Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
Gunakan CreateSecurityGroup
dengan AWS SDK atau CLI
Contoh kode berikut menunjukkan cara menggunakanCreateSecurityGroup
.
Contoh tindakan adalah kutipan kode dari program yang lebih besar dan harus dijalankan dalam konteks. Anda dapat melihat tindakan ini dalam konteks dalam contoh kode berikut:
- .NET
-
- AWS SDK for .NET
-
catatan
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara pengaturan dan menjalankannya di Repositori Contoh Kode AWS
. /// <summary> /// Create an Amazon EC2 security group with a specified name and description. /// </summary> /// <param name="groupName">The name for the new security group.</param> /// <param name="groupDescription">A description of the new security group.</param> /// <returns>The group Id of the new security group.</returns> public async Task<string> CreateSecurityGroup(string groupName, string groupDescription) { try { var response = await _amazonEC2.CreateSecurityGroupAsync( new CreateSecurityGroupRequest(groupName, groupDescription)); // Wait until the security group exists. int retries = 5; while (retries-- > 0) { var groups = await DescribeSecurityGroups(response.GroupId); if (groups.Any()) { return response.GroupId; } Thread.Sleep(5000); retries--; } _logger.LogError($"Unable to find newly created group {groupName}."); throw new DoesNotExistException("security group not found"); } catch (AmazonEC2Exception ec2Exception) { if (ec2Exception.ErrorCode == "ResourceAlreadyExists") { _logger.LogError( $"A security group with the name {groupName} already exists. {ec2Exception.Message}"); } throw; } catch (Exception ex) { _logger.LogError( $"An error occurred while creating the security group.: {ex.Message}"); throw; } }
-
Untuk API detailnya, lihat CreateSecurityGroupdi AWS SDK for .NET APIReferensi.
-
- Bash
-
- AWS CLI dengan skrip Bash
-
catatan
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara pengaturan dan menjalankannya di Repositori Contoh Kode AWS
. ############################################################################### # function ec2_create_security_group # # This function creates an Amazon Elastic Compute Cloud (Amazon EC2) security group. # # Parameters: # -n security_group_name - The name of the security group. # -d security_group_description - The description of the security group. # # Returns: # The ID of the created security group, or an error message if the operation fails. # And: # 0 - If successful. # 1 - If it fails. # ############################################################################### function ec2_create_security_group() { local security_group_name security_group_description response # Function to display usage information function usage() { echo "function ec2_create_security_group" echo "Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group." echo " -n security_group_name - The name of the security group." echo " -d security_group_description - The description of the security group." echo "" } # Parse the command-line arguments while getopts "n:d:h" option; do case "${option}" in n) security_group_name="${OPTARG}" ;; d) security_group_description="${OPTARG}" ;; h) usage return 0 ;; \?) echo "Invalid parameter" usage return 1 ;; esac done export OPTIND=1 # Validate the input parameters if [[ -z "$security_group_name" ]]; then errecho "ERROR: You must provide a security group name with the -n parameter." return 1 fi if [[ -z "$security_group_description" ]]; then errecho "ERROR: You must provide a security group description with the -d parameter." return 1 fi # Create the security group response=$(aws ec2 create-security-group \ --group-name "$security_group_name" \ --description "$security_group_description" \ --query "GroupId" \ --output text) || { aws_cli_error_log ${?} errecho "ERROR: AWS reports create-security-group operation failed." errecho "$response" return 1 } echo "$response" return 0 }
Fungsi utilitas yang digunakan dalam contoh ini.
############################################################################### # function errecho # # This function outputs everything sent to it to STDERR (standard error output). ############################################################################### function errecho() { printf "%s\n" "$*" 1>&2 } ############################################################################## # function aws_cli_error_log() # # This function is used to log the error messages from the AWS CLI. # # The function expects the following argument: # $1 - The error code returned by the AWS CLI. # # Returns: # 0: - Success. # ############################################################################## function aws_cli_error_log() { local err_code=$1 errecho "Error code : $err_code" if [ "$err_code" == 1 ]; then errecho " One or more S3 transfers failed." elif [ "$err_code" == 2 ]; then errecho " Command line failed to parse." elif [ "$err_code" == 130 ]; then errecho " Process received SIGINT." elif [ "$err_code" == 252 ]; then errecho " Command syntax invalid." elif [ "$err_code" == 253 ]; then errecho " The system environment or configuration was invalid." elif [ "$err_code" == 254 ]; then errecho " The service returned an error." elif [ "$err_code" == 255 ]; then errecho " 255 is a catch-all error." fi return 0 }
-
Untuk API detailnya, lihat CreateSecurityGroupdi Referensi AWS CLI Perintah.
-
- C++
-
- SDKuntuk C ++
-
catatan
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara pengaturan dan menjalankannya di Repositori Contoh Kode AWS
. //! Create a security group. /*! \param groupName: A security group name. \param description: A description. \param vpcID: A virtual private cloud (VPC) ID. \param[out] groupIDResult: A string to receive the group ID. \param clientConfiguration: AWS client configuration. \return bool: Function succeeded. */ bool AwsDoc::EC2::createSecurityGroup(const Aws::String &groupName, const Aws::String &description, const Aws::String &vpcID, Aws::String &groupIDResult, const Aws::Client::ClientConfiguration &clientConfiguration) { Aws::EC2::EC2Client ec2Client(clientConfiguration); Aws::EC2::Model::CreateSecurityGroupRequest request; request.SetGroupName(groupName); request.SetDescription(description); request.SetVpcId(vpcID); const Aws::EC2::Model::CreateSecurityGroupOutcome outcome = ec2Client.CreateSecurityGroup(request); if (!outcome.IsSuccess()) { std::cerr << "Failed to create security group:" << outcome.GetError().GetMessage() << std::endl; return false; } std::cout << "Successfully created security group named " << groupName << std::endl; groupIDResult = outcome.GetResult().GetGroupId(); return true; }
-
Untuk API detailnya, lihat CreateSecurityGroupdi AWS SDK for C++ APIReferensi.
-
- CLI
-
- AWS CLI
-
Untuk membuat grup keamanan untuk EC2 -Classic
Contoh ini membuat grup keamanan bernama
MySecurityGroup
.Perintah:
aws ec2 create-security-group --group-name
MySecurityGroup
--description"My security group"
Output:
{ "GroupId": "sg-903004f8" }
Untuk membuat grup keamanan untuk EC2 - VPC
Contoh ini membuat grup keamanan bernama
MySecurityGroup
untuk yang ditentukanVPC.Perintah:
aws ec2 create-security-group --group-name
MySecurityGroup
--description"My security group"
--vpc-idvpc-1a2b3c4d
Output:
{ "GroupId": "sg-903004f8" }
Untuk informasi selengkapnya, lihat Menggunakan Grup Keamanan di Panduan Pengguna Antarmuka Baris Perintah AWS .
-
Untuk API detailnya, lihat CreateSecurityGroup
di Referensi AWS CLI Perintah.
-
- Java
-
- SDKuntuk Java 2.x
-
catatan
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara pengaturan dan menjalankannya di Repositori Contoh Kode AWS
. /** * Creates a new security group asynchronously with the specified group name, description, and VPC ID. It also * authorizes inbound traffic on ports 80 and 22 from the specified IP address. * * @param groupName the name of the security group to create * @param groupDesc the description of the security group * @param vpcId the ID of the VPC in which to create the security group * @param myIpAddress the IP address from which to allow inbound traffic (e.g., "192.168.1.1/0" to allow traffic from * any IP address in the 192.168.1.0/24 subnet) * @return a CompletableFuture that, when completed, returns the ID of the created security group * @throws RuntimeException if there was a failure creating the security group or authorizing the inbound traffic */ public CompletableFuture<String> createSecurityGroupAsync(String groupName, String groupDesc, String vpcId, String myIpAddress) { CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder() .groupName(groupName) .description(groupDesc) .vpcId(vpcId) .build(); return getAsyncClient().createSecurityGroup(createRequest) .thenCompose(createResponse -> { String groupId = createResponse.groupId(); IpRange ipRange = IpRange.builder() .cidrIp(myIpAddress + "/32") .build(); IpPermission ipPerm = IpPermission.builder() .ipProtocol("tcp") .toPort(80) .fromPort(80) .ipRanges(ipRange) .build(); IpPermission ipPerm2 = IpPermission.builder() .ipProtocol("tcp") .toPort(22) .fromPort(22) .ipRanges(ipRange) .build(); AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder() .groupName(groupName) .ipPermissions(ipPerm, ipPerm2) .build(); return getAsyncClient().authorizeSecurityGroupIngress(authRequest) .thenApply(authResponse -> groupId); }) .whenComplete((result, exception) -> { if (exception != null) { if (exception instanceof CompletionException && exception.getCause() instanceof Ec2Exception) { throw (Ec2Exception) exception.getCause(); } else { throw new RuntimeException("Failed to create security group: " + exception.getMessage(), exception); } } }); }
-
Untuk API detailnya, lihat CreateSecurityGroupdi AWS SDK for Java 2.x APIReferensi.
-
- JavaScript
-
- SDKuntuk JavaScript (v3)
-
catatan
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara pengaturan dan menjalankannya di Repositori Contoh Kode AWS
. import { CreateSecurityGroupCommand, EC2Client } from "@aws-sdk/client-ec2"; /** * Creates a security group. * @param {{ groupName: string, description: string }} options */ export const main = async ({ groupName, description }) => { const client = new EC2Client({}); const command = new CreateSecurityGroupCommand({ // Up to 255 characters in length. Cannot start with sg-. GroupName: groupName, // Up to 255 characters in length. Description: description, }); try { const { GroupId } = await client.send(command); console.log(GroupId); } catch (caught) { if (caught instanceof Error && caught.name === "InvalidParameterValue") { console.warn(`${caught.message}.`); } else { throw caught; } } };
-
Untuk API detailnya, lihat CreateSecurityGroupdi AWS SDK for JavaScript APIReferensi.
-
- Kotlin
-
- SDKuntuk Kotlin
-
catatan
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara pengaturan dan menjalankannya di Repositori Contoh Kode AWS
. suspend fun createEC2SecurityGroup( groupNameVal: String?, groupDescVal: String?, vpcIdVal: String?, ): String? { val request = CreateSecurityGroupRequest { groupName = groupNameVal description = groupDescVal vpcId = vpcIdVal } Ec2Client { region = "us-west-2" }.use { ec2 -> val resp = ec2.createSecurityGroup(request) val ipRange = IpRange { cidrIp = "0.0.0.0/0" } val ipPerm = IpPermission { ipProtocol = "tcp" toPort = 80 fromPort = 80 ipRanges = listOf(ipRange) } val ipPerm2 = IpPermission { ipProtocol = "tcp" toPort = 22 fromPort = 22 ipRanges = listOf(ipRange) } val authRequest = AuthorizeSecurityGroupIngressRequest { groupName = groupNameVal ipPermissions = listOf(ipPerm, ipPerm2) } ec2.authorizeSecurityGroupIngress(authRequest) println("Successfully added ingress policy to Security Group $groupNameVal") return resp.groupId } }
-
Untuk API detailnya, lihat CreateSecurityGroup AWS
SDKAPIreferensi Kotlin.
-
- PowerShell
-
- Alat untuk PowerShell
-
Contoh 1: Contoh ini membuat grup keamanan untuk yang ditentukanVPC.
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group" -VpcId vpc-12345678
Output:
sg-12345678
Contoh 2: Contoh ini membuat grup keamanan untuk EC2 -Classic.
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group"
Output:
sg-45678901
-
Untuk API detailnya, lihat CreateSecurityGroupdi AWS Tools for PowerShell Referensi Cmdlet.
-
- Python
-
- SDKuntuk Python (Boto3)
-
catatan
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara pengaturan dan menjalankannya di Repositori Contoh Kode AWS
. class SecurityGroupWrapper: """Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions.""" def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None): """ Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID. :param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level access to AWS EC2 services. :param security_group: The ID of a security group to manage. This is a high-level identifier that represents the security group. """ self.ec2_client = ec2_client self.security_group = security_group @classmethod def from_client(cls) -> "SecurityGroupWrapper": """ Creates a SecurityGroupWrapper instance with a default EC2 client. :return: An instance of SecurityGroupWrapper initialized with the default EC2 client. """ ec2_client = boto3.client("ec2") return cls(ec2_client) def create(self, group_name: str, group_description: str) -> str: """ Creates a security group in the default virtual private cloud (VPC) of the current account. :param group_name: The name of the security group to create. :param group_description: The description of the security group to create. :return: The ID of the newly created security group. :raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists """ try: response = self.ec2_client.create_security_group( GroupName=group_name, Description=group_description ) self.security_group = response["GroupId"] except ClientError as err: if err.response["Error"]["Code"] == "ResourceAlreadyExists": logger.error( f"Security group '{group_name}' already exists. Please choose a different name." ) raise else: return self.security_group
-
Untuk API detailnya, lihat CreateSecurityGroup AWSSDKReferensi Python (Boto3). API
-
- Ruby
-
- SDKuntuk Ruby
-
catatan
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara pengaturan dan menjalankannya di Repositori Contoh Kode AWS
. # This code example does the following: # 1. Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group. # 2. Adds inbound rules to the security group. # 3. Displays information about available security groups. # 4. Deletes the security group. require 'aws-sdk-ec2' # Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group. # # Prerequisites: # # - A VPC in Amazon Virtual Private Cloud (Amazon VPC). # # @param ec2_client [Aws::EC2::Client] An initialized # Amazon EC2 client. # @param group_name [String] A name for the security group. # @param description [String] A description for the security group. # @param vpc_id [String] The ID of the VPC for the security group. # @return [String] The ID of security group that was created. # @example # puts create_security_group( # Aws::EC2::Client.new(region: 'us-west-2'), # 'my-security-group', # 'This is my security group.', # 'vpc-6713dfEX' # ) def create_security_group(ec2_client, group_name, description, vpc_id) security_group = ec2_client.create_security_group( group_name: group_name, description: description, vpc_id: vpc_id ) puts "Created security group '#{group_name}' with ID " \ "'#{security_group.group_id}' in VPC with ID '#{vpc_id}'." security_group.group_id rescue StandardError => e puts "Error creating security group: #{e.message}" 'Error' end # Adds an inbound rule to an Amazon Elastic Compute Cloud (Amazon EC2) # security group. # # Prerequisites: # # - The security group. # # @param ec2_client [Aws::EC2::Client] An initialized Amazon EC2 client. # @param security_group_id [String] The ID of the security group. # @param ip_protocol [String] The network protocol for the inbound rule. # @param from_port [String] The originating port for the inbound rule. # @param to_port [String] The destination port for the inbound rule. # @param cidr_ip_range [String] The CIDR IP range for the inbound rule. # @return # @example # exit 1 unless security_group_ingress_authorized?( # Aws::EC2::Client.new(region: 'us-west-2'), # 'sg-030a858e078f1b9EX', # 'tcp', # '80', # '80', # '0.0.0.0/0' # ) def security_group_ingress_authorized?( ec2_client, security_group_id, ip_protocol, from_port, to_port, cidr_ip_range ) ec2_client.authorize_security_group_ingress( group_id: security_group_id, ip_permissions: [ { ip_protocol: ip_protocol, from_port: from_port, to_port: to_port, ip_ranges: [ { cidr_ip: cidr_ip_range } ] } ] ) puts "Added inbound rule to security group '#{security_group_id}' for protocol " \ "'#{ip_protocol}' from port '#{from_port}' to port '#{to_port}' " \ "with CIDR IP range '#{cidr_ip_range}'." true rescue StandardError => e puts "Error adding inbound rule to security group: #{e.message}" false end # Refactored method to simplify complexity for describing security group permissions def format_port_information(perm) from_port_str = perm.from_port == '-1' || perm.from_port == -1 ? 'All' : perm.from_port.to_s to_port_str = perm.to_port == '-1' || perm.to_port == -1 ? 'All' : perm.to_port.to_s { from_port: from_port_str, to_port: to_port_str } end # Displays information about a security group's IP permissions set in # Amazon Elastic Compute Cloud (Amazon EC2). def describe_security_group_permissions(perm) ports = format_port_information(perm) print " Protocol: #{perm.ip_protocol == '-1' ? 'All' : perm.ip_protocol}" print ", From: #{ports[:from_port]}, To: #{ports[:to_port]}" print ", CIDR IPv6: #{perm.ipv_6_ranges[0].cidr_ipv_6}" if perm.key?(:ipv_6_ranges) && perm.ipv_6_ranges.count.positive? print ", CIDR IPv4: #{perm.ip_ranges[0].cidr_ip}" if perm.key?(:ip_ranges) && perm.ip_ranges.count.positive? print "\n" end # Displays information about available security groups in # Amazon Elastic Compute Cloud (Amazon EC2). def describe_security_groups(ec2_client) response = ec2_client.describe_security_groups if response.security_groups.count.positive? response.security_groups.each do |sg| display_group_details(sg) end else puts 'No security groups found.' end rescue StandardError => e puts "Error getting information about security groups: #{e.message}" end # Helper method to display the details of security groups def display_group_details(sg) puts '-' * (sg.group_name.length + 13) puts "Name: #{sg.group_name}" puts "Description: #{sg.description}" puts "Group ID: #{sg.group_id}" puts "Owner ID: #{sg.owner_id}" puts "VPC ID: #{sg.vpc_id}" display_group_tags(sg.tags) if sg.tags.count.positive? display_group_permissions(sg) end def display_group_tags(tags) puts 'Tags:' tags.each do |tag| puts " Key: #{tag.key}, Value: #{tag.value}" end end def display_group_permissions(sg) if sg.ip_permissions.count.positive? puts 'Inbound rules:' sg.ip_permissions.each do |p| describe_security_group_permissions(p) end end return if sg.ip_permissions_egress.empty? puts 'Outbound rules:' sg.ip_permissions_egress.each do |p| describe_security_group_permissions(p) end end # Deletes an Amazon Elastic Compute Cloud (Amazon EC2) # security group. def security_group_deleted?(ec2_client, security_group_id) ec2_client.delete_security_group(group_id: security_group_id) puts "Deleted security group '#{security_group_id}'." true rescue StandardError => e puts "Error deleting security group: #{e.message}" false end # Example usage with refactored run_me to reduce complexity def run_me group_name, description, vpc_id, ip_protocol_http, from_port_http, to_port_http, \ cidr_ip_range_http, ip_protocol_ssh, from_port_ssh, to_port_ssh, \ cidr_ip_range_ssh, region = process_arguments ec2_client = Aws::EC2::Client.new(region: region) security_group_id = attempt_create_security_group(ec2_client, group_name, description, vpc_id) security_group_exists = security_group_id != 'Error' if security_group_exists add_inbound_rules(ec2_client, security_group_id, ip_protocol_http, from_port_http, to_port_http, cidr_ip_range_http) add_inbound_rules(ec2_client, security_group_id, ip_protocol_ssh, from_port_ssh, to_port_ssh, cidr_ip_range_ssh) end describe_security_groups(ec2_client) attempt_delete_security_group(ec2_client, security_group_id) if security_group_exists end def process_arguments if ARGV[0] == '--help' || ARGV[0] == '-h' display_help exit 1 elsif ARGV.count.zero? default_values else ARGV end end def attempt_create_security_group(ec2_client, group_name, description, vpc_id) puts 'Attempting to create security group...' security_group_id = create_security_group(ec2_client, group_name, description, vpc_id) puts 'Could not create security group. Skipping this step.' if security_group_id == 'Error' security_group_id end def add_inbound_rules(ec2_client, security_group_id, ip_protocol, from_port, to_port, cidr_ip_range) puts 'Attempting to add inbound rules to security group...' return if security_group_ingress_authorized?(ec2_client, security_group_id, ip_protocol, from_port, to_port, cidr_ip_range) puts 'Could not add inbound rule to security group. Skipping this step.' end def attempt_delete_security_group(ec2_client, security_group_id) puts "\nAttempting to delete security group..." return if security_group_deleted?(ec2_client, security_group_id) puts 'Could not delete security group. You must delete it yourself.' end def display_help puts 'Usage: ruby ec2-ruby-example-security-group.rb ' \ 'GROUP_NAME DESCRIPTION VPC_ID IP_PROTOCOL_1 FROM_PORT_1 TO_PORT_1 ' \ 'CIDR_IP_RANGE_1 IP_PROTOCOL_2 FROM_PORT_2 TO_PORT_2 ' \ 'CIDR_IP_RANGE_2 REGION' puts 'Example: ruby ec2-ruby-example-security-group.rb ' \ "my-security-group 'This is my security group.' vpc-6713dfEX " \ "tcp 80 80 '0.0.0.0/0' tcp 22 22 '0.0.0.0/0' us-west-2" end def default_values [ 'my-security-group', 'This is my security group.', 'vpc-6713dfEX', 'tcp', '80', '80', '0.0.0.0/0', 'tcp', '22', '22', '0.0.0.0/0', 'us-west-2' ] end run_me if $PROGRAM_NAME == __FILE__
-
Untuk API detailnya, lihat CreateSecurityGroupdi AWS SDK for Ruby APIReferensi.
-
- Rust
-
- SDKuntuk Rust
-
catatan
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara pengaturan dan menjalankannya di Repositori Contoh Kode AWS
. pub async fn create_security_group( &self, name: &str, description: &str, ) -> Result<SecurityGroup, EC2Error> { tracing::info!("Creating security group {name}"); let create_output = self .client .create_security_group() .group_name(name) .description(description) .send() .await .map_err(EC2Error::from)?; let group_id = create_output .group_id .ok_or_else(|| EC2Error::new("Missing security group id after creation"))?; let group = self .describe_security_group(&group_id) .await? .ok_or_else(|| { EC2Error::new(format!("Could not find security group with id {group_id}")) })?; tracing::info!("Created security group {name} as {group_id}"); Ok(group) }
-
Untuk API detailnya, lihat CreateSecurityGroup AWS
SDKAPIreferensi Rust.
-
- SAP ABAP
-
- SDKuntuk SAP ABAP
-
catatan
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara pengaturan dan menjalankannya di Repositori Contoh Kode AWS
. TRY. oo_result = lo_ec2->createsecuritygroup( " oo_result is returned for testing purposes. " iv_description = 'Security group example' iv_groupname = iv_security_group_name iv_vpcid = iv_vpc_id ). MESSAGE 'Security group created.' TYPE 'I'. CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception). DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|. MESSAGE lv_error TYPE 'E'. ENDTRY.
-
Untuk API detailnya, lihat CreateSecurityGroup AWSSDKuntuk SAP ABAP API referensi.
-
Untuk daftar lengkap panduan AWS SDK pengembang dan contoh kode, lihatMembuat EC2 sumber daya Amazon menggunakan AWS SDK. Topik ini juga mencakup informasi tentang memulai dan detail tentang SDK versi sebelumnya.