `create-vpn-connection` example creates a VPN connection and specifies the inside IP address CIDR block and a custom pre-shared key for each tunnel. The specified values are returned in the `CustomerGatewayConfiguration` information.
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--customer-gateway-id cgw-001122334455aabbc \
--vpn-gateway-id vgw-1a1a1a1a1a1a2b2b2 \
--options TunnelOptions='[{TunnelInsideCidr=169.254.12.0/30,PreSharedKey=ExamplePreSharedKey1},{TunnelInsideCidr=169.254.13.0/30,PreSharedKey=ExamplePreSharedKey2}]'
```
Output:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "..configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-123123123123abcab",
"VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": false,
"LocalIpv4NetworkCidr": "0.0.0.0/0",
"RemoteIpv4NetworkCidr": "0.0.0.0/0",
"TunnelInsideIpVersion": "ipv4",
"TunnelOptions": [
{
"OutsideIpAddress": "203.0.113.3",
"TunnelInsideCidr": "169.254.12.0/30",
"PreSharedKey": "ExamplePreSharedKey1"
},
{
"OutsideIpAddress": "203.0.113.5",
"TunnelInsideCidr": "169.254.13.0/30",
"PreSharedKey": "ExamplePreSharedKey2"
}
]
},
"Routes": [],
"Tags": []
}
}
```
For more information, see [How AWS Site-to-Site VPN works](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html) in the *AWS Site-to-Site VPN User Guide*.
**Example 4: To create a VPN connection that supports IPv6 traffic**
The following `create-vpn-connection` example creates a VPN connection that supports IPv6 traffic between the specified transit gateway and specified customer gateway. The tunnel options for both tunnels specify that AWS must initiate the IKE negotiation.
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--transit-gateway-id tgw-12312312312312312 \
--customer-gateway-id cgw-001122334455aabbc \
--options TunnelInsideIpVersion=ipv6,TunnelOptions=[{StartupAction=start},{StartupAction=start}]
```
Output:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "..configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-11111111122222222",
"TransitGatewayId": "tgw-12312312312312312",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": false,
"LocalIpv6NetworkCidr": "::/0",
"RemoteIpv6NetworkCidr": "::/0",
"TunnelInsideIpVersion": "ipv6",
"TunnelOptions": [
{
"OutsideIpAddress": "203.0.113.3",
"StartupAction": "start"
},
{
"OutsideIpAddress": "203.0.113.5",
"StartupAction": "start"
}
]
},
"Routes": [],
"Tags": []
}
}
```
For more information, see [How AWS Site-to-Site VPN works](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html) in the *AWS Site-to-Site VPN User Guide*.
+ For API details, see [CreateVpnConnection](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpn-connection.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates a VPN connection between the specified virtual private gateway and the specified customer gateway. The output includes the configuration information that your network administrator needs, in XML format.**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d
```
**Output:**
```
CustomerGatewayConfiguration : [XML document]
CustomerGatewayId : cgw-1a2b3c4d
Options :
Routes : {}
State : pending
Tags : {}
Type :
VgwTelemetry : {}
VpnConnectionId : vpn-12345678
VpnGatewayId : vgw-1a2b3c4d
```
**Example 2: This example creates the VPN connection and captures the configuration in a file with the specified name.**
```
(New-EC2VpnConnection -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d).CustomerGatewayConfiguration | Out-File C:\path\vpn-configuration.xml
```
**Example 3: This example creates a VPN connection, with static routing, between the specified virtual private gateway and the specified customer gateway.**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d -Options_StaticRoutesOnly $true
```
+ For API details, see [CreateVpnConnection](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates a VPN connection between the specified virtual private gateway and the specified customer gateway. The output includes the configuration information that your network administrator needs, in XML format.**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d
```
**Output:**
```
CustomerGatewayConfiguration : [XML document]
CustomerGatewayId : cgw-1a2b3c4d
Options :
Routes : {}
State : pending
Tags : {}
Type :
VgwTelemetry : {}
VpnConnectionId : vpn-12345678
VpnGatewayId : vgw-1a2b3c4d
```
**Example 2: This example creates the VPN connection and captures the configuration in a file with the specified name.**
```
(New-EC2VpnConnection -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d).CustomerGatewayConfiguration | Out-File C:\path\vpn-configuration.xml
```
**Example 3: This example creates a VPN connection, with static routing, between the specified virtual private gateway and the specified customer gateway.**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d -Options_StaticRoutesOnly $true
```
+ For API details, see [CreateVpnConnection](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateVpnConnectionRoute` with a CLI
The following code examples show how to use `CreateVpnConnectionRoute`.
------
#### [ CLI ]
**AWS CLI**
**To create a static route for a VPN connection**
This example creates a static route for the specified VPN connection. If the command succeeds, no output is returned.
Command:
```
aws ec2 create-vpn-connection-route --vpn-connection-id vpn-40f41529 --destination-cidr-block 11.12.0.0/16
```
+ For API details, see [CreateVpnConnectionRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpn-connection-route.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates the specified static route for the specified VPN connection.**
```
New-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
+ For API details, see [CreateVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates the specified static route for the specified VPN connection.**
```
New-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
+ For API details, see [CreateVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `CreateVpnGateway` with a CLI
The following code examples show how to use `CreateVpnGateway`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Get started with Aws Direct Connect](example_directconnect_GettingStarted_051_section.md)
------
#### [ CLI ]
**AWS CLI**
**To create a virtual private gateway**
This example creates a virtual private gateway.
Command:
```
aws ec2 create-vpn-gateway --type ipsec.1
```
Output:
```
{
"VpnGateway": {
"AmazonSideAsn": 64512,
"State": "available",
"Type": "ipsec.1",
"VpnGatewayId": "vgw-9a4cacf3",
"VpcAttachments": []
}
}
```
**To create a virtual private gateway with a specific Amazon-side ASN**
This example creates a virtual private gateway and specifies the Autonomous System Number (ASN) for the Amazon side of the BGP session.
Command:
```
aws ec2 create-vpn-gateway --type ipsec.1 --amazon-side-asn 65001
```
Output:
```
{
"VpnGateway": {
"AmazonSideAsn": 65001,
"State": "available",
"Type": "ipsec.1",
"VpnGatewayId": "vgw-9a4cacf3",
"VpcAttachments": []
}
}
```
+ For API details, see [CreateVpnGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpn-gateway.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example creates the specified virtual private gateway.**
```
New-EC2VpnGateway -Type ipsec.1
```
**Output:**
```
AvailabilityZone :
State : available
Tags : {}
Type : ipsec.1
VpcAttachments : {}
VpnGatewayId : vgw-1a2b3c4d
```
+ For API details, see [CreateVpnGateway](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example creates the specified virtual private gateway.**
```
New-EC2VpnGateway -Type ipsec.1
```
**Output:**
```
AvailabilityZone :
State : available
Tags : {}
Type : ipsec.1
VpcAttachments : {}
VpnGatewayId : vgw-1a2b3c4d
```
+ For API details, see [CreateVpnGateway](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteCustomerGateway` with a CLI
The following code examples show how to use `DeleteCustomerGateway`.
------
#### [ CLI ]
**AWS CLI**
**To delete a customer gateway**
This example deletes the specified customer gateway. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-customer-gateway --customer-gateway-id cgw-0e11f167
```
+ For API details, see [DeleteCustomerGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-customer-gateway.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified customer gateway. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2CustomerGateway (DeleteCustomerGateway)" on Target "cgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteCustomerGateway](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified customer gateway. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2CustomerGateway (DeleteCustomerGateway)" on Target "cgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteCustomerGateway](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteDhcpOptions` with a CLI
The following code examples show how to use `DeleteDhcpOptions`.
------
#### [ CLI ]
**AWS CLI**
**To delete a DHCP options set**
This example deletes the specified DHCP options set. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-dhcp-options --dhcp-options-id dopt-d9070ebb
```
+ For API details, see [DeleteDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-dhcp-options.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified DHCP options set. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2DhcpOption (DeleteDhcpOptions)" on Target "dopt-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified DHCP options set. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2DhcpOption (DeleteDhcpOptions)" on Target "dopt-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteFlowLogs` with a CLI
The following code examples show how to use `DeleteFlowLogs`.
------
#### [ CLI ]
**AWS CLI**
**To delete a flow log**
The following `delete-flow-logs` example deletes the specified flow log.
```
aws ec2 delete-flow-logs --flow-log-id fl-11223344556677889
```
Output:
```
{
"Unsuccessful": []
}
```
+ For API details, see [DeleteFlowLogs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-flow-logs.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example removes the given FlowLogId fl-01a2b3456a789c01**
```
Remove-EC2FlowLog -FlowLogId fl-01a2b3456a789c01
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2FlowLog (DeleteFlowLogs)" on target "fl-01a2b3456a789c01".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Y
```
+ For API details, see [DeleteFlowLogs](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example removes the given FlowLogId fl-01a2b3456a789c01**
```
Remove-EC2FlowLog -FlowLogId fl-01a2b3456a789c01
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2FlowLog (DeleteFlowLogs)" on target "fl-01a2b3456a789c01".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Y
```
+ For API details, see [DeleteFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteInternetGateway` with a CLI
The following code examples show how to use `DeleteInternetGateway`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ CLI ]
**AWS CLI**
**To delete an internet gateway**
The following `delete-internet-gateway` example deletes the specified internet gateway.
```
aws ec2 delete-internet-gateway \
--internet-gateway-id igw-0d0fb496b3EXAMPLE
```
This command produces no output.
For more information, see [Internet gateways](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html) in the *Amazon VPC User Guide*.
+ For API details, see [DeleteInternetGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-internet-gateway.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified Internet gateway. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2InternetGateway (DeleteInternetGateway)" on Target "igw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteInternetGateway](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified Internet gateway. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2InternetGateway (DeleteInternetGateway)" on Target "igw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteInternetGateway](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteKeyPair` with an AWS SDK or CLI
The following code examples show how to use `DeleteKeyPair`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Creating an Amazon ECS service for the EC2 launch type](example_ecs_GettingStarted_018_section.md)
+ [Get started with Marketplace Buyer](example_ec2_GettingStarted_030_section.md)
+ [Getting started with Amazon EC2](example_ec2_GettingStarted_013_section.md)
+ [Getting started with Amazon MSK](example_ec2_GettingStarted_057_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples).
```
///
/// Delete an Amazon EC2 key pair.
///
/// The name of the key pair to delete.
/// A Boolean value indicating the success of the action.
public async Task DeleteKeyPair(string keyPairName)
{
try
{
await _amazonEC2.DeleteKeyPairAsync(new DeleteKeyPairRequest(keyPairName)).ConfigureAwait(false);
return true;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidKeyPair.NotFound")
{
_logger.LogError($"KeyPair {keyPairName} does not exist and cannot be deleted. Please verify the key pair name and try again.");
}
return false;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't delete the key pair because: {ex.Message}");
return false;
}
}
///
/// Delete the temporary file where the key pair information was saved.
///
/// The path to the temporary file.
public void DeleteTempFile(string tempFileName)
{
if (File.Exists(tempFileName))
{
File.Delete(tempFileName);
}
}
```
+ For API details, see [DeleteKeyPair](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DeleteKeyPair) in *AWS SDK for .NET API Reference*.
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# function ec2_delete_keypair
#
# This function deletes an Amazon EC2 ED25519 or 2048-bit RSA key pair.
#
# Parameters:
# -n key_pair_name - A key pair name.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_delete_keypair() {
local key_pair_name response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_delete_keypair"
echo "Deletes an Amazon EC2 ED25519 or 2048-bit RSA key pair."
echo " -n key_pair_name - A key pair name."
echo ""
}
# Retrieve the calling parameters.
while getopts "n:h" option; do
case "${option}" in
n) key_pair_name="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$key_pair_name" ]]; then
errecho "ERROR: You must provide a key pair name with the -n parameter."
usage
return 1
fi
response=$(aws ec2 delete-key-pair \
--key-name "$key_pair_name") || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports delete-key-pair operation failed.$response"
return 1
}
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [DeleteKeyPair](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DeleteKeyPair) in *AWS CLI Command Reference*.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! Delete an Amazon Elastic Compute Cloud (Amazon EC2) instance key pair.
/*!
\param keyPairName: A name for a key pair.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::deleteKeyPair(const Aws::String &keyPairName,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DeleteKeyPairRequest request;
request.SetKeyName(keyPairName);
const Aws::EC2::Model::DeleteKeyPairOutcome outcome = ec2Client.DeleteKeyPair(
request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to delete key pair " << keyPairName <<
":" << outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully deleted key pair named " << keyPairName <<
std::endl;
}
return outcome.IsSuccess();
}
```
+ For API details, see [DeleteKeyPair](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DeleteKeyPair) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**To delete a key pair**
The following `delete-key-pair` example deletes the specified key pair.
```
aws ec2 delete-key-pair \
--key-name my-key-pair
```
Output:
```
{
"Return": true,
"KeyPairId": "key-03c8d3aceb53b507"
}
```
For more information, see [Create and delete key pairs](https://docs.aws.amazon.com/cli/latest/userguide/cli-ec2-keypairs.html) in the *AWS Command Line Interface User Guide*.
+ For API details, see [DeleteKeyPair](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-key-pair.html) in *AWS CLI Command Reference*.
------
#### [ Java ]
**SDK for Java 2.x**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples).
```
/**
* Deletes a key pair asynchronously.
*
* @param keyPair the name of the key pair to delete
* @return a {@link CompletableFuture} that represents the result of the asynchronous operation.
* The {@link CompletableFuture} will complete with a {@link DeleteKeyPairResponse} object
* that provides the result of the key pair deletion operation.
*/
public CompletableFuture deleteKeysAsync(String keyPair) {
DeleteKeyPairRequest request = DeleteKeyPairRequest.builder()
.keyName(keyPair)
.build();
// Initiate the asynchronous request to delete the key pair.
CompletableFuture response = getAsyncClient().deleteKeyPair(request);
return response.whenComplete((resp, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to delete key pair: " + keyPair, ex);
} else if (resp == null) {
throw new RuntimeException("No response received for deleting key pair: " + keyPair);
}
});
}
```
+ For API details, see [DeleteKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteKeyPair) in *AWS SDK for Java 2.x API Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { DeleteKeyPairCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Deletes the specified key pair, by removing the public key from Amazon EC2.
* @param {{ keyName: string }} options
*/
export const main = async ({ keyName }) => {
const client = new EC2Client({});
const command = new DeleteKeyPairCommand({
KeyName: keyName,
});
try {
await client.send(command);
console.log("Successfully deleted key pair.");
} catch (caught) {
if (caught instanceof Error && caught.name === "MissingParameter") {
console.warn(`${caught.message}. Did you provide the required value?`);
} else {
throw caught;
}
}
};
```
+ For API details, see [DeleteKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteKeyPairCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
suspend fun deleteKeys(keyPair: String?) {
val request =
DeleteKeyPairRequest {
keyName = keyPair
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteKeyPair(request)
println("Successfully deleted key pair named $keyPair")
}
}
```
+ For API details, see [DeleteKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html) in *AWS SDK for Kotlin API reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified key pair. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2KeyPair -KeyName my-key-pair
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2KeyPair (DeleteKeyPair)" on Target "my-key-pair".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteKeyPair](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified key pair. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2KeyPair -KeyName my-key-pair
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2KeyPair (DeleteKeyPair)" on Target "my-key-pair".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteKeyPair](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def delete(self, key_name: str) -> bool:
"""
Deletes a key pair by its name.
:param key_name: The name of the key pair to delete.
:return: A boolean indicating whether the deletion was successful.
:raises ClientError: If there is an error in deleting the key pair, for example,
if the key pair does not exist.
"""
try:
self.ec2_client.delete_key_pair(KeyName=key_name)
logger.info(f"Successfully deleted key pair: {key_name}")
self.key_pair = None
return True
except self.ec2_client.exceptions.ClientError as err:
logger.error(f"Deletion failed for key pair: {key_name}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidKeyPair.NotFound":
logger.error(
f"The key pair '{key_name}' does not exist and cannot be deleted. "
"Please verify the key pair name and try again."
)
raise
```
+ For API details, see [DeleteKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteKeyPair) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
Wrapper around delete\$1key that also removes the backing private PEM key.
```
pub async fn delete(self, ec2: &EC2, util: &Util) -> Result<(), EC2Error> {
if let Some(key_name) = self.key_pair.key_name() {
ec2.delete_key_pair(key_name).await?;
if let Some(key_path) = self.key_file_path() {
if let Err(err) = util.remove(key_path) {
eprintln!("Failed to remove {key_path:?} ({err:?})");
}
}
}
Ok(())
}
```
```
pub async fn delete_key_pair(&self, key_name: &str) -> Result<(), EC2Error> {
let key_name: String = key_name.into();
tracing::info!("Deleting key pair {key_name}");
self.client
.delete_key_pair()
.key_name(key_name)
.send()
.await?;
Ok(())
}
```
+ For API details, see [DeleteKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_key_pair) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
lo_ec2->deletekeypair( iv_keyname = iv_key_name ).
MESSAGE 'Amazon EC2 key pair deleted.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [DeleteKeyPair](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
```
import AWSEC2
/// Delete an EC2 key pair.
///
/// - Parameter keyPair: The name of the key pair to delete.
///
/// - Returns: `true` if the key pair is deleted successfully; otherwise
/// `false`.
func deleteKeyPair(keyPair: String) async -> Bool {
do {
_ = try await ec2Client.deleteKeyPair(
input: DeleteKeyPairInput(
keyName: keyPair
)
)
return true
} catch {
print("*** Error deleting the key pair: \(error.localizedDescription)")
return false
}
}
```
+ For API details, see [DeleteKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletekeypair(input:)) in *AWS SDK for Swift API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteLaunchTemplate` with an AWS SDK or CLI
The following code examples show how to use `DeleteLaunchTemplate`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Build and manage a resilient service](example_cross_ResilientService_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples).
```
///
/// Delete a launch template by name.
///
/// The name of the template to delete.
/// Async task.
public async Task DeleteTemplateByName(string templateName)
{
try
{
await _amazonEc2.DeleteLaunchTemplateAsync(
new DeleteLaunchTemplateRequest()
{
LaunchTemplateName = templateName
});
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidLaunchTemplateName.NotFoundException")
{
_logger.LogError(
$"Could not delete the template, the name {_launchTemplateName} was not found.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while deleting the template.: {ex.Message}");
throw;
}
}
```
+ For API details, see [DeleteLaunchTemplate](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DeleteLaunchTemplate) in *AWS SDK for .NET API Reference*.
------
#### [ CLI ]
**AWS CLI**
**To delete a launch template**
This example deletes the specified launch template.
Command:
```
aws ec2 delete-launch-template --launch-template-id lt-0abcd290751193123
```
Output:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 2,
"LaunchTemplateId": "lt-0abcd290751193123",
"LaunchTemplateName": "TestTemplate",
"DefaultVersionNumber": 2,
"CreatedBy": "arn:aws:iam::123456789012:root",
"CreateTime": "2017-11-23T16:46:25.000Z"
}
}
```
+ For API details, see [DeleteLaunchTemplate](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-launch-template.html) in *AWS CLI Command Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cross-services/wkflw-resilient-service#code-examples).
```
await client.send(
new DeleteLaunchTemplateCommand({
LaunchTemplateName: NAMES.launchTemplateName,
}),
);
```
+ For API details, see [DeleteLaunchTemplate](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteLaunchTemplateCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def delete_template(self):
"""
Deletes a launch template.
"""
try:
self.ec2_client.delete_launch_template(
LaunchTemplateName=self.launch_template_name
)
self.delete_instance_profile(
self.instance_profile_name, self.instance_role_name
)
log.info("Launch template %s deleted.", self.launch_template_name)
except ClientError as err:
if (
err.response["Error"]["Code"]
== "InvalidLaunchTemplateName.NotFoundException"
):
log.info(
"Launch template %s does not exist, nothing to do.",
self.launch_template_name,
)
log.error(f"Full error:\n\t{err}")
```
+ For API details, see [DeleteLaunchTemplate](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteLaunchTemplate) in *AWS SDK for Python (Boto3) API Reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteNetworkAcl` with a CLI
The following code examples show how to use `DeleteNetworkAcl`.
------
#### [ CLI ]
**AWS CLI**
**To delete a network ACL**
This example deletes the specified network ACL. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-network-acl --network-acl-id acl-5fb85d36
```
+ For API details, see [DeleteNetworkAcl](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-network-acl.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified network ACL. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2NetworkAcl -NetworkAclId acl-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAcl (DeleteNetworkAcl)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteNetworkAcl](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified network ACL. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2NetworkAcl -NetworkAclId acl-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAcl (DeleteNetworkAcl)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteNetworkAcl](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteNetworkAclEntry` with a CLI
The following code examples show how to use `DeleteNetworkAclEntry`.
------
#### [ CLI ]
**AWS CLI**
**To delete a network ACL entry**
This example deletes ingress rule number 100 from the specified network ACL. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 100
```
+ For API details, see [DeleteNetworkAclEntry](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-network-acl-entry.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example removes the specified rule from the specified network ACL. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAclEntry (DeleteNetworkAclEntry)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteNetworkAclEntry](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example removes the specified rule from the specified network ACL. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAclEntry (DeleteNetworkAclEntry)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteNetworkAclEntry](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteNetworkInterface` with a CLI
The following code examples show how to use `DeleteNetworkInterface`.
------
#### [ CLI ]
**AWS CLI**
**To delete a network interface**
This example deletes the specified network interface. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-network-interface --network-interface-id eni-e5aa89a3
```
+ For API details, see [DeleteNetworkInterface](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-network-interface.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified network interface. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2NetworkInterface -NetworkInterfaceId eni-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkInterface (DeleteNetworkInterface)" on Target "eni-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteNetworkInterface](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified network interface. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2NetworkInterface -NetworkInterfaceId eni-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkInterface (DeleteNetworkInterface)" on Target "eni-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteNetworkInterface](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeletePlacementGroup` with a CLI
The following code examples show how to use `DeletePlacementGroup`.
------
#### [ CLI ]
**AWS CLI**
**To delete a placement group**
This example command deletes the specified placement group.
Command:
```
aws ec2 delete-placement-group --group-name my-cluster
```
+ For API details, see [DeletePlacementGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-placement-group.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified placement group. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2PlacementGroup -GroupName my-placement-group
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2PlacementGroup (DeletePlacementGroup)" on Target "my-placement-group".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeletePlacementGroup](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified placement group. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2PlacementGroup -GroupName my-placement-group
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2PlacementGroup (DeletePlacementGroup)" on Target "my-placement-group".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeletePlacementGroup](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteRoute` with a CLI
The following code examples show how to use `DeleteRoute`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Getting started with Amazon VPC Transit Gateway](example_vpc_TransitGatewayGettingStarted_section.md)
------
#### [ CLI ]
**AWS CLI**
**To delete a route**
This example deletes the specified route from the specified route table. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-route --route-table-id rtb-22574640 --destination-cidr-block 0.0.0.0/0
```
+ For API details, see [DeleteRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-route.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified route from the specified route table. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Route (DeleteRoute)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteRoute](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified route from the specified route table. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Route (DeleteRoute)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteRoute](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteRouteTable` with a CLI
The following code examples show how to use `DeleteRouteTable`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
+ [Working with VPC peering connections](example_ec2_GettingStarted_015_section.md)
------
#### [ CLI ]
**AWS CLI**
**To delete a route table**
This example deletes the specified route table. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-route-table --route-table-id rtb-22574640
```
+ For API details, see [DeleteRouteTable](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-route-table.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified route table. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2RouteTable -RouteTableId rtb-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2RouteTable (DeleteRouteTable)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteRouteTable](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified route table. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2RouteTable -RouteTableId rtb-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2RouteTable (DeleteRouteTable)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteRouteTable](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteSecurityGroup` with an AWS SDK or CLI
The following code examples show how to use `DeleteSecurityGroup`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
+ [Configure Amazon ECS Service Connect](example_ecs_ServiceConnect_085_section.md)
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Create an Amazon ECS Linux task for the Fargate launch type](example_ecs_GettingStarted_086_section.md)
+ [Creating an Amazon ECS service for the EC2 launch type](example_ecs_GettingStarted_018_section.md)
+ [Creating an Amazon RDS DB instance](example_rds_GettingStarted_036_section.md)
+ [Creating and managing Amazon EBS volumes](example_ec2_GettingStarted_020_section.md)
+ [Get started with Marketplace Buyer](example_ec2_GettingStarted_030_section.md)
+ [Getting started with Amazon EC2](example_ec2_GettingStarted_013_section.md)
+ [Getting started with Amazon MSK](example_ec2_GettingStarted_057_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [Getting started with Elastic Load Balancing](example_elastic_load_balancing_v2_GettingStarted_058_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples).
```
///
/// Delete an Amazon EC2 security group.
///
/// The name of the group to delete.
/// A Boolean value indicating the success of the action.
public async Task DeleteSecurityGroup(string groupId)
{
try
{
var response =
await _amazonEC2.DeleteSecurityGroupAsync(
new DeleteSecurityGroupRequest { GroupId = groupId });
return response.HttpStatusCode == HttpStatusCode.OK;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidGroup.NotFound")
{
_logger.LogError(
$"Security Group {groupId} does not exist and cannot be deleted. Please verify the ID and try again.");
}
return false;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't delete the security group because: {ex.Message}");
return false;
}
}
```
+ For API details, see [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DeleteSecurityGroup) in *AWS SDK for .NET API Reference*.
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# function ec2_delete_security_group
#
# This function deletes an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Parameters:
# -i security_group_id - The ID of the security group to delete.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_delete_security_group() {
local security_group_id response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_delete_security_group"
echo "Deletes an Amazon Elastic Compute Cloud (Amazon EC2) security group."
echo " -i security_group_id - The ID of the security group to delete."
echo ""
}
# Retrieve the calling parameters.
while getopts "i:h" option; do
case "${option}" in
i) security_group_id="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$security_group_id" ]]; then
errecho "ERROR: You must provide a security group ID with the -i parameter."
usage
return 1
fi
response=$(aws ec2 delete-security-group --group-id "$security_group_id" --output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports delete-security-group operation failed.$response"
return 1
}
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DeleteSecurityGroup) in *AWS CLI Command Reference*.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! Delete a security group.
/*!
\param securityGroupID: A security group ID.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::deleteSecurityGroup(const Aws::String &securityGroupID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DeleteSecurityGroupRequest request;
request.SetGroupId(securityGroupID);
Aws::EC2::Model::DeleteSecurityGroupOutcome outcome = ec2Client.DeleteSecurityGroup(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to delete security group " << securityGroupID <<
":" << outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully deleted security group " << securityGroupID <<
std::endl;
}
return outcome.IsSuccess();
}
```
+ For API details, see [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DeleteSecurityGroup) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**[EC2-Classic] To delete a security group**
This example deletes the security group named `MySecurityGroup`. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-security-group --group-name MySecurityGroup
```
**[EC2-VPC] To delete a security group**
This example deletes the security group with the ID `sg-903004f8`. Note that you can't reference a security group for EC2-VPC by name. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-security-group --group-id sg-903004f8
```
For more information, see Using Security Groups in the *AWS Command Line Interface User Guide*.
+ For API details, see [DeleteSecurityGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-security-group.html) in *AWS CLI Command Reference*.
------
#### [ Java ]
**SDK for Java 2.x**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples).
```
/**
* Deletes an EC2 security group asynchronously.
*
* @param groupId the ID of the security group to delete
* @return a CompletableFuture that completes when the security group is deleted
*/
public CompletableFuture deleteEC2SecGroupAsync(String groupId) {
DeleteSecurityGroupRequest request = DeleteSecurityGroupRequest.builder()
.groupId(groupId)
.build();
CompletableFuture response = getAsyncClient().deleteSecurityGroup(request);
return response.whenComplete((resp, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to delete security group with Id " + groupId, ex);
} else if (resp == null) {
throw new RuntimeException("No response received for deleting security group with Id " + groupId);
}
}).thenApply(resp -> null);
}
```
+ For API details, see [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteSecurityGroup) in *AWS SDK for Java 2.x API Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { DeleteSecurityGroupCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Deletes a security group.
* @param {{ groupId: string }} options
*/
export const main = async ({ groupId }) => {
const client = new EC2Client({});
const command = new DeleteSecurityGroupCommand({
GroupId: groupId,
});
try {
await client.send(command);
console.log("Security group deleted successfully.");
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidGroupId.Malformed") {
console.warn(`${caught.message}. Please provide a valid GroupId.`);
} else {
throw caught;
}
}
};
```
+ For API details, see [DeleteSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteSecurityGroupCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
suspend fun deleteEC2SecGroup(groupIdVal: String) {
val request =
DeleteSecurityGroupRequest {
groupId = groupIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteSecurityGroup(request)
println("Successfully deleted Security Group with id $groupIdVal")
}
}
```
+ For API details, see [DeleteSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html) in *AWS SDK for Kotlin API reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified security group for EC2-VPC. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2SecurityGroup -GroupId sg-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SecurityGroup (DeleteSecurityGroup)" on Target "sg-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
**Example 2: This example deletes the specified security group for EC2-Classic.**
```
Remove-EC2SecurityGroup -GroupName my-security-group -Force
```
+ For API details, see [DeleteSecurityGroup](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified security group for EC2-VPC. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2SecurityGroup -GroupId sg-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SecurityGroup (DeleteSecurityGroup)" on Target "sg-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
**Example 2: This example deletes the specified security group for EC2-Classic.**
```
Remove-EC2SecurityGroup -GroupName my-security-group -Force
```
+ For API details, see [DeleteSecurityGroup](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def delete(self, security_group_id: str) -> bool:
"""
Deletes the specified security group.
:param security_group_id: The ID of the security group to delete. Required.
:returns: True if the deletion is successful.
:raises ClientError: If the security group cannot be deleted due to an AWS service error.
"""
try:
self.ec2_client.delete_security_group(GroupId=security_group_id)
logger.info(f"Successfully deleted security group '{security_group_id}'")
return True
except ClientError as err:
logger.error(f"Deletion failed for security group '{security_group_id}'")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidGroup.NotFound":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it does not exist."
)
elif error_code == "DependencyViolation":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it is still in use."
" Verify that it is:"
"\n\t- Detached from resources"
"\n\t- Removed from references in other groups"
"\n\t- Removed from VPC's as a default group"
)
raise
```
+ For API details, see [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteSecurityGroup) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
```
pub async fn delete_security_group(&self, group_id: &str) -> Result<(), EC2Error> {
tracing::info!("Deleting security group {group_id}");
self.client
.delete_security_group()
.group_id(group_id)
.send()
.await?;
Ok(())
}
```
+ For API details, see [DeleteSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_security_group) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
lo_ec2->deletesecuritygroup( iv_groupid = iv_security_group_id ).
MESSAGE 'Security group deleted.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [DeleteSecurityGroup](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
```
import AWSEC2
/// Delete a security group.
///
/// - Parameter groupId: The ID of the security group to delete.
///
/// - Returns: `true` on successful deletion; `false` on error.
func deleteSecurityGroup(groupId: String) async -> Bool {
do {
_ = try await ec2Client.deleteSecurityGroup(
input: DeleteSecurityGroupInput(
groupId: groupId
)
)
return true
} catch {
print("*** Error deleting the security group: \(error.localizedDescription)")
return false
}
}
```
+ For API details, see [DeleteSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletesecuritygroup(input:)) in *AWS SDK for Swift API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteSnapshot` with an AWS SDK or CLI
The following code examples show how to use `DeleteSnapshot`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Working with Amazon EBS encryption, snapshots, and volume initialization](example_ec2_GettingStarted_022_section.md)
------
#### [ CLI ]
**AWS CLI**
**To delete a snapshot**
This example command deletes a snapshot with the snapshot ID of `snap-1234567890abcdef0`. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-snapshot --snapshot-id snap-1234567890abcdef0
```
+ For API details, see [DeleteSnapshot](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-snapshot.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified snapshot. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2Snapshot -SnapshotId snap-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Snapshot (DeleteSnapshot)" on target "snap-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteSnapshot](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified snapshot. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2Snapshot -SnapshotId snap-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Snapshot (DeleteSnapshot)" on target "snap-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteSnapshot](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ebs#code-examples).
```
async fn delete_snapshot(client: &Client, id: &str) -> Result<(), Error> {
client.delete_snapshot().snapshot_id(id).send().await?;
println!("Deleted");
Ok(())
}
```
+ For API details, see [DeleteSnapshot](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_snapshot) in *AWS SDK for Rust API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteSpotDatafeedSubscription` with a CLI
The following code examples show how to use `DeleteSpotDatafeedSubscription`.
------
#### [ CLI ]
**AWS CLI**
**To cancel a Spot Instance data feed subscription**
This example command deletes a Spot data feed subscription for the account. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-spot-datafeed-subscription
```
+ For API details, see [DeleteSpotDatafeedSubscription](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-spot-datafeed-subscription.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes your Spot instance data feed. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2SpotDatafeedSubscription
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SpotDatafeedSubscription (DeleteSpotDatafeedSubscription)" on Target "".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes your Spot instance data feed. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2SpotDatafeedSubscription
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SpotDatafeedSubscription (DeleteSpotDatafeedSubscription)" on Target "".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteSubnet` with a CLI
The following code examples show how to use `DeleteSubnet`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
+ [Working with VPC peering connections](example_ec2_GettingStarted_015_section.md)
------
#### [ CLI ]
**AWS CLI**
**To delete a subnet**
This example deletes the specified subnet. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-subnet --subnet-id subnet-9d4a7b6c
```
+ For API details, see [DeleteSubnet](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-subnet.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified subnet. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2Subnet -SubnetId subnet-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Subnet (DeleteSubnet)" on Target "subnet-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteSubnet](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified subnet. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2Subnet -SubnetId subnet-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Subnet (DeleteSubnet)" on Target "subnet-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteSubnet](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteTags` with a CLI
The following code examples show how to use `DeleteTags`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To delete a tag from a resource**
The following `delete-tags` example deletes the tag `Stack=Test` from the specified image. When you specify both a value and a key name, the tag is deleted only if the tag's value matches the specified value.
```
aws ec2 delete-tags \
--resources ami-1234567890abcdef0 \
--tags Key=Stack,Value=Test
```
It's optional to specify the value for a tag. The following `delete-tags` example deletes the tag with the key name `purpose` from the specified instance, regardless of the tag value for the tag.
```
aws ec2 delete-tags \
--resources i-1234567890abcdef0 \
--tags Key=purpose
```
If you specify the empty string as the tag value, the tag is deleted only if the tag's value is the empty string. The following `delete-tags` example specifies the empty string as the tag value for the tag to delete.
```
aws ec2 delete-tags \
--resources i-1234567890abcdef0 \
--tags Key=Name,Value=
```
**Example 2: To delete a tag from multiple resources**
The following `delete-tags` example deletes the tag``Purpose=Test`` from both an instance and an AMI. As shown in the previous example, you can omit the tag value from the command.
```
aws ec2 delete-tags \
--resources i-1234567890abcdef0 ami-1234567890abcdef0 \
--tags Key=Purpose
```
+ For API details, see [DeleteTags](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-tags.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified tag from the specified resource, regardless of the tag value. The syntax used by this example requires PowerShell version 3 or later.**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag" } -Force
```
**Example 2: This example deletes the specified tag from the specified resource, but only if the tag value matches. The syntax used by this example requires PowerShell version 3 or later.**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag";Value="myTagValue" } -Force
```
**Example 3: This example deletes the specified tag from the specified resource, regardless of the tag value.**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
**Example 4: This example deletes the specified tag from the specified resource, but only if the tag value matches.**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
+ For API details, see [DeleteTags](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified tag from the specified resource, regardless of the tag value. The syntax used by this example requires PowerShell version 3 or later.**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag" } -Force
```
**Example 2: This example deletes the specified tag from the specified resource, but only if the tag value matches. The syntax used by this example requires PowerShell version 3 or later.**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag";Value="myTagValue" } -Force
```
**Example 3: This example deletes the specified tag from the specified resource, regardless of the tag value.**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
**Example 4: This example deletes the specified tag from the specified resource, but only if the tag value matches.**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
+ For API details, see [DeleteTags](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteVolume` with a CLI
The following code examples show how to use `DeleteVolume`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Creating and managing Amazon EBS volumes](example_ec2_GettingStarted_020_section.md)
+ [Working with Amazon EBS encryption, snapshots, and volume initialization](example_ec2_GettingStarted_022_section.md)
------
#### [ CLI ]
**AWS CLI**
**To delete a volume**
This example command deletes an available volume with the volume ID of `vol-049df61146c4d7901`. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-volume --volume-id vol-049df61146c4d7901
```
+ For API details, see [DeleteVolume](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-volume.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example detaches the specified volume. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2Volume -VolumeId vol-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Volume (DeleteVolume)" on target "vol-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteVolume](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example detaches the specified volume. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2Volume -VolumeId vol-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Volume (DeleteVolume)" on target "vol-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteVolume](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteVpc` with an AWS SDK or CLI
The following code examples show how to use `DeleteVpc`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [VPC with IPAM](example_vpc_GettingStartedIpam_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
+ [Working with VPC peering connections](example_ec2_GettingStarted_015_section.md)
------
#### [ CLI ]
**AWS CLI**
**To delete a VPC**
This example deletes the specified VPC. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-vpc --vpc-id vpc-a01106c2
```
+ For API details, see [DeleteVpc](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpc.html) in *AWS CLI Command Reference*.
------
#### [ PHP ]
**SDK for PHP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples).
```
/**
* @param string $vpcId
* @return void
*/
public function deleteVpc(string $vpcId)
{
try {
$this->ec2Client->deleteVpc([
"VpcId" => $vpcId,
]);
}catch(Ec2Exception $caught){
echo "There was a problem deleting the VPC: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ For API details, see [DeleteVpc](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/DeleteVpc) in *AWS SDK for PHP API Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified VPC. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2Vpc -VpcId vpc-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Vpc (DeleteVpc)" on Target "vpc-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteVpc](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified VPC. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2Vpc -VpcId vpc-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Vpc (DeleteVpc)" on Target "vpc-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteVpc](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def delete(self, vpc_id: str) -> None:
"""
Deletes the specified VPC.
:param vpc_id: The ID of the VPC to delete.
"""
try:
self.ec2_client.delete_vpc(VpcId=vpc_id)
except ClientError as err:
logger.error(
"Couldn't delete VPC %s. Here's why: %s: %s",
vpc_id,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
```
+ For API details, see [DeleteVpc](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteVpc) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
lo_ec2->deletevpc( iv_vpcid = iv_vpc_id ).
MESSAGE 'Deleted VPC.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [DeleteVpc](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteVpcEndpoints` with an AWS SDK or CLI
The following code examples show how to use `DeleteVpcEndpoints`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ CLI ]
**AWS CLI**
**To delete an endpoint**
This example deletes endpoints vpce-aa22bb33 and vpce-1a2b3c4d. If the command is partially successful or unsuccessful, a list of unsuccessful items is returned. If the command succeeds, the returned list is empty.
Command:
```
aws ec2 delete-vpc-endpoints --vpc-endpoint-ids vpce-aa22bb33 vpce-1a2b3c4d
```
Output:
```
{
"Unsuccessful": []
}
```
+ For API details, see [DeleteVpcEndpoints](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpc-endpoints.html) in *AWS CLI Command Reference*.
------
#### [ PHP ]
**SDK for PHP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples).
```
/**
* @param string $vpcEndpointId
* @return void
*/
public function deleteVpcEndpoint(string $vpcEndpointId)
{
try {
$this->ec2Client->deleteVpcEndpoints([
"VpcEndpointIds" => [$vpcEndpointId],
]);
}catch (Ec2Exception $caught){
echo "There was a problem deleting the VPC Endpoint: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ For API details, see [DeleteVpcEndpoints](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/DeleteVpcEndpoints) in *AWS SDK for PHP API Reference*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def delete_vpc_endpoints(self, vpc_endpoint_ids: list[str]) -> None:
"""
Deletes the specified VPC endpoints.
:param vpc_endpoint_ids: A list of IDs of the VPC endpoints to delete.
"""
try:
self.ec2_client.delete_vpc_endpoints(VpcEndpointIds=vpc_endpoint_ids)
except ClientError as err:
logger.error(
"Couldn't delete VPC endpoints %s. Here's why: %s: %s",
vpc_endpoint_ids,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
```
+ For API details, see [DeleteVpcEndpoints](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteVpcEndpoints) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
lo_ec2->deletevpcendpoints( it_vpcendpointids = it_vpc_endpoint_ids ).
MESSAGE 'Deleted VPC endpoint(s).' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [DeleteVpcEndpoints](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteVpnConnection` with a CLI
The following code examples show how to use `DeleteVpnConnection`.
------
#### [ CLI ]
**AWS CLI**
**To delete a VPN connection**
This example deletes the specified VPN connection. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-vpn-connection --vpn-connection-id vpn-40f41529
```
+ For API details, see [DeleteVpnConnection](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpn-connection.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified VPN connection. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2VpnConnection -VpnConnectionId vpn-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnection (DeleteVpnConnection)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteVpnConnection](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified VPN connection. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2VpnConnection -VpnConnectionId vpn-12345678
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnection (DeleteVpnConnection)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteVpnConnection](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteVpnConnectionRoute` with a CLI
The following code examples show how to use `DeleteVpnConnectionRoute`.
------
#### [ CLI ]
**AWS CLI**
**To delete a static route from a VPN connection**
This example deletes the specified static route from the specified VPN connection. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-vpn-connection-route --vpn-connection-id vpn-40f41529 --destination-cidr-block 11.12.0.0/16
```
+ For API details, see [DeleteVpnConnectionRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpn-connection-route.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example removes the specified static route from the specified VPN connection. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnectionRoute (DeleteVpnConnectionRoute)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example removes the specified static route from the specified VPN connection. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnectionRoute (DeleteVpnConnectionRoute)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeleteVpnGateway` with a CLI
The following code examples show how to use `DeleteVpnGateway`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Get started with Aws Direct Connect](example_directconnect_GettingStarted_051_section.md)
------
#### [ CLI ]
**AWS CLI**
**To delete a virtual private gateway**
This example deletes the specified virtual private gateway. If the command succeeds, no output is returned.
Command:
```
aws ec2 delete-vpn-gateway --vpn-gateway-id vgw-9a4cacf3
```
+ For API details, see [DeleteVpnGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpn-gateway.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deletes the specified virtual private gateway. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnGateway (DeleteVpnGateway)" on Target "vgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteVpnGateway](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deletes the specified virtual private gateway. You are prompted for confirmation before the operation proceeds, unless you also specify the Force parameter.**
```
Remove-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d
```
**Output:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnGateway (DeleteVpnGateway)" on Target "vgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ For API details, see [DeleteVpnGateway](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DeregisterImage` with a CLI
The following code examples show how to use `DeregisterImage`.
------
#### [ CLI ]
**AWS CLI**
**To deregister an AMI**
This example deregisters the specified AMI. If the command succeeds, no output is returned.
Command:
```
aws ec2 deregister-image --image-id ami-4fa54026
```
+ For API details, see [DeregisterImage](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/deregister-image.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example deregisters the specified AMI.**
```
Unregister-EC2Image -ImageId ami-12345678
```
+ For API details, see [DeregisterImage](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example deregisters the specified AMI.**
```
Unregister-EC2Image -ImageId ami-12345678
```
+ For API details, see [DeregisterImage](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeAccountAttributes` with a CLI
The following code examples show how to use `DescribeAccountAttributes`.
------
#### [ CLI ]
**AWS CLI**
**To describe all the attributes for your AWS account**
This example describes the attributes for your AWS account.
Command:
```
aws ec2 describe-account-attributes
```
Output:
```
{
"AccountAttributes": [
{
"AttributeName": "vpc-max-security-groups-per-interface",
"AttributeValues": [
{
"AttributeValue": "5"
}
]
},
{
"AttributeName": "max-instances",
"AttributeValues": [
{
"AttributeValue": "20"
}
]
},
{
"AttributeName": "supported-platforms",
"AttributeValues": [
{
"AttributeValue": "EC2"
},
{
"AttributeValue": "VPC"
}
]
},
{
"AttributeName": "default-vpc",
"AttributeValues": [
{
"AttributeValue": "none"
}
]
},
{
"AttributeName": "max-elastic-ips",
"AttributeValues": [
{
"AttributeValue": "5"
}
]
},
{
"AttributeName": "vpc-max-elastic-ips",
"AttributeValues": [
{
"AttributeValue": "5"
}
]
}
]
}
```
**To describe a single attribute for your AWS account**
This example describes the `supported-platforms` attribute for your AWS account.
Command:
```
aws ec2 describe-account-attributes --attribute-names supported-platforms
```
Output:
```
{
"AccountAttributes": [
{
"AttributeName": "supported-platforms",
"AttributeValues": [
{
"AttributeValue": "EC2"
},
{
"AttributeValue": "VPC"
}
]
}
]
}
```
+ For API details, see [DescribeAccountAttributes](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-account-attributes.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes whether you can launch instances into EC2-Classic and EC2-VPC in the region, or only into EC2-VPC.**
```
(Get-EC2AccountAttribute -AttributeName supported-platforms).AttributeValues
```
**Output:**
```
AttributeValue
--------------
EC2
VPC
```
**Example 2: This example describes your default VPC, or is 'none' if you do not have a default VPC in the region.**
```
(Get-EC2AccountAttribute -AttributeName default-vpc).AttributeValues
```
**Output:**
```
AttributeValue
--------------
vpc-12345678
```
**Example 3: This example describes the maximum number of On-Demand instances that you can run.**
```
(Get-EC2AccountAttribute -AttributeName max-instances).AttributeValues
```
**Output:**
```
AttributeValue
--------------
20
```
+ For API details, see [DescribeAccountAttributes](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes whether you can launch instances into EC2-Classic and EC2-VPC in the region, or only into EC2-VPC.**
```
(Get-EC2AccountAttribute -AttributeName supported-platforms).AttributeValues
```
**Output:**
```
AttributeValue
--------------
EC2
VPC
```
**Example 2: This example describes your default VPC, or is 'none' if you do not have a default VPC in the region.**
```
(Get-EC2AccountAttribute -AttributeName default-vpc).AttributeValues
```
**Output:**
```
AttributeValue
--------------
vpc-12345678
```
**Example 3: This example describes the maximum number of On-Demand instances that you can run.**
```
(Get-EC2AccountAttribute -AttributeName max-instances).AttributeValues
```
**Output:**
```
AttributeValue
--------------
20
```
+ For API details, see [DescribeAccountAttributes](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeAddresses` with an AWS SDK or CLI
The following code examples show how to use `DescribeAddresses`.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! Describe all Elastic IP addresses.
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::describeAddresses(
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeAddressesRequest request;
Aws::EC2::Model::DescribeAddressesOutcome outcome = ec2Client.DescribeAddresses(request);
if (outcome.IsSuccess()) {
std::cout << std::left << std::setw(20) << "InstanceId" <<
std::setw(15) << "Public IP" << std::setw(10) << "Domain" <<
std::setw(30) << "Allocation ID" << std::setw(25) <<
"NIC ID" << std::endl;
const Aws::Vector &addresses = outcome.GetResult().GetAddresses();
for (const auto &address: addresses) {
Aws::String domainString =
Aws::EC2::Model::DomainTypeMapper::GetNameForDomainType(
address.GetDomain());
std::cout << std::left << std::setw(20) <<
address.GetInstanceId() << std::setw(15) <<
address.GetPublicIp() << std::setw(10) << domainString <<
std::setw(30) << address.GetAllocationId() << std::setw(25)
<< address.GetNetworkInterfaceId() << std::endl;
}
} else {
std::cerr << "Failed to describe Elastic IP addresses:" <<
outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ For API details, see [DescribeAddresses](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeAddresses) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To retrieve details about all of your Elastic IP addresses**
The following `describe addresses` example displays details about your Elastic IP addresses.
```
aws ec2 describe-addresses
```
Output:
```
{
"Addresses": [
{
"InstanceId": "i-1234567890abcdef0",
"PublicIp": "198.51.100.0",
"PublicIpv4Pool": "amazon",
"Domain": "standard"
},
{
"Domain": "vpc",
"PublicIpv4Pool": "amazon",
"InstanceId": "i-1234567890abcdef0",
"NetworkInterfaceId": "eni-12345678",
"AssociationId": "eipassoc-12345678",
"NetworkInterfaceOwnerId": "123456789012",
"PublicIp": "203.0.113.0",
"AllocationId": "eipalloc-12345678",
"PrivateIpAddress": "10.0.1.241"
}
]
}
```
**Example 2: To retrieve details your Elastic IP addresses for EC2-VPC**
The following `describe-addresses` example displays details about your Elastic IP addresses for use with instances in a VPC.
```
aws ec2 describe-addresses \
--filters "Name=domain,Values=vpc"
```
Output:
```
{
"Addresses": [
{
"Domain": "vpc",
"PublicIpv4Pool": "amazon",
"InstanceId": "i-1234567890abcdef0",
"NetworkInterfaceId": "eni-12345678",
"AssociationId": "eipassoc-12345678",
"NetworkInterfaceOwnerId": "123456789012",
"PublicIp": "203.0.113.0",
"AllocationId": "eipalloc-12345678",
"PrivateIpAddress": "10.0.1.241"
}
]
}
```
**Example 3: To retrieve details about an Elastic IP address specified by allocation ID**
The following `describe-addresses` example displays details about the Elastic IP address with the specified allocation ID, which is associated with an instance in EC2-VPC.
```
aws ec2 describe-addresses \
--allocation-ids eipalloc-282d9641
```
Output:
```
{
"Addresses": [
{
"Domain": "vpc",
"PublicIpv4Pool": "amazon",
"InstanceId": "i-1234567890abcdef0",
"NetworkInterfaceId": "eni-1a2b3c4d",
"AssociationId": "eipassoc-123abc12",
"NetworkInterfaceOwnerId": "1234567891012",
"PublicIp": "203.0.113.25",
"AllocationId": "eipalloc-282d9641",
"PrivateIpAddress": "10.251.50.12"
}
]
}
```
**Example 4: To retrieve details about an Elastic IP address specified by its VPC private IP address**
The following `describe-addresses` example displays details about the Elastic IP address associated with a particular private IP address in EC2-VPC.
```
aws ec2 describe-addresses \
--filters "Name=private-ip-address,Values=10.251.50.12"
```
**Example 5: To retrieve details about Elastic IP addresses in EC2-Classic**
The following `describe-addresses` example displays details about your Elastic IP addresses for use in EC2-Classic.
```
aws ec2 describe-addresses \
--filters "Name=domain,Values=standard"
```
Output:
```
{
"Addresses": [
{
"InstanceId": "i-1234567890abcdef0",
"PublicIp": "203.0.110.25",
"PublicIpv4Pool": "amazon",
"Domain": "standard"
}
]
}
```
**Example 6: To retrieve details about an Elastic IP addresses specified by its public IP address**
The following `describe-addresses` example displays details about the Elastic IP address with the value `203.0.110.25`, which is associated with an instance in EC2-Classic.
```
aws ec2 describe-addresses \
--public-ips 203.0.110.25
```
Output:
```
{
"Addresses": [
{
"InstanceId": "i-1234567890abcdef0",
"PublicIp": "203.0.110.25",
"PublicIpv4Pool": "amazon",
"Domain": "standard"
}
]
}
```
+ For API details, see [DescribeAddresses](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-addresses.html) in *AWS CLI Command Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { DescribeAddressesCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Describes the specified Elastic IP addresses or all of your Elastic IP addresses.
* @param {{ allocationId: string }} options
*/
export const main = async ({ allocationId }) => {
const client = new EC2Client({});
const command = new DescribeAddressesCommand({
// You can omit this property to show all addresses.
AllocationIds: [allocationId],
});
try {
const { Addresses } = await client.send(command);
const addressList = Addresses.map((address) => ` • ${address.PublicIp}`);
console.log("Elastic IP addresses:");
console.log(addressList.join("\n"));
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
console.warn(`${caught.message}. Please provide a valid AllocationId.`);
} else {
throw caught;
}
}
};
```
+ For API details, see [DescribeAddresses](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeAddressesCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the specified Elastic IP address for instances in EC2-Classic.**
```
Get-EC2Address -AllocationId eipalloc-12345678
```
**Output:**
```
AllocationId : eipalloc-12345678
AssociationId : eipassoc-12345678
Domain : vpc
InstanceId : i-87654321
NetworkInterfaceId : eni-12345678
NetworkInterfaceOwnerId : 12345678
PrivateIpAddress : 10.0.2.172
PublicIp : 198.51.100.2
```
**Example 2: This example describes your Elastic IP addresses for instances in a VPC. This syntax requires PowerShell version 3 or later.**
```
Get-EC2Address -Filter @{ Name="domain";Values="vpc" }
```
**Example 3: This example describes the specified Elastic IP address for instances in EC2-Classic.**
```
Get-EC2Address -PublicIp 203.0.113.17
```
**Output:**
```
AllocationId :
AssociationId :
Domain : standard
InstanceId : i-12345678
NetworkInterfaceId :
NetworkInterfaceOwnerId :
PrivateIpAddress :
PublicIp : 203.0.113.17
```
**Example 4: This example describes your Elastic IP addresses for instances in EC2-Classic. This syntax requires PowerShell version 3 or later.**
```
Get-EC2Address -Filter @{ Name="domain";Values="standard" }
```
**Example 5: This example describes all your Elastic IP addresses.**
```
Get-EC2Address
```
**Example 6: This example returns the public and private IP for the instance id provided in filter**
```
Get-EC2Address -Region eu-west-1 -Filter @{Name="instance-id";Values="i-0c12d3f4f567ffb89"} | Select-Object PrivateIpAddress, PublicIp
```
**Output:**
```
PrivateIpAddress PublicIp
---------------- --------
10.0.0.99 63.36.5.227
```
**Example 7: This example retrieves all the Elastic IPs with its allocation id, association id and instance ids**
```
Get-EC2Address -Region eu-west-1 | Select-Object InstanceId, AssociationId, AllocationId, PublicIp
```
**Output:**
```
InstanceId AssociationId AllocationId PublicIp
---------- ------------- ------------ --------
eipalloc-012e3b456789e1fad 17.212.120.178
i-0c123dfd3415bac67 eipassoc-0e123456bb7890bdb eipalloc-01cd23ebf45f7890c 17.212.124.77
eipalloc-012345678eeabcfad 17.212.225.7
i-0123d405c67e89a0c eipassoc-0c123b456783966ba eipalloc-0123cdd456a8f7892 37.216.52.173
i-0f1bf2f34c5678d09 eipassoc-0e12934568a952d96 eipalloc-0e1c23e4d5e6789e4 37.218.222.278
i-012e3cb4df567e8aa eipassoc-0d1b2fa4d67d03810 eipalloc-0123f456f78a01b58 37.210.82.27
i-0123bcf4b567890e1 eipassoc-01d2345f678903fb1 eipalloc-0e1db23cfef5c45c7 37.215.222.270
```
**Example 8: This example fetches list of EC2 IP addresses matching tag key 'Category' with value 'Prod'**
```
Get-EC2Address -Filter @{Name="tag:Category";Values="Prod"}
```
**Output:**
```
AllocationId : eipalloc-0123f456f81a01b58
AssociationId : eipassoc-0d1b23a456d103810
CustomerOwnedIp :
CustomerOwnedIpv4Pool :
Domain : vpc
InstanceId : i-012e3cb4df567e1aa
NetworkBorderGroup : eu-west-1
NetworkInterfaceId : eni-0123f41d5a60d5f40
NetworkInterfaceOwnerId : 123456789012
PrivateIpAddress : 192.168.1.84
PublicIp : 34.250.81.29
PublicIpv4Pool : amazon
Tags : {Category, Name}
```
+ For API details, see [DescribeAddresses](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the specified Elastic IP address for instances in EC2-Classic.**
```
Get-EC2Address -AllocationId eipalloc-12345678
```
**Output:**
```
AllocationId : eipalloc-12345678
AssociationId : eipassoc-12345678
Domain : vpc
InstanceId : i-87654321
NetworkInterfaceId : eni-12345678
NetworkInterfaceOwnerId : 12345678
PrivateIpAddress : 10.0.2.172
PublicIp : 198.51.100.2
```
**Example 2: This example describes your Elastic IP addresses for instances in a VPC. This syntax requires PowerShell version 3 or later.**
```
Get-EC2Address -Filter @{ Name="domain";Values="vpc" }
```
**Example 3: This example describes the specified Elastic IP address for instances in EC2-Classic.**
```
Get-EC2Address -PublicIp 203.0.113.17
```
**Output:**
```
AllocationId :
AssociationId :
Domain : standard
InstanceId : i-12345678
NetworkInterfaceId :
NetworkInterfaceOwnerId :
PrivateIpAddress :
PublicIp : 203.0.113.17
```
**Example 4: This example describes your Elastic IP addresses for instances in EC2-Classic. This syntax requires PowerShell version 3 or later.**
```
Get-EC2Address -Filter @{ Name="domain";Values="standard" }
```
**Example 5: This example describes all your Elastic IP addresses.**
```
Get-EC2Address
```
**Example 6: This example returns the public and private IP for the instance id provided in filter**
```
Get-EC2Address -Region eu-west-1 -Filter @{Name="instance-id";Values="i-0c12d3f4f567ffb89"} | Select-Object PrivateIpAddress, PublicIp
```
**Output:**
```
PrivateIpAddress PublicIp
---------------- --------
10.0.0.99 63.36.5.227
```
**Example 7: This example retrieves all the Elastic IPs with its allocation id, association id and instance ids**
```
Get-EC2Address -Region eu-west-1 | Select-Object InstanceId, AssociationId, AllocationId, PublicIp
```
**Output:**
```
InstanceId AssociationId AllocationId PublicIp
---------- ------------- ------------ --------
eipalloc-012e3b456789e1fad 17.212.120.178
i-0c123dfd3415bac67 eipassoc-0e123456bb7890bdb eipalloc-01cd23ebf45f7890c 17.212.124.77
eipalloc-012345678eeabcfad 17.212.225.7
i-0123d405c67e89a0c eipassoc-0c123b456783966ba eipalloc-0123cdd456a8f7892 37.216.52.173
i-0f1bf2f34c5678d09 eipassoc-0e12934568a952d96 eipalloc-0e1c23e4d5e6789e4 37.218.222.278
i-012e3cb4df567e8aa eipassoc-0d1b2fa4d67d03810 eipalloc-0123f456f78a01b58 37.210.82.27
i-0123bcf4b567890e1 eipassoc-01d2345f678903fb1 eipalloc-0e1db23cfef5c45c7 37.215.222.270
```
**Example 8: This example fetches list of EC2 IP addresses matching tag key 'Category' with value 'Prod'**
```
Get-EC2Address -Filter @{Name="tag:Category";Values="Prod"}
```
**Output:**
```
AllocationId : eipalloc-0123f456f81a01b58
AssociationId : eipassoc-0d1b23a456d103810
CustomerOwnedIp :
CustomerOwnedIpv4Pool :
Domain : vpc
InstanceId : i-012e3cb4df567e1aa
NetworkBorderGroup : eu-west-1
NetworkInterfaceId : eni-0123f41d5a60d5f40
NetworkInterfaceOwnerId : 123456789012
PrivateIpAddress : 192.168.1.84
PublicIp : 34.250.81.29
PublicIpv4Pool : amazon
Tags : {Category, Name}
```
+ For API details, see [DescribeAddresses](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
oo_result = lo_ec2->describeaddresses( ). " oo_result is returned for testing purposes. "
DATA(lt_addresses) = oo_result->get_addresses( ).
MESSAGE 'Retrieved information about Elastic IP addresses.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [DescribeAddresses](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeAvailabilityZones` with an AWS SDK or CLI
The following code examples show how to use `DescribeAvailabilityZones`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Build and manage a resilient service](example_cross_ResilientService_section.md)
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Creating and managing Amazon EBS volumes](example_ec2_GettingStarted_020_section.md)
+ [Getting started with Amazon MSK](example_ec2_GettingStarted_057_section.md)
+ [Getting started with Amazon Neptune](example_ec2_GettingStarted_064_section.md)
+ [Getting started with Amazon VPC Transit Gateway](example_vpc_TransitGatewayGettingStarted_section.md)
+ [Getting started with Elemental MediaConnect](example_mediaconnect_GettingStarted_081_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
+ [Working with Amazon EBS encryption, snapshots, and volume initialization](example_ec2_GettingStarted_022_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples).
```
///
/// Get a list of Availability Zones in the AWS Region of the Amazon EC2 Client.
///
/// A list of availability zones.
public async Task> DescribeAvailabilityZones()
{
try
{
var zoneResponse = await _amazonEc2.DescribeAvailabilityZonesAsync(
new DescribeAvailabilityZonesRequest());
return zoneResponse.AvailabilityZones.Select(z => z.ZoneName).ToList();
}
catch (AmazonEC2Exception ec2Exception)
{
_logger.LogError($"An Amazon EC2 error occurred while listing availability zones.: {ec2Exception.Message}");
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while listing availability zones.: {ex.Message}");
throw;
}
}
```
+ For API details, see [DescribeAvailabilityZones](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeAvailabilityZones) in *AWS SDK for .NET API Reference*.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! DescribeAvailabilityZones
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
int AwsDoc::EC2::describeAvailabilityZones(const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeAvailabilityZonesRequest request;
Aws::EC2::Model::DescribeAvailabilityZonesOutcome outcome = ec2Client.DescribeAvailabilityZones(request);
if (outcome.IsSuccess()) {
std::cout << std::left <<
std::setw(32) << "ZoneName" <<
std::setw(20) << "State" <<
std::setw(32) << "Region" << std::endl;
const auto &zones =
outcome.GetResult().GetAvailabilityZones();
for (const auto &zone: zones) {
Aws::String stateString =
Aws::EC2::Model::AvailabilityZoneStateMapper::GetNameForAvailabilityZoneState(
zone.GetState());
std::cout << std::left <<
std::setw(32) << zone.GetZoneName() <<
std::setw(20) << stateString <<
std::setw(32) << zone.GetRegionName() << std::endl;
}
} else {
std::cerr << "Failed to describe availability zones:" <<
outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ For API details, see [DescribeAvailabilityZones](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeAvailabilityZones) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**To describe your Availability Zones**
The following example `describe-availability-zones` displays details for the Availability Zones that are available to you. The response includes Availability Zones only for the current Region. In this example, it uses the profiles default `us-west-2` (Oregon) Region.
```
aws ec2 describe-availability-zones
```
Output:
```
{
"AvailabilityZones": [
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2a",
"ZoneId": "usw2-az1",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2b",
"ZoneId": "usw2-az2",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2c",
"ZoneId": "usw2-az3",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2d",
"ZoneId": "usw2-az4",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opted-in",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2-lax-1a",
"ZoneId": "usw2-lax1-az1",
"GroupName": "us-west-2-lax-1",
"NetworkBorderGroup": "us-west-2-lax-1"
}
]
}
```
+ For API details, see [DescribeAvailabilityZones](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-availability-zones.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the Availability Zones for the current region that are available to you.**
```
Get-EC2AvailabilityZone
```
**Output:**
```
Messages RegionName State ZoneName
-------- ---------- ----- --------
{} us-west-2 available us-west-2a
{} us-west-2 available us-west-2b
{} us-west-2 available us-west-2c
```
**Example 2: This example describes any Availability Zones that are in an impaired state. The syntax used by this example requires PowerShell version 3 or higher.**
```
Get-EC2AvailabilityZone -Filter @{ Name="state";Values="impaired" }
```
**Example 3: With PowerShell version 2, you must use New-Object to create the filter.**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = "impaired"
Get-EC2AvailabilityZone -Filter $filter
```
+ For API details, see [DescribeAvailabilityZones](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the Availability Zones for the current region that are available to you.**
```
Get-EC2AvailabilityZone
```
**Output:**
```
Messages RegionName State ZoneName
-------- ---------- ----- --------
{} us-west-2 available us-west-2a
{} us-west-2 available us-west-2b
{} us-west-2 available us-west-2c
```
**Example 2: This example describes any Availability Zones that are in an impaired state. The syntax used by this example requires PowerShell version 3 or higher.**
```
Get-EC2AvailabilityZone -Filter @{ Name="state";Values="impaired" }
```
**Example 3: With PowerShell version 2, you must use New-Object to create the filter.**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = "impaired"
Get-EC2AvailabilityZone -Filter $filter
```
+ For API details, see [DescribeAvailabilityZones](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def get_availability_zones(self) -> List[str]:
"""
Gets a list of Availability Zones in the AWS Region of the Amazon EC2 client.
:return: The list of Availability Zones for the client Region.
"""
try:
response = self.ec2_client.describe_availability_zones()
zones = [zone["ZoneName"] for zone in response["AvailabilityZones"]]
log.info(f"Retrieved {len(zones)} availability zones: {zones}.")
except ClientError as err:
log.error("Failed to retrieve availability zones.")
log.error(f"Full error:\n\t{err}")
else:
return zones
```
+ For API details, see [DescribeAvailabilityZones](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeAvailabilityZones) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
oo_result = lo_ec2->describeavailabilityzones( ). " oo_result is returned for testing purposes. "
DATA(lt_zones) = oo_result->get_availabilityzones( ).
MESSAGE 'Retrieved information about Availability Zones.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [DescribeAvailabilityZones](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeBundleTasks` with a CLI
The following code examples show how to use `DescribeBundleTasks`.
------
#### [ CLI ]
**AWS CLI**
**To describe your bundle tasks**
This example describes all of your bundle tasks.
Command:
```
aws ec2 describe-bundle-tasks
```
Output:
```
{
"BundleTasks": [
{
"UpdateTime": "2015-09-15T13:26:54.000Z",
"InstanceId": "i-1234567890abcdef0",
"Storage": {
"S3": {
"Prefix": "winami",
"Bucket": "bundletasks"
}
},
"State": "bundling",
"StartTime": "2015-09-15T13:24:35.000Z",
"Progress": "3%",
"BundleId": "bun-2a4e041c"
}
]
}
```
+ For API details, see [DescribeBundleTasks](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-bundle-tasks.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the specified bundle task.**
```
Get-EC2BundleTask -BundleId bun-12345678
```
**Example 2: This example describes the bundle tasks whose state is either 'complete' or 'failed'.**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "complete", "failed" )
Get-EC2BundleTask -Filter $filter
```
+ For API details, see [DescribeBundleTasks](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the specified bundle task.**
```
Get-EC2BundleTask -BundleId bun-12345678
```
**Example 2: This example describes the bundle tasks whose state is either 'complete' or 'failed'.**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "complete", "failed" )
Get-EC2BundleTask -Filter $filter
```
+ For API details, see [DescribeBundleTasks](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeCapacityReservations` with a CLI
The following code examples show how to use `DescribeCapacityReservations`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To describe one or more of your capacity reservations**
The following `describe-capacity-reservations` example displays details about all of your capacity reservations in the current AWS Region.
```
aws ec2 describe-capacity-reservations
```
Output:
```
{
"CapacityReservations": [
{
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"OwnerId": "123456789111",
"CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-1234abcd56EXAMPLE",
"AvailabilityZoneId": "use1-az2",
"InstanceType": "c5.large",
"InstancePlatform": "Linux/UNIX",
"AvailabilityZone": "us-east-1a",
"Tenancy": "default",
"TotalInstanceCount": 1,
"AvailableInstanceCount": 1,
"EbsOptimized": true,
"EphemeralStorage": false,
"State": "active",
"StartDate": "2024-10-23T15:00:24+00:00",
"EndDateType": "unlimited",
"InstanceMatchCriteria": "open",
"CreateDate": "2024-10-23T15:00:24+00:00",
"Tags": [],
"CapacityAllocations": []
},
{
"CapacityReservationId": "cr-abcdEXAMPLE9876ef ",
"OwnerId": "123456789111",
"CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-abcdEXAMPLE9876ef",
"AvailabilityZoneId": "use1-az2",
"InstanceType": "c4.large",
"InstancePlatform": "Linux/UNIX",
"AvailabilityZone": "us-east-1a",
"Tenancy": "default",
"TotalInstanceCount": 1,
"AvailableInstanceCount": 1,
"EbsOptimized": true,
"EphemeralStorage": false,
"State": "cancelled",
"StartDate": "2024-10-23T15:01:03+00:00",
"EndDateType": "unlimited",
"InstanceMatchCriteria": "open",
"CreateDate": "2024-10-23T15:01:02+00:00",
"Tags": [],
"CapacityAllocations": []
}
]
}
```
**Example 2: To describe one or more of your capacity reservations**
The following `describe-capacity-reservations` example displays details about the specified capacity reservation.
```
aws ec2 describe-capacity-reservations \
--capacity-reservation-ids cr-1234abcd56EXAMPLE
```
Output:
```
{
"CapacityReservations": [
{
"CapacityReservationId": "cr-abcdEXAMPLE9876ef ",
"OwnerId": "123456789111",
"CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-abcdEXAMPLE9876ef",
"AvailabilityZoneId": "use1-az2",
"InstanceType": "c4.large",
"InstancePlatform": "Linux/UNIX",
"AvailabilityZone": "us-east-1a",
"Tenancy": "default",
"TotalInstanceCount": 1,
"AvailableInstanceCount": 1,
"EbsOptimized": true,
"EphemeralStorage": false,
"State": "active",
"StartDate": "2024-10-23T15:01:03+00:00",
"EndDateType": "unlimited",
"InstanceMatchCriteria": "open",
"CreateDate": "2024-10-23T15:01:02+00:00",
"Tags": [],
"CapacityAllocations": []
}
]
}
```
For more information, see [Viewing a Capacity Reservation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html#capacity-reservations-view) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*.
+ For API details, see [DescribeCapacityReservations](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-capacity-reservations.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes one or more of your Capacity Reservations for the region**
```
Get-EC2CapacityReservation -Region eu-west-1
```
**Output:**
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ For API details, see [DescribeCapacityReservations](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes one or more of your Capacity Reservations for the region**
```
Get-EC2CapacityReservation -Region eu-west-1
```
**Output:**
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ For API details, see [DescribeCapacityReservations](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeCustomerGateways` with a CLI
The following code examples show how to use `DescribeCustomerGateways`.
------
#### [ CLI ]
**AWS CLI**
**To describe your customer gateways**
This example describes your customer gateways.
Command:
```
aws ec2 describe-customer-gateways
```
Output:
```
{
"CustomerGateways": [
{
"CustomerGatewayId": "cgw-b4dc3961",
"IpAddress": "203.0.113.12",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65000"
},
{
"CustomerGatewayId": "cgw-0e11f167",
"IpAddress": "12.1.2.3",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65534"
}
]
}
```
**To describe a specific customer gateway**
This example describes the specified customer gateway.
Command:
```
aws ec2 describe-customer-gateways --customer-gateway-ids cgw-0e11f167
```
Output:
```
{
"CustomerGateways": [
{
"CustomerGatewayId": "cgw-0e11f167",
"IpAddress": "12.1.2.3",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65534"
}
]
}
```
+ For API details, see [DescribeCustomerGateways](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-customer-gateways.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the specified customer gateway.**
```
Get-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**Output:**
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
**Example 2: This example describes any customer gateway whose state is either pending or available.**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "pending", "available" )
Get-EC2CustomerGateway -Filter $filter
```
**Example 3: This example describes all your customer gateways.**
```
Get-EC2CustomerGateway
```
+ For API details, see [DescribeCustomerGateways](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the specified customer gateway.**
```
Get-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**Output:**
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
**Example 2: This example describes any customer gateway whose state is either pending or available.**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "pending", "available" )
Get-EC2CustomerGateway -Filter $filter
```
**Example 3: This example describes all your customer gateways.**
```
Get-EC2CustomerGateway
```
+ For API details, see [DescribeCustomerGateways](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeDhcpOptions` with a CLI
The following code examples show how to use `DescribeDhcpOptions`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To describe your DHCP options**
The following `describe-dhcp-options` example retrieves details about your DHCP options.
```
aws ec2 describe-dhcp-options
```
Output:
```
{
"DhcpOptions": [
{
"DhcpConfigurations": [
{
"Key": "domain-name",
"Values": [
{
"Value": "us-east-2.compute.internal"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "AmazonProvidedDNS"
}
]
}
],
"DhcpOptionsId": "dopt-19edf471",
"OwnerId": "111122223333"
},
{
"DhcpConfigurations": [
{
"Key": "domain-name",
"Values": [
{
"Value": "us-east-2.compute.internal"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "AmazonProvidedDNS"
}
]
}
],
"DhcpOptionsId": "dopt-fEXAMPLE",
"OwnerId": "111122223333"
}
]
}
```
For more information, see [Working with DHCP Option Sets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html#DHCPOptionSet) in the *AWS VPC User Guide*.
**Example 2: To describe your DHCP options and filter the output**
The following `describe-dhcp-options` example describes your DHCP options and uses a filter to return only DHCP options that have `example.com` for the domain name server. The example uses the `--query` parameter to display only the configuration information and ID in the output.
```
aws ec2 describe-dhcp-options \
--filters Name=key,Values=domain-name-servers Name=value,Values=example.com \
--query "DhcpOptions[*].[DhcpConfigurations,DhcpOptionsId]"
```
Output:
```
[
[
[
{
"Key": "domain-name",
"Values": [
{
"Value": "example.com"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "172.16.16.16"
}
]
}
],
"dopt-001122334455667ab"
]
]
```
For more information, see [Working with DHCP Option Sets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html#DHCPOptionSet) in the *AWS VPC User Guide*.
+ For API details, see [DescribeDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-dhcp-options.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example lists your DHCP options sets.**
```
Get-EC2DhcpOption
```
**Output:**
```
DhcpConfigurations DhcpOptionsId Tag
------------------ ------------- ---
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
{domain-name-servers} dopt-3a4b5c6d {}
```
**Example 2: This example gets configuration details for the specified DHCP options set.**
```
(Get-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d).DhcpConfigurations
```
**Output:**
```
Key Values
--- ------
domain-name {abc.local}
domain-name-servers {10.0.0.101, 10.0.0.102}
```
+ For API details, see [DescribeDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example lists your DHCP options sets.**
```
Get-EC2DhcpOption
```
**Output:**
```
DhcpConfigurations DhcpOptionsId Tag
------------------ ------------- ---
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
{domain-name-servers} dopt-3a4b5c6d {}
```
**Example 2: This example gets configuration details for the specified DHCP options set.**
```
(Get-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d).DhcpConfigurations
```
**Output:**
```
Key Values
--- ------
domain-name {abc.local}
domain-name-servers {10.0.0.101, 10.0.0.102}
```
+ For API details, see [DescribeDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeFlowLogs` with a CLI
The following code examples show how to use `DescribeFlowLogs`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To describe all of your flow logs**
The following `describe-flow-logs` example displays details for all of your flow logs.
```
aws ec2 describe-flow-logs
```
Output:
```
{
"FlowLogs": [
{
"CreationTime": "2018-02-21T13:22:12.644Z",
"DeliverLogsPermissionArn": "arn:aws:iam::123456789012:role/flow-logs-role",
"DeliverLogsStatus": "SUCCESS",
"FlowLogId": "fl-aabbccdd112233445",
"MaxAggregationInterval": 600,
"FlowLogStatus": "ACTIVE",
"LogGroupName": "FlowLogGroup",
"ResourceId": "subnet-12345678901234567",
"TrafficType": "ALL",
"LogDestinationType": "cloud-watch-logs",
"LogFormat": "${version} ${account-id} ${interface-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${packets} ${bytes} ${start} ${end} ${action} ${log-status}"
},
{
"CreationTime": "2020-02-04T15:22:29.986Z",
"DeliverLogsStatus": "SUCCESS",
"FlowLogId": "fl-01234567890123456",
"MaxAggregationInterval": 60,
"FlowLogStatus": "ACTIVE",
"ResourceId": "vpc-00112233445566778",
"TrafficType": "ACCEPT",
"LogDestinationType": "s3",
"LogDestination": "arn:aws:s3:::my-flow-log-bucket/custom",
"LogFormat": "${version} ${vpc-id} ${subnet-id} ${instance-id} ${interface-id} ${account-id} ${type} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${pkt-srcaddr} ${pkt-dstaddr} ${protocol} ${bytes} ${packets} ${start} ${end} ${action} ${tcp-flags} ${log-status}"
}
]
}
```
**Example 2: To describe a subset of your flow logs**
The following `describe-flow-logs` example uses a filter to display details for only those flow logs that are in the specified log group in Amazon CloudWatch Logs.
```
aws ec2 describe-flow-logs \
--filter "Name=log-group-name,Values=MyFlowLogs"
```
+ For API details, see [DescribeFlowLogs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-flow-logs.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes one or more flow logs with log destination type 's3'**
```
Get-EC2FlowLog -Filter @{Name="log-destination-type";Values="s3"}
```
**Output:**
```
CreationTime : 2/25/2019 9:07:36 PM
DeliverLogsErrorMessage :
DeliverLogsPermissionArn :
DeliverLogsStatus : SUCCESS
FlowLogId : fl-01b2e3d45f67f8901
FlowLogStatus : ACTIVE
LogDestination : arn:aws:s3:::amzn-s3-demo-bucket-dd-tata
LogDestinationType : s3
LogGroupName :
ResourceId : eni-01d2dda3456b7e890
TrafficType : ALL
```
+ For API details, see [DescribeFlowLogs](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes one or more flow logs with log destination type 's3'**
```
Get-EC2FlowLog -Filter @{Name="log-destination-type";Values="s3"}
```
**Output:**
```
CreationTime : 2/25/2019 9:07:36 PM
DeliverLogsErrorMessage :
DeliverLogsPermissionArn :
DeliverLogsStatus : SUCCESS
FlowLogId : fl-01b2e3d45f67f8901
FlowLogStatus : ACTIVE
LogDestination : arn:aws:s3:::amzn-s3-demo-bucket-dd-tata
LogDestinationType : s3
LogGroupName :
ResourceId : eni-01d2dda3456b7e890
TrafficType : ALL
```
+ For API details, see [DescribeFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeHostReservationOfferings` with a CLI
The following code examples show how to use `DescribeHostReservationOfferings`.
------
#### [ CLI ]
**AWS CLI**
**To describe Dedicated Host Reservation offerings**
This example describes the Dedicated Host Reservations for the M4 instance family that are available to purchase.
Command:
```
aws ec2 describe-host-reservation-offerings --filter Name=instance-family,Values=m4
```
Output:
```
{
"OfferingSet": [
{
"HourlyPrice": "1.499",
"OfferingId": "hro-03f707bf363b6b324",
"InstanceFamily": "m4",
"PaymentOption": "NoUpfront",
"UpfrontPrice": "0.000",
"Duration": 31536000
},
{
"HourlyPrice": "1.045",
"OfferingId": "hro-0ef9181cabdef7a02",
"InstanceFamily": "m4",
"PaymentOption": "NoUpfront",
"UpfrontPrice": "0.000",
"Duration": 94608000
},
{
"HourlyPrice": "0.714",
"OfferingId": "hro-04567a15500b92a51",
"InstanceFamily": "m4",
"PaymentOption": "PartialUpfront",
"UpfrontPrice": "6254.000",
"Duration": 31536000
},
{
"HourlyPrice": "0.484",
"OfferingId": "hro-0d5d7a9d23ed7fbfe",
"InstanceFamily": "m4",
"PaymentOption": "PartialUpfront",
"UpfrontPrice": "12720.000",
"Duration": 94608000
},
{
"HourlyPrice": "0.000",
"OfferingId": "hro-05da4108ca998c2e5",
"InstanceFamily": "m4",
"PaymentOption": "AllUpfront",
"UpfrontPrice": "23913.000",
"Duration": 94608000
},
{
"HourlyPrice": "0.000",
"OfferingId": "hro-0a9f9be3b95a3dc8f",
"InstanceFamily": "m4",
"PaymentOption": "AllUpfront",
"UpfrontPrice": "12257.000",
"Duration": 31536000
}
]
}
```
+ For API details, see [DescribeHostReservationOfferings](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-host-reservation-offerings.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the Dedicated Host reservations that are available to purchase for the given filter 'instance-family' where PaymentOption is 'NoUpfront'**
```
Get-EC2HostReservationOffering -Filter @{Name="instance-family";Values="m4"} | Where-Object PaymentOption -eq NoUpfront
```
**Output:**
```
CurrencyCode :
Duration : 94608000
HourlyPrice : 1.307
InstanceFamily : m4
OfferingId : hro-0c1f234567890d9ab
PaymentOption : NoUpfront
UpfrontPrice : 0.000
CurrencyCode :
Duration : 31536000
HourlyPrice : 1.830
InstanceFamily : m4
OfferingId : hro-04ad12aaaf34b5a67
PaymentOption : NoUpfront
UpfrontPrice : 0.000
```
+ For API details, see [DescribeHostReservationOfferings](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the Dedicated Host reservations that are available to purchase for the given filter 'instance-family' where PaymentOption is 'NoUpfront'**
```
Get-EC2HostReservationOffering -Filter @{Name="instance-family";Values="m4"} | Where-Object PaymentOption -eq NoUpfront
```
**Output:**
```
CurrencyCode :
Duration : 94608000
HourlyPrice : 1.307
InstanceFamily : m4
OfferingId : hro-0c1f234567890d9ab
PaymentOption : NoUpfront
UpfrontPrice : 0.000
CurrencyCode :
Duration : 31536000
HourlyPrice : 1.830
InstanceFamily : m4
OfferingId : hro-04ad12aaaf34b5a67
PaymentOption : NoUpfront
UpfrontPrice : 0.000
```
+ For API details, see [DescribeHostReservationOfferings](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeHosts` with a CLI
The following code examples show how to use `DescribeHosts`.
------
#### [ CLI ]
**AWS CLI**
**To view details about Dedicated Hosts**
The following `describe-hosts` example displays details for the `available` Dedicated Hosts in your AWS account.
```
aws ec2 describe-hosts --filter "Name=state,Values=available"
```
Output:
```
{
"Hosts": [
{
"HostId": "h-07879acf49EXAMPLE",
"Tags": [
{
"Value": "production",
"Key": "purpose"
}
],
"HostProperties": {
"Cores": 48,
"TotalVCpus": 96,
"InstanceType": "m5.large",
"Sockets": 2
},
"Instances": [],
"State": "available",
"AvailabilityZone": "eu-west-1a",
"AvailableCapacity": {
"AvailableInstanceCapacity": [
{
"AvailableCapacity": 48,
"InstanceType": "m5.large",
"TotalCapacity": 48
}
],
"AvailableVCpus": 96
},
"HostRecovery": "on",
"AllocationTime": "2019-08-19T08:57:44.000Z",
"AutoPlacement": "off"
}
]
}
```
For more information, see [Viewing Dedicated Hosts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-managing) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*.
+ For API details, see [DescribeHosts](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-hosts.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example returns the EC2 host details**
```
Get-EC2Host
```
**Output:**
```
AllocationTime : 3/23/2019 4:55:22 PM
AutoPlacement : off
AvailabilityZone : eu-west-1b
AvailableCapacity : Amazon.EC2.Model.AvailableCapacity
ClientToken :
HostId : h-01e23f4cd567890f1
HostProperties : Amazon.EC2.Model.HostProperties
HostReservationId :
Instances : {}
ReleaseTime : 1/1/0001 12:00:00 AM
State : available
Tags : {}
```
**Example 2: This example queries the AvailableInstanceCapacity for the host h-01e23f4cd567899f1**
```
Get-EC2Host -HostId h-01e23f4cd567899f1 | Select-Object -ExpandProperty AvailableCapacity | Select-Object -expand AvailableInstanceCapacity
```
**Output:**
```
AvailableCapacity InstanceType TotalCapacity
----------------- ------------ -------------
11 m4.xlarge 11
```
+ For API details, see [DescribeHosts](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example returns the EC2 host details**
```
Get-EC2Host
```
**Output:**
```
AllocationTime : 3/23/2019 4:55:22 PM
AutoPlacement : off
AvailabilityZone : eu-west-1b
AvailableCapacity : Amazon.EC2.Model.AvailableCapacity
ClientToken :
HostId : h-01e23f4cd567890f1
HostProperties : Amazon.EC2.Model.HostProperties
HostReservationId :
Instances : {}
ReleaseTime : 1/1/0001 12:00:00 AM
State : available
Tags : {}
```
**Example 2: This example queries the AvailableInstanceCapacity for the host h-01e23f4cd567899f1**
```
Get-EC2Host -HostId h-01e23f4cd567899f1 | Select-Object -ExpandProperty AvailableCapacity | Select-Object -expand AvailableInstanceCapacity
```
**Output:**
```
AvailableCapacity InstanceType TotalCapacity
----------------- ------------ -------------
11 m4.xlarge 11
```
+ For API details, see [DescribeHosts](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeIamInstanceProfileAssociations` with an AWS SDK or CLI
The following code examples show how to use `DescribeIamInstanceProfileAssociations`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Build and manage a resilient service](example_cross_ResilientService_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples).
```
///
/// Get the instance profile association data for an instance.
///
/// The Id of the instance.
/// Instance profile associations data.
public async Task GetInstanceProfile(string instanceId)
{
try
{
var response = await _amazonEc2.DescribeIamInstanceProfileAssociationsAsync(
new DescribeIamInstanceProfileAssociationsRequest()
{
Filters = new List()
{
new("instance-id", new List() { instanceId })
},
});
return response.IamInstanceProfileAssociations[0];
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidInstanceID.NotFound")
{
_logger.LogError(ec2Exception, $"Instance {instanceId} not found");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(ex, $"An error occurred while creating the template.: {ex.Message}");
throw;
}
}
```
+ For API details, see [DescribeIamInstanceProfileAssociations](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeIamInstanceProfileAssociations) in *AWS SDK for .NET API Reference*.
------
#### [ CLI ]
**AWS CLI**
**To describe IAM instance profile associations**
This example describes all of your IAM instance profile associations.
Command:
```
aws ec2 describe-iam-instance-profile-associations
```
Output:
```
{
"IamInstanceProfileAssociations": [
{
"InstanceId": "i-09eb09efa73ec1dee",
"State": "associated",
"AssociationId": "iip-assoc-0db249b1f25fa24b8",
"IamInstanceProfile": {
"Id": "AIPAJVQN4F5WVLGCJDRGM",
"Arn": "arn:aws:iam::123456789012:instance-profile/admin-role"
}
},
{
"InstanceId": "i-0402909a2f4dffd14",
"State": "associating",
"AssociationId": "iip-assoc-0d1ec06278d29f44a",
"IamInstanceProfile": {
"Id": "AGJAJVQN4F5WVLGCJABCM",
"Arn": "arn:aws:iam::123456789012:instance-profile/user1-role"
}
}
]
}
```
+ For API details, see [DescribeIamInstanceProfileAssociations](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-iam-instance-profile-associations.html) in *AWS CLI Command Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cross-services/wkflw-resilient-service#code-examples).
```
const ec2Client = new EC2Client({});
const { IamInstanceProfileAssociations } = await ec2Client.send(
new DescribeIamInstanceProfileAssociationsCommand({
Filters: [
{ Name: "instance-id", Values: [state.targetInstance.InstanceId] },
],
}),
);
```
+ For API details, see [DescribeIamInstanceProfileAssociations](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeIamInstanceProfileAssociationsCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def get_instance_profile(self, instance_id: str) -> Dict[str, Any]:
"""
Gets data about the profile associated with an instance.
:param instance_id: The ID of the instance to look up.
:return: The profile data.
"""
try:
response = self.ec2_client.describe_iam_instance_profile_associations(
Filters=[{"Name": "instance-id", "Values": [instance_id]}]
)
if not response["IamInstanceProfileAssociations"]:
log.info(f"No instance profile found for instance {instance_id}.")
profile_data = response["IamInstanceProfileAssociations"][0]
log.info(f"Retrieved instance profile for instance {instance_id}.")
return profile_data
except ClientError as err:
log.error(
f"Failed to retrieve instance profile for instance {instance_id}."
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
log.error(f"The instance ID '{instance_id}' does not exist.")
log.error(f"Full error:\n\t{err}")
```
+ For API details, see [DescribeIamInstanceProfileAssociations](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeIamInstanceProfileAssociations) in *AWS SDK for Python (Boto3) API Reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeIdFormat` with a CLI
The following code examples show how to use `DescribeIdFormat`.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To describe the ID format of a resource**
The following `describe-id-format` example describes the ID format for security groups.
```
aws ec2 describe-id-format \
--resource security-group
```
In the following example output, the `Deadline` value indicates that the deadline for this resource type to permanently switch from the short ID format to the long ID format expired at 00:00 UTC on August 15, 2018.
```
{
"Statuses": [
{
"Deadline": "2018-08-15T00:00:00.000Z",
"Resource": "security-group",
"UseLongIds": true
}
]
}
```
**Example 2: To describe the ID format for all resources**
The following `describe-id-format` example describes the ID format for all resource types. All resource types that supported the short ID format were switched to use the long ID format.
```
aws ec2 describe-id-format
```
+ For API details, see [DescribeIdFormat](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-id-format.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the ID format for the specified resource type.**
```
Get-EC2IdFormat -Resource instance
```
**Output:**
```
Resource UseLongIds
-------- ----------
instance False
```
**Example 2: This example describes the ID formats for all resource types that support longer IDs.**
```
Get-EC2IdFormat
```
**Output:**
```
Resource UseLongIds
-------- ----------
reservation False
instance False
```
+ For API details, see [DescribeIdFormat](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the ID format for the specified resource type.**
```
Get-EC2IdFormat -Resource instance
```
**Output:**
```
Resource UseLongIds
-------- ----------
instance False
```
**Example 2: This example describes the ID formats for all resource types that support longer IDs.**
```
Get-EC2IdFormat
```
**Output:**
```
Resource UseLongIds
-------- ----------
reservation False
instance False
```
+ For API details, see [DescribeIdFormat](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeIdentityIdFormat` with a CLI
The following code examples show how to use `DescribeIdentityIdFormat`.
------
#### [ CLI ]
**AWS CLI**
**To describe the ID format for an IAM role**
The following `describe-identity-id-format` example describes the ID format received by instances created by the IAM role `EC2Role` in your AWS account.
```
aws ec2 describe-identity-id-format \
--principal-arn arn:aws:iam::123456789012:role/my-iam-role \
--resource instance
```
The following output indicates that instances created by this role receive IDs in long ID format.
```
{
"Statuses": [
{
"Deadline": "2016-12-15T00:00:00Z",
"Resource": "instance",
"UseLongIds": true
}
]
}
```
**To describe the ID format for an IAM user**
The following `describe-identity-id-format` example describes the ID format received by snapshots created by the IAM user `AdminUser` in your AWS account.
```
aws ec2 describe-identity-id-format \
--principal-arn arn:aws:iam::123456789012:user/AdminUser \
--resource snapshot
```
The output indicates that snapshots created by this user receive IDs in long ID format.
```
{
"Statuses": [
{
"Deadline": "2016-12-15T00:00:00Z",
"Resource": "snapshot",
"UseLongIds": true
}
]
}
```
+ For API details, see [DescribeIdentityIdFormat](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-identity-id-format.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example returns the ID format for the resouce 'image' for the role given**
```
Get-EC2IdentityIdFormat -PrincipalArn arn:aws:iam::123456789511:role/JDBC -Resource image
```
**Output:**
```
Deadline Resource UseLongIds
-------- -------- ----------
8/2/2018 11:30:00 PM image True
```
+ For API details, see [DescribeIdentityIdFormat](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example returns the ID format for the resouce 'image' for the role given**
```
Get-EC2IdentityIdFormat -PrincipalArn arn:aws:iam::123456789511:role/JDBC -Resource image
```
**Output:**
```
Deadline Resource UseLongIds
-------- -------- ----------
8/2/2018 11:30:00 PM image True
```
+ For API details, see [DescribeIdentityIdFormat](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeImageAttribute` with a CLI
The following code examples show how to use `DescribeImageAttribute`.
------
#### [ CLI ]
**AWS CLI**
**To describe the launch permissions for an AMI**
This example describes the launch permissions for the specified AMI.
Command:
```
aws ec2 describe-image-attribute --image-id ami-5731123e --attribute launchPermission
```
Output:
```
{
"LaunchPermissions": [
{
"UserId": "123456789012"
}
],
"ImageId": "ami-5731123e",
}
```
**To describe the product codes for an AMI**
This example describes the product codes for the specified AMI. Note that this AMI has no product codes.
Command:
```
aws ec2 describe-image-attribute --image-id ami-5731123e --attribute productCodes
```
Output:
```
{
"ProductCodes": [],
"ImageId": "ami-5731123e",
}
```
+ For API details, see [DescribeImageAttribute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-image-attribute.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example gets the description for the specified AMI.**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute description
```
**Output:**
```
BlockDeviceMappings : {}
Description : My image description
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**Example 2: This example gets the launch permissions for the specified AMI.**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute launchPermission
```
**Output:**
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {all}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**Example 3: This example test whether enhanced networking is enabled.**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute sriovNetSupport
```
**Output:**
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport : simple
```
+ For API details, see [DescribeImageAttribute](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example gets the description for the specified AMI.**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute description
```
**Output:**
```
BlockDeviceMappings : {}
Description : My image description
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**Example 2: This example gets the launch permissions for the specified AMI.**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute launchPermission
```
**Output:**
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {all}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**Example 3: This example test whether enhanced networking is enabled.**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute sriovNetSupport
```
**Output:**
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport : simple
```
+ For API details, see [DescribeImageAttribute](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeImages` with an AWS SDK or CLI
The following code examples show how to use `DescribeImages`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Creating and managing Amazon EBS volumes](example_ec2_GettingStarted_020_section.md)
+ [Get started with Marketplace Buyer](example_ec2_GettingStarted_030_section.md)
+ [Getting started with Amazon EC2](example_ec2_GettingStarted_013_section.md)
+ [Getting started with Amazon MSK](example_ec2_GettingStarted_057_section.md)
+ [Run CPU stress tests on EC2 instances using FIS](example_iam_GettingStarted_069_section.md)
+ [VPC with private servers](example_vpc_GettingStartedPrivate_section.md)
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# function ec2_describe_images
#
# This function describes one or more Amazon Elastic Compute Cloud (Amazon EC2) images.
#
# Parameters:
# -i image_ids - A space-separated list of image IDs (optional).
# -h - Display help.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_describe_images() {
local image_ids response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_describe_images"
echo "Describes one or more Amazon Elastic Compute Cloud (Amazon EC2) images."
echo " -i image_ids - A space-separated list of image IDs (optional)."
echo " -h - Display help."
echo ""
}
# Retrieve the calling parameters.
while getopts "i:h" option; do
case "${option}" in
i) image_ids="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
local aws_cli_args=()
if [[ -n "$image_ids" ]]; then
# shellcheck disable=SC2206
aws_cli_args+=("--image-ids" $image_ids)
fi
response=$(aws ec2 describe-images \
"${aws_cli_args[@]}" \
--query 'Images[*].[Description,Architecture,ImageId]' \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports describe-images operation failed.$response"
return 1
}
echo "$response"
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [DescribeImages](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeImages) in *AWS CLI Command Reference*.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To describe an AMI**
The following `describe-images` example describes the specified AMI in the specified Region.
```
aws ec2 describe-images \
--region us-east-1 \
--image-ids ami-1234567890EXAMPLE
```
Output:
```
{
"Images": [
{
"VirtualizationType": "hvm",
"Description": "Provided by Red Hat, Inc.",
"PlatformDetails": "Red Hat Enterprise Linux",
"EnaSupport": true,
"Hypervisor": "xen",
"State": "available",
"SriovNetSupport": "simple",
"ImageId": "ami-1234567890EXAMPLE",
"UsageOperation": "RunInstances:0010",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sda1",
"Ebs": {
"SnapshotId": "snap-111222333444aaabb",
"DeleteOnTermination": true,
"VolumeType": "gp2",
"VolumeSize": 10,
"Encrypted": false
}
}
],
"Architecture": "x86_64",
"ImageLocation": "123456789012/RHEL-8.0.0_HVM-20190618-x86_64-1-Hourly2-GP2",
"RootDeviceType": "ebs",
"OwnerId": "123456789012",
"RootDeviceName": "/dev/sda1",
"CreationDate": "2019-05-10T13:17:12.000Z",
"Public": true,
"ImageType": "machine",
"Name": "RHEL-8.0.0_HVM-20190618-x86_64-1-Hourly2-GP2"
}
]
}
```
For more information, see [Amazon Machine Images (AMI)](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html) in the *Amazon EC2 User Guide*.
**Example 2: To describe AMIs based on filters**
The following `describe-images` example describes Windows AMIs provided by Amazon that are backed by Amazon EBS.
```
aws ec2 describe-images \
--owners amazon \
--filters "Name=platform,Values=windows" "Name=root-device-type,Values=ebs"
```
For an example of the output for `describe-images`, see Example 1.
For additional examples using filters, see [Listing and filtering your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html#Filtering_Resources_CLI) in the *Amazon EC2 User Guide*.
**Example 3: To describe AMIs based on tags**
The following `describe-images` example describes all AMIs that have the tag `Type=Custom`. The example uses the `--query` parameter to display only the AMI IDs.
```
aws ec2 describe-images \
--filters "Name=tag:Type,Values=Custom" \
--query 'Images[*].[ImageId]' \
--output text
```
Output:
```
ami-1234567890EXAMPLE
ami-0abcdef1234567890
```
For additional examples using tag filters, see [Working with tags](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#Using_Tags_CLI) in the *Amazon EC2 User Guide*.
+ For API details, see [DescribeImages](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-images.html) in *AWS CLI Command Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { EC2Client, paginateDescribeImages } from "@aws-sdk/client-ec2";
/**
* Describes the specified images (AMIs, AKIs, and ARIs) available to you or all of the images available to you.
* @param {{ architecture: string, pageSize: number }} options
*/
export const main = async ({ architecture, pageSize }) => {
pageSize = Number.parseInt(pageSize);
const client = new EC2Client({});
// The paginate function is a wrapper around the base command.
const paginator = paginateDescribeImages(
// Without limiting the page size, this call can take a long time. pageSize is just sugar for
// the MaxResults property in the base command.
{ client, pageSize },
{
// There are almost 70,000 images available. Be specific with your filtering
// to increase efficiency.
// See https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-ec2/interfaces/describeimagescommandinput.html#filters
Filters: [{ Name: "architecture", Values: [architecture] }],
},
);
/**
* @type {import('@aws-sdk/client-ec2').Image[]}
*/
const images = [];
let recordsScanned = 0;
try {
for await (const page of paginator) {
recordsScanned += pageSize;
if (page.Images.length) {
images.push(...page.Images);
break;
}
console.log(
`No matching image found yet. Searched ${recordsScanned} records.`,
);
}
if (images.length) {
console.log(
`Found ${images.length} images:\n\n${images.map((image) => image.Name).join("\n")}\n`,
);
} else {
console.log(
`No matching images found. Searched ${recordsScanned} records.\n`,
);
}
return images;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}`);
return [];
}
throw caught;
}
};
```
+ For API details, see [DescribeImages](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeImagesCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the specified AMI.**
```
Get-EC2Image -ImageId ami-12345678
```
**Output:**
```
Architecture : x86_64
BlockDeviceMappings : {/dev/xvda}
CreationDate : 2014-10-20T00:56:28.000Z
Description : My image
Hypervisor : xen
ImageId : ami-12345678
ImageLocation : 123456789012/my-image
ImageOwnerAlias :
ImageType : machine
KernelId :
Name : my-image
OwnerId : 123456789012
Platform :
ProductCodes : {}
Public : False
RamdiskId :
RootDeviceName : /dev/xvda
RootDeviceType : ebs
SriovNetSupport : simple
State : available
StateReason :
Tags : {Name}
VirtualizationType : hvm
```
**Example 2: This example describes the AMIs that you own.**
```
Get-EC2Image -owner self
```
**Example 3: This example describes the public AMIs that run Microsoft Windows Server.**
```
Get-EC2Image -Filter @{ Name="platform"; Values="windows" }
```
**Example 4: This example describes all public AMIs in the 'us-west-2' region.**
```
Get-EC2Image -Region us-west-2
```
+ For API details, see [DescribeImages](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the specified AMI.**
```
Get-EC2Image -ImageId ami-12345678
```
**Output:**
```
Architecture : x86_64
BlockDeviceMappings : {/dev/xvda}
CreationDate : 2014-10-20T00:56:28.000Z
Description : My image
Hypervisor : xen
ImageId : ami-12345678
ImageLocation : 123456789012/my-image
ImageOwnerAlias :
ImageType : machine
KernelId :
Name : my-image
OwnerId : 123456789012
Platform :
ProductCodes : {}
Public : False
RamdiskId :
RootDeviceName : /dev/xvda
RootDeviceType : ebs
SriovNetSupport : simple
State : available
StateReason :
Tags : {Name}
VirtualizationType : hvm
```
**Example 2: This example describes the AMIs that you own.**
```
Get-EC2Image -owner self
```
**Example 3: This example describes the public AMIs that run Microsoft Windows Server.**
```
Get-EC2Image -Filter @{ Name="platform"; Values="windows" }
```
**Example 4: This example describes all public AMIs in the 'us-west-2' region.**
```
Get-EC2Image -Region us-west-2
```
+ For API details, see [DescribeImages](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def get_images(self, image_ids: List[str]) -> List[Dict[str, Any]]:
"""
Gets information about Amazon Machine Images (AMIs) from a list of AMI IDs.
:param image_ids: The list of AMI IDs to look up.
:return: A list of dictionaries representing the requested AMIs.
"""
try:
response = self.ec2_client.describe_images(ImageIds=image_ids)
images = response["Images"]
except ClientError as err:
logger.error(f"Failed to stop AMI(s): {','.join(map(str, image_ids))}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidAMIID.NotFound":
logger.error("One or more of the AMI IDs does not exist.")
raise
return images
```
+ For API details, see [DescribeImages](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeImages) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
```
pub async fn list_images(&self, ids: Vec) -> Result, EC2Error> {
let image_ids = ids.into_iter().filter_map(|p| p.value).collect();
let output = self
.client
.describe_images()
.set_image_ids(Some(image_ids))
.send()
.await?;
let images = output.images.unwrap_or_default();
if images.is_empty() {
Err(EC2Error::new("No images for selected AMIs"))
} else {
Ok(images)
}
}
```
Using the list\$1images function with SSM to limit based on your environment. For more details on SSM, see https://docs.aws.amazon.com/systems-manager/latest/userguide/example\$1ssm\$1GetParameters\$1section.html.
```
async fn find_image(&mut self) -> Result {
let params: Vec = self
.ssm
.list_path("/aws/service/ami-amazon-linux-latest")
.await
.map_err(|e| e.add_message("Could not find parameters for available images"))?
.into_iter()
.filter(|param| param.name().is_some_and(|name| name.contains("amzn2")))
.collect();
let amzn2_images: Vec = self
.ec2
.list_images(params)
.await
.map_err(|e| e.add_message("Could not find images"))?
.into_iter()
.map(ScenarioImage::from)
.collect();
println!("We will now create an instance from an Amazon Linux 2 AMI");
let ami = self.util.select_scenario_image(amzn2_images)?;
Ok(ami)
}
```
+ For API details, see [DescribeImages](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_images) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
oo_result = lo_ec2->describeimages( it_imageids = it_image_ids ). " oo_result is returned for testing purposes. "
DATA(lt_images) = oo_result->get_images( ).
MESSAGE 'Retrieved information about Amazon Machine Images (AMIs).' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [DescribeImages](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
```
import AWSEC2
/// Return an array of `EC2ClientTypes.Image` objects describing all of
/// the images in the specified array.
///
/// - Parameter idList: A list of image ID strings indicating the images
/// to return details about.
///
/// - Returns: An array of the images.
func describeImages(_ idList: [String]) async -> [EC2ClientTypes.Image] {
do {
let output = try await ec2Client.describeImages(
input: DescribeImagesInput(
imageIds: idList
)
)
guard let images = output.images else {
print("*** No images found.")
return []
}
for image in images {
guard let id = image.imageId else {
continue
}
print(" \(id): \(image.description ?? "")")
}
return images
} catch {
print("*** Error getting image descriptions: \(error.localizedDescription)")
return []
}
}
```
+ For API details, see [DescribeImages](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeimages(input:)) in *AWS SDK for Swift API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeImportImageTasks` with a CLI
The following code examples show how to use `DescribeImportImageTasks`.
------
#### [ CLI ]
**AWS CLI**
**To monitor an import image task**
The following `describe-import-image-tasks` example checks the status of the specified import image task.
```
aws ec2 describe-import-image-tasks \
--import-task-ids import-ami-1234567890abcdef0
```
Output for an import image task that is in progress.
```
{
"ImportImageTasks": [
{
"ImportTaskId": "import-ami-1234567890abcdef0",
"Progress": "28",
"SnapshotDetails": [
{
"DiskImageSize": 705638400.0,
"Format": "ova",
"Status": "completed",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.ova"
}
}
],
"Status": "active",
"StatusMessage": "converting"
}
]
}
```
Output for an import image task that is completed. The ID of the resulting AMI is provided by `ImageId`.
```
{
"ImportImageTasks": [
{
"ImportTaskId": "import-ami-1234567890abcdef0",
"ImageId": "ami-1234567890abcdef0",
"SnapshotDetails": [
{
"DiskImageSize": 705638400.0,
"Format": "ova",
"SnapshotId": "snap-1234567890abcdef0"
"Status": "completed",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.ova"
}
}
],
"Status": "completed"
}
]
}
```
+ For API details, see [DescribeImportImageTasks](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-import-image-tasks.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the specified image import task.**
```
Get-EC2ImportImageTask -ImportTaskId import-ami-hgfedcba
```
**Output:**
```
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
**Example 2: This example describes all your image import tasks.**
```
Get-EC2ImportImageTask
```
**Output:**
```
Architecture :
Description : Windows Image 1
Hypervisor :
ImageId :
ImportTaskId : import-ami-abcdefgh
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {}
Status : deleted
StatusMessage : User initiated task cancelation
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
+ For API details, see [DescribeImportImageTasks](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the specified image import task.**
```
Get-EC2ImportImageTask -ImportTaskId import-ami-hgfedcba
```
**Output:**
```
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
**Example 2: This example describes all your image import tasks.**
```
Get-EC2ImportImageTask
```
**Output:**
```
Architecture :
Description : Windows Image 1
Hypervisor :
ImageId :
ImportTaskId : import-ami-abcdefgh
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {}
Status : deleted
StatusMessage : User initiated task cancelation
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
+ For API details, see [DescribeImportImageTasks](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeImportSnapshotTasks` with a CLI
The following code examples show how to use `DescribeImportSnapshotTasks`.
------
#### [ CLI ]
**AWS CLI**
**To monitor an import snapshot task**
The following `describe-import-snapshot-tasks` example checks the status of the specified import snapshot task.
```
aws ec2 describe-import-snapshot-tasks \
--import-task-ids import-snap-1234567890abcdef0
```
Output for an import snapshot task that is in progress:
```
{
"ImportSnapshotTasks": [
{
"Description": "My server VMDK",
"ImportTaskId": "import-snap-1234567890abcdef0",
"SnapshotTaskDetail": {
"Description": "My server VMDK",
"DiskImageSize": "705638400.0",
"Format": "VMDK",
"Progress": "42",
"Status": "active",
"StatusMessage": "downloading/converting",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.vmdk"
}
}
}
]
}
```
Output for an import snapshot task that is completed. The ID of the resulting snapshot is provided by `SnapshotId`.
```
{
"ImportSnapshotTasks": [
{
"Description": "My server VMDK",
"ImportTaskId": "import-snap-1234567890abcdef0",
"SnapshotTaskDetail": {
"Description": "My server VMDK",
"DiskImageSize": "705638400.0",
"Format": "VMDK",
"SnapshotId": "snap-1234567890abcdef0"
"Status": "completed",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.vmdk"
}
}
}
]
}
```
+ For API details, see [DescribeImportSnapshotTasks](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-import-snapshot-tasks.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the specified snapshot import task.**
```
Get-EC2ImportSnapshotTask -ImportTaskId import-snap-abcdefgh
```
**Output:**
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
```
**Example 2: This example describes all your snapshot import tasks.**
```
Get-EC2ImportSnapshotTask
```
**Output:**
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
Disk Image Import 2 import-snap-hgfedcba Amazon.EC2.Model.SnapshotTaskDetail
```
+ For API details, see [DescribeImportSnapshotTasks](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the specified snapshot import task.**
```
Get-EC2ImportSnapshotTask -ImportTaskId import-snap-abcdefgh
```
**Output:**
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
```
**Example 2: This example describes all your snapshot import tasks.**
```
Get-EC2ImportSnapshotTask
```
**Output:**
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
Disk Image Import 2 import-snap-hgfedcba Amazon.EC2.Model.SnapshotTaskDetail
```
+ For API details, see [DescribeImportSnapshotTasks](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeInstanceAttribute` with a CLI
The following code examples show how to use `DescribeInstanceAttribute`.
------
#### [ CLI ]
**AWS CLI**
**To describe the instance type**
This example describes the instance type of the specified instance.
Command:
```
aws ec2 describe-instance-attribute --instance-id i-1234567890abcdef0 --attribute instanceType
```
Output:
```
{
"InstanceId": "i-1234567890abcdef0"
"InstanceType": {
"Value": "t1.micro"
}
}
```
**To describe the disableApiTermination attribute**
This example describes the `disableApiTermination` attribute of the specified instance.
Command:
```
aws ec2 describe-instance-attribute --instance-id i-1234567890abcdef0 --attribute disableApiTermination
```
Output:
```
{
"InstanceId": "i-1234567890abcdef0"
"DisableApiTermination": {
"Value": "false"
}
}
```
**To describe the block device mapping for an instance**
This example describes the `blockDeviceMapping` attribute of the specified instance.
Command:
```
aws ec2 describe-instance-attribute --instance-id i-1234567890abcdef0 --attribute blockDeviceMapping
```
Output:
```
{
"InstanceId": "i-1234567890abcdef0"
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sda1",
"Ebs": {
"Status": "attached",
"DeleteOnTermination": true,
"VolumeId": "vol-049df61146c4d7901",
"AttachTime": "2013-05-17T22:42:34.000Z"
}
},
{
"DeviceName": "/dev/sdf",
"Ebs": {
"Status": "attached",
"DeleteOnTermination": false,
"VolumeId": "vol-049df61146c4d7901",
"AttachTime": "2013-09-10T23:07:00.000Z"
}
}
],
}
```
+ For API details, see [DescribeInstanceAttribute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instance-attribute.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the instance type of the specified instance.**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceType
```
**Output:**
```
InstanceType : t2.micro
```
**Example 2: This example describes whether enhanced networking is enabled for the specified instance.**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute sriovNetSupport
```
**Output:**
```
SriovNetSupport : simple
```
**Example 3: This example describes the security groups for the specified instance.**
```
(Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute groupSet).Groups
```
**Output:**
```
GroupId
-------
sg-12345678
sg-45678901
```
**Example 4: This example describes whether EBS optimization is enabled for the specified instance.**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute ebsOptimized
```
**Output:**
```
EbsOptimized : False
```
**Example 5: This example describes the 'disableApiTermination' attribute of the specified instance.**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute disableApiTermination
```
**Output:**
```
DisableApiTermination : False
```
**Example 6: This example describes the 'instanceInitiatedShutdownBehavior' attribute of the specified instance.**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceInitiatedShutdownBehavior
```
**Output:**
```
InstanceInitiatedShutdownBehavior : stop
```
+ For API details, see [DescribeInstanceAttribute](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the instance type of the specified instance.**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceType
```
**Output:**
```
InstanceType : t2.micro
```
**Example 2: This example describes whether enhanced networking is enabled for the specified instance.**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute sriovNetSupport
```
**Output:**
```
SriovNetSupport : simple
```
**Example 3: This example describes the security groups for the specified instance.**
```
(Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute groupSet).Groups
```
**Output:**
```
GroupId
-------
sg-12345678
sg-45678901
```
**Example 4: This example describes whether EBS optimization is enabled for the specified instance.**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute ebsOptimized
```
**Output:**
```
EbsOptimized : False
```
**Example 5: This example describes the 'disableApiTermination' attribute of the specified instance.**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute disableApiTermination
```
**Output:**
```
DisableApiTermination : False
```
**Example 6: This example describes the 'instanceInitiatedShutdownBehavior' attribute of the specified instance.**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceInitiatedShutdownBehavior
```
**Output:**
```
InstanceInitiatedShutdownBehavior : stop
```
+ For API details, see [DescribeInstanceAttribute](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeInstanceStatus` with an AWS SDK or CLI
The following code examples show how to use `DescribeInstanceStatus`.
------
#### [ CLI ]
**AWS CLI**
**To describe the status of an instance**
The following `describe-instance-status` example describes the current status of the specified instance.
```
aws ec2 describe-instance-status \
--instance-ids i-1234567890abcdef0
```
Output:
```
{
"InstanceStatuses": [
{
"InstanceId": "i-1234567890abcdef0",
"InstanceState": {
"Code": 16,
"Name": "running"
},
"AvailabilityZone": "us-east-1d",
"SystemStatus": {
"Status": "ok",
"Details": [
{
"Status": "passed",
"Name": "reachability"
}
]
},
"InstanceStatus": {
"Status": "ok",
"Details": [
{
"Status": "passed",
"Name": "reachability"
}
]
}
}
]
}
```
For more information, see [Monitor the status of your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instances-status-check.html) in the *Amazon EC2 User Guide*.
+ For API details, see [DescribeInstanceStatus](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instance-status.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the status of the specified instance.**
```
Get-EC2InstanceStatus -InstanceId i-12345678
```
**Output:**
```
AvailabilityZone : us-west-2a
Events : {}
InstanceId : i-12345678
InstanceState : Amazon.EC2.Model.InstanceState
Status : Amazon.EC2.Model.InstanceStatusSummary
SystemStatus : Amazon.EC2.Model.InstanceStatusSummary
```
```
$status = Get-EC2InstanceStatus -InstanceId i-12345678
$status.InstanceState
```
**Output:**
```
Code Name
---- ----
16 running
```
```
$status.Status
```
**Output:**
```
Details Status
------- ------
{reachability} ok
```
```
$status.SystemStatus
```
**Output:**
```
Details Status
------- ------
{reachability} ok
```
+ For API details, see [DescribeInstanceStatus](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the status of the specified instance.**
```
Get-EC2InstanceStatus -InstanceId i-12345678
```
**Output:**
```
AvailabilityZone : us-west-2a
Events : {}
InstanceId : i-12345678
InstanceState : Amazon.EC2.Model.InstanceState
Status : Amazon.EC2.Model.InstanceStatusSummary
SystemStatus : Amazon.EC2.Model.InstanceStatusSummary
```
```
$status = Get-EC2InstanceStatus -InstanceId i-12345678
$status.InstanceState
```
**Output:**
```
Code Name
---- ----
16 running
```
```
$status.Status
```
**Output:**
```
Details Status
------- ------
{reachability} ok
```
```
$status.SystemStatus
```
**Output:**
```
Details Status
------- ------
{reachability} ok
```
+ For API details, see [DescribeInstanceStatus](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
```
async fn show_all_events(client: &Client) -> Result<(), Error> {
let resp = client.describe_regions().send().await.unwrap();
for region in resp.regions.unwrap_or_default() {
let reg: &'static str = Box::leak(Box::from(region.region_name().unwrap()));
let region_provider = RegionProviderChain::default_provider().or_else(reg);
let config = aws_config::from_env().region(region_provider).load().await;
let new_client = Client::new(&config);
let resp = new_client.describe_instance_status().send().await;
println!("Instances in region {}:", reg);
println!();
for status in resp.unwrap().instance_statuses() {
println!(
" Events scheduled for instance ID: {}",
status.instance_id().unwrap_or_default()
);
for event in status.events() {
println!(" Event ID: {}", event.instance_event_id().unwrap());
println!(" Description: {}", event.description().unwrap());
println!(" Event code: {}", event.code().unwrap().as_ref());
println!();
}
}
}
Ok(())
}
```
+ For API details, see [DescribeInstanceStatus](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instance_status) in *AWS SDK for Rust API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeInstanceTypes` with an AWS SDK or CLI
The following code examples show how to use `DescribeInstanceTypes`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples).
```
///
/// Describe the instance types available.
///
/// A list of instance type information.
public async Task> DescribeInstanceTypes(ArchitectureValues architecture)
{
try
{
var request = new DescribeInstanceTypesRequest();
var filters = new List
{
new Filter("processor-info.supported-architecture",
new List { architecture.ToString() })
};
filters.Add(new Filter("instance-type", new() { "*.micro", "*.small" }));
request.Filters = filters;
var instanceTypes = new List();
var paginator = _amazonEC2.Paginators.DescribeInstanceTypes(request);
await foreach (var instanceType in paginator.InstanceTypes)
{
instanceTypes.Add(instanceType);
}
return instanceTypes;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidParameterValue")
{
_logger.LogError(
$"Parameters are invalid. Ensure architecture and size strings conform to DescribeInstanceTypes API reference.");
}
throw;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't delete the security group because: {ex.Message}");
throw;
}
}
```
+ For API details, see [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeInstanceTypes) in *AWS SDK for .NET API Reference*.
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# ec2_describe_instance_types
#
# This function describes EC2 instance types filtered by processor architecture
# and optionally by instance type. It takes the following arguments:
#
# -a, --architecture ARCHITECTURE Specify the processor architecture (e.g., x86_64)
# -t, --type INSTANCE_TYPE Comma-separated list of instance types (e.g., t2.micro)
# -h, --help Show the usage help
#
# The function prints the instance type and supported architecture for each
# matching instance type.
###############################################################################
function ec2_describe_instance_types() {
local architecture=""
local instance_types=""
# bashsupport disable=BP5008
function usage() {
echo "Usage: ec2_describe_instance_types [-a|--architecture ARCHITECTURE] [-t|--type INSTANCE_TYPE] [-h|--help]"
echo " -a, --architecture ARCHITECTURE Specify the processor architecture (e.g., x86_64)"
echo " -t, --type INSTANCE_TYPE Comma-separated list of instance types (e.g., t2.micro)"
echo " -h, --help Show this help message"
}
while [[ $# -gt 0 ]]; do
case "$1" in
-a | --architecture)
architecture="$2"
shift 2
;;
-t | --type)
instance_types="$2"
shift 2
;;
-h | --help)
usage
return 0
;;
*)
echo "Unknown argument: $1"
return 1
;;
esac
done
if [[ -z "$architecture" ]]; then
errecho "Error: Architecture not specified."
usage
return 1
fi
if [[ -z "$instance_types" ]]; then
errecho "Error: Instance type not specified."
usage
return 1
fi
local tmp_json_file="temp_ec2.json"
echo -n '[
{
"Name": "processor-info.supported-architecture",
"Values": [' >"$tmp_json_file"
local items
IFS=',' read -ra items <<<"$architecture"
local array_size
array_size=${#items[@]}
for i in $(seq 0 $((array_size - 1))); do
echo -n '"'"${items[$i]}"'"' >>"$tmp_json_file"
if [[ $i -lt $((array_size - 1)) ]]; then
echo -n ',' >>"$tmp_json_file"
fi
done
echo -n ']},
{
"Name": "instance-type",
"Values": [' >>"$tmp_json_file"
IFS=',' read -ra items <<<"$instance_types"
local array_size
array_size=${#items[@]}
for i in $(seq 0 $((array_size - 1))); do
echo -n '"'"${items[$i]}"'"' >>"$tmp_json_file"
if [[ $i -lt $((array_size - 1)) ]]; then
echo -n ',' >>"$tmp_json_file"
fi
done
echo -n ']}]' >>"$tmp_json_file"
local response
response=$(aws ec2 describe-instance-types --filters file://"$tmp_json_file" \
--query 'InstanceTypes[*].[InstanceType]' --output text)
local error_code=$?
rm "$tmp_json_file"
if [[ $error_code -ne 0 ]]; then
aws_cli_error_log $error_code
echo "ERROR: AWS reports describe-instance-types operation failed."
return 1
fi
echo "$response"
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeInstanceTypes) in *AWS CLI Command Reference*.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To describe an instance type**
The following `describe-instance-types` example displays details for the specified instance type.
```
aws ec2 describe-instance-types \
--instance-types t2.micro
```
Output:
```
{
"InstanceTypes": [
{
"InstanceType": "t2.micro",
"CurrentGeneration": true,
"FreeTierEligible": true,
"SupportedUsageClasses": [
"on-demand",
"spot"
],
"SupportedRootDeviceTypes": [
"ebs"
],
"BareMetal": false,
"Hypervisor": "xen",
"ProcessorInfo": {
"SupportedArchitectures": [
"i386",
"x86_64"
],
"SustainedClockSpeedInGhz": 2.5
},
"VCpuInfo": {
"DefaultVCpus": 1,
"DefaultCores": 1,
"DefaultThreadsPerCore": 1,
"ValidCores": [
1
],
"ValidThreadsPerCore": [
1
]
},
"MemoryInfo": {
"SizeInMiB": 1024
},
"InstanceStorageSupported": false,
"EbsInfo": {
"EbsOptimizedSupport": "unsupported",
"EncryptionSupport": "supported"
},
"NetworkInfo": {
"NetworkPerformance": "Low to Moderate",
"MaximumNetworkInterfaces": 2,
"Ipv4AddressesPerInterface": 2,
"Ipv6AddressesPerInterface": 2,
"Ipv6Supported": true,
"EnaSupport": "unsupported"
},
"PlacementGroupInfo": {
"SupportedStrategies": [
"partition",
"spread"
]
},
"HibernationSupported": false,
"BurstablePerformanceSupported": true,
"DedicatedHostsSupported": false,
"AutoRecoverySupported": true
}
]
}
```
For more information, see [Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in *Amazon Elastic Compute Cloud User Guide for Linux Instances*.
**Example 2: To filter the available instance types**
You can specify a filter to scope the results to instance types that have a specific characteristic. The following `describe-instance-types` example lists the instance types that support hibernation.
```
aws ec2 describe-instance-types \
--filters Name=hibernation-supported,Values=true --query 'InstanceTypes[*].InstanceType'
```
Output:
```
[
"m5.8xlarge",
"r3.large",
"c3.8xlarge",
"r5.large",
"m4.4xlarge",
"c4.large",
"m5.xlarge",
"m4.xlarge",
"c3.large",
"c4.8xlarge",
"c4.4xlarge",
"c5.xlarge",
"c5.12xlarge",
"r5.4xlarge",
"c5.4xlarge"
]
```
For more information, see [Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in *Amazon Elastic Compute Cloud User Guide for Linux Instances*.
+ For API details, see [DescribeInstanceTypes](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instance-types.html) in *AWS CLI Command Reference*.
------
#### [ Java ]
**SDK for Java 2.x**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples).
```
/**
* Asynchronously retrieves the instance types available in the current AWS region.
*
* This method uses the AWS SDK's asynchronous API to fetch the available instance types
* and then processes the response. It logs the memory information, network information,
* and instance type for each instance type returned. Additionally, it returns a
* {@link CompletableFuture} that resolves to the instance type string for the "t2.2xlarge"
* instance type, if it is found in the response. If the "t2.2xlarge" instance type is not
* found, an empty string is returned.
*
*
* @return a {@link CompletableFuture} that resolves to the instance type string for the
* "t2.2xlarge" instance type, or an empty string if the instance type is not found
*/
public CompletableFuture getInstanceTypesAsync() {
DescribeInstanceTypesRequest typesRequest = DescribeInstanceTypesRequest.builder()
.maxResults(10)
.build();
CompletableFuture response = getAsyncClient().describeInstanceTypes(typesRequest);
response.whenComplete((resp, ex) -> {
if (resp != null) {
List instanceTypes = resp.instanceTypes();
for (InstanceTypeInfo type : instanceTypes) {
logger.info("The memory information of this type is " + type.memoryInfo().sizeInMiB());
logger.info("Network information is " + type.networkInfo().toString());
logger.info("Instance type is " + type.instanceType().toString());
}
} else {
throw (RuntimeException) ex;
}
});
return response.thenApply(resp -> {
for (InstanceTypeInfo type : resp.instanceTypes()) {
String instanceType = type.instanceType().toString();
if (instanceType.equals("t2.2xlarge")) {
return instanceType;
}
}
return "";
});
}
```
+ For API details, see [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstanceTypes) in *AWS SDK for Java 2.x API Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { EC2Client, paginateDescribeInstanceTypes } from "@aws-sdk/client-ec2";
/**
* Describes the specified instance types. By default, all instance types for the
* current Region are described. Alternatively, you can filter the results.
* @param {{ pageSize: string, supportedArch: string[], freeTier: boolean }} options
*/
export const main = async ({ pageSize, supportedArch, freeTier }) => {
pageSize = Number.parseInt(pageSize);
const client = new EC2Client({});
// The paginate function is a wrapper around the underlying command.
const paginator = paginateDescribeInstanceTypes(
// Without limiting the page size, this call can take a long time. pageSize is just sugar for
// the MaxResults property in the underlying command.
{ client, pageSize },
{
Filters: [
{
Name: "processor-info.supported-architecture",
Values: supportedArch,
},
{ Name: "free-tier-eligible", Values: [freeTier ? "true" : "false"] },
],
},
);
try {
/**
* @type {import('@aws-sdk/client-ec2').InstanceTypeInfo[]}
*/
const instanceTypes = [];
for await (const page of paginator) {
if (page.InstanceTypes.length) {
instanceTypes.push(...page.InstanceTypes);
// When we have at least 1 result, we can stop.
if (instanceTypes.length >= 1) {
break;
}
}
}
console.log(
`Memory size in MiB for matching instance types:\n\n${instanceTypes.map((it) => `${it.InstanceType}: ${it.MemoryInfo.SizeInMiB} MiB`).join("\n")}`,
);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}`);
return [];
}
throw caught;
}
};
```
+ For API details, see [DescribeInstanceTypes](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstanceTypesCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
// Get a list of instance types.
suspend fun getInstanceTypesSc(): String {
var instanceType = ""
val filterObs = ArrayList()
val filter =
Filter {
name = "processor-info.supported-architecture"
values = listOf("arm64")
}
filterObs.add(filter)
val typesRequest =
DescribeInstanceTypesRequest {
filters = filterObs
maxResults = 10
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstanceTypes(typesRequest)
response.instanceTypes?.forEach { type ->
println("The memory information of this type is ${type.memoryInfo?.sizeInMib}")
println("Maximum number of network cards is ${type.networkInfo?.maximumNetworkCards}")
instanceType = type.instanceType.toString()
}
return instanceType
}
}
```
+ For API details, see [DescribeInstanceTypes](https://sdk.amazonaws.com/kotlin/api/latest/index.html) in *AWS SDK for Kotlin API reference*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def get_instance_types(
self, architecture: str = "x86_64", sizes: List[str] = ["*.micro", "*.small"]
) -> List[Dict[str, Any]]:
"""
Gets instance types that support the specified architecture and size.
See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypes.html
for a list of allowable parameters.
:param architecture: The architecture supported by instance types. Default: 'x86_64'.
:param sizes: The size of instance types. Default: '*.micro', '*.small',
:return: A list of dictionaries representing instance types that support the specified architecture and size.
"""
try:
inst_types = []
paginator = self.ec2_client.get_paginator("describe_instance_types")
for page in paginator.paginate(
Filters=[
{
"Name": "processor-info.supported-architecture",
"Values": [architecture],
},
{"Name": "instance-type", "Values": sizes},
]
):
inst_types += page["InstanceTypes"]
except ClientError as err:
logger.error(
f"Failed to get instance types: {architecture}, {','.join(map(str, sizes))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidParameterValue":
logger.error(
"Parameters are invalid. "
"Ensure architecture and size strings conform to DescribeInstanceTypes API reference."
)
raise
else:
return inst_types
```
+ For API details, see [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstanceTypes) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
```
/// List instance types that match an image's architecture and are free tier eligible.
pub async fn list_instance_types(&self, image: &Image) -> Result, EC2Error> {
let architecture = format!(
"{}",
image.architecture().ok_or_else(|| EC2Error::new(format!(
"Image {:?} does not have a listed architecture",
image.image_id()
)))?
);
let free_tier_eligible_filter = Filter::builder()
.name("free-tier-eligible")
.values("false")
.build();
let supported_architecture_filter = Filter::builder()
.name("processor-info.supported-architecture")
.values(architecture)
.build();
let response = self
.client
.describe_instance_types()
.filters(free_tier_eligible_filter)
.filters(supported_architecture_filter)
.send()
.await?;
Ok(response
.instance_types
.unwrap_or_default()
.into_iter()
.filter_map(|iti| iti.instance_type)
.collect())
}
```
+ For API details, see [DescribeInstanceTypes](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instance_types) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
" Create filters for architecture and instance type patterns
" iv_architecture = 'x86_64'
DATA lt_filters TYPE /aws1/cl_ec2filter=>tt_filterlist.
APPEND NEW /aws1/cl_ec2filter(
iv_name = 'processor-info.supported-architecture'
it_values = VALUE /aws1/cl_ec2valuestringlist_w=>tt_valuestringlist(
( NEW /aws1/cl_ec2valuestringlist_w( iv_architecture ) )
)
) TO lt_filters.
" Filter for instance type patterns like '*.micro', '*.small'
APPEND NEW /aws1/cl_ec2filter(
iv_name = 'instance-type'
it_values = VALUE /aws1/cl_ec2valuestringlist_w=>tt_valuestringlist(
( NEW /aws1/cl_ec2valuestringlist_w( '*.micro' ) )
( NEW /aws1/cl_ec2valuestringlist_w( '*.small' ) )
)
) TO lt_filters.
TRY.
oo_result = lo_ec2->describeinstancetypes( it_filters = lt_filters ). " oo_result is returned for testing purposes. "
DATA(lt_instance_types) = oo_result->get_instancetypes( ).
MESSAGE 'Retrieved information about EC2 instance types.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [DescribeInstanceTypes](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
```
import AWSEC2
/// Return a list of instance types matching the specified architecture
/// and instance sizes.
///
/// - Parameters:
/// - architecture: The architecture of the instance types to return, as
/// a member of `EC2ClientTypes.ArchitectureValues`.
/// - sizes: An array of one or more strings identifying sizes of
/// instance type to accept.
///
/// - Returns: An array of `EC2ClientTypes.InstanceTypeInfo` records
/// describing the instance types matching the given requirements.
func getMatchingInstanceTypes(architecture: EC2ClientTypes.ArchitectureValues = EC2ClientTypes.ArchitectureValues.x8664,
sizes: [String] = ["*.micro", "*.small"]) async
-> [EC2ClientTypes.InstanceTypeInfo] {
var instanceTypes: [EC2ClientTypes.InstanceTypeInfo] = []
let archFilter = EC2ClientTypes.Filter(
name: "processor-info.supported-architecture",
values: [architecture.rawValue]
)
let sizeFilter = EC2ClientTypes.Filter(
name: "instance-type",
values: sizes
)
do {
let pages = ec2Client.describeInstanceTypesPaginated(
input: DescribeInstanceTypesInput(
filters: [archFilter, sizeFilter]
)
)
for try await page in pages {
guard let types = page.instanceTypes else {
return []
}
instanceTypes += types
}
} catch {
print("*** Error getting image types: \(error.localizedDescription)")
return []
}
return instanceTypes
}
```
+ For API details, see [DescribeInstanceTypes](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeinstancetypes(input:)) in *AWS SDK for Swift API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeInstances` with an AWS SDK or CLI
The following code examples show how to use `DescribeInstances`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
+ [Build and manage a resilient service](example_cross_ResilientService_section.md)
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
+ [Creating an Amazon ECS service for the EC2 launch type](example_ecs_GettingStarted_018_section.md)
+ [Creating and managing Amazon EBS volumes](example_ec2_GettingStarted_020_section.md)
+ [Get started with Marketplace Buyer](example_ec2_GettingStarted_030_section.md)
+ [Getting started with Amazon EC2](example_ec2_GettingStarted_013_section.md)
+ [Getting started with Amazon MSK](example_ec2_GettingStarted_057_section.md)
+ [Getting started with Elastic Load Balancing](example_elastic_load_balancing_v2_GettingStarted_058_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples).
```
///
/// Get information about EC2 instances with a particular state.
///
/// The name of the tag to filter on.
/// The value of the tag to look for.
/// True if successful.
public async Task GetInstancesWithState(string state)
{
try
{
// Filters the results of the instance list.
var filters = new List
{
new Filter
{
Name = $"instance-state-name",
Values = new List { state, },
},
};
var request = new DescribeInstancesRequest { Filters = filters, };
Console.WriteLine($"\nShowing instances with state {state}");
var paginator = _amazonEC2.Paginators.DescribeInstances(request);
await foreach (var response in paginator.Responses)
{
foreach (var reservation in response.Reservations)
{
foreach (var instance in reservation.Instances)
{
Console.Write($"Instance ID: {instance.InstanceId} ");
Console.WriteLine($"\tCurrent State: {instance.State.Name}");
}
}
}
return true;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidParameterValue")
{
_logger.LogError(
$"Invalid parameter value for filtering instances.");
}
return false;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't list instances because: {ex.Message}");
return false;
}
}
```
+ For API details, see [DescribeInstances](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeInstances) in *AWS SDK for .NET API Reference*.
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# function ec2_describe_instances
#
# This function describes one or more Amazon Elastic Compute Cloud (Amazon EC2) instances.
#
# Parameters:
# -i instance_id - The ID of the instance to describe (optional).
# -q query - The query to filter the response (optional).
# -h - Display help.
#
# Returns:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_describe_instances() {
local instance_id query response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_describe_instances"
echo "Describes one or more Amazon Elastic Compute Cloud (Amazon EC2) instances."
echo " -i instance_id - The ID of the instance to describe (optional)."
echo " -q query - The query to filter the response (optional)."
echo " -h - Display help."
echo ""
}
# Retrieve the calling parameters.
while getopts "i:q:h" option; do
case "${option}" in
i) instance_id="${OPTARG}" ;;
q) query="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
local aws_cli_args=()
if [[ -n "$instance_id" ]]; then
# shellcheck disable=SC2206
aws_cli_args+=("--instance-ids" $instance_id)
fi
local query_arg=""
if [[ -n "$query" ]]; then
query_arg="--query '$query'"
else
query_arg="--query Reservations[*].Instances[*].[InstanceId,ImageId,InstanceType,KeyName,VpcId,PublicIpAddress,State.Name]"
fi
# shellcheck disable=SC2086
response=$(aws ec2 describe-instances \
"${aws_cli_args[@]}" \
$query_arg \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports describe-instances operation failed.$response"
return 1
}
echo "$response"
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [DescribeInstances](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeInstances) in *AWS CLI Command Reference*.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! Describe all Amazon Elastic Compute Cloud (Amazon EC2) instances associated with an account.
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::describeInstances(
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeInstancesRequest request;
bool header = false;
bool done = false;
while (!done) {
Aws::EC2::Model::DescribeInstancesOutcome outcome = ec2Client.DescribeInstances(request);
if (outcome.IsSuccess()) {
if (!header) {
std::cout << std::left <<
std::setw(48) << "Name" <<
std::setw(20) << "ID" <<
std::setw(25) << "Ami" <<
std::setw(15) << "Type" <<
std::setw(15) << "State" <<
std::setw(15) << "Monitoring" << std::endl;
header = true;
}
const std::vector &reservations =
outcome.GetResult().GetReservations();
for (const auto &reservation: reservations) {
const std::vector &instances =
reservation.GetInstances();
for (const auto &instance: instances) {
Aws::String instanceStateString =
Aws::EC2::Model::InstanceStateNameMapper::GetNameForInstanceStateName(
instance.GetState().GetName());
Aws::String typeString =
Aws::EC2::Model::InstanceTypeMapper::GetNameForInstanceType(
instance.GetInstanceType());
Aws::String monitorString =
Aws::EC2::Model::MonitoringStateMapper::GetNameForMonitoringState(
instance.GetMonitoring().GetState());
Aws::String name = "Unknown";
const std::vector &tags = instance.GetTags();
auto nameIter = std::find_if(tags.cbegin(), tags.cend(),
[](const Aws::EC2::Model::Tag &tag) {
return tag.GetKey() == "Name";
});
if (nameIter != tags.cend()) {
name = nameIter->GetValue();
}
std::cout <<
std::setw(48) << name <<
std::setw(20) << instance.GetInstanceId() <<
std::setw(25) << instance.GetImageId() <<
std::setw(15) << typeString <<
std::setw(15) << instanceStateString <<
std::setw(15) << monitorString << std::endl;
}
}
if (!outcome.GetResult().GetNextToken().empty()) {
request.SetNextToken(outcome.GetResult().GetNextToken());
} else {
done = true;
}
} else {
std::cerr << "Failed to describe EC2 instances:" <<
outcome.GetError().GetMessage() << std::endl;
return false;
}
}
return true;
}
```
+ For API details, see [DescribeInstances](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeInstances) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**Example 1: To describe an instance**
The following `describe-instances` example describes the specified instance.
```
aws ec2 describe-instances \
--instance-ids i-1234567890abcdef0
```
Output:
```
{
"Reservations": [
{
"Groups": [],
"Instances": [
{
"AmiLaunchIndex": 0,
"ImageId": "ami-0abcdef1234567890",
"InstanceId": "i-1234567890abcdef0",
"InstanceType": "t3.nano",
"KeyName": "my-key-pair",
"LaunchTime": "2022-11-15T10:48:59+00:00",
"Monitoring": {
"State": "disabled"
},
"Placement": {
"AvailabilityZone": "us-east-2a",
"GroupName": "",
"Tenancy": "default"
},
"PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal",
"PrivateIpAddress": "10-0-0-157",
"ProductCodes": [],
"PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com",
"PublicIpAddress": "34.253.223.13",
"State": {
"Code": 16,
"Name": "running"
},
"StateTransitionReason": "",
"SubnetId": "subnet-04a636d18e83cfacb",
"VpcId": "vpc-1234567890abcdef0",
"Architecture": "x86_64",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/xvda",
"Ebs": {
"AttachTime": "2022-11-15T10:49:00+00:00",
"DeleteOnTermination": true,
"Status": "attached",
"VolumeId": "vol-02e6ccdca7de29cf2"
}
}
],
"ClientToken": "1234abcd-1234-abcd-1234-d46a8903e9bc",
"EbsOptimized": true,
"EnaSupport": true,
"Hypervisor": "xen",
"IamInstanceProfile": {
"Arn": "arn:aws:iam::111111111111:instance-profile/AmazonSSMRoleForInstancesQuickSetup",
"Id": "111111111111111111111"
},
"NetworkInterfaces": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com",
"PublicIp": "34.253.223.13"
},
"Attachment": {
"AttachTime": "2022-11-15T10:48:59+00:00",
"AttachmentId": "eni-attach-1234567890abcdefg",
"DeleteOnTermination": true,
"DeviceIndex": 0,
"Status": "attached",
"NetworkCardIndex": 0
},
"Description": "",
"Groups": [
{
"GroupName": "launch-wizard-146",
"GroupId": "sg-1234567890abcdefg"
}
],
"Ipv6Addresses": [],
"MacAddress": "00:11:22:33:44:55",
"NetworkInterfaceId": "eni-1234567890abcdefg",
"OwnerId": "104024344472",
"PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal",
"PrivateIpAddress": "10-0-0-157",
"PrivateIpAddresses": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com",
"PublicIp": "34.253.223.13"
},
"Primary": true,
"PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal",
"PrivateIpAddress": "10-0-0-157"
}
],
"SourceDestCheck": true,
"Status": "in-use",
"SubnetId": "subnet-1234567890abcdefg",
"VpcId": "vpc-1234567890abcdefg",
"InterfaceType": "interface"
}
],
"RootDeviceName": "/dev/xvda",
"RootDeviceType": "ebs",
"SecurityGroups": [
{
"GroupName": "launch-wizard-146",
"GroupId": "sg-1234567890abcdefg"
}
],
"SourceDestCheck": true,
"Tags": [
{
"Key": "Name",
"Value": "my-instance"
}
],
"VirtualizationType": "hvm",
"CpuOptions": {
"CoreCount": 1,
"ThreadsPerCore": 2
},
"CapacityReservationSpecification": {
"CapacityReservationPreference": "open"
},
"HibernationOptions": {
"Configured": false
},
"MetadataOptions": {
"State": "applied",
"HttpTokens": "optional",
"HttpPutResponseHopLimit": 1,
"HttpEndpoint": "enabled",
"HttpProtocolIpv6": "disabled",
"InstanceMetadataTags": "enabled"
},
"EnclaveOptions": {
"Enabled": false
},
"PlatformDetails": "Linux/UNIX",
"UsageOperation": "RunInstances",
"UsageOperationUpdateTime": "2022-11-15T10:48:59+00:00",
"PrivateDnsNameOptions": {
"HostnameType": "ip-name",
"EnableResourceNameDnsARecord": true,
"EnableResourceNameDnsAAAARecord": false
},
"MaintenanceOptions": {
"AutoRecovery": "default"
}
}
],
"OwnerId": "111111111111",
"ReservationId": "r-1234567890abcdefg"
}
]
}
```
**Example 2: To filter for instances with the specified type**
The following `describe-instances` example uses filters to scope the results to instances of the specified type.
```
aws ec2 describe-instances \
--filters Name=instance-type,Values=m5.large
```
For example output, see Example 1.
For more information, see [List and filter using the CLI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html#Filtering_Resources_CLI) in the *Amazon EC2 User Guide*.
**Example 3: To filter for instances with the specified type and Availability Zone**
The following `describe-instances` example uses multiple filters to scope the results to instances with the specified type that are also in the specified Availability Zone.
```
aws ec2 describe-instances \
--filters Name=instance-type,Values=t2.micro,t3.micro Name=availability-zone,Values=us-east-2c
```
For example output, see Example 1.
**Example 4: To filter for instances with the specified type and Availability Zone using a JSON file**
The following `describe-instances` example uses a JSON input file to perform the same filtering as the previous example. When filters get more complicated, they can be easier to specify in a JSON file.
```
aws ec2 describe-instances \
--filters file://filters.json
```
Contents of `filters.json`:
```
[
{
"Name": "instance-type",
"Values": ["t2.micro", "t3.micro"]
},
{
"Name": "availability-zone",
"Values": ["us-east-2c"]
}
]
```
For example output, see Example 1.
**Example 5: To filter for instances with the specified Owner tag**
The following `describe-instances` example uses tag filters to scope the results to instances that have a tag with the specified tag key (Owner), regardless of the tag value.
```
aws ec2 describe-instances \
--filters "Name=tag-key,Values=Owner"
```
For example output, see Example 1.
**Example 6: To filter for instances with the specified my-team tag value**
The following `describe-instances` example uses tag filters to scope the results to instances that have a tag with the specified tag value (my-team), regardless of the tag key.
```
aws ec2 describe-instances \
--filters "Name=tag-value,Values=my-team"
```
For example output, see Example 1.
**Example 7: To filter for instances with the specified Owner tag and my-team value**
The following `describe-instances` example uses tag filters to scope the results to instances that have the specified tag (Owner=my-team).
```
aws ec2 describe-instances \
--filters "Name=tag:Owner,Values=my-team"
```
For example output, see Example 1.
**Example 8: To display only instance and subnet IDs for all instances**
The following `describe-instances` examples use the `--query` parameter to display only the instance and subnet IDs for all instances, in JSON format.
Linux and macOS:
```
aws ec2 describe-instances \
--query 'Reservations[*].Instances[*].{Instance:InstanceId,Subnet:SubnetId}' \
--output json
```
Windows:
```
aws ec2 describe-instances ^
--query "Reservations[*].Instances[*].{Instance:InstanceId,Subnet:SubnetId}" ^
--output json
```
Output:
```
[
{
"Instance": "i-057750d42936e468a",
"Subnet": "subnet-069beee9b12030077"
},
{
"Instance": "i-001efd250faaa6ffa",
"Subnet": "subnet-0b715c6b7db68927a"
},
{
"Instance": "i-027552a73f021f3bd",
"Subnet": "subnet-0250c25a1f4e15235"
}
...
]
```
**Example 9: To filter instances of the specified type and only display their instance IDs**
The following `describe-instances` example uses filters to scope the results to instances of the specified type and the `--query` parameter to display only the instance IDs.
```
aws ec2 describe-instances \
--filters "Name=instance-type,Values=t2.micro" \
--query "Reservations[*].Instances[*].[InstanceId]" \
--output text
```
Output:
```
i-031c0dc19de2fb70c
i-00d8bff789a736b75
i-0b715c6b7db68927a
i-0626d4edd54f1286d
i-00b8ae04f9f99908e
i-0fc71c25d2374130c
```
**Example 10: To filter instances of the specified type and only display their instance IDs, Availability Zone, and the specified tag value**
The following `describe-instances` examples display the instance ID, Availability Zone, and the value of the `Name` tag for instances that have a tag with the name `tag-key`, in table format.
Linux and macOS:
```
aws ec2 describe-instances \
--filters Name=tag-key,Values=Name \
--query 'Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key==`Name`]|[0].Value}' \
--output table
```
Windows:
```
aws ec2 describe-instances ^
--filters Name=tag-key,Values=Name ^
--query "Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key=='Name']|[0].Value}" ^
--output table
```
Output:
```
-------------------------------------------------------------
| DescribeInstances |
+--------------+-----------------------+--------------------+
| AZ | Instance | Name |
+--------------+-----------------------+--------------------+
| us-east-2b | i-057750d42936e468a | my-prod-server |
| us-east-2a | i-001efd250faaa6ffa | test-server-1 |
| us-east-2a | i-027552a73f021f3bd | test-server-2 |
+--------------+-----------------------+--------------------+
```
**Example 11: To describe instances in a partition placement group**
The following `describe-instances` example describes the specified instance. The output includes the placement information for the instance, which contains the placement group name and the partition number for the instance.
```
aws ec2 describe-instances \
--instance-ids i-0123a456700123456 \
--query "Reservations[*].Instances[*].Placement"
```
Output:
```
[
[
{
"AvailabilityZone": "us-east-1c",
"GroupName": "HDFS-Group-A",
"PartitionNumber": 3,
"Tenancy": "default"
}
]
]
```
For more information, see [Describing instances in a placement group](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html#describe-instance-placement) in the *Amazon EC2 User Guide*.
**Example 12: To filter to instances with the specified placement group and partition number**
The following `describe-instances` example filters the results to only those instances with the specified placement group and partition number.
```
aws ec2 describe-instances \
--filters "Name=placement-group-name,Values=HDFS-Group-A" "Name=placement-partition-number,Values=7"
```
The following shows only the relevant information from the output.
```
"Instances": [
{
"InstanceId": "i-0123a456700123456",
"InstanceType": "r4.large",
"Placement": {
"AvailabilityZone": "us-east-1c",
"GroupName": "HDFS-Group-A",
"PartitionNumber": 7,
"Tenancy": "default"
}
},
{
"InstanceId": "i-9876a543210987654",
"InstanceType": "r4.large",
"Placement": {
"AvailabilityZone": "us-east-1c",
"GroupName": "HDFS-Group-A",
"PartitionNumber": 7,
"Tenancy": "default"
}
],
```
For more information, see [Describing instances in a placement group](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html#describe-instance-placement) in the *Amazon EC2 User Guide*.
**Example 13: To filter to instances that are configured to allow access to tags from instance metadata**
The following `describe-instances` example filters the results to only those instances that are configured to allow access to instance tags from instance metadata.
```
aws ec2 describe-instances \
--filters "Name=metadata-options.instance-metadata-tags,Values=enabled" \
--query "Reservations[*].Instances[*].InstanceId" \
--output text
```
The following shows the expected output.
```
i-1234567890abcdefg
i-abcdefg1234567890
i-11111111aaaaaaaaa
i-aaaaaaaa111111111
```
For more information, see [Work with instance tags in instance metadata](https://docs.aws.amazon.com/en_us/AWSEC2/latest/UserGuide/Using_Tags.html#view-access-to-tags-in-IMDS) in the *Amazon EC2 User Guide*.
+ For API details, see [DescribeInstances](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instances.html) in *AWS CLI Command Reference*.
------
#### [ Java ]
**SDK for Java 2.x**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples).
```
/**
* Asynchronously describes the state of an EC2 instance.
* The paginator helps you iterate over multiple pages of results.
*
* @param newInstanceId the ID of the EC2 instance to describe
* @return a {@link CompletableFuture} that, when completed, contains a string describing the state of the EC2 instance
*/
public CompletableFuture describeEC2InstancesAsync(String newInstanceId) {
DescribeInstancesRequest request = DescribeInstancesRequest.builder()
.instanceIds(newInstanceId)
.build();
DescribeInstancesPublisher paginator = getAsyncClient().describeInstancesPaginator(request);
AtomicReference publicIpAddressRef = new AtomicReference<>();
return paginator.subscribe(response -> {
response.reservations().stream()
.flatMap(reservation -> reservation.instances().stream())
.filter(instance -> instance.instanceId().equals(newInstanceId))
.findFirst()
.ifPresent(instance -> publicIpAddressRef.set(instance.publicIpAddress()));
}).thenApply(v -> {
String publicIpAddress = publicIpAddressRef.get();
if (publicIpAddress == null) {
throw new RuntimeException("Instance with ID " + newInstanceId + " not found.");
}
return publicIpAddress;
}).exceptionally(ex -> {
logger.info("Failed to describe instances: " + ex.getMessage());
throw new RuntimeException("Failed to describe instances", ex);
});
}
```
+ For API details, see [DescribeInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstances) in *AWS SDK for Java 2.x API Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { EC2Client, paginateDescribeInstances } from "@aws-sdk/client-ec2";
/**
* List all of your EC2 instances running with the provided architecture that
* were launched in the past month.
* @param {{ pageSize: string, architectures: string[] }} options
*/
export const main = async ({ pageSize, architectures }) => {
pageSize = Number.parseInt(pageSize);
const client = new EC2Client({});
const d = new Date();
const year = d.getFullYear();
const month = `0${d.getMonth() + 1}`.slice(-2);
const launchTimePattern = `${year}-${month}-*`;
const paginator = paginateDescribeInstances(
{
client,
pageSize,
},
{
Filters: [
{ Name: "architecture", Values: architectures },
{ Name: "instance-state-name", Values: ["running"] },
{
Name: "launch-time",
Values: [launchTimePattern],
},
],
},
);
try {
/**
* @type {import('@aws-sdk/client-ec2').Instance[]}
*/
const instanceList = [];
for await (const page of paginator) {
const { Reservations } = page;
for (const reservation of Reservations) {
instanceList.push(...reservation.Instances);
}
}
console.log(
`Running instances launched this month:\n\n${instanceList.map((instance) => instance.InstanceId).join("\n")}`,
);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}.`);
} else {
throw caught;
}
}
};
```
+ For API details, see [DescribeInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstancesCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
suspend fun describeEC2Instances() {
val request =
DescribeInstancesRequest {
maxResults = 6
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstances(request)
response.reservations?.forEach { reservation ->
reservation.instances?.forEach { instance ->
println("Instance Id is ${instance.instanceId}")
println("Image id is ${instance.imageId}")
println("Instance type is ${instance.instanceType}")
println("Instance state name is ${instance.state?.name}")
println("monitoring information is ${instance.monitoring?.state}")
}
}
}
}
```
+ For API details, see [DescribeInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html) in *AWS SDK for Kotlin API reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the specified instance.**
```
(Get-EC2Instance -InstanceId i-12345678).Instances
```
**Output:**
```
AmiLaunchIndex : 0
Architecture : x86_64
BlockDeviceMappings : {/dev/sda1}
ClientToken : TleEy1448154045270
EbsOptimized : False
Hypervisor : xen
IamInstanceProfile : Amazon.EC2.Model.IamInstanceProfile
ImageId : ami-12345678
InstanceId : i-12345678
InstanceLifecycle :
InstanceType : t2.micro
KernelId :
KeyName : my-key-pair
LaunchTime : 12/4/2015 4:44:40 PM
Monitoring : Amazon.EC2.Model.Monitoring
NetworkInterfaces : {ip-10-0-2-172.us-west-2.compute.internal}
Placement : Amazon.EC2.Model.Placement
Platform : Windows
PrivateDnsName : ip-10-0-2-172.us-west-2.compute.internal
PrivateIpAddress : 10.0.2.172
ProductCodes : {}
PublicDnsName :
PublicIpAddress :
RamdiskId :
RootDeviceName : /dev/sda1
RootDeviceType : ebs
SecurityGroups : {default}
SourceDestCheck : True
SpotInstanceRequestId :
SriovNetSupport :
State : Amazon.EC2.Model.InstanceState
StateReason :
StateTransitionReason :
SubnetId : subnet-12345678
Tags : {Name}
VirtualizationType : hvm
VpcId : vpc-12345678
```
**Example 2: This example describes all your instances in the current region, grouped by reservation. To see the instance details expand the Instances collection within each reservation object.**
```
Get-EC2Instance
```
**Output:**
```
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 226008221399
ReservationId : r-c5df370c
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 854251627541
ReservationId : r-63e65bab
...
```
**Example 3: This example illustrates using a filter to query for EC2 instances in a specific subnet of a VPC.**
```
(Get-EC2Instance -Filter @{Name="vpc-id";Values="vpc-1a2bc34d"},@{Name="subnet-id";Values="subnet-1a2b3c4d"}).Instances
```
**Output:**
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-01af...82cf180e19 t2.medium Windows 10.0.0.98 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0374...7e9d5b0c45 t2.xlarge Windows 10.0.0.53 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**Example 4: This example illustrates using a filter with multiple values to query for EC2 instances that are both running and stopped**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
(Get-EC2Instance @InstanceParams).Instances
```
**Output:**
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**Example 5: This example illustrates using a filter with multiple values to query for EC2 instances that are both running and stopped and using the Select-Object cmdlet for choosing specific values to output.**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
$SelectParams = @{
Property = @(
"InstanceID", "InstanceType", "Platform", "PrivateIpAddress",
@{Name="Name";Expression={$_.Tags[$_.Tags.Key.IndexOf("Name")].Value}},
@{Name="State";Expression={$_.State.Name}}
)
}
$result = Get-EC2Instance @InstanceParams
$result.Instances | Select-Object @SelectParams | Format-Table -AutoSize
```
**Output:**
```
InstanceId InstanceType Platform PrivateIpAddress Name State
---------- ------------ -------- ---------------- ---- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ec2-name-01 running
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ec2-name-02 stopped
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ec2-name-03 running
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ec2-name-04 stopped
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ec2-name-05 running
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ec2-name-06 stopped
```
+ For API details, see [DescribeInstances](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the specified instance.**
```
(Get-EC2Instance -InstanceId i-12345678).Instances
```
**Output:**
```
AmiLaunchIndex : 0
Architecture : x86_64
BlockDeviceMappings : {/dev/sda1}
ClientToken : TleEy1448154045270
EbsOptimized : False
Hypervisor : xen
IamInstanceProfile : Amazon.EC2.Model.IamInstanceProfile
ImageId : ami-12345678
InstanceId : i-12345678
InstanceLifecycle :
InstanceType : t2.micro
KernelId :
KeyName : my-key-pair
LaunchTime : 12/4/2015 4:44:40 PM
Monitoring : Amazon.EC2.Model.Monitoring
NetworkInterfaces : {ip-10-0-2-172.us-west-2.compute.internal}
Placement : Amazon.EC2.Model.Placement
Platform : Windows
PrivateDnsName : ip-10-0-2-172.us-west-2.compute.internal
PrivateIpAddress : 10.0.2.172
ProductCodes : {}
PublicDnsName :
PublicIpAddress :
RamdiskId :
RootDeviceName : /dev/sda1
RootDeviceType : ebs
SecurityGroups : {default}
SourceDestCheck : True
SpotInstanceRequestId :
SriovNetSupport :
State : Amazon.EC2.Model.InstanceState
StateReason :
StateTransitionReason :
SubnetId : subnet-12345678
Tags : {Name}
VirtualizationType : hvm
VpcId : vpc-12345678
```
**Example 2: This example describes all your instances in the current region, grouped by reservation. To see the instance details expand the Instances collection within each reservation object.**
```
Get-EC2Instance
```
**Output:**
```
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 226008221399
ReservationId : r-c5df370c
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 854251627541
ReservationId : r-63e65bab
...
```
**Example 3: This example illustrates using a filter to query for EC2 instances in a specific subnet of a VPC.**
```
(Get-EC2Instance -Filter @{Name="vpc-id";Values="vpc-1a2bc34d"},@{Name="subnet-id";Values="subnet-1a2b3c4d"}).Instances
```
**Output:**
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-01af...82cf180e19 t2.medium Windows 10.0.0.98 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0374...7e9d5b0c45 t2.xlarge Windows 10.0.0.53 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**Example 4: This example illustrates using a filter with multiple values to query for EC2 instances that are both running and stopped**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
(Get-EC2Instance @InstanceParams).Instances
```
**Output:**
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**Example 5: This example illustrates using a filter with multiple values to query for EC2 instances that are both running and stopped and using the Select-Object cmdlet for choosing specific values to output.**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
$SelectParams = @{
Property = @(
"InstanceID", "InstanceType", "Platform", "PrivateIpAddress",
@{Name="Name";Expression={$_.Tags[$_.Tags.Key.IndexOf("Name")].Value}},
@{Name="State";Expression={$_.State.Name}}
)
}
$result = Get-EC2Instance @InstanceParams
$result.Instances | Select-Object @SelectParams | Format-Table -AutoSize
```
**Output:**
```
InstanceId InstanceType Platform PrivateIpAddress Name State
---------- ------------ -------- ---------------- ---- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ec2-name-01 running
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ec2-name-02 stopped
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ec2-name-03 running
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ec2-name-04 stopped
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ec2-name-05 running
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ec2-name-06 stopped
```
**Example 6: This example validates permissions for getting EC2 instances using the DryRun parameter without actually fetching them. Note: This throws an exception if succeeded which is the expected behavior.**
```
Get-EC2Tag -DryRun $true
```
**Output:**
```
Get-EC2Instance: Request would have succeeded, but DryRun flag is set.
```
+ For API details, see [DescribeInstances](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def display(self, state_filter: Optional[str] = "running") -> None:
"""
Displays information about instances, filtering by the specified state.
:param state_filter: The instance state to include in the output. Only instances in this state
will be displayed. Default is 'running'. Example states: 'running', 'stopped'.
"""
if not self.instances:
logger.info("No instances to display.")
return
instance_ids = [instance["InstanceId"] for instance in self.instances]
paginator = self.ec2_client.get_paginator("describe_instances")
page_iterator = paginator.paginate(InstanceIds=instance_ids)
try:
for page in page_iterator:
for reservation in page["Reservations"]:
for instance in reservation["Instances"]:
instance_state = instance["State"]["Name"]
# Apply the state filter (default is 'running')
if state_filter and instance_state != state_filter:
continue # Skip this instance if it doesn't match the filter
# Create a formatted string with instance details
instance_info = (
f"• ID: {instance['InstanceId']}\n"
f"• Image ID: {instance['ImageId']}\n"
f"• Instance type: {instance['InstanceType']}\n"
f"• Key name: {instance['KeyName']}\n"
f"• VPC ID: {instance['VpcId']}\n"
f"• Public IP: {instance.get('PublicIpAddress', 'N/A')}\n"
f"• State: {instance_state}"
)
print(instance_info)
except ClientError as err:
logger.error(
f"Failed to display instance(s). : {' '.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
logger.error(
"One or more instance IDs do not exist. "
"Please verify the instance IDs and try again."
)
raise
```
+ For API details, see [DescribeInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstances) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Ruby ]
**SDK for Ruby**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples).
```
require 'aws-sdk-ec2'
# @param ec2_resource [Aws::EC2::Resource] An initialized EC2 resource object.
# @example
# list_instance_ids_states(Aws::EC2::Resource.new(region: 'us-west-2'))
def list_instance_ids_states(ec2_resource)
response = ec2_resource.instances
if response.count.zero?
puts 'No instances found.'
else
puts 'Instances -- ID, state:'
response.each do |instance|
puts "#{instance.id}, #{instance.state.name}"
end
end
rescue StandardError => e
puts "Error getting information about instances: #{e.message}"
end
# Example usage:
def run_me
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-get-all-instance-info.rb REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-get-all-instance-info.rb us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
elsif ARGV.count.zero?
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
region = ARGV[0]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
list_instance_ids_states(ec2_resource)
end
run_me if $PROGRAM_NAME == __FILE__
```
+ For API details, see [DescribeInstances](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/DescribeInstances) in *AWS SDK for Ruby API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
Retrieve details for an EC2 Instance.
```
pub async fn describe_instance(&self, instance_id: &str) -> Result {
let response = self
.client
.describe_instances()
.instance_ids(instance_id)
.send()
.await?;
let instance = response
.reservations()
.first()
.ok_or_else(|| EC2Error::new(format!("No instance reservations for {instance_id}")))?
.instances()
.first()
.ok_or_else(|| {
EC2Error::new(format!("No instances in reservation for {instance_id}"))
})?;
Ok(instance.clone())
}
```
After creating an EC2 instance, retrieve and store its details.
```
/// Create an EC2 instance with the given ID on a given type, using a
/// generated KeyPair and applying a list of security groups.
pub async fn create(
&mut self,
ec2: &EC2,
image_id: &str,
instance_type: InstanceType,
key_pair: &KeyPairInfo,
security_groups: Vec<&SecurityGroup>,
) -> Result<(), EC2Error> {
let instance_id = ec2
.create_instance(image_id, instance_type, key_pair, security_groups)
.await?;
let instance = ec2.describe_instance(&instance_id).await?;
self.instance = Some(instance);
Ok(())
}
```
+ For API details, see [DescribeInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instances) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
oo_result = lo_ec2->describeinstances( ). " oo_result is returned for testing purposes. "
" Retrieving details of EC2 instances. "
DATA: lv_istance_id TYPE /aws1/ec2string,
lv_status TYPE /aws1/ec2instancestatename,
lv_instance_type TYPE /aws1/ec2instancetype,
lv_image_id TYPE /aws1/ec2string.
LOOP AT oo_result->get_reservations( ) INTO DATA(lo_reservation).
LOOP AT lo_reservation->get_instances( ) INTO DATA(lo_instance).
lv_istance_id = lo_instance->get_instanceid( ).
lv_status = lo_instance->get_state( )->get_name( ).
lv_instance_type = lo_instance->get_instancetype( ).
lv_image_id = lo_instance->get_imageid( ).
ENDLOOP.
ENDLOOP.
MESSAGE 'Retrieved information about EC2 instances.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [DescribeInstances](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeInternetGateways` with a CLI
The following code examples show how to use `DescribeInternetGateways`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Create a basic VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**To describe an internet gateway**
The following `describe-internet-gateways` example describes the specified internet gateway.
```
aws ec2 describe-internet-gateways \
--internet-gateway-ids igw-0d0fb496b3EXAMPLE
```
Output:
```
{
"InternetGateways": [
{
"Attachments": [
{
"State": "available",
"VpcId": "vpc-0a60eb65b4EXAMPLE"
}
],
"InternetGatewayId": "igw-0d0fb496b3EXAMPLE",
"OwnerId": "123456789012",
"Tags": [
{
"Key": "Name",
"Value": "my-igw"
}
]
}
]
}
```
For more information, see [Internet gateways](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html) in the *Amazon VPC User Guide*.
+ For API details, see [DescribeInternetGateways](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-internet-gateways.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the specified Internet gateway.**
```
Get-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**Output:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
```
**Example 2: This example describes all your Internet gateways.**
```
Get-EC2InternetGateway
```
**Output:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
{} igw-2a3b4c5d {}
```
+ For API details, see [DescribeInternetGateways](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the specified Internet gateway.**
```
Get-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**Output:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
```
**Example 2: This example describes all your Internet gateways.**
```
Get-EC2InternetGateway
```
**Output:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
{} igw-2a3b4c5d {}
```
+ For API details, see [DescribeInternetGateways](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.
# Use `DescribeKeyPairs` with an AWS SDK or CLI
The following code examples show how to use `DescribeKeyPairs`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code examples:
+ [Learn the basics](example_ec2_Scenario_GetStartedInstances_section.md)
+ [Getting started with Amazon EMR](example_emr_GettingStarted_037_section.md)
+ [Getting started with Amazon MSK](example_ec2_GettingStarted_057_section.md)
------
#### [ .NET ]
**SDK for .NET**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples).
```
///
/// Get information about an Amazon EC2 key pair.
///
/// The name of the key pair.
/// A list of key pair information.
public async Task> DescribeKeyPairs(string keyPairName)
{
try
{
var request = new DescribeKeyPairsRequest();
if (!string.IsNullOrEmpty(keyPairName))
{
request = new DescribeKeyPairsRequest
{
KeyNames = new List { keyPairName }
};
}
var response = await _amazonEC2.DescribeKeyPairsAsync(request);
return response.KeyPairs.ToList();
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidKeyPair.NotFound")
{
_logger.LogError(
$"A key pair called {keyPairName} does not exist.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while describing the key pair.: {ex.Message}");
throw;
}
}
```
+ For API details, see [DescribeKeyPairs](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeKeyPairs) in *AWS SDK for .NET API Reference*.
------
#### [ Bash ]
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples).
```
###############################################################################
# function ec2_describe_key_pairs
#
# This function describes one or more Amazon Elastic Compute Cloud (Amazon EC2) key pairs.
#
# Parameters:
# -h - Display help.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_describe_key_pairs() {
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_describe_key_pairs"
echo "Describes one or more Amazon Elastic Compute Cloud (Amazon EC2) key pairs."
echo " -h - Display help."
echo ""
}
# Retrieve the calling parameters.
while getopts "h" option; do
case "${option}" in
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
local response
response=$(aws ec2 describe-key-pairs \
--query 'KeyPairs[*].[KeyName, KeyFingerprint]' \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports describe-key-pairs operation failed.$response"
return 1
}
echo "$response"
return 0
}
```
The utility functions used in this example.
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ For API details, see [DescribeKeyPairs](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeKeyPairs) in *AWS CLI Command Reference*.
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples).
```
//! Describe all Amazon Elastic Compute Cloud (Amazon EC2) instance key pairs.
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::describeKeyPairs(
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeKeyPairsRequest request;
Aws::EC2::Model::DescribeKeyPairsOutcome outcome = ec2Client.DescribeKeyPairs(request);
if (outcome.IsSuccess()) {
std::cout << std::left <<
std::setw(32) << "Name" <<
std::setw(64) << "Fingerprint" << std::endl;
const std::vector &key_pairs =
outcome.GetResult().GetKeyPairs();
for (const auto &key_pair: key_pairs) {
std::cout << std::left <<
std::setw(32) << key_pair.GetKeyName() <<
std::setw(64) << key_pair.GetKeyFingerprint() << std::endl;
}
} else {
std::cerr << "Failed to describe key pairs:" <<
outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ For API details, see [DescribeKeyPairs](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeKeyPairs) in *AWS SDK for C\$1\$1 API Reference*.
------
#### [ CLI ]
**AWS CLI**
**To display a key pair**
The following `describe-key-pairs` example displays information about the specified key pair.
```
aws ec2 describe-key-pairs \
--key-names my-key-pair
```
Output:
```
{
"KeyPairs": [
{
"KeyPairId": "key-0b94643da6EXAMPLE",
"KeyFingerprint": "1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f",
"KeyName": "my-key-pair",
"KeyType": "rsa",
"Tags": [],
"CreateTime": "2022-05-27T21:51:16.000Z"
}
]
}
```
For more information, see [Describe public keys](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/describe-keys.html) in the *Amazon EC2 User Guide*.
+ For API details, see [DescribeKeyPairs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-key-pairs.html) in *AWS CLI Command Reference*.
------
#### [ Java ]
**SDK for Java 2.x**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples).
```
/**
* Asynchronously describes the key pairs associated with the current AWS account.
*
* @return a {@link CompletableFuture} containing the {@link DescribeKeyPairsResponse} object, which provides
* information about the key pairs.
*/
public CompletableFuture describeKeysAsync() {
CompletableFuture responseFuture = getAsyncClient().describeKeyPairs();
responseFuture.whenComplete((response, exception) -> {
if (exception != null) {
throw new RuntimeException("Failed to describe key pairs: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
```
+ For API details, see [DescribeKeyPairs](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeKeyPairs) in *AWS SDK for Java 2.x API Reference*.
------
#### [ JavaScript ]
**SDK for JavaScript (v3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples).
```
import { DescribeKeyPairsCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* List all key pairs in the current AWS account.
* @param {{ dryRun: boolean }}
*/
export const main = async ({ dryRun }) => {
const client = new EC2Client({});
const command = new DescribeKeyPairsCommand({ DryRun: dryRun });
try {
const { KeyPairs } = await client.send(command);
const keyPairList = KeyPairs.map(
(kp) => ` • ${kp.KeyPairId}: ${kp.KeyName}`,
).join("\n");
console.log("The following key pairs were found in your account:");
console.log(keyPairList);
} catch (caught) {
if (caught instanceof Error && caught.name === "DryRunOperation") {
console.log(`${caught.message}`);
} else {
throw caught;
}
}
};
```
+ For API details, see [DescribeKeyPairs](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeKeyPairsCommand) in *AWS SDK for JavaScript API Reference*.
------
#### [ Kotlin ]
**SDK for Kotlin**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples).
```
suspend fun describeEC2Keys() {
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeKeyPairs(DescribeKeyPairsRequest {})
response.keyPairs?.forEach { keyPair ->
println("Found key pair with name ${keyPair.keyName} and fingerprint ${ keyPair.keyFingerprint}")
}
}
}
```
+ For API details, see [DescribeKeyPairs](https://sdk.amazonaws.com/kotlin/api/latest/index.html) in *AWS SDK for Kotlin API reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This example describes the specified key pair.**
```
Get-EC2KeyPair -KeyName my-key-pair
```
**Output:**
```
KeyFingerprint KeyName
-------------- -------
1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f my-key-pair
```
**Example 2: This example describes all your key pairs.**
```
Get-EC2KeyPair
```
+ For API details, see [DescribeKeyPairs](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This example describes the specified key pair.**
```
Get-EC2KeyPair -KeyName my-key-pair
```
**Output:**
```
KeyFingerprint KeyName
-------------- -------
1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f my-key-pair
```
**Example 2: This example describes all your key pairs.**
```
Get-EC2KeyPair
```
+ For API details, see [DescribeKeyPairs](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------
#### [ Python ]
**SDK for Python (Boto3)**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples).
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def list(self, limit: Optional[int] = None) -> None:
"""
Displays a list of key pairs for the current account.
WARNING: Results are not paginated.
:param limit: The maximum number of key pairs to list. If not specified,
all key pairs will be listed.
:raises ClientError: If there is an error in listing the key pairs.
"""
try:
response = self.ec2_client.describe_key_pairs()
key_pairs = response.get("KeyPairs", [])
if limit:
key_pairs = key_pairs[:limit]
for key_pair in key_pairs:
logger.info(
f"Found {key_pair['KeyType']} key '{key_pair['KeyName']}' with fingerprint:"
)
logger.info(f"\t{key_pair['KeyFingerprint']}")
except ClientError as err:
logger.error(f"Failed to list key pairs: {str(err)}")
raise
```
+ For API details, see [DescribeKeyPairs](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeKeyPairs) in *AWS SDK for Python (Boto3) API Reference*.
------
#### [ Rust ]
**SDK for Rust**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples).
```
pub async fn list_key_pair(&self) -> Result, EC2Error> {
let output = self.client.describe_key_pairs().send().await?;
Ok(output.key_pairs.unwrap_or_default())
}
```
+ For API details, see [DescribeKeyPairs](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_key_pairs) in *AWS SDK for Rust API reference*.
------
#### [ SAP ABAP ]
**SDK for SAP ABAP**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples).
```
TRY.
oo_result = lo_ec2->describekeypairs( ). " oo_result is returned for testing purposes. "
DATA(lt_key_pairs) = oo_result->get_keypairs( ).
MESSAGE 'Retrieved information about key pairs.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ For API details, see [DescribeKeyPairs](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in *AWS SDK for SAP ABAP API reference*.
------
#### [ Swift ]
**SDK for Swift**
There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples).
```
import AWSEC2
/// Describe the key pairs associated with the user by outputting each key
/// pair's name and fingerprint.
func describeKeyPairs() async {
do {
let output = try await ec2Client.describeKeyPairs(
input: DescribeKeyPairsInput()
)
guard let keyPairs = output.keyPairs else {
print("*** No key pairs list available.")
return
}
for keyPair in keyPairs {
print(keyPair.keyName ?? "", ":", keyPair.keyFingerprint ?? "