responseFuture = getAsyncClient().runInstances(runRequest);
return responseFuture.thenCompose(response -> {
String instanceIdVal = response.instances().get(0).instanceId();
System.out.println("Going to start an EC2 instance and use a waiter to wait for it to be in running state");
return getAsyncClient().waiter()
.waitUntilInstanceExists(r -> r.instanceIds(instanceIdVal))
.thenCompose(waitResponse -> getAsyncClient().waiter()
.waitUntilInstanceRunning(r -> r.instanceIds(instanceIdVal))
.thenApply(runningResponse -> instanceIdVal));
}).exceptionally(throwable -> {
// Handle any exceptions that occurred during the async call
throw new RuntimeException("Failed to run EC2 instance: " + throwable.getMessage(), throwable);
});
}
/**
* Asynchronously retrieves the instance types available in the current AWS region.
*
* This method uses the AWS SDK's asynchronous API to fetch the available instance types
* and then processes the response. It logs the memory information, network information,
* and instance type for each instance type returned. Additionally, it returns a
* {@link CompletableFuture} that resolves to the instance type string for the "t2.2xlarge"
* instance type, if it is found in the response. If the "t2.2xlarge" instance type is not
* found, an empty string is returned.
*
*
* @return a {@link CompletableFuture} that resolves to the instance type string for the
* "t2.2xlarge" instance type, or an empty string if the instance type is not found
*/
public CompletableFuture getInstanceTypesAsync() {
DescribeInstanceTypesRequest typesRequest = DescribeInstanceTypesRequest.builder()
.maxResults(10)
.build();
CompletableFuture response = getAsyncClient().describeInstanceTypes(typesRequest);
response.whenComplete((resp, ex) -> {
if (resp != null) {
List instanceTypes = resp.instanceTypes();
for (InstanceTypeInfo type : instanceTypes) {
logger.info("The memory information of this type is " + type.memoryInfo().sizeInMiB());
logger.info("Network information is " + type.networkInfo().toString());
logger.info("Instance type is " + type.instanceType().toString());
}
} else {
throw (RuntimeException) ex;
}
});
return response.thenApply(resp -> {
for (InstanceTypeInfo type : resp.instanceTypes()) {
String instanceType = type.instanceType().toString();
if (instanceType.equals("t2.2xlarge")) {
return instanceType;
}
}
return "";
});
}
/**
* Asynchronously describes an AWS EC2 image with the specified image ID.
*
* @param imageId the ID of the image to be described
* @return a {@link CompletableFuture} that, when completed, contains the ID of the described image
* @throws RuntimeException if no images are found with the provided image ID, or if an error occurs during the AWS API call
*/
public CompletableFuture describeImageAsync(String imageId) {
DescribeImagesRequest imagesRequest = DescribeImagesRequest.builder()
.imageIds(imageId)
.build();
AtomicReference imageIdRef = new AtomicReference<>();
DescribeImagesPublisher paginator = getAsyncClient().describeImagesPaginator(imagesRequest);
return paginator.subscribe(response -> {
response.images().stream()
.filter(image -> image.imageId().equals(imageId))
.findFirst()
.ifPresent(image -> {
logger.info("The description of the image is " + image.description());
logger.info("The name of the image is " + image.name());
imageIdRef.set(image.imageId());
});
}).thenApply(v -> {
String id = imageIdRef.get();
if (id == null) {
throw new RuntimeException("No images found with the provided image ID.");
}
return id;
}).exceptionally(ex -> {
logger.info("Failed to describe image: " + ex.getMessage());
throw new RuntimeException("Failed to describe image", ex);
});
}
/**
* Retrieves the parameter values asynchronously using the AWS Systems Manager (SSM) API.
*
* @return a {@link CompletableFuture} that holds the response from the SSM API call to get parameters by path
*/
public CompletableFuture getParaValuesAsync() {
SsmAsyncClient ssmClient = SsmAsyncClient.builder()
.region(Region.US_EAST_1)
.build();
GetParametersByPathRequest parameterRequest = GetParametersByPathRequest.builder()
.path("/aws/service/ami-amazon-linux-latest")
.build();
// Create a CompletableFuture to hold the final result.
CompletableFuture responseFuture = new CompletableFuture<>();
ssmClient.getParametersByPath(parameterRequest)
.whenComplete((response, exception) -> {
if (exception != null) {
responseFuture.completeExceptionally(new RuntimeException("Failed to get parameters by path", exception));
} else {
responseFuture.complete(response);
}
});
return responseFuture;
}
/**
* Asynchronously describes the security groups for the specified group ID.
*
* @param groupName the name of the security group to describe
* @return a {@link CompletableFuture} that represents the asynchronous operation
* of describing the security groups. The future will complete with a
* {@link DescribeSecurityGroupsResponse} object that contains the
* security group information.
*/
public CompletableFuture describeSecurityGroupArnByNameAsync(String groupName) {
DescribeSecurityGroupsRequest request = DescribeSecurityGroupsRequest.builder()
.groupNames(groupName)
.build();
DescribeSecurityGroupsPublisher paginator = getAsyncClient().describeSecurityGroupsPaginator(request);
AtomicReference groupIdRef = new AtomicReference<>();
return paginator.subscribe(response -> {
response.securityGroups().stream()
.filter(securityGroup -> securityGroup.groupName().equals(groupName))
.findFirst()
.ifPresent(securityGroup -> groupIdRef.set(securityGroup.groupId()));
}).thenApply(v -> {
String groupId = groupIdRef.get();
if (groupId == null) {
throw new RuntimeException("No security group found with the name: " + groupName);
}
return groupId;
}).exceptionally(ex -> {
logger.info("Failed to describe security group: " + ex.getMessage());
throw new RuntimeException("Failed to describe security group", ex);
});
}
/**
* Creates a new security group asynchronously with the specified group name, description, and VPC ID. It also
* authorizes inbound traffic on ports 80 and 22 from the specified IP address.
*
* @param groupName the name of the security group to create
* @param groupDesc the description of the security group
* @param vpcId the ID of the VPC in which to create the security group
* @param myIpAddress the IP address from which to allow inbound traffic (e.g., "192.168.1.1/0" to allow traffic from
* any IP address in the 192.168.1.0/24 subnet)
* @return a CompletableFuture that, when completed, returns the ID of the created security group
* @throws RuntimeException if there was a failure creating the security group or authorizing the inbound traffic
*/
public CompletableFuture createSecurityGroupAsync(String groupName, String groupDesc, String vpcId, String myIpAddress) {
CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder()
.groupName(groupName)
.description(groupDesc)
.vpcId(vpcId)
.build();
return getAsyncClient().createSecurityGroup(createRequest)
.thenCompose(createResponse -> {
String groupId = createResponse.groupId();
IpRange ipRange = IpRange.builder()
.cidrIp(myIpAddress + "/32")
.build();
IpPermission ipPerm = IpPermission.builder()
.ipProtocol("tcp")
.toPort(80)
.fromPort(80)
.ipRanges(ipRange)
.build();
IpPermission ipPerm2 = IpPermission.builder()
.ipProtocol("tcp")
.toPort(22)
.fromPort(22)
.ipRanges(ipRange)
.build();
AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder()
.groupName(groupName)
.ipPermissions(ipPerm, ipPerm2)
.build();
return getAsyncClient().authorizeSecurityGroupIngress(authRequest)
.thenApply(authResponse -> groupId);
})
.whenComplete((result, exception) -> {
if (exception != null) {
if (exception instanceof CompletionException && exception.getCause() instanceof Ec2Exception) {
throw (Ec2Exception) exception.getCause();
} else {
throw new RuntimeException("Failed to create security group: " + exception.getMessage(), exception);
}
}
});
}
/**
* Asynchronously describes the key pairs associated with the current AWS account.
*
* @return a {@link CompletableFuture} containing the {@link DescribeKeyPairsResponse} object, which provides
* information about the key pairs.
*/
public CompletableFuture describeKeysAsync() {
CompletableFuture responseFuture = getAsyncClient().describeKeyPairs();
responseFuture.whenComplete((response, exception) -> {
if (exception != null) {
throw new RuntimeException("Failed to describe key pairs: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
/**
* Creates a new key pair asynchronously.
*
* @param keyName the name of the key pair to create
* @param fileName the name of the file to write the key material to
* @return a {@link CompletableFuture} that represents the asynchronous operation
* of creating the key pair and writing the key material to a file
*/
public CompletableFuture createKeyPairAsync(String keyName, String fileName) {
CreateKeyPairRequest request = CreateKeyPairRequest.builder()
.keyName(keyName)
.build();
CompletableFuture responseFuture = getAsyncClient().createKeyPair(request);
responseFuture.whenComplete((response, exception) -> {
if (response != null) {
try {
BufferedWriter writer = new BufferedWriter(new FileWriter(fileName));
writer.write(response.keyMaterial());
writer.close();
} catch (IOException e) {
throw new RuntimeException("Failed to write key material to file: " + e.getMessage(), e);
}
} else {
throw new RuntimeException("Failed to create key pair: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
/**
* Describes the first default VPC asynchronously and using a paginator.
*
* @return a {@link CompletableFuture} that, when completed, contains the first default VPC found.\
*/
public CompletableFuture describeFirstEC2VpcAsync() {
Filter myFilter = Filter.builder()
.name("is-default")
.values("true")
.build();
DescribeVpcsRequest request = DescribeVpcsRequest.builder()
.filters(myFilter)
.build();
DescribeVpcsPublisher paginator = getAsyncClient().describeVpcsPaginator(request);
AtomicReference vpcRef = new AtomicReference<>();
return paginator.subscribe(response -> {
response.vpcs().stream()
.findFirst()
.ifPresent(vpcRef::set);
}).thenApply(v -> {
Vpc vpc = vpcRef.get();
if (vpc == null) {
throw new RuntimeException("Default VPC not found");
}
return vpc;
}).exceptionally(ex -> {
logger.info("Failed to describe VPCs: " + ex.getMessage());
throw new RuntimeException("Failed to describe VPCs", ex);
});
}
/**
* Stops the EC2 instance with the specified ID asynchronously and waits for the instance to stop.
*
* @param instanceId the ID of the EC2 instance to stop
* @return a {@link CompletableFuture} that completes when the instance has been stopped, or exceptionally if an error occurs
*/
public CompletableFuture stopInstanceAsync(String instanceId) {
StopInstancesRequest stopRequest = StopInstancesRequest.builder()
.instanceIds(instanceId)
.build();
DescribeInstancesRequest describeRequest = DescribeInstancesRequest.builder()
.instanceIds(instanceId)
.build();
Ec2AsyncWaiter ec2Waiter = Ec2AsyncWaiter.builder()
.client(getAsyncClient())
.build();
CompletableFuture resultFuture = new CompletableFuture<>();
logger.info("Stopping instance " + instanceId + " and waiting for it to stop.");
getAsyncClient().stopInstances(stopRequest)
.thenCompose(response -> {
if (response.stoppingInstances().isEmpty()) {
return CompletableFuture.failedFuture(new RuntimeException("No instances were stopped. Please check the instance ID: " + instanceId));
}
return ec2Waiter.waitUntilInstanceStopped(describeRequest);
})
.thenAccept(waiterResponse -> {
logger.info("Successfully stopped instance " + instanceId);
resultFuture.complete(null);
})
.exceptionally(throwable -> {
logger.error("Failed to stop instance " + instanceId + ": " + throwable.getMessage(), throwable);
resultFuture.completeExceptionally(new RuntimeException("Failed to stop instance: " + throwable.getMessage(), throwable));
return null;
});
return resultFuture;
}
/**
* Starts an Amazon EC2 instance asynchronously and waits until it is in the "running" state.
*
* @param instanceId the ID of the instance to start
* @return a {@link CompletableFuture} that completes when the instance has been started and is in the "running" state, or exceptionally if an error occurs
*/
public CompletableFuture startInstanceAsync(String instanceId) {
StartInstancesRequest startRequest = StartInstancesRequest.builder()
.instanceIds(instanceId)
.build();
Ec2AsyncWaiter ec2Waiter = Ec2AsyncWaiter.builder()
.client(getAsyncClient())
.build();
DescribeInstancesRequest describeRequest = DescribeInstancesRequest.builder()
.instanceIds(instanceId)
.build();
logger.info("Starting instance " + instanceId + " and waiting for it to run.");
CompletableFuture resultFuture = new CompletableFuture<>();
return getAsyncClient().startInstances(startRequest)
.thenCompose(response ->
ec2Waiter.waitUntilInstanceRunning(describeRequest)
)
.thenAccept(waiterResponse -> {
logger.info("Successfully started instance " + instanceId);
resultFuture.complete(null);
})
.exceptionally(throwable -> {
resultFuture.completeExceptionally(new RuntimeException("Failed to start instance: " + throwable.getMessage(), throwable));
return null;
});
}
}
```
+ 有关 API 详细信息,请参阅《AWS SDK for Java 2.x API Reference》**中的以下主题。
+ [AllocateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AllocateAddress)
+ [AssociateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AssociateAddress)
+ [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AuthorizeSecurityGroupIngress)
+ [CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateKeyPair)
+ [CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateSecurityGroup)
+ [DeleteKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteKeyPair)
+ [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteSecurityGroup)
+ [DescribeImages](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeImages)
+ [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstanceTypes)
+ [DescribeInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstances)
+ [DescribeKeyPairs](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeKeyPairs)
+ [DescribeSecurityGroups](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeSecurityGroups)
+ [DisassociateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DisassociateAddress)
+ [ReleaseAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/ReleaseAddress)
+ [RunInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/RunInstances)
+ [StartInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/StartInstances)
+ [StopInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/StopInstances)
+ [TerminateInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/TerminateInstances)
+ [UnmonitorInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/UnmonitorInstances)
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
此文件包含与 EC2 结合使用的常见操作列表。这些步骤通过场景框架构建,该框架可简化交互式示例的运行。有关完整上下文,请访问 GitHub 存储库。
```
import { tmpdir } from "node:os";
import { writeFile, mkdtemp, rm } from "node:fs/promises";
import { join } from "node:path";
import { get } from "node:http";
import {
AllocateAddressCommand,
AssociateAddressCommand,
AuthorizeSecurityGroupIngressCommand,
CreateKeyPairCommand,
CreateSecurityGroupCommand,
DeleteKeyPairCommand,
DeleteSecurityGroupCommand,
DisassociateAddressCommand,
paginateDescribeImages,
paginateDescribeInstances,
paginateDescribeInstanceTypes,
ReleaseAddressCommand,
RunInstancesCommand,
StartInstancesCommand,
StopInstancesCommand,
TerminateInstancesCommand,
waitUntilInstanceStatusOk,
waitUntilInstanceStopped,
waitUntilInstanceTerminated,
} from "@aws-sdk/client-ec2";
import {
ScenarioAction,
ScenarioInput,
ScenarioOutput,
} from "@aws-doc-sdk-examples/lib/scenario/index.js";
import { paginateGetParametersByPath, SSMClient } from "@aws-sdk/client-ssm";
/**
* @typedef {{
* ec2Client: import('@aws-sdk/client-ec2').EC2Client,
* errors: Error[],
* keyPairId?: string,
* tmpDirectory?: string,
* securityGroupId?: string,
* ipAddress?: string,
* images?: import('@aws-sdk/client-ec2').Image[],
* image?: import('@aws-sdk/client-ec2').Image,
* instanceTypes?: import('@aws-sdk/client-ec2').InstanceTypeInfo[],
* instanceId?: string,
* instanceIpAddress?: string,
* allocationId?: string,
* allocatedIpAddress?: string,
* associationId?: string,
* }} State
*/
/**
* A skip function provided to the `skipWhen` of a Step when you want
* to ignore that step if any errors have occurred.
* @param {State} state
*/
const skipWhenErrors = (state) => state.errors.length > 0;
const MAX_WAITER_TIME_IN_SECONDS = 60 * 8;
export const confirm = new ScenarioInput("confirmContinue", "Continue?", {
type: "confirm",
skipWhen: skipWhenErrors,
});
export const exitOnNoConfirm = new ScenarioAction(
"exitOnConfirmContinueFalse",
(/** @type { { earlyExit: boolean } & Record} */ state) => {
if (!state[confirm.name]) {
state.earlyExit = true;
}
},
{
skipWhen: skipWhenErrors,
},
);
export const greeting = new ScenarioOutput(
"greeting",
`
Welcome to the Amazon EC2 basic usage scenario.
Before you launch an instances, you'll need to provide a few things:
- A key pair - This is for SSH access to your EC2 instance. You only need to provide the name.
- A security group - This is used for configuring access to your instance. Again, only the name is needed.
- An IP address - Your public IP address will be fetched.
- An Amazon Machine Image (AMI)
- A compatible instance type`,
{ header: true, preformatted: true, skipWhen: skipWhenErrors },
);
export const provideKeyPairName = new ScenarioInput(
"keyPairName",
"Provide a name for a new key pair.",
{ type: "input", default: "ec2-example-key-pair", skipWhen: skipWhenErrors },
);
export const createKeyPair = new ScenarioAction(
"createKeyPair",
async (/** @type {State} */ state) => {
try {
// Create a key pair in Amazon EC2.
const { KeyMaterial, KeyPairId } = await state.ec2Client.send(
// A unique name for the key pair. Up to 255 ASCII characters.
new CreateKeyPairCommand({ KeyName: state[provideKeyPairName.name] }),
);
state.keyPairId = KeyPairId;
// Save the private key in a temporary location.
state.tmpDirectory = await mkdtemp(join(tmpdir(), "ec2-scenario-tmp"));
await writeFile(
`${state.tmpDirectory}/${state[provideKeyPairName.name]}.pem`,
KeyMaterial,
{
mode: 0o400,
},
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidKeyPair.Duplicate"
) {
caught.message = `${caught.message}. Try another key name.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logKeyPair = new ScenarioOutput(
"logKeyPair",
(/** @type {State} */ state) =>
`Created the key pair ${state[provideKeyPairName.name]}.`,
{ skipWhen: skipWhenErrors },
);
export const confirmDeleteKeyPair = new ScenarioInput(
"confirmDeleteKeyPair",
"Do you want to delete the key pair?",
{
type: "confirm",
// Don't do anything when a key pair was never created.
skipWhen: (/** @type {State} */ state) => !state.keyPairId,
},
);
export const maybeDeleteKeyPair = new ScenarioAction(
"deleteKeyPair",
async (/** @type {State} */ state) => {
try {
// Delete a key pair by name from EC2
await state.ec2Client.send(
new DeleteKeyPairCommand({ KeyName: state[provideKeyPairName.name] }),
);
} catch (caught) {
if (
caught instanceof Error &&
// Occurs when a required parameter (e.g. KeyName) is undefined.
caught.name === "MissingParameter"
) {
caught.message = `${caught.message}. Did you provide the required value?`;
}
state.errors.push(caught);
}
},
{
// Don't do anything when there's no key pair to delete or the user chooses
// to keep it.
skipWhen: (/** @type {State} */ state) =>
!state.keyPairId || !state[confirmDeleteKeyPair.name],
},
);
export const provideSecurityGroupName = new ScenarioInput(
"securityGroupName",
"Provide a name for a new security group.",
{ type: "input", default: "ec2-scenario-sg", skipWhen: skipWhenErrors },
);
export const createSecurityGroup = new ScenarioAction(
"createSecurityGroup",
async (/** @type {State} */ state) => {
try {
// Create a new security group that will be used to configure ingress/egress for
// an EC2 instance.
const { GroupId } = await state.ec2Client.send(
new CreateSecurityGroupCommand({
GroupName: state[provideSecurityGroupName.name],
Description: "A security group for the Amazon EC2 example.",
}),
);
state.securityGroupId = GroupId;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidGroup.Duplicate") {
caught.message = `${caught.message}. Please provide a different name for your security group.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logSecurityGroup = new ScenarioOutput(
"logSecurityGroup",
(/** @type {State} */ state) =>
`Created the security group ${state.securityGroupId}.`,
{ skipWhen: skipWhenErrors },
);
export const confirmDeleteSecurityGroup = new ScenarioInput(
"confirmDeleteSecurityGroup",
"Do you want to delete the security group?",
{
type: "confirm",
// Don't do anything when a security group was never created.
skipWhen: (/** @type {State} */ state) => !state.securityGroupId,
},
);
export const maybeDeleteSecurityGroup = new ScenarioAction(
"deleteSecurityGroup",
async (/** @type {State} */ state) => {
try {
// Delete the security group if the 'skipWhen' condition below is not met.
await state.ec2Client.send(
new DeleteSecurityGroupCommand({
GroupId: state.securityGroupId,
}),
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidGroupId.Malformed"
) {
caught.message = `${caught.message}. Please provide a valid GroupId.`;
}
state.errors.push(caught);
}
},
{
// Don't do anything when there's no security group to delete
// or the user chooses to keep it.
skipWhen: (/** @type {State} */ state) =>
!state.securityGroupId || !state[confirmDeleteSecurityGroup.name],
},
);
export const authorizeSecurityGroupIngress = new ScenarioAction(
"authorizeSecurity",
async (/** @type {State} */ state) => {
try {
// Get the public IP address of the machine running this example.
const ipAddress = await new Promise((res, rej) => {
get("http://checkip.amazonaws.com", (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => res(data.trim()));
}).on("error", (err) => {
rej(err);
});
});
state.ipAddress = ipAddress;
// Allow ingress from the IP address above to the security group.
// This will allow you to SSH into the EC2 instance.
const command = new AuthorizeSecurityGroupIngressCommand({
GroupId: state.securityGroupId,
IpPermissions: [
{
IpProtocol: "tcp",
FromPort: 22,
ToPort: 22,
IpRanges: [{ CidrIp: `${ipAddress}/32` }],
},
],
});
await state.ec2Client.send(command);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidGroupId.Malformed"
) {
caught.message = `${caught.message}. Please provide a valid GroupId.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logSecurityGroupIngress = new ScenarioOutput(
"logSecurityGroupIngress",
(/** @type {State} */ state) =>
`Allowed SSH access from your public IP: ${state.ipAddress}.`,
{ skipWhen: skipWhenErrors },
);
export const getImages = new ScenarioAction(
"images",
async (/** @type {State} */ state) => {
const AMIs = [];
// Some AWS services publish information about common artifacts as AWS Systems Manager (SSM)
// public parameters. For example, the Amazon Elastic Compute Cloud (Amazon EC2)
// service publishes information about Amazon Machine Images (AMIs) as public parameters.
// Create the paginator for getting images. Actions that return multiple pages of
// results have paginators to simplify those calls.
const getParametersByPathPaginator = paginateGetParametersByPath(
{
// Not storing this client in state since it's only used once.
client: new SSMClient({}),
},
{
// The path to the public list of the latest amazon-linux instances.
Path: "/aws/service/ami-amazon-linux-latest",
},
);
try {
for await (const page of getParametersByPathPaginator) {
for (const param of page.Parameters) {
// Filter by Amazon Linux 2
if (param.Name.includes("amzn2")) {
AMIs.push(param.Value);
}
}
}
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidFilterValue") {
caught.message = `${caught.message} Please provide a valid filter value for paginateGetParametersByPath.`;
}
state.errors.push(caught);
return;
}
const imageDetails = [];
const describeImagesPaginator = paginateDescribeImages(
{ client: state.ec2Client },
// The images found from the call to SSM.
{ ImageIds: AMIs },
);
try {
// Get more details for the images found above.
for await (const page of describeImagesPaginator) {
imageDetails.push(...(page.Images || []));
}
// Store the image details for later use.
state.images = imageDetails;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidAMIID.NotFound") {
caught.message = `${caught.message}. Please provide a valid image id.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const provideImage = new ScenarioInput(
"image",
"Select one of the following images.",
{
type: "select",
choices: (/** @type { State } */ state) =>
state.images.map((image) => ({
name: `${image.Description}`,
value: image,
})),
default: (/** @type { State } */ state) => state.images[0],
skipWhen: skipWhenErrors,
},
);
export const getCompatibleInstanceTypes = new ScenarioAction(
"getCompatibleInstanceTypes",
async (/** @type {State} */ state) => {
// Get more details about instance types that match the architecture of
// the provided image.
const paginator = paginateDescribeInstanceTypes(
{ client: state.ec2Client, pageSize: 25 },
{
Filters: [
{
Name: "processor-info.supported-architecture",
// The value selected from provideImage()
Values: [state.image.Architecture],
},
// Filter for smaller, less expensive, types.
{ Name: "instance-type", Values: ["*.micro", "*.small"] },
],
},
);
const instanceTypes = [];
try {
for await (const page of paginator) {
if (page.InstanceTypes.length) {
instanceTypes.push(...(page.InstanceTypes || []));
}
}
if (!instanceTypes.length) {
state.errors.push(
"No instance types matched the instance type filters.",
);
}
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
caught.message = `${caught.message}. Please check the provided values and try again.`;
}
state.errors.push(caught);
}
state.instanceTypes = instanceTypes;
},
{ skipWhen: skipWhenErrors },
);
export const provideInstanceType = new ScenarioInput(
"instanceType",
"Select an instance type.",
{
choices: (/** @type {State} */ state) =>
state.instanceTypes.map((instanceType) => ({
name: `${instanceType.InstanceType} - Memory:${instanceType.MemoryInfo.SizeInMiB}`,
value: instanceType.InstanceType,
})),
type: "select",
default: (/** @type {State} */ state) =>
state.instanceTypes[0].InstanceType,
skipWhen: skipWhenErrors,
},
);
export const runInstance = new ScenarioAction(
"runInstance",
async (/** @type { State } */ state) => {
const { Instances } = await state.ec2Client.send(
new RunInstancesCommand({
KeyName: state[provideKeyPairName.name],
SecurityGroupIds: [state.securityGroupId],
ImageId: state.image.ImageId,
InstanceType: state[provideInstanceType.name],
// Availability Zones have capacity limitations that may impact your ability to launch instances.
// The `RunInstances` operation will only succeed if it can allocate at least the `MinCount` of instances.
// However, EC2 will attempt to launch up to the `MaxCount` of instances, even if the full request cannot be satisfied.
// If you need a specific number of instances, use `MinCount` and `MaxCount` set to the same value.
// If you want to launch up to a certain number of instances, use `MaxCount` and let EC2 provision as many as possible.
// If you require a minimum number of instances, but do not want to exceed a maximum, use both `MinCount` and `MaxCount`.
MinCount: 1,
MaxCount: 1,
}),
);
state.instanceId = Instances[0].InstanceId;
try {
// Poll `DescribeInstanceStatus` until status is "ok".
await waitUntilInstanceStatusOk(
{
client: state.ec2Client,
maxWaitTime: MAX_WAITER_TIME_IN_SECONDS,
},
{ InstanceIds: [Instances[0].InstanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logRunInstance = new ScenarioOutput(
"logRunInstance",
"The next step is to run your EC2 instance for the first time. This can take a few minutes.",
{ header: true, skipWhen: skipWhenErrors },
);
export const describeInstance = new ScenarioAction(
"describeInstance",
async (/** @type { State } */ state) => {
/** @type { import("@aws-sdk/client-ec2").Instance[] } */
const instances = [];
try {
const paginator = paginateDescribeInstances(
{
client: state.ec2Client,
},
{
// Only get our created instance.
InstanceIds: [state.instanceId],
},
);
for await (const page of paginator) {
for (const reservation of page.Reservations) {
instances.push(...reservation.Instances);
}
}
if (instances.length !== 1) {
throw new Error(`Instance ${state.instanceId} not found.`);
}
// The only info we need is the IP address for SSH purposes.
state.instanceIpAddress = instances[0].PublicIpAddress;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
caught.message = `${caught.message}. Please check provided values and try again.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logSSHConnectionInfo = new ScenarioOutput(
"logSSHConnectionInfo",
(/** @type { State } */ state) =>
`You can now SSH into your instance using the following command:
ssh -i ${state.tmpDirectory}/${state[provideKeyPairName.name]}.pem ec2-user@${state.instanceIpAddress}`,
{ preformatted: true, skipWhen: skipWhenErrors },
);
export const logStopInstance = new ScenarioOutput(
"logStopInstance",
"Stopping your EC2 instance.",
{ skipWhen: skipWhenErrors },
);
export const stopInstance = new ScenarioAction(
"stopInstance",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new StopInstancesCommand({
InstanceIds: [state.instanceId],
}),
);
await waitUntilInstanceStopped(
{
client: state.ec2Client,
maxWaitTime: MAX_WAITER_TIME_IN_SECONDS,
},
{ InstanceIds: [state.instanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
// Don't try to stop an instance that doesn't exist.
{ skipWhen: (/** @type { State } */ state) => !state.instanceId },
);
export const logIpAddressBehavior = new ScenarioOutput(
"logIpAddressBehavior",
[
"When you run an instance, by default it's assigned an IP address.",
"That IP address is not static. It will change every time the instance is restarted.",
"The next step is to stop and restart your instance to demonstrate this behavior.",
].join(" "),
{ header: true, skipWhen: skipWhenErrors },
);
export const logStartInstance = new ScenarioOutput(
"logStartInstance",
(/** @type { State } */ state) => `Starting instance ${state.instanceId}`,
{ skipWhen: skipWhenErrors },
);
export const startInstance = new ScenarioAction(
"startInstance",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new StartInstancesCommand({
InstanceIds: [state.instanceId],
}),
);
await waitUntilInstanceStatusOk(
{
client: state.ec2Client,
maxWaitTime: MAX_WAITER_TIME_IN_SECONDS,
},
{ InstanceIds: [state.instanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logIpAllocation = new ScenarioOutput(
"logIpAllocation",
[
"It is possible to have a static IP address.",
"To demonstrate this, an IP will be allocated and associated to your EC2 instance.",
].join(" "),
{ header: true, skipWhen: skipWhenErrors },
);
export const allocateIp = new ScenarioAction(
"allocateIp",
async (/** @type { State } */ state) => {
try {
// An Elastic IP address is allocated to your AWS account, and is yours until you release it.
const { AllocationId, PublicIp } = await state.ec2Client.send(
new AllocateAddressCommand({}),
);
state.allocationId = AllocationId;
state.allocatedIpAddress = PublicIp;
} catch (caught) {
if (caught instanceof Error && caught.name === "MissingParameter") {
caught.message = `${caught.message}. Did you provide these values?`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const associateIp = new ScenarioAction(
"associateIp",
async (/** @type { State } */ state) => {
try {
// Associate an allocated IP address to an EC2 instance. An IP address can be allocated
// with the AllocateAddress action.
const { AssociationId } = await state.ec2Client.send(
new AssociateAddressCommand({
AllocationId: state.allocationId,
InstanceId: state.instanceId,
}),
);
state.associationId = AssociationId;
// Update the IP address that is being tracked to match
// the one just associated.
state.instanceIpAddress = state.allocatedIpAddress;
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
caught.message = `${caught.message}. Did you provide the ID of a valid Elastic IP address AllocationId?`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logStaticIpProof = new ScenarioOutput(
"logStaticIpProof",
"The IP address should remain the same even after stopping and starting the instance.",
{ header: true, skipWhen: skipWhenErrors },
);
export const logCleanUp = new ScenarioOutput(
"logCleanUp",
"That's it! You can choose to clean up the resources now, or clean them up on your own later.",
{ header: true, skipWhen: skipWhenErrors },
);
export const confirmDisassociateAddress = new ScenarioInput(
"confirmDisassociateAddress",
"Do you want to disassociate and release the static IP address created earlier?",
{
type: "confirm",
skipWhen: (/** @type { State } */ state) => !state.associationId,
},
);
export const maybeDisassociateAddress = new ScenarioAction(
"maybeDisassociateAddress",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new DisassociateAddressCommand({
AssociationId: state.associationId,
}),
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAssociationID.NotFound"
) {
caught.message = `${caught.message}. Please provide a valid association ID.`;
}
state.errors.push(caught);
}
},
{
skipWhen: (/** @type { State } */ state) =>
!state[confirmDisassociateAddress.name] || !state.associationId,
},
);
export const maybeReleaseAddress = new ScenarioAction(
"maybeReleaseAddress",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new ReleaseAddressCommand({
AllocationId: state.allocationId,
}),
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
caught.message = `${caught.message}. Please provide a valid AllocationID.`;
}
state.errors.push(caught);
}
},
{
skipWhen: (/** @type { State } */ state) =>
!state[confirmDisassociateAddress.name] || !state.allocationId,
},
);
export const confirmTerminateInstance = new ScenarioInput(
"confirmTerminateInstance",
"Do you want to terminate the instance?",
// Don't do anything when an instance was never run.
{
skipWhen: (/** @type { State } */ state) => !state.instanceId,
type: "confirm",
},
);
export const maybeTerminateInstance = new ScenarioAction(
"terminateInstance",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new TerminateInstancesCommand({
InstanceIds: [state.instanceId],
}),
);
await waitUntilInstanceTerminated(
{ client: state.ec2Client },
{ InstanceIds: [state.instanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
{
// Don't do anything when there's no instance to terminate or the
// use chooses not to terminate.
skipWhen: (/** @type { State } */ state) =>
!state.instanceId || !state[confirmTerminateInstance.name],
},
);
export const deleteTemporaryDirectory = new ScenarioAction(
"deleteTemporaryDirectory",
async (/** @type { State } */ state) => {
try {
await rm(state.tmpDirectory, { recursive: true });
} catch (caught) {
state.errors.push(caught);
}
},
);
export const logErrors = new ScenarioOutput(
"logErrors",
(/** @type {State}*/ state) => {
const errorList = state.errors
.map((err) => ` - ${err.name}: ${err.message}`)
.join("\n");
return `Scenario errors found:\n${errorList}`;
},
{
preformatted: true,
header: true,
// Don't log errors when there aren't any!
skipWhen: (/** @type {State} */ state) => state.errors.length === 0,
},
);
```
+ 有关 API 详细信息,请参阅《适用于 JavaScript 的 AWS SDK API Reference》**中的以下主题。
+ [AllocateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AllocateAddressCommand)
+ [AssociateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AssociateAddressCommand)
+ [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AuthorizeSecurityGroupIngressCommand)
+ [CreateKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateKeyPairCommand)
+ [CreateSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateSecurityGroupCommand)
+ [DeleteKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteKeyPairCommand)
+ [DeleteSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteSecurityGroupCommand)
+ [DescribeImages](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeImagesCommand)
+ [DescribeInstanceTypes](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstanceTypesCommand)
+ [DescribeInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstancesCommand)
+ [DescribeKeyPairs](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeKeyPairsCommand)
+ [DescribeSecurityGroups](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeSecurityGroupsCommand)
+ [DisassociateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DisassociateAddressCommand)
+ [ReleaseAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/ReleaseAddressCommand)
+ [RunInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/RunInstancesCommand)
+ [StartInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/StartInstancesCommand)
+ [StopInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/StopInstancesCommand)
+ [TerminateInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/TerminateInstancesCommand)
+ [UnmonitorInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/UnmonitorInstancesCommand)
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
Before running this Kotlin code example, set up your development environment,
including your credentials.
For more information, see the following documentation topic:
https://docs.aws.amazon.com/sdk-for-kotlin/latest/developer-guide/setup.html
This Kotlin example performs the following tasks:
1. Creates an RSA key pair and saves the private key data as a .pem file.
2. Lists key pairs.
3. Creates a security group for the default VPC.
4. Displays security group information.
5. Gets a list of Amazon Linux 2 AMIs and selects one.
6. Gets more information about the image.
7. Gets a list of instance types that are compatible with the selected AMI’s architecture.
8. Creates an instance with the key pair, security group, AMI, and an instance type.
9. Displays information about the instance.
10. Stops the instance and waits for it to stop.
11. Starts the instance and waits for it to start.
12. Allocates an Elastic IP address and associates it with the instance.
13. Displays SSH connection info for the instance.
14. Disassociates and deletes the Elastic IP address.
15. Terminates the instance.
16. Deletes the security group.
17. Deletes the key pair.
*/
val DASHES = String(CharArray(80)).replace("\u0000", "-")
suspend fun main(args: Array) {
val usage = """
Usage:
Where:
keyName - A key pair name (for example, TestKeyPair).
fileName - A file name where the key information is written to.
groupName - The name of the security group.
groupDesc - The description of the security group.
vpcId - A VPC ID. You can get this value from the AWS Management Console.
myIpAddress - The IP address of your development machine.
"""
if (args.size != 6) {
println(usage)
exitProcess(0)
}
val keyName = args[0]
val fileName = args[1]
val groupName = args[2]
val groupDesc = args[3]
val vpcId = args[4]
val myIpAddress = args[5]
var newInstanceId: String? = ""
println(DASHES)
println("Welcome to the Amazon EC2 example scenario.")
println(DASHES)
println(DASHES)
println("1. Create an RSA key pair and save the private key material as a .pem file.")
createKeyPairSc(keyName, fileName)
println(DASHES)
println(DASHES)
println("2. List key pairs.")
describeEC2KeysSc()
println(DASHES)
println(DASHES)
println("3. Create a security group.")
val groupId = createEC2SecurityGroupSc(groupName, groupDesc, vpcId, myIpAddress)
println(DASHES)
println(DASHES)
println("4. Display security group info for the newly created security group.")
describeSecurityGroupsSc(groupId.toString())
println(DASHES)
println(DASHES)
println("5. Get a list of Amazon Linux 2 AMIs and select one with amzn2 in the name.")
val instanceId = getParaValuesSc()
if (instanceId == "") {
println("The instance Id value isn't valid.")
exitProcess(0)
}
println("The instance Id is $instanceId.")
println(DASHES)
println(DASHES)
println("6. Get more information about an amzn2 image and return the AMI value.")
val amiValue = instanceId?.let { describeImageSc(it) }
if (instanceId == "") {
println("The instance Id value is invalid.")
exitProcess(0)
}
println("The AMI value is $amiValue.")
println(DASHES)
println(DASHES)
println("7. Get a list of instance types.")
val instanceType = getInstanceTypesSc()
println(DASHES)
println(DASHES)
println("8. Create an instance.")
if (amiValue != null) {
newInstanceId = runInstanceSc(instanceType, keyName, groupName, amiValue)
println("The instance Id is $newInstanceId")
}
println(DASHES)
println(DASHES)
println("9. Display information about the running instance. ")
var ipAddress = describeEC2InstancesSc(newInstanceId)
println("You can SSH to the instance using this command:")
println("ssh -i " + fileName + "ec2-user@" + ipAddress)
println(DASHES)
println(DASHES)
println("10. Stop the instance.")
if (newInstanceId != null) {
stopInstanceSc(newInstanceId)
}
println(DASHES)
println(DASHES)
println("11. Start the instance.")
if (newInstanceId != null) {
startInstanceSc(newInstanceId)
}
ipAddress = describeEC2InstancesSc(newInstanceId)
println("You can SSH to the instance using this command:")
println("ssh -i " + fileName + "ec2-user@" + ipAddress)
println(DASHES)
println(DASHES)
println("12. Allocate an Elastic IP address and associate it with the instance.")
val allocationId = allocateAddressSc()
println("The allocation Id value is $allocationId")
val associationId = associateAddressSc(newInstanceId, allocationId)
println("The associate Id value is $associationId")
println(DASHES)
println(DASHES)
println("13. Describe the instance again.")
ipAddress = describeEC2InstancesSc(newInstanceId)
println("You can SSH to the instance using this command:")
println("ssh -i " + fileName + "ec2-user@" + ipAddress)
println(DASHES)
println(DASHES)
println("14. Disassociate and release the Elastic IP address.")
disassociateAddressSc(associationId)
releaseEC2AddressSc(allocationId)
println(DASHES)
println(DASHES)
println("15. Terminate the instance and use a waiter.")
if (newInstanceId != null) {
terminateEC2Sc(newInstanceId)
}
println(DASHES)
println(DASHES)
println("16. Delete the security group.")
if (groupId != null) {
deleteEC2SecGroupSc(groupId)
}
println(DASHES)
println(DASHES)
println("17. Delete the key pair.")
deleteKeysSc(keyName)
println(DASHES)
println(DASHES)
println("You successfully completed the Amazon EC2 scenario.")
println(DASHES)
}
suspend fun deleteKeysSc(keyPair: String) {
val request =
DeleteKeyPairRequest {
keyName = keyPair
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteKeyPair(request)
println("Successfully deleted key pair named $keyPair")
}
}
suspend fun deleteEC2SecGroupSc(groupIdVal: String) {
val request =
DeleteSecurityGroupRequest {
groupId = groupIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteSecurityGroup(request)
println("Successfully deleted security group with Id $groupIdVal")
}
}
suspend fun terminateEC2Sc(instanceIdVal: String) {
val ti =
TerminateInstancesRequest {
instanceIds = listOf(instanceIdVal)
}
println("Wait for the instance to terminate. This will take a few minutes.")
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.terminateInstances(ti)
ec2.waitUntilInstanceTerminated {
// suspend call
instanceIds = listOf(instanceIdVal)
}
println("$instanceIdVal is terminated!")
}
}
suspend fun releaseEC2AddressSc(allocId: String?) {
val request =
ReleaseAddressRequest {
allocationId = allocId
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.releaseAddress(request)
println("Successfully released Elastic IP address $allocId")
}
}
suspend fun disassociateAddressSc(associationIdVal: String?) {
val addressRequest =
DisassociateAddressRequest {
associationId = associationIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.disassociateAddress(addressRequest)
println("You successfully disassociated the address!")
}
}
suspend fun associateAddressSc(
instanceIdVal: String?,
allocationIdVal: String?,
): String? {
val associateRequest =
AssociateAddressRequest {
instanceId = instanceIdVal
allocationId = allocationIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val associateResponse = ec2.associateAddress(associateRequest)
return associateResponse.associationId
}
}
suspend fun allocateAddressSc(): String? {
val allocateRequest =
AllocateAddressRequest {
domain = DomainType.Vpc
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val allocateResponse = ec2.allocateAddress(allocateRequest)
return allocateResponse.allocationId
}
}
suspend fun startInstanceSc(instanceId: String) {
val request =
StartInstancesRequest {
instanceIds = listOf(instanceId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.startInstances(request)
println("Waiting until instance $instanceId starts. This will take a few minutes.")
ec2.waitUntilInstanceRunning {
// suspend call
instanceIds = listOf(instanceId)
}
println("Successfully started instance $instanceId")
}
}
suspend fun stopInstanceSc(instanceId: String) {
val request =
StopInstancesRequest {
instanceIds = listOf(instanceId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.stopInstances(request)
println("Waiting until instance $instanceId stops. This will take a few minutes.")
ec2.waitUntilInstanceStopped {
// suspend call
instanceIds = listOf(instanceId)
}
println("Successfully stopped instance $instanceId")
}
}
suspend fun describeEC2InstancesSc(newInstanceId: String?): String {
var pubAddress = ""
var isRunning = false
val request =
DescribeInstancesRequest {
instanceIds = listOf(newInstanceId.toString())
}
while (!isRunning) {
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstances(request)
val state =
response.reservations
?.get(0)
?.instances
?.get(0)
?.state
?.name
?. value
if (state != null) {
if (state.compareTo("running") == 0) {
println("Image id is ${response.reservations!!.get(0).instances?.get(0)?.imageId}")
println("Instance type is ${response.reservations!!.get(0).instances?.get(0)?.instanceType}")
println("Instance state is ${response.reservations!!.get(0).instances?.get(0)?.state}")
pubAddress =
response.reservations!!
.get(0)
.instances
?.get(0)
?.publicIpAddress
.toString()
println("Instance address is $pubAddress")
isRunning = true
}
}
}
}
return pubAddress
}
suspend fun runInstanceSc(
instanceTypeVal: String,
keyNameVal: String,
groupNameVal: String,
amiIdVal: String,
): String {
val runRequest =
RunInstancesRequest {
instanceType = InstanceType.fromValue(instanceTypeVal)
keyName = keyNameVal
securityGroups = listOf(groupNameVal)
maxCount = 1
minCount = 1
imageId = amiIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.runInstances(runRequest)
val instanceId = response.instances?.get(0)?.instanceId
println("Successfully started EC2 Instance $instanceId based on AMI $amiIdVal")
return instanceId.toString()
}
}
// Get a list of instance types.
suspend fun getInstanceTypesSc(): String {
var instanceType = ""
val filterObs = ArrayList()
val filter =
Filter {
name = "processor-info.supported-architecture"
values = listOf("arm64")
}
filterObs.add(filter)
val typesRequest =
DescribeInstanceTypesRequest {
filters = filterObs
maxResults = 10
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstanceTypes(typesRequest)
response.instanceTypes?.forEach { type ->
println("The memory information of this type is ${type.memoryInfo?.sizeInMib}")
println("Maximum number of network cards is ${type.networkInfo?.maximumNetworkCards}")
instanceType = type.instanceType.toString()
}
return instanceType
}
}
// Display the Description field that corresponds to the instance Id value.
suspend fun describeImageSc(instanceId: String): String? {
val imagesRequest =
DescribeImagesRequest {
imageIds = listOf(instanceId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeImages(imagesRequest)
println("The description of the first image is ${response.images?.get(0)?.description}")
println("The name of the first image is ${response.images?.get(0)?.name}")
// Return the image Id value.
return response.images?.get(0)?.imageId
}
}
// Get the Id value of an instance with amzn2 in the name.
suspend fun getParaValuesSc(): String? {
val parameterRequest =
GetParametersByPathRequest {
path = "/aws/service/ami-amazon-linux-latest"
}
SsmClient.fromEnvironment { region = "us-west-2" }.use { ssmClient ->
val response = ssmClient.getParametersByPath(parameterRequest)
response.parameters?.forEach { para ->
println("The name of the para is: ${para.name}")
println("The type of the para is: ${para.type}")
println("")
if (para.name?.let { filterName(it) } == true) {
return para.value
}
}
}
return ""
}
fun filterName(name: String): Boolean {
val parts = name.split("/").toTypedArray()
val myValue = parts[4]
return myValue.contains("amzn2")
}
suspend fun describeSecurityGroupsSc(groupId: String) {
val request =
DescribeSecurityGroupsRequest {
groupIds = listOf(groupId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeSecurityGroups(request)
for (group in response.securityGroups!!) {
println("Found Security Group with id " + group.groupId.toString() + " and group VPC " + group.vpcId)
}
}
}
suspend fun createEC2SecurityGroupSc(
groupNameVal: String?,
groupDescVal: String?,
vpcIdVal: String?,
myIpAddress: String?,
): String? {
val request =
CreateSecurityGroupRequest {
groupName = groupNameVal
description = groupDescVal
vpcId = vpcIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val resp = ec2.createSecurityGroup(request)
val ipRange =
IpRange {
cidrIp = "$myIpAddress/0"
}
val ipPerm =
IpPermission {
ipProtocol = "tcp"
toPort = 80
fromPort = 80
ipRanges = listOf(ipRange)
}
val ipPerm2 =
IpPermission {
ipProtocol = "tcp"
toPort = 22
fromPort = 22
ipRanges = listOf(ipRange)
}
val authRequest =
AuthorizeSecurityGroupIngressRequest {
groupName = groupNameVal
ipPermissions = listOf(ipPerm, ipPerm2)
}
ec2.authorizeSecurityGroupIngress(authRequest)
println("Successfully added ingress policy to Security Group $groupNameVal")
return resp.groupId
}
}
suspend fun describeEC2KeysSc() {
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeKeyPairs(DescribeKeyPairsRequest {})
response.keyPairs?.forEach { keyPair ->
println("Found key pair with name ${keyPair.keyName} and fingerprint ${ keyPair.keyFingerprint}")
}
}
}
suspend fun createKeyPairSc(
keyNameVal: String,
fileNameVal: String,
) {
val request =
CreateKeyPairRequest {
keyName = keyNameVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.createKeyPair(request)
val content = response.keyMaterial
if (content != null) {
File(fileNameVal).writeText(content)
}
println("Successfully created key pair named $keyNameVal")
}
}
```
+ 有关 API 详细信息,请参阅《AWS SDK for Kotlin API Reference》**中的以下主题。
+ [AllocateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [AssociateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [CreateKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [CreateSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DeleteKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DeleteSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeImages](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeInstanceTypes](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeKeyPairs](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeSecurityGroups](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DisassociateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [ReleaseAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [RunInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [StartInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [StopInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [TerminateInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [UnmonitorInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
在命令提示符中运行交互式场景。
```
class EC2InstanceScenario:
"""
A scenario that demonstrates how to use Boto3 to manage Amazon EC2 resources.
Covers creating a key pair, security group, launching an instance, associating
an Elastic IP, and cleaning up resources.
"""
def __init__(
self,
inst_wrapper: EC2InstanceWrapper,
key_wrapper: KeyPairWrapper,
sg_wrapper: SecurityGroupWrapper,
eip_wrapper: ElasticIpWrapper,
ssm_client: boto3.client,
remote_exec: bool = False,
):
"""
Initializes the EC2InstanceScenario with the necessary AWS service wrappers.
:param inst_wrapper: Wrapper for EC2 instance operations.
:param key_wrapper: Wrapper for key pair operations.
:param sg_wrapper: Wrapper for security group operations.
:param eip_wrapper: Wrapper for Elastic IP operations.
:param ssm_client: Boto3 client for accessing SSM to retrieve AMIs.
:param remote_exec: Flag to indicate if the scenario is running in a remote execution
environment. Defaults to False. If True, the script won't prompt
for user interaction.
"""
self.inst_wrapper = inst_wrapper
self.key_wrapper = key_wrapper
self.sg_wrapper = sg_wrapper
self.eip_wrapper = eip_wrapper
self.ssm_client = ssm_client
self.remote_exec = remote_exec
def create_and_list_key_pairs(self) -> None:
"""
Creates an RSA key pair for SSH access to the EC2 instance and lists available key pairs.
"""
console.print("**Step 1: Create a Secure Key Pair**", style="bold cyan")
console.print(
"Let's create a secure RSA key pair for connecting to your EC2 instance."
)
key_name = f"MyUniqueKeyPair-{uuid.uuid4().hex[:8]}"
console.print(f"- **Key Pair Name**: {key_name}")
# Create the key pair and simulate the process with a progress bar.
with alive_bar(1, title="Creating Key Pair") as bar:
self.key_wrapper.create(key_name)
time.sleep(0.4) # Simulate the delay in key creation
bar()
console.print(f"- **Private Key Saved to**: {self.key_wrapper.key_file_path}\n")
# List key pairs (simulated) and show a progress bar.
list_keys = True
if list_keys:
console.print("- Listing your key pairs...")
start_time = time.time()
with alive_bar(100, title="Listing Key Pairs") as bar:
while time.time() - start_time < 2:
time.sleep(0.2)
bar(10)
self.key_wrapper.list(5)
if time.time() - start_time > 2:
console.print(
"Taking longer than expected! Please wait...",
style="bold yellow",
)
def create_security_group(self) -> None:
"""
Creates a security group that controls access to the EC2 instance and adds a rule
to allow SSH access from the user's current public IP address.
"""
console.print("**Step 2: Create a Security Group**", style="bold cyan")
console.print(
"Security groups manage access to your instance. Let's create one."
)
sg_name = f"MySecurityGroup-{uuid.uuid4().hex[:8]}"
console.print(f"- **Security Group Name**: {sg_name}")
# Create the security group and simulate the process with a progress bar.
with alive_bar(1, title="Creating Security Group") as bar:
self.sg_wrapper.create(
sg_name, "Security group for example: get started with instances."
)
time.sleep(0.5)
bar()
console.print(f"- **Security Group ID**: {self.sg_wrapper.security_group}\n")
# Get the current public IP to set up SSH access.
ip_response = urllib.request.urlopen("http://checkip.amazonaws.com")
current_ip_address = ip_response.read().decode("utf-8").strip()
console.print(
"Let's add a rule to allow SSH only from your current IP address."
)
console.print(f"- **Your Public IP Address**: {current_ip_address}")
console.print("- Automatically adding SSH rule...")
# Update security group rules to allow SSH and simulate with a progress bar.
with alive_bar(1, title="Updating Security Group Rules") as bar:
response = self.sg_wrapper.authorize_ingress(current_ip_address)
time.sleep(0.4)
if response and response.get("Return"):
console.print("- **Security Group Rules Updated**.")
else:
console.print(
"- **Error**: Couldn't update security group rules.",
style="bold red",
)
bar()
self.sg_wrapper.describe(self.sg_wrapper.security_group)
def create_instance(self) -> None:
"""
Launches an EC2 instance using an Amazon Linux 2 AMI and the created key pair
and security group. Displays instance details and SSH connection information.
"""
# Retrieve Amazon Linux 2 AMIs from SSM.
ami_paginator = self.ssm_client.get_paginator("get_parameters_by_path")
ami_options = []
for page in ami_paginator.paginate(Path="/aws/service/ami-amazon-linux-latest"):
ami_options += page["Parameters"]
amzn2_images = self.inst_wrapper.get_images(
[opt["Value"] for opt in ami_options if "amzn2" in opt["Name"]]
)
console.print("\n**Step 3: Launch Your Instance**", style="bold cyan")
console.print(
"Let's create an instance from an Amazon Linux 2 AMI. Here are some options:"
)
image_choice = 0
console.print(f"- Selected AMI: {amzn2_images[image_choice]['ImageId']}\n")
# Display instance types compatible with the selected AMI
inst_types = self.inst_wrapper.get_instance_types(
amzn2_images[image_choice]["Architecture"]
)
inst_type_choice = 0
console.print(
f"- Selected instance type: {inst_types[inst_type_choice]['InstanceType']}\n"
)
console.print("Creating your instance and waiting for it to start...")
with alive_bar(1, title="Creating Instance") as bar:
self.inst_wrapper.create(
amzn2_images[image_choice]["ImageId"],
inst_types[inst_type_choice]["InstanceType"],
self.key_wrapper.key_pair["KeyName"],
[self.sg_wrapper.security_group],
)
time.sleep(21)
bar()
console.print(f"**Success! Your instance is ready:**\n", style="bold green")
self.inst_wrapper.display()
console.print(
"You can use SSH to connect to your instance. "
"If the connection attempt times out, you might have to manually update "
"the SSH ingress rule for your IP address in the AWS Management Console."
)
self._display_ssh_info()
def _display_ssh_info(self) -> None:
"""
Displays SSH connection information for the user to connect to the EC2 instance.
Handles the case where the instance does or does not have an associated public IP address.
"""
if (
not self.eip_wrapper.elastic_ips
or not self.eip_wrapper.elastic_ips[0].allocation_id
):
if self.inst_wrapper.instances:
instance = self.inst_wrapper.instances[0]
instance_id = instance["InstanceId"]
waiter = self.inst_wrapper.ec2_client.get_waiter("instance_running")
console.print(
"Waiting for the instance to be in a running state with a public IP...",
style="bold cyan",
)
with alive_bar(1, title="Waiting for Instance to Start") as bar:
waiter.wait(InstanceIds=[instance_id])
time.sleep(20)
bar()
instance = self.inst_wrapper.ec2_client.describe_instances(
InstanceIds=[instance_id]
)["Reservations"][0]["Instances"][0]
public_ip = instance.get("PublicIpAddress")
if public_ip:
console.print(
"\nTo connect via SSH, open another command prompt and run the following command:",
style="bold cyan",
)
console.print(
f"\tssh -i {self.key_wrapper.key_file_path} ec2-user@{public_ip}"
)
else:
console.print(
"Instance does not have a public IP address assigned.",
style="bold red",
)
else:
console.print(
"No instance available to retrieve public IP address.",
style="bold red",
)
else:
elastic_ip = self.eip_wrapper.elastic_ips[0]
elastic_ip_address = elastic_ip.public_ip
console.print(
f"\tssh -i {self.key_wrapper.key_file_path} ec2-user@{elastic_ip_address}"
)
if not self.remote_exec:
console.print("\nOpen a new terminal tab to try the above SSH command.")
input("Press Enter to continue...")
def associate_elastic_ip(self) -> None:
"""
Allocates an Elastic IP address and associates it with the EC2 instance.
Displays the Elastic IP address and SSH connection information.
"""
console.print("\n**Step 4: Allocate an Elastic IP Address**", style="bold cyan")
console.print(
"You can allocate an Elastic IP address and associate it with your instance\n"
"to keep a consistent IP address even when your instance restarts."
)
with alive_bar(1, title="Allocating Elastic IP") as bar:
elastic_ip = self.eip_wrapper.allocate()
time.sleep(0.5)
bar()
console.print(
f"- **Allocated Static Elastic IP Address**: {elastic_ip.public_ip}."
)
with alive_bar(1, title="Associating Elastic IP") as bar:
self.eip_wrapper.associate(
elastic_ip.allocation_id, self.inst_wrapper.instances[0]["InstanceId"]
)
time.sleep(2)
bar()
console.print(f"- **Associated Elastic IP with Your Instance**.")
console.print(
"You can now use SSH to connect to your instance by using the Elastic IP."
)
self._display_ssh_info()
def stop_and_start_instance(self) -> None:
"""
Stops and restarts the EC2 instance. Displays instance state and explains
changes that occur when the instance is restarted, such as the potential change
in the public IP address unless an Elastic IP is associated.
"""
console.print("\n**Step 5: Stop and Start Your Instance**", style="bold cyan")
console.print("Let's stop and start your instance to see what changes.")
console.print("- **Stopping your instance and waiting until it's stopped...**")
with alive_bar(1, title="Stopping Instance") as bar:
self.inst_wrapper.stop()
time.sleep(360)
bar()
console.print("- **Your instance is stopped. Restarting...**")
with alive_bar(1, title="Starting Instance") as bar:
self.inst_wrapper.start()
time.sleep(20)
bar()
console.print("**Your instance is running.**", style="bold green")
self.inst_wrapper.display()
elastic_ip = (
self.eip_wrapper.elastic_ips[0] if self.eip_wrapper.elastic_ips else None
)
if elastic_ip is None or elastic_ip.allocation_id is None:
console.print(
"- **Note**: Every time your instance is restarted, its public IP address changes."
)
else:
console.print(
f"Because you have associated an Elastic IP with your instance, you can \n"
f"connect by using a consistent IP address after the instance restarts: {elastic_ip.public_ip}"
)
self._display_ssh_info()
def cleanup(self) -> None:
"""
Cleans up all the resources created during the scenario, including disassociating
and releasing the Elastic IP, terminating the instance, deleting the security
group, and deleting the key pair.
"""
console.print("\n**Step 6: Clean Up Resources**", style="bold cyan")
console.print("Cleaning up resources:")
for elastic_ip in self.eip_wrapper.elastic_ips:
console.print(f"- **Elastic IP**: {elastic_ip.public_ip}")
with alive_bar(1, title="Disassociating Elastic IP") as bar:
self.eip_wrapper.disassociate(elastic_ip.allocation_id)
time.sleep(2)
bar()
console.print("\t- **Disassociated Elastic IP from the Instance**")
with alive_bar(1, title="Releasing Elastic IP") as bar:
self.eip_wrapper.release(elastic_ip.allocation_id)
time.sleep(1)
bar()
console.print("\t- **Released Elastic IP**")
console.print(f"- **Instance**: {self.inst_wrapper.instances[0]['InstanceId']}")
with alive_bar(1, title="Terminating Instance") as bar:
self.inst_wrapper.terminate()
time.sleep(380)
bar()
console.print("\t- **Terminated Instance**")
console.print(f"- **Security Group**: {self.sg_wrapper.security_group}")
with alive_bar(1, title="Deleting Security Group") as bar:
self.sg_wrapper.delete(self.sg_wrapper.security_group)
time.sleep(1)
bar()
console.print("\t- **Deleted Security Group**")
console.print(f"- **Key Pair**: {self.key_wrapper.key_pair['KeyName']}")
with alive_bar(1, title="Deleting Key Pair") as bar:
self.key_wrapper.delete(self.key_wrapper.key_pair["KeyName"])
time.sleep(0.4)
bar()
console.print("\t- **Deleted Key Pair**")
def run_scenario(self) -> None:
"""
Executes the entire EC2 instance scenario: creates key pairs, security groups,
launches an instance, associates an Elastic IP, and cleans up all resources.
"""
logging.basicConfig(level=logging.INFO, format="%(levelname)s: %(message)s")
console.print("-" * 88)
console.print(
"Welcome to the Amazon Elastic Compute Cloud (Amazon EC2) get started with instances demo.",
style="bold magenta",
)
console.print("-" * 88)
self.create_and_list_key_pairs()
self.create_security_group()
self.create_instance()
self.stop_and_start_instance()
self.associate_elastic_ip()
self.stop_and_start_instance()
self.cleanup()
console.print("\nThanks for watching!", style="bold green")
console.print("-" * 88)
if __name__ == "__main__":
try:
scenario = EC2InstanceScenario(
EC2InstanceWrapper.from_client(),
KeyPairWrapper.from_client(),
SecurityGroupWrapper.from_client(),
ElasticIpWrapper.from_client(),
boto3.client("ssm"),
)
scenario.run_scenario()
except Exception:
logging.exception("Something went wrong with the demo.")
```
定义一个包装密钥对操作的类。
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def create(self, key_name: str) -> dict:
"""
Creates a key pair that can be used to securely connect to an EC2 instance.
The returned key pair contains private key information that cannot be retrieved
again. The private key data is stored as a .pem file.
:param key_name: The name of the key pair to create.
:return: A dictionary representing the Boto3 KeyPair object that represents the newly created key pair.
:raises ClientError: If there is an error in creating the key pair, for example, if a key pair with the same name already exists.
"""
try:
response = self.ec2_client.create_key_pair(KeyName=key_name)
self.key_pair = response
self.key_file_path = os.path.join(
self.key_file_dir.name, f"{self.key_pair['KeyName']}.pem"
)
with open(self.key_file_path, "w") as key_file:
key_file.write(self.key_pair["KeyMaterial"])
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidKeyPair.Duplicate":
logger.error(
f"A key pair called {key_name} already exists. "
"Please choose a different name for your key pair "
"or delete the existing key pair before creating."
)
raise
else:
return self.key_pair
def list(self, limit: Optional[int] = None) -> None:
"""
Displays a list of key pairs for the current account.
WARNING: Results are not paginated.
:param limit: The maximum number of key pairs to list. If not specified,
all key pairs will be listed.
:raises ClientError: If there is an error in listing the key pairs.
"""
try:
response = self.ec2_client.describe_key_pairs()
key_pairs = response.get("KeyPairs", [])
if limit:
key_pairs = key_pairs[:limit]
for key_pair in key_pairs:
logger.info(
f"Found {key_pair['KeyType']} key '{key_pair['KeyName']}' with fingerprint:"
)
logger.info(f"\t{key_pair['KeyFingerprint']}")
except ClientError as err:
logger.error(f"Failed to list key pairs: {str(err)}")
raise
def delete(self, key_name: str) -> bool:
"""
Deletes a key pair by its name.
:param key_name: The name of the key pair to delete.
:return: A boolean indicating whether the deletion was successful.
:raises ClientError: If there is an error in deleting the key pair, for example,
if the key pair does not exist.
"""
try:
self.ec2_client.delete_key_pair(KeyName=key_name)
logger.info(f"Successfully deleted key pair: {key_name}")
self.key_pair = None
return True
except self.ec2_client.exceptions.ClientError as err:
logger.error(f"Deletion failed for key pair: {key_name}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidKeyPair.NotFound":
logger.error(
f"The key pair '{key_name}' does not exist and cannot be deleted. "
"Please verify the key pair name and try again."
)
raise
```
定义一个包装安全组操作的类。
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(self, group_name: str, group_description: str) -> str:
"""
Creates a security group in the default virtual private cloud (VPC) of the current account.
:param group_name: The name of the security group to create.
:param group_description: The description of the security group to create.
:return: The ID of the newly created security group.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
try:
response = self.ec2_client.create_security_group(
GroupName=group_name, Description=group_description
)
self.security_group = response["GroupId"]
except ClientError as err:
if err.response["Error"]["Code"] == "ResourceAlreadyExists":
logger.error(
f"Security group '{group_name}' already exists. Please choose a different name."
)
raise
else:
return self.security_group
def authorize_ingress(self, ssh_ingress_ip: str) -> Optional[Dict[str, Any]]:
"""
Adds a rule to the security group to allow access to SSH.
:param ssh_ingress_ip: The IP address that is granted inbound access to connect
to port 22 over TCP, used for SSH.
:return: The response to the authorization request. The 'Return' field of the
response indicates whether the request succeeded or failed, or None if no security group is set.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
if self.security_group is None:
logger.info("No security group to update.")
return None
try:
ip_permissions = [
{
# SSH ingress open to only the specified IP address.
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"IpRanges": [{"CidrIp": f"{ssh_ingress_ip}/32"}],
}
]
response = self.ec2_client.authorize_security_group_ingress(
GroupId=self.security_group, IpPermissions=ip_permissions
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidPermission.Duplicate":
logger.error(
f"The SSH ingress rule for IP {ssh_ingress_ip} already exists"
f"in security group '{self.security_group}'."
)
raise
else:
return response
def describe(self, security_group_id: Optional[str] = None) -> bool:
"""
Displays information about the specified security group or all security groups if no ID is provided.
:param security_group_id: The ID of the security group to describe.
If None, an open search is performed to describe all security groups.
:returns: True if the description is successful.
:raises ClientError: If there is an error describing the security group(s), such as an invalid security group ID.
"""
try:
paginator = self.ec2_client.get_paginator("describe_security_groups")
if security_group_id is None:
# If no ID is provided, return all security groups.
page_iterator = paginator.paginate()
else:
page_iterator = paginator.paginate(GroupIds=[security_group_id])
for page in page_iterator:
for security_group in page["SecurityGroups"]:
print(f"Security group: {security_group['GroupName']}")
print(f"\tID: {security_group['GroupId']}")
print(f"\tVPC: {security_group['VpcId']}")
if security_group["IpPermissions"]:
print("Inbound permissions:")
pp(security_group["IpPermissions"])
return True
except ClientError as err:
logger.error("Failed to describe security group(s).")
if err.response["Error"]["Code"] == "InvalidGroup.NotFound":
logger.error(
f"Security group {security_group_id} does not exist "
f"because the specified security group ID was not found."
)
raise
def delete(self, security_group_id: str) -> bool:
"""
Deletes the specified security group.
:param security_group_id: The ID of the security group to delete. Required.
:returns: True if the deletion is successful.
:raises ClientError: If the security group cannot be deleted due to an AWS service error.
"""
try:
self.ec2_client.delete_security_group(GroupId=security_group_id)
logger.info(f"Successfully deleted security group '{security_group_id}'")
return True
except ClientError as err:
logger.error(f"Deletion failed for security group '{security_group_id}'")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidGroup.NotFound":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it does not exist."
)
elif error_code == "DependencyViolation":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it is still in use."
" Verify that it is:"
"\n\t- Detached from resources"
"\n\t- Removed from references in other groups"
"\n\t- Removed from VPC's as a default group"
)
raise
```
定义一个包装实例操作的类。
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(
self,
image_id: str,
instance_type: str,
key_pair_name: str,
security_group_ids: Optional[List[str]] = None,
) -> List[Dict[str, Any]]:
"""
Creates a new EC2 instance in the default VPC of the current account.
The instance starts immediately after it is created.
:param image_id: The ID of the Amazon Machine Image (AMI) to use for the instance.
:param instance_type: The type of instance to create, such as 't2.micro'.
:param key_pair_name: The name of the key pair to use for SSH access.
:param security_group_ids: A list of security group IDs to associate with the instance.
If not specified, the default security group of the VPC is used.
:return: A list of dictionaries representing Boto3 Instance objects representing the newly created instances.
"""
try:
instance_params = {
"ImageId": image_id,
"InstanceType": instance_type,
"KeyName": key_pair_name,
}
if security_group_ids is not None:
instance_params["SecurityGroupIds"] = security_group_ids
response = self.ec2_client.run_instances(
**instance_params, MinCount=1, MaxCount=1
)
instance = response["Instances"][0]
self.instances.append(instance)
waiter = self.ec2_client.get_waiter("instance_running")
waiter.wait(InstanceIds=[instance["InstanceId"]])
except ClientError as err:
params_str = "\n\t".join(
f"{key}: {value}" for key, value in instance_params.items()
)
logger.error(
f"Failed to complete instance creation request.\nRequest details:{params_str}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InstanceLimitExceeded":
logger.error(
(
f"Insufficient capacity for instance type '{instance_type}'. "
"Terminate unused instances or contact AWS Support for a limit increase."
)
)
if error_code == "InsufficientInstanceCapacity":
logger.error(
(
f"Insufficient capacity for instance type '{instance_type}'. "
"Select a different instance type or launch in a different availability zone."
)
)
raise
return self.instances
def display(self, state_filter: Optional[str] = "running") -> None:
"""
Displays information about instances, filtering by the specified state.
:param state_filter: The instance state to include in the output. Only instances in this state
will be displayed. Default is 'running'. Example states: 'running', 'stopped'.
"""
if not self.instances:
logger.info("No instances to display.")
return
instance_ids = [instance["InstanceId"] for instance in self.instances]
paginator = self.ec2_client.get_paginator("describe_instances")
page_iterator = paginator.paginate(InstanceIds=instance_ids)
try:
for page in page_iterator:
for reservation in page["Reservations"]:
for instance in reservation["Instances"]:
instance_state = instance["State"]["Name"]
# Apply the state filter (default is 'running')
if state_filter and instance_state != state_filter:
continue # Skip this instance if it doesn't match the filter
# Create a formatted string with instance details
instance_info = (
f"• ID: {instance['InstanceId']}\n"
f"• Image ID: {instance['ImageId']}\n"
f"• Instance type: {instance['InstanceType']}\n"
f"• Key name: {instance['KeyName']}\n"
f"• VPC ID: {instance['VpcId']}\n"
f"• Public IP: {instance.get('PublicIpAddress', 'N/A')}\n"
f"• State: {instance_state}"
)
print(instance_info)
except ClientError as err:
logger.error(
f"Failed to display instance(s). : {' '.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
logger.error(
"One or more instance IDs do not exist. "
"Please verify the instance IDs and try again."
)
raise
def terminate(self) -> None:
"""
Terminates instances and waits for them to reach the terminated state.
"""
if not self.instances:
logger.info("No instances to terminate.")
return
instance_ids = [instance["InstanceId"] for instance in self.instances]
try:
self.ec2_client.terminate_instances(InstanceIds=instance_ids)
waiter = self.ec2_client.get_waiter("instance_terminated")
waiter.wait(InstanceIds=instance_ids)
self.instances.clear()
for instance_id in instance_ids:
print(f"• Instance ID: {instance_id}\n" f"• Action: Terminated")
except ClientError as err:
logger.error(
f"Failed instance termination details:\n\t{str(self.instances)}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
logger.error(
"One or more instance IDs do not exist. "
"Please verify the instance IDs and try again."
)
raise
def start(self) -> Optional[Dict[str, Any]]:
"""
Starts instances and waits for them to be in a running state.
:return: The response to the start request.
"""
if not self.instances:
logger.info("No instances to start.")
return None
instance_ids = [instance["InstanceId"] for instance in self.instances]
try:
start_response = self.ec2_client.start_instances(InstanceIds=instance_ids)
waiter = self.ec2_client.get_waiter("instance_running")
waiter.wait(InstanceIds=instance_ids)
return start_response
except ClientError as err:
logger.error(
f"Failed to start instance(s): {','.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "IncorrectInstanceState":
logger.error(
"Couldn't start instance(s) because they are in an incorrect state. "
"Ensure the instances are in a stopped state before starting them."
)
raise
def stop(self) -> Optional[Dict[str, Any]]:
"""
Stops instances and waits for them to be in a stopped state.
:return: The response to the stop request, or None if there are no instances to stop.
"""
if not self.instances:
logger.info("No instances to stop.")
return None
instance_ids = [instance["InstanceId"] for instance in self.instances]
try:
# Attempt to stop the instances
stop_response = self.ec2_client.stop_instances(InstanceIds=instance_ids)
waiter = self.ec2_client.get_waiter("instance_stopped")
waiter.wait(InstanceIds=instance_ids)
except ClientError as err:
logger.error(
f"Failed to stop instance(s): {','.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "IncorrectInstanceState":
logger.error(
"Couldn't stop instance(s) because they are in an incorrect state. "
"Ensure the instances are in a running state before stopping them."
)
raise
return stop_response
def get_images(self, image_ids: List[str]) -> List[Dict[str, Any]]:
"""
Gets information about Amazon Machine Images (AMIs) from a list of AMI IDs.
:param image_ids: The list of AMI IDs to look up.
:return: A list of dictionaries representing the requested AMIs.
"""
try:
response = self.ec2_client.describe_images(ImageIds=image_ids)
images = response["Images"]
except ClientError as err:
logger.error(f"Failed to stop AMI(s): {','.join(map(str, image_ids))}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidAMIID.NotFound":
logger.error("One or more of the AMI IDs does not exist.")
raise
return images
def get_instance_types(
self, architecture: str = "x86_64", sizes: List[str] = ["*.micro", "*.small"]
) -> List[Dict[str, Any]]:
"""
Gets instance types that support the specified architecture and size.
See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypes.html
for a list of allowable parameters.
:param architecture: The architecture supported by instance types. Default: 'x86_64'.
:param sizes: The size of instance types. Default: '*.micro', '*.small',
:return: A list of dictionaries representing instance types that support the specified architecture and size.
"""
try:
inst_types = []
paginator = self.ec2_client.get_paginator("describe_instance_types")
for page in paginator.paginate(
Filters=[
{
"Name": "processor-info.supported-architecture",
"Values": [architecture],
},
{"Name": "instance-type", "Values": sizes},
]
):
inst_types += page["InstanceTypes"]
except ClientError as err:
logger.error(
f"Failed to get instance types: {architecture}, {','.join(map(str, sizes))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidParameterValue":
logger.error(
"Parameters are invalid. "
"Ensure architecture and size strings conform to DescribeInstanceTypes API reference."
)
raise
else:
return inst_types
```
定义一个包装弹性 IP 操作的类。
```
class ElasticIpWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Elastic IP address actions using the client interface."""
class ElasticIp:
"""Represents an Elastic IP and its associated instance."""
def __init__(
self, allocation_id: str, public_ip: str, instance_id: Optional[str] = None
) -> None:
"""
Initializes the ElasticIp object.
:param allocation_id: The allocation ID of the Elastic IP.
:param public_ip: The public IP address of the Elastic IP.
:param instance_id: The ID of the associated EC2 instance, if any.
"""
self.allocation_id = allocation_id
self.public_ip = public_ip
self.instance_id = instance_id
def __init__(self, ec2_client: Any) -> None:
"""
Initializes the ElasticIpWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
self.elastic_ips: List[ElasticIpWrapper.ElasticIp] = []
@classmethod
def from_client(cls) -> "ElasticIpWrapper":
"""
Creates an ElasticIpWrapper instance with a default EC2 client.
:return: An instance of ElasticIpWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def allocate(self) -> "ElasticIpWrapper.ElasticIp":
"""
Allocates an Elastic IP address that can be associated with an Amazon EC2
instance. By using an Elastic IP address, you can keep the public IP address
constant even when you restart the associated instance.
:return: The ElasticIp object for the newly created Elastic IP address.
:raises ClientError: If the allocation fails, such as reaching the maximum limit of Elastic IPs.
"""
try:
response = self.ec2_client.allocate_address(Domain="vpc")
elastic_ip = self.ElasticIp(
allocation_id=response["AllocationId"], public_ip=response["PublicIp"]
)
self.elastic_ips.append(elastic_ip)
except ClientError as err:
if err.response["Error"]["Code"] == "AddressLimitExceeded":
logger.error(
"Max IP's reached. Release unused addresses or contact AWS Support for an increase."
)
raise err
return elastic_ip
def associate(
self, allocation_id: str, instance_id: str
) -> Union[Dict[str, Any], None]:
"""
Associates an Elastic IP address with an instance. When this association is
created, the Elastic IP's public IP address is immediately used as the public
IP address of the associated instance.
:param allocation_id: The allocation ID of the Elastic IP.
:param instance_id: The ID of the Amazon EC2 instance.
:return: A response that contains the ID of the association, or None if no Elastic IP is found.
:raises ClientError: If the association fails, such as when the instance ID is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None:
logger.info(f"No Elastic IP found with allocation ID {allocation_id}.")
return None
try:
response = self.ec2_client.associate_address(
AllocationId=allocation_id, InstanceId=instance_id
)
elastic_ip.instance_id = (
instance_id # Track the instance associated with this Elastic IP.
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidInstanceID.NotFound":
logger.error(
f"Failed to associate Elastic IP {allocation_id} with {instance_id} "
"because the specified instance ID does not exist or has not propagated fully. "
"Verify the instance ID and try again, or wait a few moments before attempting to "
"associate the Elastic IP address."
)
raise
return response
def disassociate(self, allocation_id: str) -> None:
"""
Removes an association between an Elastic IP address and an instance. When the
association is removed, the instance is assigned a new public IP address.
:param allocation_id: The allocation ID of the Elastic IP to disassociate.
:raises ClientError: If the disassociation fails, such as when the association ID is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None or elastic_ip.instance_id is None:
logger.info(
f"No association found for Elastic IP with allocation ID {allocation_id}."
)
return
try:
# Retrieve the association ID before disassociating
response = self.ec2_client.describe_addresses(AllocationIds=[allocation_id])
association_id = response["Addresses"][0].get("AssociationId")
if association_id:
self.ec2_client.disassociate_address(AssociationId=association_id)
elastic_ip.instance_id = None # Remove the instance association
else:
logger.info(
f"No Association ID found for Elastic IP with allocation ID {allocation_id}."
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidAssociationID.NotFound":
logger.error(
f"Failed to disassociate Elastic IP {allocation_id} "
"because the specified association ID for the Elastic IP address was not found. "
"Verify the association ID and ensure the Elastic IP is currently associated with a "
"resource before attempting to disassociate it."
)
raise
def release(self, allocation_id: str) -> None:
"""
Releases an Elastic IP address. After the Elastic IP address is released,
it can no longer be used.
:param allocation_id: The allocation ID of the Elastic IP to release.
:raises ClientError: If the release fails, such as when the Elastic IP address is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None:
logger.info(f"No Elastic IP found with allocation ID {allocation_id}.")
return
try:
self.ec2_client.release_address(AllocationId=allocation_id)
self.elastic_ips.remove(elastic_ip) # Remove the Elastic IP from the list
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidAddress.NotFound":
logger.error(
f"Failed to release Elastic IP address {allocation_id} "
"because it could not be found. Verify the Elastic IP address "
"and ensure it is allocated to your account in the correct region "
"before attempting to release it."
)
raise
@staticmethod
def get_elastic_ip_by_allocation(
elastic_ips: List["ElasticIpWrapper.ElasticIp"], allocation_id: str
) -> Optional["ElasticIpWrapper.ElasticIp"]:
"""
Retrieves an Elastic IP object by its allocation ID from a given list of Elastic IPs.
:param elastic_ips: A list of ElasticIp objects.
:param allocation_id: The allocation ID of the Elastic IP to retrieve.
:return: The ElasticIp object associated with the allocation ID, or None if not found.
"""
return next(
(ip for ip in elastic_ips if ip.allocation_id == allocation_id), None
)
```
+ 有关 API 详细信息,请参阅《AWS SDK for Python (Boto3) API Reference》**中的以下主题。
+ [AllocateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AllocateAddress)
+ [AssociateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AssociateAddress)
+ [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AuthorizeSecurityGroupIngress)
+ [CreateKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateKeyPair)
+ [CreateSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateSecurityGroup)
+ [DeleteKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteKeyPair)
+ [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteSecurityGroup)
+ [DescribeImages](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeImages)
+ [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstanceTypes)
+ [DescribeInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstances)
+ [DescribeKeyPairs](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeKeyPairs)
+ [DescribeSecurityGroups](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeSecurityGroups)
+ [DisassociateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DisassociateAddress)
+ [ReleaseAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/ReleaseAddress)
+ [RunInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/RunInstances)
+ [StartInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/StartInstances)
+ [StopInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/StopInstances)
+ [TerminateInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/TerminateInstances)
+ [UnmonitorInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/UnmonitorInstances)
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
该 EC2InstanceScenario 实现包含将示例作为一个整体运行的逻辑。
```
//! Scenario that uses the AWS SDK for Rust (the SDK) with Amazon Elastic Compute Cloud
//! (Amazon EC2) to do the following:
//!
//! * Create a key pair that is used to secure SSH communication between your computer and
//! an EC2 instance.
//! * Create a security group that acts as a virtual firewall for your EC2 instances to
//! control incoming and outgoing traffic.
//! * Find an Amazon Machine Image (AMI) and a compatible instance type.
//! * Create an instance that is created from the instance type and AMI you select, and
//! is configured to use the security group and key pair created in this example.
//! * Stop and restart the instance.
//! * Create an Elastic IP address and associate it as a consistent IP address for your instance.
//! * Connect to your instance with SSH, using both its public IP address and your Elastic IP
//! address.
//! * Clean up all of the resources created by this example.
use std::net::Ipv4Addr;
use crate::{
ec2::{EC2Error, EC2},
getting_started::{key_pair::KeyPairManager, util::Util},
ssm::SSM,
};
use aws_sdk_ssm::types::Parameter;
use super::{
elastic_ip::ElasticIpManager, instance::InstanceManager, security_group::SecurityGroupManager,
util::ScenarioImage,
};
pub struct Ec2InstanceScenario {
ec2: EC2,
ssm: SSM,
util: Util,
key_pair_manager: KeyPairManager,
security_group_manager: SecurityGroupManager,
instance_manager: InstanceManager,
elastic_ip_manager: ElasticIpManager,
}
impl Ec2InstanceScenario {
pub fn new(ec2: EC2, ssm: SSM, util: Util) -> Self {
Ec2InstanceScenario {
ec2,
ssm,
util,
key_pair_manager: Default::default(),
security_group_manager: Default::default(),
instance_manager: Default::default(),
elastic_ip_manager: Default::default(),
}
}
pub async fn run(&mut self) -> Result<(), EC2Error> {
self.create_and_list_key_pairs().await?;
self.create_security_group().await?;
self.create_instance().await?;
self.stop_and_start_instance().await?;
self.associate_elastic_ip().await?;
self.stop_and_start_instance().await?;
Ok(())
}
/// 1. Creates an RSA key pair and saves its private key data as a .pem file in secure
/// temporary storage. The private key data is deleted after the example completes.
/// 2. Optionally, lists the first five key pairs for the current account.
pub async fn create_and_list_key_pairs(&mut self) -> Result<(), EC2Error> {
println!( "Let's create an RSA key pair that you can be use to securely connect to your EC2 instance.");
let key_name = self.util.prompt_key_name()?;
self.key_pair_manager
.create(&self.ec2, &self.util, key_name)
.await?;
println!(
"Created a key pair {} and saved the private key to {:?}.",
self.key_pair_manager
.key_pair()
.key_name()
.ok_or_else(|| EC2Error::new("No key name after creating key"))?,
self.key_pair_manager
.key_file_path()
.ok_or_else(|| EC2Error::new("No key file after creating key"))?
);
if self.util.should_list_key_pairs()? {
for pair in self.key_pair_manager.list(&self.ec2).await? {
println!(
"Found {:?} key {} with fingerprint:\t{:?}",
pair.key_type(),
pair.key_name().unwrap_or("Unknown"),
pair.key_fingerprint()
);
}
}
Ok(())
}
/// 1. Creates a security group for the default VPC.
/// 2. Adds an inbound rule to allow SSH. The SSH rule allows only
/// inbound traffic from the current computer’s public IPv4 address.
/// 3. Displays information about the security group.
///
/// This function uses to get the current public IP
/// address of the computer that is running the example. This method works in most
/// cases. However, depending on how your computer connects to the internet, you
/// might have to manually add your public IP address to the security group by using
/// the AWS Management Console.
pub async fn create_security_group(&mut self) -> Result<(), EC2Error> {
println!("Let's create a security group to manage access to your instance.");
let group_name = self.util.prompt_security_group_name()?;
self.security_group_manager
.create(
&self.ec2,
&group_name,
"Security group for example: get started with instances.",
)
.await?;
println!(
"Created security group {} in your default VPC {}.",
self.security_group_manager.group_name(),
self.security_group_manager
.vpc_id()
.unwrap_or("(unknown vpc)")
);
let check_ip = self.util.do_get("https://checkip.amazonaws.com").await?;
let current_ip_address: Ipv4Addr = check_ip.trim().parse().map_err(|e| {
EC2Error::new(format!(
"Failed to convert response {} to IP Address: {e:?}",
check_ip
))
})?;
println!("Your public IP address seems to be {current_ip_address}");
if self.util.should_add_to_security_group() {
match self
.security_group_manager
.authorize_ingress(&self.ec2, current_ip_address)
.await
{
Ok(_) => println!("Security group rules updated"),
Err(err) => eprintln!("Couldn't update security group rules: {err:?}"),
}
}
println!("{}", self.security_group_manager);
Ok(())
}
/// 1. Gets a list of Amazon Linux 2 AMIs from AWS Systems Manager. Specifying the
/// '/aws/service/ami-amazon-linux-latest' path returns only the latest AMIs.
/// 2. Gets and displays information about the available AMIs and lets you select one.
/// 3. Gets a list of instance types that are compatible with the selected AMI and
/// lets you select one.
/// 4. Creates an instance with the previously created key pair and security group,
/// and the selected AMI and instance type.
/// 5. Waits for the instance to be running and then displays its information.
pub async fn create_instance(&mut self) -> Result<(), EC2Error> {
let ami = self.find_image().await?;
let instance_types = self
.ec2
.list_instance_types(&ami.0)
.await
.map_err(|e| e.add_message("Could not find instance types"))?;
println!(
"There are several instance types that support the {} architecture of the image.",
ami.0
.architecture
.as_ref()
.ok_or_else(|| EC2Error::new(format!("Missing architecture in {:?}", ami.0)))?
);
let instance_type = self.util.select_instance_type(instance_types)?;
println!("Creating your instance and waiting for it to start...");
self.instance_manager
.create(
&self.ec2,
ami.0
.image_id()
.ok_or_else(|| EC2Error::new("Could not find image ID"))?,
instance_type,
self.key_pair_manager.key_pair(),
self.security_group_manager
.security_group()
.map(|sg| vec![sg])
.ok_or_else(|| EC2Error::new("Could not find security group"))?,
)
.await
.map_err(|e| e.add_message("Scenario failed to create instance"))?;
while let Err(err) = self
.ec2
.wait_for_instance_ready(self.instance_manager.instance_id(), None)
.await
{
println!("{err}");
if !self.util.should_continue_waiting() {
return Err(err);
}
}
println!("Your instance is ready:\n{}", self.instance_manager);
self.display_ssh_info();
Ok(())
}
async fn find_image(&mut self) -> Result {
let params: Vec = self
.ssm
.list_path("/aws/service/ami-amazon-linux-latest")
.await
.map_err(|e| e.add_message("Could not find parameters for available images"))?
.into_iter()
.filter(|param| param.name().is_some_and(|name| name.contains("amzn2")))
.collect();
let amzn2_images: Vec = self
.ec2
.list_images(params)
.await
.map_err(|e| e.add_message("Could not find images"))?
.into_iter()
.map(ScenarioImage::from)
.collect();
println!("We will now create an instance from an Amazon Linux 2 AMI");
let ami = self.util.select_scenario_image(amzn2_images)?;
Ok(ami)
}
// 1. Stops the instance and waits for it to stop.
// 2. Starts the instance and waits for it to start.
// 3. Displays information about the instance.
// 4. Displays an SSH connection string. When an Elastic IP address is associated
// with the instance, the IP address stays consistent when the instance stops
// and starts.
pub async fn stop_and_start_instance(&self) -> Result<(), EC2Error> {
println!("Let's stop and start your instance to see what changes.");
println!("Stopping your instance and waiting until it's stopped...");
self.instance_manager.stop(&self.ec2).await?;
println!("Your instance is stopped. Restarting...");
self.instance_manager.start(&self.ec2).await?;
println!("Your instance is running.");
println!("{}", self.instance_manager);
if self.elastic_ip_manager.public_ip() == "0.0.0.0" {
println!("Every time your instance is restarted, its public IP address changes.");
} else {
println!(
"Because you have associated an Elastic IP with your instance, you can connect by using a consistent IP address after the instance restarts."
);
}
self.display_ssh_info();
Ok(())
}
/// 1. Allocates an Elastic IP address and associates it with the instance.
/// 2. Displays an SSH connection string that uses the Elastic IP address.
async fn associate_elastic_ip(&mut self) -> Result<(), EC2Error> {
self.elastic_ip_manager.allocate(&self.ec2).await?;
println!(
"Allocated static Elastic IP address: {}",
self.elastic_ip_manager.public_ip()
);
self.elastic_ip_manager
.associate(&self.ec2, self.instance_manager.instance_id())
.await?;
println!("Associated your Elastic IP with your instance.");
println!("You can now use SSH to connect to your instance by using the Elastic IP.");
self.display_ssh_info();
Ok(())
}
/// Displays an SSH connection string that can be used to connect to a running
/// instance.
fn display_ssh_info(&self) {
let ip_addr = if self.elastic_ip_manager.has_allocation() {
self.elastic_ip_manager.public_ip()
} else {
self.instance_manager.instance_ip()
};
let key_file_path = self.key_pair_manager.key_file_path().unwrap();
println!("To connect, open another command prompt and run the following command:");
println!("\nssh -i {} ec2-user@{ip_addr}\n", key_file_path.display());
let _ = self.util.enter_to_continue();
}
/// 1. Disassociate and delete the previously created Elastic IP.
/// 2. Terminate the previously created instance.
/// 3. Delete the previously created security group.
/// 4. Delete the previously created key pair.
pub async fn clean_up(self) {
println!("Let's clean everything up. This example created these resources:");
println!(
"\tKey pair: {}",
self.key_pair_manager
.key_pair()
.key_name()
.unwrap_or("(unknown key pair)")
);
println!(
"\tSecurity group: {}",
self.security_group_manager.group_name()
);
println!(
"\tInstance: {}",
self.instance_manager.instance_display_name()
);
if self.util.should_clean_resources() {
if let Err(err) = self.elastic_ip_manager.remove(&self.ec2).await {
eprintln!("{err}")
}
if let Err(err) = self.instance_manager.delete(&self.ec2).await {
eprintln!("{err}")
}
if let Err(err) = self.security_group_manager.delete(&self.ec2).await {
eprintln!("{err}");
}
if let Err(err) = self.key_pair_manager.delete(&self.ec2, &self.util).await {
eprintln!("{err}");
}
} else {
println!("Ok, not cleaning up any resources!");
}
}
}
pub async fn run(mut scenario: Ec2InstanceScenario) {
println!("--------------------------------------------------------------------------------");
println!(
"Welcome to the Amazon Elastic Compute Cloud (Amazon EC2) get started with instances demo."
);
println!("--------------------------------------------------------------------------------");
if let Err(err) = scenario.run().await {
eprintln!("There was an error running the scenario: {err}")
}
println!("--------------------------------------------------------------------------------");
scenario.clean_up().await;
println!("Thanks for running!");
println!("--------------------------------------------------------------------------------");
}
```
EC2Impl 结构体用作测试的自动模拟点,其函数封装了 EC2 SDK 调用。
```
use std::{net::Ipv4Addr, time::Duration};
use aws_sdk_ec2::{
client::Waiters,
error::ProvideErrorMetadata,
operation::{
allocate_address::AllocateAddressOutput, associate_address::AssociateAddressOutput,
},
types::{
DomainType, Filter, Image, Instance, InstanceType, IpPermission, IpRange, KeyPairInfo,
SecurityGroup, Tag,
},
Client as EC2Client,
};
use aws_sdk_ssm::types::Parameter;
use aws_smithy_runtime_api::client::waiters::error::WaiterError;
#[cfg(test)]
use mockall::automock;
#[cfg(not(test))]
pub use EC2Impl as EC2;
#[cfg(test)]
pub use MockEC2Impl as EC2;
#[derive(Clone)]
pub struct EC2Impl {
pub client: EC2Client,
}
#[cfg_attr(test, automock)]
impl EC2Impl {
pub fn new(client: EC2Client) -> Self {
EC2Impl { client }
}
pub async fn create_key_pair(&self, name: String) -> Result<(KeyPairInfo, String), EC2Error> {
tracing::info!("Creating key pair {name}");
let output = self.client.create_key_pair().key_name(name).send().await?;
let info = KeyPairInfo::builder()
.set_key_name(output.key_name)
.set_key_fingerprint(output.key_fingerprint)
.set_key_pair_id(output.key_pair_id)
.build();
let material = output
.key_material
.ok_or_else(|| EC2Error::new("Create Key Pair has no key material"))?;
Ok((info, material))
}
pub async fn list_key_pair(&self) -> Result, EC2Error> {
let output = self.client.describe_key_pairs().send().await?;
Ok(output.key_pairs.unwrap_or_default())
}
pub async fn delete_key_pair(&self, key_name: &str) -> Result<(), EC2Error> {
let key_name: String = key_name.into();
tracing::info!("Deleting key pair {key_name}");
self.client
.delete_key_pair()
.key_name(key_name)
.send()
.await?;
Ok(())
}
pub async fn create_security_group(
&self,
name: &str,
description: &str,
) -> Result {
tracing::info!("Creating security group {name}");
let create_output = self
.client
.create_security_group()
.group_name(name)
.description(description)
.send()
.await
.map_err(EC2Error::from)?;
let group_id = create_output
.group_id
.ok_or_else(|| EC2Error::new("Missing security group id after creation"))?;
let group = self
.describe_security_group(&group_id)
.await?
.ok_or_else(|| {
EC2Error::new(format!("Could not find security group with id {group_id}"))
})?;
tracing::info!("Created security group {name} as {group_id}");
Ok(group)
}
/// Find a single security group, by ID. Returns Err if multiple groups are found.
pub async fn describe_security_group(
&self,
group_id: &str,
) -> Result, EC2Error> {
let group_id: String = group_id.into();
let describe_output = self
.client
.describe_security_groups()
.group_ids(&group_id)
.send()
.await?;
let mut groups = describe_output.security_groups.unwrap_or_default();
match groups.len() {
0 => Ok(None),
1 => Ok(Some(groups.remove(0))),
_ => Err(EC2Error::new(format!(
"Expected single group for {group_id}"
))),
}
}
/// Add an ingress rule to a security group explicitly allowing IPv4 address
/// as {ip}/32 over TCP port 22.
pub async fn authorize_security_group_ssh_ingress(
&self,
group_id: &str,
ingress_ips: Vec,
) -> Result<(), EC2Error> {
tracing::info!("Authorizing ingress for security group {group_id}");
self.client
.authorize_security_group_ingress()
.group_id(group_id)
.set_ip_permissions(Some(
ingress_ips
.into_iter()
.map(|ip| {
IpPermission::builder()
.ip_protocol("tcp")
.from_port(22)
.to_port(22)
.ip_ranges(IpRange::builder().cidr_ip(format!("{ip}/32")).build())
.build()
})
.collect(),
))
.send()
.await?;
Ok(())
}
pub async fn delete_security_group(&self, group_id: &str) -> Result<(), EC2Error> {
tracing::info!("Deleting security group {group_id}");
self.client
.delete_security_group()
.group_id(group_id)
.send()
.await?;
Ok(())
}
pub async fn list_images(&self, ids: Vec) -> Result, EC2Error> {
let image_ids = ids.into_iter().filter_map(|p| p.value).collect();
let output = self
.client
.describe_images()
.set_image_ids(Some(image_ids))
.send()
.await?;
let images = output.images.unwrap_or_default();
if images.is_empty() {
Err(EC2Error::new("No images for selected AMIs"))
} else {
Ok(images)
}
}
/// List instance types that match an image's architecture and are free tier eligible.
pub async fn list_instance_types(&self, image: &Image) -> Result, EC2Error> {
let architecture = format!(
"{}",
image.architecture().ok_or_else(|| EC2Error::new(format!(
"Image {:?} does not have a listed architecture",
image.image_id()
)))?
);
let free_tier_eligible_filter = Filter::builder()
.name("free-tier-eligible")
.values("false")
.build();
let supported_architecture_filter = Filter::builder()
.name("processor-info.supported-architecture")
.values(architecture)
.build();
let response = self
.client
.describe_instance_types()
.filters(free_tier_eligible_filter)
.filters(supported_architecture_filter)
.send()
.await?;
Ok(response
.instance_types
.unwrap_or_default()
.into_iter()
.filter_map(|iti| iti.instance_type)
.collect())
}
pub async fn create_instance<'a>(
&self,
image_id: &'a str,
instance_type: InstanceType,
key_pair: &'a KeyPairInfo,
security_groups: Vec<&'a SecurityGroup>,
) -> Result {
let run_instances = self
.client
.run_instances()
.image_id(image_id)
.instance_type(instance_type)
.key_name(
key_pair
.key_name()
.ok_or_else(|| EC2Error::new("Missing key name when launching instance"))?,
)
.set_security_group_ids(Some(
security_groups
.iter()
.filter_map(|sg| sg.group_id.clone())
.collect(),
))
.min_count(1)
.max_count(1)
.send()
.await?;
if run_instances.instances().is_empty() {
return Err(EC2Error::new("Failed to create instance"));
}
let instance_id = run_instances.instances()[0].instance_id().unwrap();
let response = self
.client
.create_tags()
.resources(instance_id)
.tags(
Tag::builder()
.key("Name")
.value("From SDK Examples")
.build(),
)
.send()
.await;
match response {
Ok(_) => tracing::info!("Created {instance_id} and applied tags."),
Err(err) => {
tracing::info!("Error applying tags to {instance_id}: {err:?}");
return Err(err.into());
}
}
tracing::info!("Instance is created.");
Ok(instance_id.to_string())
}
/// Wait for an instance to be ready and status ok (default wait 60 seconds)
pub async fn wait_for_instance_ready(
&self,
instance_id: &str,
duration: Option,
) -> Result<(), EC2Error> {
self.client
.wait_until_instance_status_ok()
.instance_ids(instance_id)
.wait(duration.unwrap_or(Duration::from_secs(60)))
.await
.map_err(|err| match err {
WaiterError::ExceededMaxWait(exceeded) => EC2Error(format!(
"Exceeded max time ({}s) waiting for instance to start.",
exceeded.max_wait().as_secs()
)),
_ => EC2Error::from(err),
})?;
Ok(())
}
pub async fn describe_instance(&self, instance_id: &str) -> Result {
let response = self
.client
.describe_instances()
.instance_ids(instance_id)
.send()
.await?;
let instance = response
.reservations()
.first()
.ok_or_else(|| EC2Error::new(format!("No instance reservations for {instance_id}")))?
.instances()
.first()
.ok_or_else(|| {
EC2Error::new(format!("No instances in reservation for {instance_id}"))
})?;
Ok(instance.clone())
}
pub async fn start_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Starting instance {instance_id}");
self.client
.start_instances()
.instance_ids(instance_id)
.send()
.await?;
tracing::info!("Started instance.");
Ok(())
}
pub async fn stop_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Stopping instance {instance_id}");
self.client
.stop_instances()
.instance_ids(instance_id)
.send()
.await?;
self.wait_for_instance_stopped(instance_id, None).await?;
tracing::info!("Stopped instance.");
Ok(())
}
pub async fn reboot_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Rebooting instance {instance_id}");
self.client
.reboot_instances()
.instance_ids(instance_id)
.send()
.await?;
Ok(())
}
pub async fn wait_for_instance_stopped(
&self,
instance_id: &str,
duration: Option,
) -> Result<(), EC2Error> {
self.client
.wait_until_instance_stopped()
.instance_ids(instance_id)
.wait(duration.unwrap_or(Duration::from_secs(60)))
.await
.map_err(|err| match err {
WaiterError::ExceededMaxWait(exceeded) => EC2Error(format!(
"Exceeded max time ({}s) waiting for instance to stop.",
exceeded.max_wait().as_secs(),
)),
_ => EC2Error::from(err),
})?;
Ok(())
}
pub async fn delete_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Deleting instance with id {instance_id}");
self.stop_instance(instance_id).await?;
self.client
.terminate_instances()
.instance_ids(instance_id)
.send()
.await?;
self.wait_for_instance_terminated(instance_id).await?;
tracing::info!("Terminated instance with id {instance_id}");
Ok(())
}
async fn wait_for_instance_terminated(&self, instance_id: &str) -> Result<(), EC2Error> {
self.client
.wait_until_instance_terminated()
.instance_ids(instance_id)
.wait(Duration::from_secs(60))
.await
.map_err(|err| match err {
WaiterError::ExceededMaxWait(exceeded) => EC2Error(format!(
"Exceeded max time ({}s) waiting for instance to terminate.",
exceeded.max_wait().as_secs(),
)),
_ => EC2Error::from(err),
})?;
Ok(())
}
pub async fn allocate_ip_address(&self) -> Result {
self.client
.allocate_address()
.domain(DomainType::Vpc)
.send()
.await
.map_err(EC2Error::from)
}
pub async fn deallocate_ip_address(&self, allocation_id: &str) -> Result<(), EC2Error> {
self.client
.release_address()
.allocation_id(allocation_id)
.send()
.await?;
Ok(())
}
pub async fn associate_ip_address(
&self,
allocation_id: &str,
instance_id: &str,
) -> Result {
let response = self
.client
.associate_address()
.allocation_id(allocation_id)
.instance_id(instance_id)
.send()
.await?;
Ok(response)
}
pub async fn disassociate_ip_address(&self, association_id: &str) -> Result<(), EC2Error> {
self.client
.disassociate_address()
.association_id(association_id)
.send()
.await?;
Ok(())
}
}
#[derive(Debug)]
pub struct EC2Error(String);
impl EC2Error {
pub fn new(value: impl Into) -> Self {
EC2Error(value.into())
}
pub fn add_message(self, message: impl Into) -> Self {
EC2Error(format!("{}: {}", message.into(), self.0))
}
}
impl From for EC2Error {
fn from(value: T) -> Self {
EC2Error(format!(
"{}: {}",
value
.code()
.map(String::from)
.unwrap_or("unknown code".into()),
value
.message()
.map(String::from)
.unwrap_or("missing reason".into()),
))
}
}
impl std::error::Error for EC2Error {}
impl std::fmt::Display for EC2Error {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{}", self.0)
}
}
```
SSM 结构体用作测试的自动模拟点,其函数封装了 SSM SDK 调用。
```
use aws_sdk_ssm::{types::Parameter, Client};
use aws_smithy_async::future::pagination_stream::TryFlatMap;
use crate::ec2::EC2Error;
#[cfg(test)]
use mockall::automock;
#[cfg(not(test))]
pub use SSMImpl as SSM;
#[cfg(test)]
pub use MockSSMImpl as SSM;
pub struct SSMImpl {
inner: Client,
}
#[cfg_attr(test, automock)]
impl SSMImpl {
pub fn new(inner: Client) -> Self {
SSMImpl { inner }
}
pub async fn list_path(&self, path: &str) -> Result, EC2Error> {
let maybe_params: Vec> = TryFlatMap::new(
self.inner
.get_parameters_by_path()
.path(path)
.into_paginator()
.send(),
)
.flat_map(|item| item.parameters.unwrap_or_default())
.collect()
.await;
// Fail on the first error
let params = maybe_params
.into_iter()
.collect::, _>>()?;
Ok(params)
}
}
```
此场景使用多个“管理器”风格的结构体,来处理对在整个场景中创建和删除的资源的访问。
```
use aws_sdk_ec2::operation::{
allocate_address::AllocateAddressOutput, associate_address::AssociateAddressOutput,
};
use crate::ec2::{EC2Error, EC2};
/// ElasticIpManager tracks the lifecycle of a public IP address, including its
/// allocation from the global pool and association with a specific instance.
#[derive(Debug, Default)]
pub struct ElasticIpManager {
elastic_ip: Option,
association: Option,
}
impl ElasticIpManager {
pub fn has_allocation(&self) -> bool {
self.elastic_ip.is_some()
}
pub fn public_ip(&self) -> &str {
if let Some(allocation) = &self.elastic_ip {
if let Some(addr) = allocation.public_ip() {
return addr;
}
}
"0.0.0.0"
}
pub async fn allocate(&mut self, ec2: &EC2) -> Result<(), EC2Error> {
let allocation = ec2.allocate_ip_address().await?;
self.elastic_ip = Some(allocation);
Ok(())
}
pub async fn associate(&mut self, ec2: &EC2, instance_id: &str) -> Result<(), EC2Error> {
if let Some(allocation) = &self.elastic_ip {
if let Some(allocation_id) = allocation.allocation_id() {
let association = ec2.associate_ip_address(allocation_id, instance_id).await?;
self.association = Some(association);
return Ok(());
}
}
Err(EC2Error::new("No ip address allocation to associate"))
}
pub async fn remove(mut self, ec2: &EC2) -> Result<(), EC2Error> {
if let Some(association) = &self.association {
if let Some(association_id) = association.association_id() {
ec2.disassociate_ip_address(association_id).await?;
}
}
self.association = None;
if let Some(allocation) = &self.elastic_ip {
if let Some(allocation_id) = allocation.allocation_id() {
ec2.deallocate_ip_address(allocation_id).await?;
}
}
self.elastic_ip = None;
Ok(())
}
}
use std::fmt::Display;
use aws_sdk_ec2::types::{Instance, InstanceType, KeyPairInfo, SecurityGroup};
use crate::ec2::{EC2Error, EC2};
/// InstanceManager wraps the lifecycle of an EC2 Instance.
#[derive(Debug, Default)]
pub struct InstanceManager {
instance: Option,
}
impl InstanceManager {
pub fn instance_id(&self) -> &str {
if let Some(instance) = &self.instance {
if let Some(id) = instance.instance_id() {
return id;
}
}
"Unknown"
}
pub fn instance_name(&self) -> &str {
if let Some(instance) = &self.instance {
if let Some(tag) = instance.tags().iter().find(|e| e.key() == Some("Name")) {
if let Some(value) = tag.value() {
return value;
}
}
}
"Unknown"
}
pub fn instance_ip(&self) -> &str {
if let Some(instance) = &self.instance {
if let Some(public_ip_address) = instance.public_ip_address() {
return public_ip_address;
}
}
"0.0.0.0"
}
pub fn instance_display_name(&self) -> String {
format!("{} ({})", self.instance_name(), self.instance_id())
}
/// Create an EC2 instance with the given ID on a given type, using a
/// generated KeyPair and applying a list of security groups.
pub async fn create(
&mut self,
ec2: &EC2,
image_id: &str,
instance_type: InstanceType,
key_pair: &KeyPairInfo,
security_groups: Vec<&SecurityGroup>,
) -> Result<(), EC2Error> {
let instance_id = ec2
.create_instance(image_id, instance_type, key_pair, security_groups)
.await?;
let instance = ec2.describe_instance(&instance_id).await?;
self.instance = Some(instance);
Ok(())
}
/// Start the managed EC2 instance, if present.
pub async fn start(&self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.start_instance(self.instance_id()).await?;
}
Ok(())
}
/// Stop the managed EC2 instance, if present.
pub async fn stop(&self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.stop_instance(self.instance_id()).await?;
}
Ok(())
}
pub async fn reboot(&self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.reboot_instance(self.instance_id()).await?;
ec2.wait_for_instance_stopped(self.instance_id(), None)
.await?;
ec2.wait_for_instance_ready(self.instance_id(), None)
.await?;
}
Ok(())
}
/// Terminate and delete the managed EC2 instance, if present.
pub async fn delete(self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.delete_instance(self.instance_id()).await?;
}
Ok(())
}
}
impl Display for InstanceManager {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
if let Some(instance) = &self.instance {
writeln!(f, "\tID: {}", instance.instance_id().unwrap_or("(Unknown)"))?;
writeln!(
f,
"\tImage ID: {}",
instance.image_id().unwrap_or("(Unknown)")
)?;
writeln!(
f,
"\tInstance type: {}",
instance
.instance_type()
.map(|it| format!("{it}"))
.unwrap_or("(Unknown)".to_string())
)?;
writeln!(
f,
"\tKey name: {}",
instance.key_name().unwrap_or("(Unknown)")
)?;
writeln!(f, "\tVPC ID: {}", instance.vpc_id().unwrap_or("(Unknown)"))?;
writeln!(
f,
"\tPublic IP: {}",
instance.public_ip_address().unwrap_or("(Unknown)")
)?;
let instance_state = instance
.state
.as_ref()
.map(|is| {
is.name()
.map(|isn| format!("{isn}"))
.unwrap_or("(Unknown)".to_string())
})
.unwrap_or("(Unknown)".to_string());
writeln!(f, "\tState: {instance_state}")?;
} else {
writeln!(f, "\tNo loaded instance")?;
}
Ok(())
}
}
use std::{env, path::PathBuf};
use aws_sdk_ec2::types::KeyPairInfo;
use crate::ec2::{EC2Error, EC2};
use super::util::Util;
/// KeyPairManager tracks a KeyPairInfo and the path the private key has been
/// written to, if it's been created.
#[derive(Debug)]
pub struct KeyPairManager {
key_pair: KeyPairInfo,
key_file_path: Option,
key_file_dir: PathBuf,
}
impl KeyPairManager {
pub fn new() -> Self {
Self::default()
}
pub fn key_pair(&self) -> &KeyPairInfo {
&self.key_pair
}
pub fn key_file_path(&self) -> Option<&PathBuf> {
self.key_file_path.as_ref()
}
pub fn key_file_dir(&self) -> &PathBuf {
&self.key_file_dir
}
/// Creates a key pair that can be used to securely connect to an EC2 instance.
/// The returned key pair contains private key information that cannot be retrieved
/// again. The private key data is stored as a .pem file.
///
/// :param key_name: The name of the key pair to create.
pub async fn create(
&mut self,
ec2: &EC2,
util: &Util,
key_name: String,
) -> Result {
let (key_pair, material) = ec2.create_key_pair(key_name.clone()).await.map_err(|e| {
self.key_pair = KeyPairInfo::builder().key_name(key_name.clone()).build();
e.add_message(format!("Couldn't create key {key_name}"))
})?;
let path = self.key_file_dir.join(format!("{key_name}.pem"));
// Save the key_pair information immediately, so it can get cleaned up if write_secure fails.
self.key_file_path = Some(path.clone());
self.key_pair = key_pair.clone();
util.write_secure(&key_name, &path, material)?;
Ok(key_pair)
}
pub async fn delete(self, ec2: &EC2, util: &Util) -> Result<(), EC2Error> {
if let Some(key_name) = self.key_pair.key_name() {
ec2.delete_key_pair(key_name).await?;
if let Some(key_path) = self.key_file_path() {
if let Err(err) = util.remove(key_path) {
eprintln!("Failed to remove {key_path:?} ({err:?})");
}
}
}
Ok(())
}
pub async fn list(&self, ec2: &EC2) -> Result, EC2Error> {
ec2.list_key_pair().await
}
}
impl Default for KeyPairManager {
fn default() -> Self {
KeyPairManager {
key_pair: KeyPairInfo::builder().build(),
key_file_path: Default::default(),
key_file_dir: env::temp_dir(),
}
}
}
use std::net::Ipv4Addr;
use aws_sdk_ec2::types::SecurityGroup;
use crate::ec2::{EC2Error, EC2};
/// SecurityGroupManager tracks the lifecycle of a SecurityGroup for an instance,
/// including adding a rule to allow SSH from a public IP address.
#[derive(Debug, Default)]
pub struct SecurityGroupManager {
group_name: String,
group_description: String,
security_group: Option,
}
impl SecurityGroupManager {
pub async fn create(
&mut self,
ec2: &EC2,
group_name: &str,
group_description: &str,
) -> Result<(), EC2Error> {
self.group_name = group_name.into();
self.group_description = group_description.into();
self.security_group = Some(
ec2.create_security_group(group_name, group_description)
.await
.map_err(|e| e.add_message("Couldn't create security group"))?,
);
Ok(())
}
pub async fn authorize_ingress(&self, ec2: &EC2, ip_address: Ipv4Addr) -> Result<(), EC2Error> {
if let Some(sg) = &self.security_group {
ec2.authorize_security_group_ssh_ingress(
sg.group_id()
.ok_or_else(|| EC2Error::new("Missing security group ID"))?,
vec![ip_address],
)
.await?;
};
Ok(())
}
pub async fn delete(self, ec2: &EC2) -> Result<(), EC2Error> {
if let Some(sg) = &self.security_group {
ec2.delete_security_group(
sg.group_id()
.ok_or_else(|| EC2Error::new("Missing security group ID"))?,
)
.await?;
};
Ok(())
}
pub fn group_name(&self) -> &str {
&self.group_name
}
pub fn vpc_id(&self) -> Option<&str> {
self.security_group.as_ref().and_then(|sg| sg.vpc_id())
}
pub fn security_group(&self) -> Option<&SecurityGroup> {
self.security_group.as_ref()
}
}
impl std::fmt::Display for SecurityGroupManager {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match &self.security_group {
Some(sg) => {
writeln!(
f,
"Security group: {}",
sg.group_name().unwrap_or("(unknown group)")
)?;
writeln!(f, "\tID: {}", sg.group_id().unwrap_or("(unknown group id)"))?;
writeln!(f, "\tVPC: {}", sg.vpc_id().unwrap_or("(unknown group vpc)"))?;
if !sg.ip_permissions().is_empty() {
writeln!(f, "\tInbound Permissions:")?;
for permission in sg.ip_permissions() {
writeln!(f, "\t\t{permission:?}")?;
}
}
Ok(())
}
None => writeln!(f, "No security group loaded."),
}
}
}
```
场景的主入口点。
```
use ec2_code_examples::{
ec2::EC2,
getting_started::{
scenario::{run, Ec2InstanceScenario},
util::UtilImpl,
},
ssm::SSM,
};
#[tokio::main]
async fn main() {
tracing_subscriber::fmt::init();
let sdk_config = aws_config::load_from_env().await;
let ec2 = EC2::new(aws_sdk_ec2::Client::new(&sdk_config));
let ssm = SSM::new(aws_sdk_ssm::Client::new(&sdk_config));
let util = UtilImpl {};
let scenario = Ec2InstanceScenario::new(ec2, ssm, util);
run(scenario).await;
}
```
+ 有关 API 详细信息,请参阅《AWS SDK for Rust API Reference》**中的以下主题。
+ [AllocateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.allocate_address)
+ [AssociateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.associate_address)
+ [AuthorizeSecurityGroupIngress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.authorize_security_group_ingress)
+ [CreateKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_key_pair)
+ [CreateSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_security_group)
+ [DeleteKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_key_pair)
+ [DeleteSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_security_group)
+ [DescribeImages](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_images)
+ [DescribeInstanceTypes](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instance_types)
+ [DescribeInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instances)
+ [DescribeKeyPairs](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_key_pairs)
+ [DescribeSecurityGroups](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_security_groups)
+ [DisassociateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.disassociate_address)
+ [ReleaseAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.release_address)
+ [RunInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.run_instances)
+ [StartInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.start_instances)
+ [StopInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.stop_instances)
+ [TerminateInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.terminate_instances)
+ [UnmonitorInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.unmonitor_instances)
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
`Package.swift` 文件。
```
// swift-tools-version: 5.9
//
// The swift-tools-version declares the minimum version of Swift required to
// build this package.
import PackageDescription
let package = Package(
name: "ec2-scenario",
// Let Xcode know the minimum Apple platforms supported.
platforms: [
.macOS(.v13),
.iOS(.v15)
],
dependencies: [
// Dependencies declare other packages that this package depends on.
.package(
url: "https://github.com/awslabs/aws-sdk-swift",
from: "1.4.0"),
.package(
url: "https://github.com/apple/swift-argument-parser.git",
branch: "main"
)
],
targets: [
// Targets are the basic building blocks of a package, defining a module or a test suite.
// Targets can depend on other targets in this package and products
// from dependencies.
.executableTarget(
name: "ec2-scenario",
dependencies: [
.product(name: "AWSEC2", package: "aws-sdk-swift"),
.product(name: "AWSSSM", package: "aws-sdk-swift"),
.product(name: "ArgumentParser", package: "swift-argument-parser")
],
path: "Sources")
]
)
```
`entry.swift` 文件。
```
// An example that shows how to use the AWS SDK for Swift to perform a variety
// of operations using Amazon Elastic Compute Cloud (EC2).
//
import ArgumentParser
import Foundation
import AWSEC2
// Allow waiters to be used.
import class SmithyWaitersAPI.Waiter
import struct SmithyWaitersAPI.WaiterOptions
import AWSSSM
struct ExampleCommand: ParsableCommand {
@Option(help: "The AWS Region to run AWS API calls in.")
var awsRegion = "us-east-1"
@Option(
help: ArgumentHelp("The level of logging for the Swift SDK to perform."),
completion: .list([
"critical",
"debug",
"error",
"info",
"notice",
"trace",
"warning"
])
)
var logLevel: String = "error"
static var configuration = CommandConfiguration(
commandName: "ec2-scenario",
abstract: """
Performs various operations to demonstrate the use of Amazon EC2 using the
AWS SDK for Swift.
""",
discussion: """
"""
)
/// Called by ``main()`` to run the bulk of the example.
func runAsync() async throws {
let ssmConfig = try await SSMClient.SSMClientConfiguration(region: awsRegion)
let ssmClient = SSMClient(config: ssmConfig)
let ec2Config = try await EC2Client.EC2ClientConfiguration(region: awsRegion)
let ec2Client = EC2Client(config: ec2Config)
let example = Example(ec2Client: ec2Client, ssmClient: ssmClient)
await example.run()
}
}
class Example {
let ec2Client: EC2Client
let ssmClient: SSMClient
// Storage for AWS EC2 properties.
var keyName: String? = nil
var securityGroupId: String? = nil
var instanceId: String? = nil
var allocationId: String? = nil
var associationId: String? = nil
init(ec2Client: EC2Client, ssmClient: SSMClient) {
self.ec2Client = ec2Client
self.ssmClient = ssmClient
}
/// The example's main body.
func run() async {
//=====================================================================
// 1. Create an RSA key pair, saving the private key as a `.pem` file.
// Create a `defer` block that will delete the private key when the
// program exits.
//=====================================================================
print("Creating an RSA key pair...")
keyName = self.tempName(prefix: "ExampleKeyName")
let keyUrl = await self.createKeyPair(name: keyName!)
guard let keyUrl else {
print("*** Failed to create the key pair!")
return
}
print("Created the private key at: \(keyUrl.absoluteString)")
// Schedule deleting the private key file to occur automatically when
// the program exits, no matter how it exits.
defer {
do {
try FileManager.default.removeItem(at: keyUrl)
} catch {
print("*** Failed to delete the private key at \(keyUrl.absoluteString)")
}
}
//=====================================================================
// 2. List the key pairs by calling `DescribeKeyPairs`.
//=====================================================================
print("Describing available key pairs...")
await self.describeKeyPairs()
//=====================================================================
// 3. Create a security group for the default VPC, and add an inbound
// rule to allow SSH from the current computer's public IPv4
// address.
//=====================================================================
print("Creating the security group...")
let secGroupName = self.tempName(prefix: "ExampleSecurityGroup")
let ipAddress = self.getMyIPAddress()
guard let ipAddress else {
print("*** Unable to get the device's IP address.")
return
}
print("IP address is: \(ipAddress)")
securityGroupId = await self.createSecurityGroup(
name: secGroupName,
description: "An example security group created using the AWS SDK for Swift"
)
if securityGroupId == nil {
await cleanUp()
return
}
print("Created security group: \(securityGroupId ?? "")")
if !(await self.authorizeSecurityGroupIngress(groupId: securityGroupId!, ipAddress: ipAddress)) {
await cleanUp()
return
}
//=====================================================================
// 4. Display security group information for the new security group
// using DescribeSecurityGroups.
//=====================================================================
if !(await self.describeSecurityGroups(groupId: securityGroupId!)) {
await cleanUp()
return
}
//=====================================================================
// 5. Get a list of Amazon Linux 2023 AMIs and pick one (SSM is the
// best practice), using path and then filter the list after the
// fact to include "al2023" in the Name field
// (ssm.GetParametersByPath). Paginate to get all images.
//=====================================================================
print("Searching available images for Amazon Linux 2023 images...")
let options = await self.findAMIsMatchingFilter("al2023")
//=====================================================================
// 6. The information in the AMI options isn't great, so make a list
// of the image IDs (the "Value" field in the AMI options) and get
// more information about them from EC2. Display the Description
// field and select one of them (DescribeImages with ImageIds
// filter).
//=====================================================================
print("Images matching Amazon Linux 2023:")
var imageIds: [String] = []
for option in options {
guard let id = option.value else {
continue
}
imageIds.append(id)
}
let images = await self.describeImages(imageIds)
// This is where you would normally let the user choose which AMI to
// use. However, for this example, we're just going to use the first
// one, whatever it is.
let chosenImage = images[0]
//=====================================================================
// 7. Get a list of instance types that are compatible with the
// selected AMI's architecture (such as "x86_64") and are either
// small or micro. Select one (DescribeInstanceTypes).
//=====================================================================
print("Getting the instance types compatible with the selected image...")
guard let arch = chosenImage.architecture else {
print("*** The selected image doesn't have a valid architecture.")
await cleanUp()
return
}
let imageTypes = await self.getMatchingInstanceTypes(architecture: arch)
for type in imageTypes {
guard let instanceType = type.instanceType else {
continue
}
print(" \(instanceType.rawValue)")
}
// This example selects the first returned instance type. A real-world
// application would probably ask the user to select one here.
let chosenInstanceType = imageTypes[0]
//=====================================================================
// 8. Create an instance with the key pair, security group, AMI, and
// instance type (RunInstances).
//=====================================================================
print("Creating an instance...")
guard let imageId = chosenImage.imageId else {
print("*** Cannot start image without a valid image ID.")
await cleanUp()
return
}
guard let instanceType = chosenInstanceType.instanceType else {
print("*** Unable to start image without a valid image type.")
await cleanUp()
return
}
let instance = await self.runInstance(
imageId: imageId,
instanceType: instanceType,
keyPairName: keyName!,
securityGroups: [securityGroupId!]
)
guard let instance else {
await cleanUp()
return
}
instanceId = instance.instanceId
if instanceId == nil {
print("*** Instance is missing an ID. Canceling.")
await cleanUp()
return
}
//=====================================================================
// 9. Wait for the instance to be ready and then display its
// information (DescribeInstances).
//=====================================================================
print("Waiting a few seconds to let the instance come up...")
do {
try await Task.sleep(for: .seconds(20))
} catch {
print("*** Error pausing the task.")
}
print("Success! Your new instance is ready:")
//=====================================================================
// 10. Display SSH connection info for the instance.
//=====================================================================
var runningInstance = await self.describeInstance(instanceId: instanceId!)
if (runningInstance != nil) && (runningInstance!.publicIpAddress != nil) {
print("\nYou can SSH to this instance using the following command:")
print("ssh -i \(keyUrl.path) ec2-user@\(runningInstance!.publicIpAddress!)")
}
//=====================================================================
// 11. Stop the instance and wait for it to stop (StopInstances).
//=====================================================================
print("Stopping the instance...")
if !(await self.stopInstance(instanceId: instanceId!, waitUntilStopped: true)) {
await cleanUp()
return
}
//=====================================================================
// 12. Start the instance and wait for it to start (StartInstances).
//=====================================================================
print("Starting the instance again...")
if !(await self.startInstance(instanceId: instanceId!, waitUntilStarted: true)) {
await cleanUp()
return
}
//=====================================================================
// 13. Display SSH connection info for the instance. Note that it's
// changed.
//=====================================================================
runningInstance = await self.describeInstance(instanceId: instanceId!)
if (runningInstance != nil) && (runningInstance!.publicIpAddress != nil) {
print("\nYou can SSH to this instance using the following command.")
print("This is probably different from when the instance was running before.")
print("ssh -i \(keyUrl.path) ec2-user@\(runningInstance!.publicIpAddress!)")
}
//=====================================================================
// 14. Allocate an elastic IP and associate it with the instance
// (AllocateAddress and AssociateAddress).
//=====================================================================
allocationId = await self.allocateAddress()
if allocationId == nil {
await cleanUp()
return
}
associationId = await self.associateAddress(instanceId: instanceId!, allocationId: allocationId)
if associationId == nil {
await cleanUp()
return
}
//=====================================================================
// 15. Display SSH connection info for the connection. Note that the
// public IP is now the Elastic IP, which stays constant.
//=====================================================================
runningInstance = await self.describeInstance(instanceId: instanceId!)
if (runningInstance != nil) && (runningInstance!.publicIpAddress != nil) {
print("\nYou can SSH to this instance using the following command.")
print("This has changed again, and is now the Elastic IP.")
print("ssh -i \(keyUrl.path) ec2-user@\(runningInstance!.publicIpAddress!)")
}
//=====================================================================
// Handle all cleanup tasks
//=====================================================================
await cleanUp()
}
/// Clean up by discarding and closing down all allocated EC2 items:
///
/// * Elastic IP allocation and association
/// * Terminate the instance
/// * Delete the security group
/// * Delete the key pair
func cleanUp() async {
//=====================================================================
// 16. Disassociate and delete the Elastic IP (DisassociateAddress and
// ReleaseAddress).
//=====================================================================
if associationId != nil {
await self.disassociateAddress(associationId: associationId!)
}
if allocationId != nil {
await self.releaseAddress(allocationId: allocationId!)
}
//=====================================================================
// 17. Terminate the instance and wait for it to terminate
// (TerminateInstances).
//=====================================================================
if instanceId != nil {
print("Terminating the instance...")
_ = await self.terminateInstance(instanceId: instanceId!, waitUntilTerminated: true)
}
//=====================================================================
// 18. Delete the security group (DeleteSecurityGroup).
//=====================================================================
if securityGroupId != nil {
print("Deleting the security group...")
_ = await self.deleteSecurityGroup(groupId: securityGroupId!)
}
//=====================================================================
// 19. Delete the key pair (DeleteKeyPair).
//=====================================================================
if keyName != nil {
print("Deleting the key pair...")
_ = await self.deleteKeyPair(keyPair: keyName!)
}
}
/// Create a new RSA key pair and save the private key to a randomly-named
/// file in the temporary directory.
///
/// - Parameter name: The name of the key pair to create.
///
/// - Returns: The URL of the newly created `.pem` file or `nil` if unable
/// to create the key pair.
func createKeyPair(name: String) async -> URL? {
do {
let output = try await ec2Client.createKeyPair(
input: CreateKeyPairInput(
keyName: name
)
)
guard let keyMaterial = output.keyMaterial else {
return nil
}
// Build the URL of the temporary private key file.
let fileURL = URL.temporaryDirectory
.appendingPathComponent(name)
.appendingPathExtension("pem")
do {
try keyMaterial.write(to: fileURL, atomically: true, encoding: String.Encoding.utf8)
return fileURL
} catch {
print("*** Failed to write the private key.")
return nil
}
} catch {
print("*** Unable to create the key pair.")
return nil
}
}
/// Describe the key pairs associated with the user by outputting each key
/// pair's name and fingerprint.
func describeKeyPairs() async {
do {
let output = try await ec2Client.describeKeyPairs(
input: DescribeKeyPairsInput()
)
guard let keyPairs = output.keyPairs else {
print("*** No key pairs list available.")
return
}
for keyPair in keyPairs {
print(keyPair.keyName ?? "", ":", keyPair.keyFingerprint ?? "")
}
} catch {
print("*** Error: Unable to obtain a key pair list.")
}
}
/// Delete an EC2 key pair.
///
/// - Parameter keyPair: The name of the key pair to delete.
///
/// - Returns: `true` if the key pair is deleted successfully; otherwise
/// `false`.
func deleteKeyPair(keyPair: String) async -> Bool {
do {
_ = try await ec2Client.deleteKeyPair(
input: DeleteKeyPairInput(
keyName: keyPair
)
)
return true
} catch {
print("*** Error deleting the key pair: \(error.localizedDescription)")
return false
}
}
/// Return a list of AMI names that contain the specified string.
///
/// - Parameter filter: A string that must be contained in all returned
/// AMI names.
///
/// - Returns: An array of the parameters matching the specified substring.
func findAMIsMatchingFilter(_ filter: String) async -> [SSMClientTypes.Parameter] {
var parameterList: [SSMClientTypes.Parameter] = []
var matchingAMIs: [SSMClientTypes.Parameter] = []
do {
let pages = ssmClient.getParametersByPathPaginated(
input: GetParametersByPathInput(
path: "/aws/service/ami-amazon-linux-latest"
)
)
for try await page in pages {
guard let parameters = page.parameters else {
return matchingAMIs
}
for parameter in parameters {
parameterList.append(parameter)
}
}
print("Found \(parameterList.count) images total:")
for parameter in parameterList {
guard let name = parameter.name else {
continue
}
print(" \(name)")
if name.contains(filter) {
matchingAMIs.append(parameter)
}
}
} catch {
return matchingAMIs
}
return matchingAMIs
}
/// Return a list of instance types matching the specified architecture
/// and instance sizes.
///
/// - Parameters:
/// - architecture: The architecture of the instance types to return, as
/// a member of `EC2ClientTypes.ArchitectureValues`.
/// - sizes: An array of one or more strings identifying sizes of
/// instance type to accept.
///
/// - Returns: An array of `EC2ClientTypes.InstanceTypeInfo` records
/// describing the instance types matching the given requirements.
func getMatchingInstanceTypes(architecture: EC2ClientTypes.ArchitectureValues = EC2ClientTypes.ArchitectureValues.x8664,
sizes: [String] = ["*.micro", "*.small"]) async
-> [EC2ClientTypes.InstanceTypeInfo] {
var instanceTypes: [EC2ClientTypes.InstanceTypeInfo] = []
let archFilter = EC2ClientTypes.Filter(
name: "processor-info.supported-architecture",
values: [architecture.rawValue]
)
let sizeFilter = EC2ClientTypes.Filter(
name: "instance-type",
values: sizes
)
do {
let pages = ec2Client.describeInstanceTypesPaginated(
input: DescribeInstanceTypesInput(
filters: [archFilter, sizeFilter]
)
)
for try await page in pages {
guard let types = page.instanceTypes else {
return []
}
instanceTypes += types
}
} catch {
print("*** Error getting image types: \(error.localizedDescription)")
return []
}
return instanceTypes
}
/// Get the latest information about the specified instance and output it
/// to the screen, returning the instance details to the caller.
///
/// - Parameters:
/// - instanceId: The ID of the instance to provide details about.
/// - stateFilter: The state to require the instance to be in.
///
/// - Returns: The instance's details as an `EC2ClientTypes.Instance` object.
func describeInstance(instanceId: String,
stateFilter: EC2ClientTypes.InstanceStateName? = EC2ClientTypes.InstanceStateName.running) async
-> EC2ClientTypes.Instance? {
do {
let pages = ec2Client.describeInstancesPaginated(
input: DescribeInstancesInput(
instanceIds: [instanceId]
)
)
for try await page in pages {
guard let reservations = page.reservations else {
continue
}
for reservation in reservations {
guard let instances = reservation.instances else {
continue
}
for instance in instances {
guard let state = instance.state else {
print("*** Instance is missing its state...")
continue
}
let instanceState = state.name
if stateFilter != nil && (instanceState != stateFilter) {
continue
}
let instanceTypeName: String
if instance.instanceType == nil {
instanceTypeName = ""
} else {
instanceTypeName = instance.instanceType?.rawValue ?? ""
}
let instanceStateName: String
if instanceState == nil {
instanceStateName = ""
} else {
instanceStateName = instanceState?.rawValue ?? ""
}
print("""
Instance: \(instance.instanceId ?? "")
• Image ID: \(instance.imageId ?? "")
• Instance type: \(instanceTypeName)
• Key name: \(instance.keyName ?? "")
• VPC ID: \(instance.vpcId ?? "")
• Public IP: \(instance.publicIpAddress ?? "N/A")
• State: \(instanceStateName)
""")
return instance
}
}
}
} catch {
print("*** Error retrieving instance information to display: \(error.localizedDescription)")
return nil
}
return nil
}
/// Stop the specified instance.
///
/// - Parameters:
/// - instanceId: The ID of the instance to stop.
/// - waitUntilStopped: If `true`, execution waits until the instance
/// has stopped. Otherwise, execution continues and the instance stops
/// asynchronously.
///
/// - Returns: `true` if the image is successfully stopped (or is left to
/// stop asynchronously). `false` if the instance doesn't stop.
func stopInstance(instanceId: String, waitUntilStopped: Bool = false) async -> Bool {
let instanceList = [instanceId]
do {
_ = try await ec2Client.stopInstances(
input: StopInstancesInput(
instanceIds: instanceList
)
)
if waitUntilStopped {
print("Waiting for the instance to stop. Please be patient!")
let waitOptions = WaiterOptions(maxWaitTime: 600)
let output = try await ec2Client.waitUntilInstanceStopped(
options: waitOptions,
input: DescribeInstancesInput(
instanceIds: instanceList
)
)
switch output.result {
case .success:
return true
case .failure:
return false
}
} else {
return true
}
} catch {
print("*** Unable to stop the instance: \(error.localizedDescription)")
return false
}
}
/// Start the specified instance.
///
/// - Parameters:
/// - instanceId: The ID of the instance to start.
/// - waitUntilStarted: If `true`, execution waits until the instance
/// has started. Otherwise, execution continues and the instance starts
/// asynchronously.
///
/// - Returns: `true` if the image is successfully started (or is left to
/// start asynchronously). `false` if the instance doesn't start.
func startInstance(instanceId: String, waitUntilStarted: Bool = false) async -> Bool {
let instanceList = [instanceId]
do {
_ = try await ec2Client.startInstances(
input: StartInstancesInput(
instanceIds: instanceList
)
)
if waitUntilStarted {
print("Waiting for the instance to start...")
let waitOptions = WaiterOptions(maxWaitTime: 60.0)
let output = try await ec2Client.waitUntilInstanceRunning(
options: waitOptions,
input: DescribeInstancesInput(
instanceIds: instanceList
)
)
switch output.result {
case .success:
return true
case .failure:
return false
}
} else {
return true
}
} catch {
print("*** Unable to start the instance: \(error.localizedDescription)")
return false
}
}
/// Terminate the specified instance.
///
/// - Parameters:
/// - instanceId: The instance to terminate.
/// - waitUntilTerminated: Whether or not to wait until the instance is
/// terminated before returning.
///
/// - Returns: `true` if terminated successfully. `false` if not or if an
/// error occurs.
func terminateInstance(instanceId: String, waitUntilTerminated: Bool = false) async -> Bool {
let instanceList = [instanceId]
do {
_ = try await ec2Client.terminateInstances(
input: TerminateInstancesInput(
instanceIds: instanceList
)
)
if waitUntilTerminated {
print("Waiting for the instance to terminate...")
let waitOptions = WaiterOptions(maxWaitTime: 600.0)
let output = try await ec2Client.waitUntilInstanceTerminated(
options: waitOptions,
input: DescribeInstancesInput(
instanceIds: instanceList
)
)
switch output.result {
case .success:
return true
case .failure:
return false
}
} else {
return true
}
} catch {
print("*** Unable to terminate the instance: \(error.localizedDescription)")
return false
}
}
/// Return an array of `EC2ClientTypes.Image` objects describing all of
/// the images in the specified array.
///
/// - Parameter idList: A list of image ID strings indicating the images
/// to return details about.
///
/// - Returns: An array of the images.
func describeImages(_ idList: [String]) async -> [EC2ClientTypes.Image] {
do {
let output = try await ec2Client.describeImages(
input: DescribeImagesInput(
imageIds: idList
)
)
guard let images = output.images else {
print("*** No images found.")
return []
}
for image in images {
guard let id = image.imageId else {
continue
}
print(" \(id): \(image.description ?? "")")
}
return images
} catch {
print("*** Error getting image descriptions: \(error.localizedDescription)")
return []
}
}
/// Create and return a new EC2 instance.
///
/// - Parameters:
/// - imageId: The image ID of the AMI to use when creating the instance.
/// - instanceType: The type of instance to create.
/// - keyPairName: The RSA key pair's name to use to secure the instance.
/// - securityGroups: The security group or groups to add the instance
/// to.
///
/// - Returns: The EC2 instance as an `EC2ClientTypes.Instance` object.
func runInstance(imageId: String, instanceType: EC2ClientTypes.InstanceType,
keyPairName: String, securityGroups: [String]?) async -> EC2ClientTypes.Instance? {
do {
let output = try await ec2Client.runInstances(
input: RunInstancesInput(
imageId: imageId,
instanceType: instanceType,
keyName: keyPairName,
maxCount: 1,
minCount: 1,
securityGroupIds: securityGroups
)
)
guard let instances = output.instances else {
print("*** Unable to create the instance.")
return nil
}
return instances[0]
} catch {
print("*** Error creating the instance: \(error.localizedDescription)")
return nil
}
}
/// Return the device's external IP address.
///
/// - Returns: A string containing the device's IP address.
func getMyIPAddress() -> String? {
guard let url = URL(string: "http://checkip.amazonaws.com") else {
print("Couldn't create the URL")
return nil
}
do {
print("Getting the IP address...")
return try String(contentsOf: url, encoding: String.Encoding.utf8).trim()
} catch {
print("*** Unable to get your public IP address.")
return nil
}
}
/// Create a new security group.
///
/// - Parameters:
/// - groupName: The name of the group to create.
/// - groupDescription: A description of the new security group.
///
/// - Returns: The ID string of the new security group.
func createSecurityGroup(name groupName: String, description groupDescription: String) async -> String? {
do {
let output = try await ec2Client.createSecurityGroup(
input: CreateSecurityGroupInput(
description: groupDescription,
groupName: groupName
)
)
return output.groupId
} catch {
print("*** Error creating the security group: \(error.localizedDescription)")
return nil
}
}
/// Authorize ingress of connections for the security group.
///
/// - Parameters:
/// - groupId: The group ID of the security group to authorize access for.
/// - ipAddress: The IP address of the device to grant access to.
///
/// - Returns: `true` if access is successfully granted; otherwise `false`.
func authorizeSecurityGroupIngress(groupId: String, ipAddress: String) async -> Bool {
let ipRange = EC2ClientTypes.IpRange(cidrIp: "\(ipAddress)/0")
let httpPermission = EC2ClientTypes.IpPermission(
fromPort: 80,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 80
)
let sshPermission = EC2ClientTypes.IpPermission(
fromPort: 22,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 22
)
do {
_ = try await ec2Client.authorizeSecurityGroupIngress(
input: AuthorizeSecurityGroupIngressInput(
groupId: groupId,
ipPermissions: [httpPermission, sshPermission]
)
)
return true
} catch {
print("*** Error authorizing ingress for the security group: \(error.localizedDescription)")
return false
}
}
func describeSecurityGroups(groupId: String) async -> Bool {
do {
let output = try await ec2Client.describeSecurityGroups(
input: DescribeSecurityGroupsInput(
groupIds: [groupId]
)
)
guard let securityGroups = output.securityGroups else {
print("No security groups found.")
return true
}
for group in securityGroups {
print("Group \(group.groupId ?? "") found with VPC \(group.vpcId ?? "")")
}
return true
} catch {
print("*** Error getting security group details: \(error.localizedDescription)")
return false
}
}
/// Delete a security group.
///
/// - Parameter groupId: The ID of the security group to delete.
///
/// - Returns: `true` on successful deletion; `false` on error.
func deleteSecurityGroup(groupId: String) async -> Bool {
do {
_ = try await ec2Client.deleteSecurityGroup(
input: DeleteSecurityGroupInput(
groupId: groupId
)
)
return true
} catch {
print("*** Error deleting the security group: \(error.localizedDescription)")
return false
}
}
/// Allocate an Elastic IP address.
///
/// - Returns: A string containing the ID of the Elastic IP.
func allocateAddress() async -> String? {
do {
let output = try await ec2Client.allocateAddress(
input: AllocateAddressInput(
domain: EC2ClientTypes.DomainType.vpc
)
)
guard let allocationId = output.allocationId else {
return nil
}
return allocationId
} catch {
print("*** Unable to allocate the IP address: \(error.localizedDescription)")
return nil
}
}
/// Associate the specified allocated Elastic IP to a given instance.
///
/// - Parameters:
/// - instanceId: The instance to associate the Elastic IP with.
/// - allocationId: The ID of the allocated Elastic IP to associate with
/// the instance.
///
/// - Returns: The association ID of the association.
func associateAddress(instanceId: String?, allocationId: String?) async -> String? {
do {
let output = try await ec2Client.associateAddress(
input: AssociateAddressInput(
allocationId: allocationId,
instanceId: instanceId
)
)
return output.associationId
} catch {
print("*** Unable to associate the IP address: \(error.localizedDescription)")
return nil
}
}
/// Disassociate an Elastic IP.
///
/// - Parameter associationId: The ID of the association to end.
func disassociateAddress(associationId: String?) async {
do {
_ = try await ec2Client.disassociateAddress(
input: DisassociateAddressInput(
associationId: associationId
)
)
} catch {
print("*** Unable to disassociate the IP address: \(error.localizedDescription)")
}
}
/// Release an allocated Elastic IP.
///
/// - Parameter allocationId: The allocation ID of the Elastic IP to
/// release.
func releaseAddress(allocationId: String?) async {
do {
_ = try await ec2Client.releaseAddress(
input: ReleaseAddressInput(
allocationId: allocationId
)
)
} catch {
print("*** Unable to release the IP address: \(error.localizedDescription)")
}
}
/// Generate and return a unique file name that begins with the specified
/// string.
///
/// - Parameters:
/// - prefix: Text to use at the beginning of the returned name.
///
/// - Returns: A string containing a unique filename that begins with the
/// specified `prefix`.
///
/// The returned name uses a random number between 1 million and 1 billion to
/// provide reasonable certainty of uniqueness for the purposes of this
/// example.
func tempName(prefix: String) -> String {
return "\(prefix)-\(Int.random(in: 1000000..<1000000000))"
}
}
/// The program's asynchronous entry point.
@main
struct Main {
static func main() async {
let args = Array(CommandLine.arguments.dropFirst())
do {
let command = try ExampleCommand.parse(args)
try await command.runAsync()
} catch {
ExampleCommand.exit(withError: error)
}
}
}
```
+ 有关 API 详细信息,请参阅《AWS SDK for Swift API Reference》**中的以下主题。
+ [AllocateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/allocateaddress(input:))
+ [AssociateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/associateaddress(input:))
+ [AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/authorizesecuritygroupingress(input:))
+ [CreateKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createkeypair(input:))
+ [CreateSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createsecuritygroup(input:))
+ [DeleteKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletekeypair(input:))
+ [DeleteSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletesecuritygroup(input:))
+ [DescribeImages](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeimages(input:))
+ [DescribeInstanceTypes](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeinstancetypes(input:))
+ [DescribeInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeinstances(input:))
+ [DescribeKeyPairs](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describekeypairs(input:))
+ [DescribeSecurityGroups](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describesecuritygroups(input:))
+ [DisassociateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/disassociateaddress(input:))
+ [ReleaseAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/releaseaddress(input:))
+ [RunInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/runinstances(input:))
+ [StartInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/startinstances(input:))
+ [StopInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/stopinstances(input:))
+ [TerminateInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/terminateinstances(input:))
+ [UnmonitorInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/unmonitorinstances(input:))
------
# 使用 Amazon EC2 执行的操作 AWS SDKs
以下代码示例演示了如何使用执行单个 Amazon EC2 操作 AWS SDKs。每个示例都包含一个指向的链接 GitHub,您可以在其中找到有关设置和运行代码的说明。
这些代码节选调用了 Amazon EC2 API,是必须在上下文中运行的较大型程序的代码节选。您可以在[使用 Amazon EC2 的场景 AWS SDKs](ec2_code_examples_scenarios.md)中结合上下文查看操作。
以下示例仅包括最常用的操作。有关完整列表,请参阅 [Amazon Elastic Compute Cloud API 参考](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Welcome.html)。
**Topics**
+ [`AcceptVpcPeeringConnection`](ec2_example_ec2_AcceptVpcPeeringConnection_section.md)
+ [`AllocateAddress`](ec2_example_ec2_AllocateAddress_section.md)
+ [`AllocateHosts`](ec2_example_ec2_AllocateHosts_section.md)
+ [`AssignPrivateIpAddresses`](ec2_example_ec2_AssignPrivateIpAddresses_section.md)
+ [`AssociateAddress`](ec2_example_ec2_AssociateAddress_section.md)
+ [`AssociateDhcpOptions`](ec2_example_ec2_AssociateDhcpOptions_section.md)
+ [`AssociateRouteTable`](ec2_example_ec2_AssociateRouteTable_section.md)
+ [`AttachInternetGateway`](ec2_example_ec2_AttachInternetGateway_section.md)
+ [`AttachNetworkInterface`](ec2_example_ec2_AttachNetworkInterface_section.md)
+ [`AttachVolume`](ec2_example_ec2_AttachVolume_section.md)
+ [`AttachVpnGateway`](ec2_example_ec2_AttachVpnGateway_section.md)
+ [`AuthorizeSecurityGroupEgress`](ec2_example_ec2_AuthorizeSecurityGroupEgress_section.md)
+ [`AuthorizeSecurityGroupIngress`](ec2_example_ec2_AuthorizeSecurityGroupIngress_section.md)
+ [`CancelCapacityReservation`](ec2_example_ec2_CancelCapacityReservation_section.md)
+ [`CancelImportTask`](ec2_example_ec2_CancelImportTask_section.md)
+ [`CancelSpotFleetRequests`](ec2_example_ec2_CancelSpotFleetRequests_section.md)
+ [`CancelSpotInstanceRequests`](ec2_example_ec2_CancelSpotInstanceRequests_section.md)
+ [`ConfirmProductInstance`](ec2_example_ec2_ConfirmProductInstance_section.md)
+ [`CopyImage`](ec2_example_ec2_CopyImage_section.md)
+ [`CopySnapshot`](ec2_example_ec2_CopySnapshot_section.md)
+ [`CreateCapacityReservation`](ec2_example_ec2_CreateCapacityReservation_section.md)
+ [`CreateCustomerGateway`](ec2_example_ec2_CreateCustomerGateway_section.md)
+ [`CreateDhcpOptions`](ec2_example_ec2_CreateDhcpOptions_section.md)
+ [`CreateFlowLogs`](ec2_example_ec2_CreateFlowLogs_section.md)
+ [`CreateImage`](ec2_example_ec2_CreateImage_section.md)
+ [`CreateInstanceExportTask`](ec2_example_ec2_CreateInstanceExportTask_section.md)
+ [`CreateInternetGateway`](ec2_example_ec2_CreateInternetGateway_section.md)
+ [`CreateKeyPair`](ec2_example_ec2_CreateKeyPair_section.md)
+ [`CreateLaunchTemplate`](ec2_example_ec2_CreateLaunchTemplate_section.md)
+ [`CreateNetworkAcl`](ec2_example_ec2_CreateNetworkAcl_section.md)
+ [`CreateNetworkAclEntry`](ec2_example_ec2_CreateNetworkAclEntry_section.md)
+ [`CreateNetworkInterface`](ec2_example_ec2_CreateNetworkInterface_section.md)
+ [`CreatePlacementGroup`](ec2_example_ec2_CreatePlacementGroup_section.md)
+ [`CreateRoute`](ec2_example_ec2_CreateRoute_section.md)
+ [`CreateRouteTable`](ec2_example_ec2_CreateRouteTable_section.md)
+ [`CreateSecurityGroup`](ec2_example_ec2_CreateSecurityGroup_section.md)
+ [`CreateSnapshot`](ec2_example_ec2_CreateSnapshot_section.md)
+ [`CreateSpotDatafeedSubscription`](ec2_example_ec2_CreateSpotDatafeedSubscription_section.md)
+ [`CreateSubnet`](ec2_example_ec2_CreateSubnet_section.md)
+ [`CreateTags`](ec2_example_ec2_CreateTags_section.md)
+ [`CreateVolume`](ec2_example_ec2_CreateVolume_section.md)
+ [`CreateVpc`](ec2_example_ec2_CreateVpc_section.md)
+ [`CreateVpcEndpoint`](ec2_example_ec2_CreateVpcEndpoint_section.md)
+ [`CreateVpnConnection`](ec2_example_ec2_CreateVpnConnection_section.md)
+ [`CreateVpnConnectionRoute`](ec2_example_ec2_CreateVpnConnectionRoute_section.md)
+ [`CreateVpnGateway`](ec2_example_ec2_CreateVpnGateway_section.md)
+ [`DeleteCustomerGateway`](ec2_example_ec2_DeleteCustomerGateway_section.md)
+ [`DeleteDhcpOptions`](ec2_example_ec2_DeleteDhcpOptions_section.md)
+ [`DeleteFlowLogs`](ec2_example_ec2_DeleteFlowLogs_section.md)
+ [`DeleteInternetGateway`](ec2_example_ec2_DeleteInternetGateway_section.md)
+ [`DeleteKeyPair`](ec2_example_ec2_DeleteKeyPair_section.md)
+ [`DeleteLaunchTemplate`](ec2_example_ec2_DeleteLaunchTemplate_section.md)
+ [`DeleteNetworkAcl`](ec2_example_ec2_DeleteNetworkAcl_section.md)
+ [`DeleteNetworkAclEntry`](ec2_example_ec2_DeleteNetworkAclEntry_section.md)
+ [`DeleteNetworkInterface`](ec2_example_ec2_DeleteNetworkInterface_section.md)
+ [`DeletePlacementGroup`](ec2_example_ec2_DeletePlacementGroup_section.md)
+ [`DeleteRoute`](ec2_example_ec2_DeleteRoute_section.md)
+ [`DeleteRouteTable`](ec2_example_ec2_DeleteRouteTable_section.md)
+ [`DeleteSecurityGroup`](ec2_example_ec2_DeleteSecurityGroup_section.md)
+ [`DeleteSnapshot`](ec2_example_ec2_DeleteSnapshot_section.md)
+ [`DeleteSpotDatafeedSubscription`](ec2_example_ec2_DeleteSpotDatafeedSubscription_section.md)
+ [`DeleteSubnet`](ec2_example_ec2_DeleteSubnet_section.md)
+ [`DeleteTags`](ec2_example_ec2_DeleteTags_section.md)
+ [`DeleteVolume`](ec2_example_ec2_DeleteVolume_section.md)
+ [`DeleteVpc`](ec2_example_ec2_DeleteVpc_section.md)
+ [`DeleteVpcEndpoints`](ec2_example_ec2_DeleteVpcEndpoints_section.md)
+ [`DeleteVpnConnection`](ec2_example_ec2_DeleteVpnConnection_section.md)
+ [`DeleteVpnConnectionRoute`](ec2_example_ec2_DeleteVpnConnectionRoute_section.md)
+ [`DeleteVpnGateway`](ec2_example_ec2_DeleteVpnGateway_section.md)
+ [`DeregisterImage`](ec2_example_ec2_DeregisterImage_section.md)
+ [`DescribeAccountAttributes`](ec2_example_ec2_DescribeAccountAttributes_section.md)
+ [`DescribeAddresses`](ec2_example_ec2_DescribeAddresses_section.md)
+ [`DescribeAvailabilityZones`](ec2_example_ec2_DescribeAvailabilityZones_section.md)
+ [`DescribeBundleTasks`](ec2_example_ec2_DescribeBundleTasks_section.md)
+ [`DescribeCapacityReservations`](ec2_example_ec2_DescribeCapacityReservations_section.md)
+ [`DescribeCustomerGateways`](ec2_example_ec2_DescribeCustomerGateways_section.md)
+ [`DescribeDhcpOptions`](ec2_example_ec2_DescribeDhcpOptions_section.md)
+ [`DescribeFlowLogs`](ec2_example_ec2_DescribeFlowLogs_section.md)
+ [`DescribeHostReservationOfferings`](ec2_example_ec2_DescribeHostReservationOfferings_section.md)
+ [`DescribeHosts`](ec2_example_ec2_DescribeHosts_section.md)
+ [`DescribeIamInstanceProfileAssociations`](ec2_example_ec2_DescribeIamInstanceProfileAssociations_section.md)
+ [`DescribeIdFormat`](ec2_example_ec2_DescribeIdFormat_section.md)
+ [`DescribeIdentityIdFormat`](ec2_example_ec2_DescribeIdentityIdFormat_section.md)
+ [`DescribeImageAttribute`](ec2_example_ec2_DescribeImageAttribute_section.md)
+ [`DescribeImages`](ec2_example_ec2_DescribeImages_section.md)
+ [`DescribeImportImageTasks`](ec2_example_ec2_DescribeImportImageTasks_section.md)
+ [`DescribeImportSnapshotTasks`](ec2_example_ec2_DescribeImportSnapshotTasks_section.md)
+ [`DescribeInstanceAttribute`](ec2_example_ec2_DescribeInstanceAttribute_section.md)
+ [`DescribeInstanceStatus`](ec2_example_ec2_DescribeInstanceStatus_section.md)
+ [`DescribeInstanceTypes`](ec2_example_ec2_DescribeInstanceTypes_section.md)
+ [`DescribeInstances`](ec2_example_ec2_DescribeInstances_section.md)
+ [`DescribeInternetGateways`](ec2_example_ec2_DescribeInternetGateways_section.md)
+ [`DescribeKeyPairs`](ec2_example_ec2_DescribeKeyPairs_section.md)
+ [`DescribeNetworkAcls`](ec2_example_ec2_DescribeNetworkAcls_section.md)
+ [`DescribeNetworkInterfaceAttribute`](ec2_example_ec2_DescribeNetworkInterfaceAttribute_section.md)
+ [`DescribeNetworkInterfaces`](ec2_example_ec2_DescribeNetworkInterfaces_section.md)
+ [`DescribePlacementGroups`](ec2_example_ec2_DescribePlacementGroups_section.md)
+ [`DescribePrefixLists`](ec2_example_ec2_DescribePrefixLists_section.md)
+ [`DescribeRegions`](ec2_example_ec2_DescribeRegions_section.md)
+ [`DescribeRouteTables`](ec2_example_ec2_DescribeRouteTables_section.md)
+ [`DescribeScheduledInstanceAvailability`](ec2_example_ec2_DescribeScheduledInstanceAvailability_section.md)
+ [`DescribeScheduledInstances`](ec2_example_ec2_DescribeScheduledInstances_section.md)
+ [`DescribeSecurityGroups`](ec2_example_ec2_DescribeSecurityGroups_section.md)
+ [`DescribeSnapshotAttribute`](ec2_example_ec2_DescribeSnapshotAttribute_section.md)
+ [`DescribeSnapshots`](ec2_example_ec2_DescribeSnapshots_section.md)
+ [`DescribeSpotDatafeedSubscription`](ec2_example_ec2_DescribeSpotDatafeedSubscription_section.md)
+ [`DescribeSpotFleetInstances`](ec2_example_ec2_DescribeSpotFleetInstances_section.md)
+ [`DescribeSpotFleetRequestHistory`](ec2_example_ec2_DescribeSpotFleetRequestHistory_section.md)
+ [`DescribeSpotFleetRequests`](ec2_example_ec2_DescribeSpotFleetRequests_section.md)
+ [`DescribeSpotInstanceRequests`](ec2_example_ec2_DescribeSpotInstanceRequests_section.md)
+ [`DescribeSpotPriceHistory`](ec2_example_ec2_DescribeSpotPriceHistory_section.md)
+ [`DescribeSubnets`](ec2_example_ec2_DescribeSubnets_section.md)
+ [`DescribeTags`](ec2_example_ec2_DescribeTags_section.md)
+ [`DescribeVolumeAttribute`](ec2_example_ec2_DescribeVolumeAttribute_section.md)
+ [`DescribeVolumeStatus`](ec2_example_ec2_DescribeVolumeStatus_section.md)
+ [`DescribeVolumes`](ec2_example_ec2_DescribeVolumes_section.md)
+ [`DescribeVpcAttribute`](ec2_example_ec2_DescribeVpcAttribute_section.md)
+ [`DescribeVpcClassicLink`](ec2_example_ec2_DescribeVpcClassicLink_section.md)
+ [`DescribeVpcClassicLinkDnsSupport`](ec2_example_ec2_DescribeVpcClassicLinkDnsSupport_section.md)
+ [`DescribeVpcEndpointServices`](ec2_example_ec2_DescribeVpcEndpointServices_section.md)
+ [`DescribeVpcEndpoints`](ec2_example_ec2_DescribeVpcEndpoints_section.md)
+ [`DescribeVpcs`](ec2_example_ec2_DescribeVpcs_section.md)
+ [`DescribeVpnConnections`](ec2_example_ec2_DescribeVpnConnections_section.md)
+ [`DescribeVpnGateways`](ec2_example_ec2_DescribeVpnGateways_section.md)
+ [`DetachInternetGateway`](ec2_example_ec2_DetachInternetGateway_section.md)
+ [`DetachNetworkInterface`](ec2_example_ec2_DetachNetworkInterface_section.md)
+ [`DetachVolume`](ec2_example_ec2_DetachVolume_section.md)
+ [`DetachVpnGateway`](ec2_example_ec2_DetachVpnGateway_section.md)
+ [`DisableVgwRoutePropagation`](ec2_example_ec2_DisableVgwRoutePropagation_section.md)
+ [`DisableVpcClassicLink`](ec2_example_ec2_DisableVpcClassicLink_section.md)
+ [`DisableVpcClassicLinkDnsSupport`](ec2_example_ec2_DisableVpcClassicLinkDnsSupport_section.md)
+ [`DisassociateAddress`](ec2_example_ec2_DisassociateAddress_section.md)
+ [`DisassociateRouteTable`](ec2_example_ec2_DisassociateRouteTable_section.md)
+ [`EnableVgwRoutePropagation`](ec2_example_ec2_EnableVgwRoutePropagation_section.md)
+ [`EnableVolumeIo`](ec2_example_ec2_EnableVolumeIo_section.md)
+ [`EnableVpcClassicLink`](ec2_example_ec2_EnableVpcClassicLink_section.md)
+ [`EnableVpcClassicLinkDnsSupport`](ec2_example_ec2_EnableVpcClassicLinkDnsSupport_section.md)
+ [`GetConsoleOutput`](ec2_example_ec2_GetConsoleOutput_section.md)
+ [`GetHostReservationPurchasePreview`](ec2_example_ec2_GetHostReservationPurchasePreview_section.md)
+ [`GetPasswordData`](ec2_example_ec2_GetPasswordData_section.md)
+ [`ImportImage`](ec2_example_ec2_ImportImage_section.md)
+ [`ImportKeyPair`](ec2_example_ec2_ImportKeyPair_section.md)
+ [`ImportSnapshot`](ec2_example_ec2_ImportSnapshot_section.md)
+ [`ModifyCapacityReservation`](ec2_example_ec2_ModifyCapacityReservation_section.md)
+ [`ModifyHosts`](ec2_example_ec2_ModifyHosts_section.md)
+ [`ModifyIdFormat`](ec2_example_ec2_ModifyIdFormat_section.md)
+ [`ModifyImageAttribute`](ec2_example_ec2_ModifyImageAttribute_section.md)
+ [`ModifyInstanceAttribute`](ec2_example_ec2_ModifyInstanceAttribute_section.md)
+ [`ModifyInstanceCreditSpecification`](ec2_example_ec2_ModifyInstanceCreditSpecification_section.md)
+ [`ModifyNetworkInterfaceAttribute`](ec2_example_ec2_ModifyNetworkInterfaceAttribute_section.md)
+ [`ModifyReservedInstances`](ec2_example_ec2_ModifyReservedInstances_section.md)
+ [`ModifySnapshotAttribute`](ec2_example_ec2_ModifySnapshotAttribute_section.md)
+ [`ModifySpotFleetRequest`](ec2_example_ec2_ModifySpotFleetRequest_section.md)
+ [`ModifySubnetAttribute`](ec2_example_ec2_ModifySubnetAttribute_section.md)
+ [`ModifyVolumeAttribute`](ec2_example_ec2_ModifyVolumeAttribute_section.md)
+ [`ModifyVpcAttribute`](ec2_example_ec2_ModifyVpcAttribute_section.md)
+ [`MonitorInstances`](ec2_example_ec2_MonitorInstances_section.md)
+ [`MoveAddressToVpc`](ec2_example_ec2_MoveAddressToVpc_section.md)
+ [`PurchaseHostReservation`](ec2_example_ec2_PurchaseHostReservation_section.md)
+ [`PurchaseScheduledInstances`](ec2_example_ec2_PurchaseScheduledInstances_section.md)
+ [`RebootInstances`](ec2_example_ec2_RebootInstances_section.md)
+ [`RegisterImage`](ec2_example_ec2_RegisterImage_section.md)
+ [`RejectVpcPeeringConnection`](ec2_example_ec2_RejectVpcPeeringConnection_section.md)
+ [`ReleaseAddress`](ec2_example_ec2_ReleaseAddress_section.md)
+ [`ReleaseHosts`](ec2_example_ec2_ReleaseHosts_section.md)
+ [`ReplaceIamInstanceProfileAssociation`](ec2_example_ec2_ReplaceIamInstanceProfileAssociation_section.md)
+ [`ReplaceNetworkAclAssociation`](ec2_example_ec2_ReplaceNetworkAclAssociation_section.md)
+ [`ReplaceNetworkAclEntry`](ec2_example_ec2_ReplaceNetworkAclEntry_section.md)
+ [`ReplaceRoute`](ec2_example_ec2_ReplaceRoute_section.md)
+ [`ReplaceRouteTableAssociation`](ec2_example_ec2_ReplaceRouteTableAssociation_section.md)
+ [`ReportInstanceStatus`](ec2_example_ec2_ReportInstanceStatus_section.md)
+ [`RequestSpotFleet`](ec2_example_ec2_RequestSpotFleet_section.md)
+ [`RequestSpotInstances`](ec2_example_ec2_RequestSpotInstances_section.md)
+ [`ResetImageAttribute`](ec2_example_ec2_ResetImageAttribute_section.md)
+ [`ResetInstanceAttribute`](ec2_example_ec2_ResetInstanceAttribute_section.md)
+ [`ResetNetworkInterfaceAttribute`](ec2_example_ec2_ResetNetworkInterfaceAttribute_section.md)
+ [`ResetSnapshotAttribute`](ec2_example_ec2_ResetSnapshotAttribute_section.md)
+ [`RevokeSecurityGroupEgress`](ec2_example_ec2_RevokeSecurityGroupEgress_section.md)
+ [`RevokeSecurityGroupIngress`](ec2_example_ec2_RevokeSecurityGroupIngress_section.md)
+ [`RunInstances`](ec2_example_ec2_RunInstances_section.md)
+ [`RunScheduledInstances`](ec2_example_ec2_RunScheduledInstances_section.md)
+ [`StartInstances`](ec2_example_ec2_StartInstances_section.md)
+ [`StopInstances`](ec2_example_ec2_StopInstances_section.md)
+ [`TerminateInstances`](ec2_example_ec2_TerminateInstances_section.md)
+ [`UnassignPrivateIpAddresses`](ec2_example_ec2_UnassignPrivateIpAddresses_section.md)
+ [`UnmonitorInstances`](ec2_example_ec2_UnmonitorInstances_section.md)
+ [`UpdateSecurityGroupRuleDescriptionsIngress`](ec2_example_ec2_UpdateSecurityGroupRuleDescriptionsIngress_section.md)
# 将 `AcceptVpcPeeringConnection` 与 CLI 配合使用
以下代码示例演示如何使用 `AcceptVpcPeeringConnection`。
------
#### [ CLI ]
**AWS CLI**
**接受 VPC 对等连接**
此示例接受指定的 VPC 对等连接请求。
命令:
```
aws ec2 accept-vpc-peering-connection --vpc-peering-connection-id pcx-1a2b3c4d
```
输出:
```
{
"VpcPeeringConnection": {
"Status": {
"Message": "Provisioning",
"Code": "provisioning"
},
"Tags": [],
"AccepterVpcInfo": {
"OwnerId": "444455556666",
"VpcId": "vpc-44455566",
"CidrBlock": "10.0.1.0/28"
},
"VpcPeeringConnectionId": "pcx-1a2b3c4d",
"RequesterVpcInfo": {
"OwnerId": "444455556666",
"VpcId": "vpc-111abc45",
"CidrBlock": "10.0.0.0/28"
}
}
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AcceptVpcPeeringConnection](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/accept-vpc-peering-connection.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例批准了请求的 VpcPeeringConnectionId pcx-1dfad234b56ff78be**
```
Approve-EC2VpcPeeringConnection -VpcPeeringConnectionId pcx-1dfad234b56ff78be
```
**输出**:
```
AccepterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
ExpirationTime : 1/1/0001 12:00:00 AM
RequesterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
Status : Amazon.EC2.Model.VpcPeeringConnectionStateReason
Tags : {}
VpcPeeringConnectionId : pcx-1dfad234b56ff78be
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AcceptVpcPeeringConnection](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例批准了请求的 VpcPeeringConnectionId pcx-1dfad234b56ff78be**
```
Approve-EC2VpcPeeringConnection -VpcPeeringConnectionId pcx-1dfad234b56ff78be
```
**输出**:
```
AccepterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
ExpirationTime : 1/1/0001 12:00:00 AM
RequesterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
Status : Amazon.EC2.Model.VpcPeeringConnectionStateReason
Tags : {}
VpcPeeringConnectionId : pcx-1dfad234b56ff78be
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AcceptVpcPeeringConnection](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `AllocateAddress`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `AllocateAddress`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Allocates an Elastic IP address that can be associated with an Amazon EC2
// instance. By using an Elastic IP address, you can keep the public IP address
// constant even when you restart the associated instance.
///
/// The response object for the allocated address.
public async Task AllocateAddress()
{
var request = new AllocateAddressRequest();
try
{
var response = await _amazonEC2.AllocateAddressAsync(request);
Console.WriteLine($"Allocated IP: {response.PublicIp} with allocation ID {response.AllocationId}.");
return response;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "AddressLimitExceeded")
{
// For more information on Elastic IP address quotas, see:
// https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-limit
_logger.LogError($"Unable to allocate Elastic IP, address limit exceeded. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while allocating Elastic IP.: {ex.Message}");
throw;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[AllocateAddress](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/AllocateAddress)*中的。
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# function ec2_allocate_address
#
# This function allocates an Elastic IP address for use with Amazon Elastic Compute Cloud (Amazon EC2) instances in a specific AWS Region.
#
# Parameters:
# -d domain - The domain for the Elastic IP address (either 'vpc' or 'standard').
#
# Returns:
# The allocated Elastic IP address, or an error message if the operation fails.
# And:
# 0 - If successful.
# 1 - If it fails.
#
###############################################################################
function ec2_allocate_address() {
local domain response
# Function to display usage information
function usage() {
echo "function ec2_allocate_address"
echo "Allocates an Elastic IP address for use with Amazon Elastic Compute Cloud (Amazon EC2) instances in a specific AWS Region."
echo " -d domain - The domain for the Elastic IP address (either 'vpc' or 'standard')."
echo ""
}
# Parse the command-line arguments
while getopts "d:h" option; do
case "${option}" in
d) domain="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
# Validate the input parameters
if [[ -z "$domain" ]]; then
errecho "ERROR: You must provide a domain with the -d parameter (either 'vpc' or 'standard')."
return 1
fi
if [[ "$domain" != "vpc" && "$domain" != "standard" ]]; then
errecho "ERROR: Invalid domain value. Must be either 'vpc' or 'standard'."
return 1
fi
# Allocate the Elastic IP address
response=$(aws ec2 allocate-address \
--domain "$domain" \
--query "[PublicIp,AllocationId]" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports allocate-address operation failed."
errecho "$response"
return 1
}
echo "$response"
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AllocateAddress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/AllocateAddress)*中的。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! Allocate an Elastic IP address and associate it with an Amazon Elastic Compute Cloud
//! (Amazon EC2) instance.
/*!
\param instanceID: An EC2 instance ID.
\param[out] publicIPAddress: String to return the public IP address.
\param[out] allocationID: String to return the allocation ID.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::allocateAndAssociateAddress(const Aws::String &instanceId, Aws::String &publicIPAddress,
Aws::String &allocationID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::AllocateAddressRequest request;
request.SetDomain(Aws::EC2::Model::DomainType::vpc);
const Aws::EC2::Model::AllocateAddressOutcome outcome =
ec2Client.AllocateAddress(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to allocate Elastic IP address:" <<
outcome.GetError().GetMessage() << std::endl;
return false;
}
const Aws::EC2::Model::AllocateAddressResponse &response = outcome.GetResult();
allocationID = response.GetAllocationId();
publicIPAddress = response.GetPublicIp();
return true;
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[AllocateAddress](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/AllocateAddress)*中的。
------
#### [ CLI ]
**AWS CLI**
**示例 1:从 Amazon 的地址池中分配弹性 IP 地址**
以下 `allocate-address` 示例分配弹性 IP 地址。Amazon EC2 从 Amazon 的地址池中选择地址。
```
aws ec2 allocate-address
```
输出:
```
{
"PublicIp": "70.224.234.241",
"AllocationId": "eipalloc-01435ba59eEXAMPLE",
"PublicIpv4Pool": "amazon",
"NetworkBorderGroup": "us-west-2",
"Domain": "vpc"
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[弹性 IP 地址](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html)。
**示例 2:分配弹性 IP 地址并将其与网络边界组关联**
以下 `allocate-address` 示例分配弹性 IP 地址并将其与指定的网络边界组关联。
```
aws ec2 allocate-address \
--network-border-group us-west-2-lax-1
```
输出:
```
{
"PublicIp": "70.224.234.241",
"AllocationId": "eipalloc-e03dd489ceEXAMPLE",
"PublicIpv4Pool": "amazon",
"NetworkBorderGroup": "us-west-2-lax-1",
"Domain": "vpc"
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[弹性 IP 地址](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html)。
**示例 3:从自己拥有的地址池中分配弹性 IP 地址**
以下 `allocate-address` 示例从您引入 Amazon Web Services 账户的地址池中,分配弹性 IP 地址。Amazon EC2 从地址池中选择地址。
```
aws ec2 allocate-address \
--public-ipv4-pool ipv4pool-ec2-1234567890abcdef0
```
输出:
```
{
"AllocationId": "eipalloc-02463d08ceEXAMPLE",
"NetworkBorderGroup": "us-west-2",
"CustomerOwnedIp": "18.218.95.81",
"CustomerOwnedIpv4Pool": "ipv4pool-ec2-1234567890abcdef0",
"Domain": "vpc"
"NetworkBorderGroup": "us-west-2",
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[弹性 IP 地址](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html)。
**示例 4:从 IPAM 池中分配弹性 IP 地址**
以下 `allocate-address` 示例从 Amazon VPC IP 地址管理器(IPAM)池中分配特定的 /32 弹性 IP 地址。
```
aws ec2 allocate-address \
--region us-east-1 \
--ipam-pool-id ipam-pool-1234567890abcdef0 \
--address 192.0.2.0
```
输出:
```
{
"PublicIp": "192.0.2.0",
"AllocationId": "eipalloc-abcdef01234567890",
"PublicIpv4Pool": "ipam-pool-1234567890abcdef0",
"NetworkBorderGroup": "us-east-1",
"Domain": "vpc"
}
```
有关更多信息,请参阅《Amazon VPC IPAM User Guide》**中的 [Allocate sequential Elastic IP addresses from an IPAM pool](https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-eip-pool.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AllocateAddress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/allocate-address.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Allocates an Elastic IP address asynchronously in the VPC domain.
*
* @return a {@link CompletableFuture} containing the allocation ID of the allocated Elastic IP address
*/
public CompletableFuture allocateAddressAsync() {
AllocateAddressRequest allocateRequest = AllocateAddressRequest.builder()
.domain(DomainType.VPC)
.build();
CompletableFuture responseFuture = getAsyncClient().allocateAddress(allocateRequest);
return responseFuture.thenApply(AllocateAddressResponse::allocationId).whenComplete((result, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to allocate address", ex);
}
});
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[AllocateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AllocateAddress)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { AllocateAddressCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Allocates an Elastic IP address to your AWS account.
*/
export const main = async () => {
const client = new EC2Client({});
const command = new AllocateAddressCommand({});
try {
const { AllocationId, PublicIp } = await client.send(command);
console.log("A new IP address has been allocated to your account:");
console.log(`ID: ${AllocationId} Public IP: ${PublicIp}`);
console.log(
"You can view your IP addresses in the AWS Management Console for Amazon EC2. Look under Network & Security > Elastic IPs",
);
} catch (caught) {
if (caught instanceof Error && caught.name === "MissingParameter") {
console.warn(`${caught.message}. Did you provide these values?`);
} else {
throw caught;
}
}
};
import { fileURLToPath } from "node:url";
// Call function if run directly.
if (process.argv[1] === fileURLToPath(import.meta.url)) {
main();
}
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[AllocateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AllocateAddressCommand)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
suspend fun getAllocateAddress(instanceIdVal: String?): String? {
val allocateRequest =
AllocateAddressRequest {
domain = DomainType.Vpc
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val allocateResponse = ec2.allocateAddress(allocateRequest)
val allocationIdVal = allocateResponse.allocationId
val request =
AssociateAddressRequest {
instanceId = instanceIdVal
allocationId = allocationIdVal
}
val associateResponse = ec2.associateAddress(request)
return associateResponse.associationId
}
}
```
+ 有关 API 的详细信息,请参阅适用[AllocateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例分配一个弹性 IP 地址,供 VPC 中的实例使用。**
```
New-EC2Address -Domain Vpc
```
**输出**:
```
AllocationId Domain PublicIp
------------ ------ --------
eipalloc-12345678 vpc 198.51.100.2
```
**示例 2:此示例分配一个弹性 IP 地址,供 EC2-Classic 中的实例使用。**
```
New-EC2Address
```
**输出**:
```
AllocationId Domain PublicIp
------------ ------ --------
standard 203.0.113.17
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AllocateAddress](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例分配一个弹性 IP 地址,供 VPC 中的实例使用。**
```
New-EC2Address -Domain Vpc
```
**输出**:
```
AllocationId Domain PublicIp
------------ ------ --------
eipalloc-12345678 vpc 198.51.100.2
```
**示例 2:此示例分配一个弹性 IP 地址,供 EC2-Classic 中的实例使用。**
```
New-EC2Address
```
**输出**:
```
AllocationId Domain PublicIp
------------ ------ --------
standard 203.0.113.17
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AllocateAddress](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ElasticIpWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Elastic IP address actions using the client interface."""
class ElasticIp:
"""Represents an Elastic IP and its associated instance."""
def __init__(
self, allocation_id: str, public_ip: str, instance_id: Optional[str] = None
) -> None:
"""
Initializes the ElasticIp object.
:param allocation_id: The allocation ID of the Elastic IP.
:param public_ip: The public IP address of the Elastic IP.
:param instance_id: The ID of the associated EC2 instance, if any.
"""
self.allocation_id = allocation_id
self.public_ip = public_ip
self.instance_id = instance_id
def __init__(self, ec2_client: Any) -> None:
"""
Initializes the ElasticIpWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
self.elastic_ips: List[ElasticIpWrapper.ElasticIp] = []
@classmethod
def from_client(cls) -> "ElasticIpWrapper":
"""
Creates an ElasticIpWrapper instance with a default EC2 client.
:return: An instance of ElasticIpWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def allocate(self) -> "ElasticIpWrapper.ElasticIp":
"""
Allocates an Elastic IP address that can be associated with an Amazon EC2
instance. By using an Elastic IP address, you can keep the public IP address
constant even when you restart the associated instance.
:return: The ElasticIp object for the newly created Elastic IP address.
:raises ClientError: If the allocation fails, such as reaching the maximum limit of Elastic IPs.
"""
try:
response = self.ec2_client.allocate_address(Domain="vpc")
elastic_ip = self.ElasticIp(
allocation_id=response["AllocationId"], public_ip=response["PublicIp"]
)
self.elastic_ips.append(elastic_ip)
except ClientError as err:
if err.response["Error"]["Code"] == "AddressLimitExceeded":
logger.error(
"Max IP's reached. Release unused addresses or contact AWS Support for an increase."
)
raise err
return elastic_ip
```
+ 有关 API 的详细信息,请参阅适用[AllocateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AllocateAddress)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Ruby ]
**适用于 Ruby 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
# Creates an Elastic IP address in Amazon Virtual Private Cloud (Amazon VPC).
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @return [String] The allocation ID corresponding to the Elastic IP address.
# @example
# puts allocate_elastic_ip_address(Aws::EC2::Client.new(region: 'us-west-2'))
def allocate_elastic_ip_address(ec2_client)
response = ec2_client.allocate_address(domain: 'vpc')
response.allocation_id
rescue StandardError => e
puts "Error allocating Elastic IP address: #{e.message}"
'Error'
end
```
+ 有关 API 的详细信息,请参阅 *适用于 Ruby 的 AWS SDK API 参考[AllocateAddress](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/AllocateAddress)*中的。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
pub async fn allocate_ip_address(&self) -> Result {
self.client
.allocate_address()
.domain(DomainType::Vpc)
.send()
.await
.map_err(EC2Error::from)
}
```
+ 有关 API 的详细信息,请参阅适用[AllocateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.allocate_address)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
oo_result = lo_ec2->allocateaddress( iv_domain = 'vpc' ). " oo_result is returned for testing purposes. "
MESSAGE 'Allocated an Elastic IP address.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[AllocateAddress](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import AWSEC2
/// Allocate an Elastic IP address.
///
/// - Returns: A string containing the ID of the Elastic IP.
func allocateAddress() async -> String? {
do {
let output = try await ec2Client.allocateAddress(
input: AllocateAddressInput(
domain: EC2ClientTypes.DomainType.vpc
)
)
guard let allocationId = output.allocationId else {
return nil
}
return allocationId
} catch {
print("*** Unable to allocate the IP address: \(error.localizedDescription)")
return nil
}
}
```
+ 如需了解 API 的详细信息,请参阅适用[AllocateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/allocateaddress(input:))于 S *wift 的AWS SDK API 参考*。
------
# 将 `AllocateHosts` 与 CLI 配合使用
以下代码示例演示如何使用 `AllocateHosts`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:分配专属主机**
以下 `allocate-hosts` 示例在 `eu-west-1a` 可用区中分配一个专属主机,您可以在其上启动 `m5.large` 实例。默认情况下,专属主机仅接受目标实例启动,不支持主机恢复。
```
aws ec2 allocate-hosts \
--instance-type m5.large \
--availability-zone eu-west-1a \
--quantity 1
```
输出:
```
{
"HostIds": [
"h-07879acf49EXAMPLE"
]
}
```
**示例 2:分配启用了自动置放和主机恢复的专属主机**
以下 `allocate-hosts` 示例在启用了自动置放和主机恢复的 `eu-west-1a` 可用区中分配单个专属主机。
```
aws ec2 allocate-hosts \
--instance-type m5.large \
--availability-zone eu-west-1a \
--auto-placement on \
--host-recovery on \
--quantity 1
```
输出:
```
{
"HostIds": [
"h-07879acf49EXAMPLE"
]
}
```
**示例 3:分配带有标签的专属主机**
以下 `allocate-hosts` 示例分配单个专属主机,并应用具有名为 `purpose` 的键和值为 `production` 的标签。
```
aws ec2 allocate-hosts \
--instance-type m5.large \
--availability-zone eu-west-1a \
--quantity 1 \
--tag-specifications 'ResourceType=dedicated-host,Tags={Key=purpose,Value=production}'
```
输出:
```
{
"HostIds": [
"h-07879acf49EXAMPLE"
]
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[分配专属主机](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-allocating.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AllocateHosts](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/allocate-hosts.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例向您的账户分配给定实例类型和可用区的专属主机**
```
New-EC2Host -AutoPlacement on -AvailabilityZone eu-west-1b -InstanceType m4.xlarge -Quantity 1
```
**输出**:
```
h-01e23f4cd567890f3
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AllocateHosts](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例向您的账户分配给定实例类型和可用区的专属主机**
```
New-EC2Host -AutoPlacement on -AvailabilityZone eu-west-1b -InstanceType m4.xlarge -Quantity 1
```
**输出**:
```
h-01e23f4cd567890f3
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AllocateHosts](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `AssignPrivateIpAddresses` 与 CLI 配合使用
以下代码示例演示如何使用 `AssignPrivateIpAddresses`。
------
#### [ CLI ]
**AWS CLI**
**为网络接口分配特定的辅助私有 IP 地址**
此示例将指定的辅助私有 IP 地址分配给指定的网络接口。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 assign-private-ip-addresses --network-interface-id eni-e5aa89a3 --private-ip-addresses 10.0.0.82
```
**将 Amazon EC2 选择的辅助私有 IP 地址分配给网络接口**
此示例将两个辅助私有 IP 地址分配给指定的网络接口。Amazon EC2 会从与网络接口关联的子网的 CIDR 块范围内的可用 IP 地址自动分配这些 IP 地址。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 assign-private-ip-addresses --network-interface-id eni-e5aa89a3 --secondary-private-ip-address-count 2
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AssignPrivateIpAddresses](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/assign-private-ip-addresses.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将指定的辅助私有 IP 地址分配给指定的网络接口。**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -PrivateIpAddress 10.0.0.82
```
**示例 2:此示例创建两个辅助私有 IP 地址并将它们分配给指定的网络接口。**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -SecondaryPrivateIpAddressCount 2
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AssignPrivateIpAddresses](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将指定的辅助私有 IP 地址分配给指定的网络接口。**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -PrivateIpAddress 10.0.0.82
```
**示例 2:此示例创建两个辅助私有 IP 地址并将它们分配给指定的网络接口。**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -SecondaryPrivateIpAddressCount 2
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AssignPrivateIpAddresses](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `AssociateAddress`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `AssociateAddress`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Associates an Elastic IP address with an instance. When this association is
/// created, the Elastic IP's public IP address is immediately used as the public
/// IP address of the associated instance.
///
/// The allocation Id of an Elastic IP address.
/// The instance Id of the EC2 instance to
/// associate the address with.
/// The association Id that represents
/// the association of the Elastic IP address with an instance.
public async Task AssociateAddress(string allocationId, string instanceId)
{
try
{
var request = new AssociateAddressRequest
{
AllocationId = allocationId,
InstanceId = instanceId
};
var response = await _amazonEC2.AssociateAddressAsync(request);
return response.AssociationId;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidInstanceId")
{
_logger.LogError(
$"InstanceId is invalid, unable to associate address. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while associating the Elastic IP.: {ex.Message}");
throw;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[AssociateAddress](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/AssociateAddress)*中的。
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# function ec2_associate_address
#
# This function associates an Elastic IP address with an Amazon Elastic Compute Cloud (Amazon EC2) instance.
#
# Parameters:
# -a allocation_id - The allocation ID of the Elastic IP address to associate.
# -i instance_id - The ID of the EC2 instance to associate the Elastic IP address with.
#
# Returns:
# 0 - If successful.
# 1 - If it fails.
#
###############################################################################
function ec2_associate_address() {
local allocation_id instance_id response
# Function to display usage information
function usage() {
echo "function ec2_associate_address"
echo "Associates an Elastic IP address with an Amazon Elastic Compute Cloud (Amazon EC2) instance."
echo " -a allocation_id - The allocation ID of the Elastic IP address to associate."
echo " -i instance_id - The ID of the EC2 instance to associate the Elastic IP address with."
echo ""
}
# Parse the command-line arguments
while getopts "a:i:h" option; do
case "${option}" in
a) allocation_id="${OPTARG}" ;;
i) instance_id="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
# Validate the input parameters
if [[ -z "$allocation_id" ]]; then
errecho "ERROR: You must provide an allocation ID with the -a parameter."
return 1
fi
if [[ -z "$instance_id" ]]; then
errecho "ERROR: You must provide an instance ID with the -i parameter."
return 1
fi
# Associate the Elastic IP address
response=$(aws ec2 associate-address \
--allocation-id "$allocation_id" \
--instance-id "$instance_id" \
--query "AssociationId" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports associate-address operation failed."
errecho "$response"
return 1
}
echo "$response"
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AssociateAddress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/AssociateAddress)*中的。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
Aws::EC2::EC2Client ec2Client(clientConfiguration);
//! Associate an Elastic IP address with an EC2 instance.
/*!
\param instanceId: An EC2 instance ID.
\param allocationId: An Elastic IP allocation ID.
\param[out] associationID: String to receive the association ID.
\param clientConfiguration: AWS client configuration.
\return bool: True if the address was associated with the instance; otherwise, false.
*/
bool AwsDoc::EC2::associateAddress(const Aws::String &instanceId, const Aws::String &allocationId,
Aws::String &associationID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::AssociateAddressRequest request;
request.SetInstanceId(instanceId);
request.SetAllocationId(allocationId);
Aws::EC2::Model::AssociateAddressOutcome outcome = ec2Client.AssociateAddress(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to associate address " << allocationId <<
" with instance " << instanceId << ": " <<
outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully associated address " << allocationId <<
" with instance " << instanceId << std::endl;
associationID = outcome.GetResult().GetAssociationId();
}
return outcome.IsSuccess();
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[AssociateAddress](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/AssociateAddress)*中的。
------
#### [ CLI ]
**AWS CLI**
**示例 1:关联弹性 IP 地址和实例**
以下 `associate-address` 示例将弹性 IP 地址与指定的 EC2 实例相关联。
```
aws ec2 associate-address \
--instance-id i-0b263919b6498b123 \
--allocation-id eipalloc-64d5890a
```
输出:
```
{
"AssociationId": "eipassoc-2bebb745"
}
```
**示例 2:将弹性 IP 地址与网络接口相关联**
以下 `associate-address` 示例将指定的弹性 IP 地址与指定的网络接口相关联。
```
aws ec2 associate-address
--allocation-id eipalloc-64d5890a \
--network-interface-id eni-1a2b3c4d
```
输出:
```
{
"AssociationId": "eipassoc-2bebb745"
}
```
**示例 3:将弹性 IP 地址与私有 IP 地址关联**
以下 `associate-address` 示例将指定的弹性 IP 地址与指定网络接口中的指定私有 IP 地址相关联。
```
aws ec2 associate-address \
--allocation-id eipalloc-64d5890a \
--network-interface-id eni-1a2b3c4d \
--private-ip-address 10.0.0.85
```
输出:
```
{
"AssociationId": "eipassoc-2bebb745"
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[弹性 IP 地址](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AssociateAddress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/associate-address.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Associates an Elastic IP address with an EC2 instance asynchronously.
*
* @param instanceId the ID of the EC2 instance to associate the Elastic IP address with
* @param allocationId the allocation ID of the Elastic IP address to associate
* @return a {@link CompletableFuture} that completes with the association ID when the operation is successful,
* or throws a {@link RuntimeException} if the operation fails
*/
public CompletableFuture associateAddressAsync(String instanceId, String allocationId) {
AssociateAddressRequest associateRequest = AssociateAddressRequest.builder()
.instanceId(instanceId)
.allocationId(allocationId)
.build();
CompletableFuture responseFuture = getAsyncClient().associateAddress(associateRequest);
return responseFuture.thenApply(response -> {
if (response.associationId() != null) {
return response.associationId();
} else {
throw new RuntimeException("Association ID is null after associating address.");
}
}).whenComplete((result, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to associate address", ex);
}
});
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[AssociateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AssociateAddress)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { AssociateAddressCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Associates an Elastic IP address, or carrier IP address (for instances that are in subnets in Wavelength Zones)
* with an instance or a network interface.
* @param {{ instanceId: string, allocationId: string }} options
*/
export const main = async ({ instanceId, allocationId }) => {
const client = new EC2Client({});
const command = new AssociateAddressCommand({
// You need to allocate an Elastic IP address before associating it with an instance.
// You can do that with the AllocateAddressCommand.
AllocationId: allocationId,
// You need to create an EC2 instance before an IP address can be associated with it.
// You can do that with the RunInstancesCommand.
InstanceId: instanceId,
});
try {
const { AssociationId } = await client.send(command);
console.log(
`Address with allocation ID ${allocationId} is now associated with instance ${instanceId}.`,
`The association ID is ${AssociationId}.`,
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
console.warn(
`${caught.message}. Did you provide the ID of a valid Elastic IP address AllocationId?`,
);
} else {
throw caught;
}
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[AssociateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AssociateAddressCommand)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
suspend fun associateAddressSc(
instanceIdVal: String?,
allocationIdVal: String?,
): String? {
val associateRequest =
AssociateAddressRequest {
instanceId = instanceIdVal
allocationId = allocationIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val associateResponse = ec2.associateAddress(associateRequest)
return associateResponse.associationId
}
}
```
+ 有关 API 的详细信息,请参阅适用[AssociateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将指定的弹性 IP 地址与 VPC 中的指定实例相关联。**
```
C:\> Register-EC2Address -InstanceId i-12345678 -AllocationId eipalloc-12345678
```
**输出**:
```
eipassoc-12345678
```
**示例 2:此示例将指定的弹性 IP 地址与 EC2-Classic 中的指定实例相关联。**
```
C:\> Register-EC2Address -InstanceId i-12345678 -PublicIp 203.0.113.17
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AssociateAddress](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将指定的弹性 IP 地址与 VPC 中的指定实例相关联。**
```
C:\> Register-EC2Address -InstanceId i-12345678 -AllocationId eipalloc-12345678
```
**输出**:
```
eipassoc-12345678
```
**示例 2:此示例将指定的弹性 IP 地址与 EC2-Classic 中的指定实例相关联。**
```
C:\> Register-EC2Address -InstanceId i-12345678 -PublicIp 203.0.113.17
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AssociateAddress](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ElasticIpWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Elastic IP address actions using the client interface."""
class ElasticIp:
"""Represents an Elastic IP and its associated instance."""
def __init__(
self, allocation_id: str, public_ip: str, instance_id: Optional[str] = None
) -> None:
"""
Initializes the ElasticIp object.
:param allocation_id: The allocation ID of the Elastic IP.
:param public_ip: The public IP address of the Elastic IP.
:param instance_id: The ID of the associated EC2 instance, if any.
"""
self.allocation_id = allocation_id
self.public_ip = public_ip
self.instance_id = instance_id
def __init__(self, ec2_client: Any) -> None:
"""
Initializes the ElasticIpWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
self.elastic_ips: List[ElasticIpWrapper.ElasticIp] = []
@classmethod
def from_client(cls) -> "ElasticIpWrapper":
"""
Creates an ElasticIpWrapper instance with a default EC2 client.
:return: An instance of ElasticIpWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def associate(
self, allocation_id: str, instance_id: str
) -> Union[Dict[str, Any], None]:
"""
Associates an Elastic IP address with an instance. When this association is
created, the Elastic IP's public IP address is immediately used as the public
IP address of the associated instance.
:param allocation_id: The allocation ID of the Elastic IP.
:param instance_id: The ID of the Amazon EC2 instance.
:return: A response that contains the ID of the association, or None if no Elastic IP is found.
:raises ClientError: If the association fails, such as when the instance ID is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None:
logger.info(f"No Elastic IP found with allocation ID {allocation_id}.")
return None
try:
response = self.ec2_client.associate_address(
AllocationId=allocation_id, InstanceId=instance_id
)
elastic_ip.instance_id = (
instance_id # Track the instance associated with this Elastic IP.
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidInstanceID.NotFound":
logger.error(
f"Failed to associate Elastic IP {allocation_id} with {instance_id} "
"because the specified instance ID does not exist or has not propagated fully. "
"Verify the instance ID and try again, or wait a few moments before attempting to "
"associate the Elastic IP address."
)
raise
return response
```
+ 有关 API 的详细信息,请参阅适用[AssociateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AssociateAddress)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Ruby ]
**适用于 Ruby 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
# Associates an Elastic IP address with an Amazon Elastic Compute Cloud
# (Amazon EC2) instance.
#
# Prerequisites:
#
# - The allocation ID corresponding to the Elastic IP address.
# - The Amazon EC2 instance.
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @param allocation_id [String] The ID of the allocation corresponding to
# the Elastic IP address.
# @param instance_id [String] The ID of the instance.
# @return [String] The assocation ID corresponding to the association of the
# Elastic IP address to the instance.
# @example
# puts allocate_elastic_ip_address(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'eipalloc-04452e528a66279EX',
# 'i-033c48ef067af3dEX')
def associate_elastic_ip_address_with_instance(
ec2_client,
allocation_id,
instance_id
)
response = ec2_client.associate_address(
allocation_id: allocation_id,
instance_id: instance_id
)
response.association_id
rescue StandardError => e
puts "Error associating Elastic IP address with instance: #{e.message}"
'Error'
end
```
+ 有关 API 的详细信息,请参阅 *适用于 Ruby 的 AWS SDK API 参考[AssociateAddress](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/AssociateAddress)*中的。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
pub async fn associate_ip_address(
&self,
allocation_id: &str,
instance_id: &str,
) -> Result {
let response = self
.client
.associate_address()
.allocation_id(allocation_id)
.instance_id(instance_id)
.send()
.await?;
Ok(response)
}
```
+ 有关 API 的详细信息,请参阅适用[AssociateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.associate_address)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
oo_result = lo_ec2->associateaddress( " oo_result is returned for testing purposes. "
iv_allocationid = iv_allocation_id
iv_instanceid = iv_instance_id ).
MESSAGE 'Associated an Elastic IP address with an EC2 instance.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[AssociateAddress](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import AWSEC2
/// Associate the specified allocated Elastic IP to a given instance.
///
/// - Parameters:
/// - instanceId: The instance to associate the Elastic IP with.
/// - allocationId: The ID of the allocated Elastic IP to associate with
/// the instance.
///
/// - Returns: The association ID of the association.
func associateAddress(instanceId: String?, allocationId: String?) async -> String? {
do {
let output = try await ec2Client.associateAddress(
input: AssociateAddressInput(
allocationId: allocationId,
instanceId: instanceId
)
)
return output.associationId
} catch {
print("*** Unable to associate the IP address: \(error.localizedDescription)")
return nil
}
}
```
+ 如需了解 API 的详细信息,请参阅适用[AssociateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/associateaddress(input:))于 S *wift 的AWS SDK API 参考*。
------
# 将 `AssociateDhcpOptions` 与 CLI 配合使用
以下代码示例演示如何使用 `AssociateDhcpOptions`。
------
#### [ CLI ]
**AWS CLI**
**将 DHCP 选项集与 VPC 相关联**
此示例将指定的 DHCP 选项集与指定的 VPC 相关联。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 associate-dhcp-options --dhcp-options-id dopt-d9070ebb --vpc-id vpc-a01106c2
```
**将默认 DHCP 选项集与 VPC 相关联**
此示例将默认 DHCP 选项集与指定的 VPC 相关联。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 associate-dhcp-options --dhcp-options-id default --vpc-id vpc-a01106c2
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AssociateDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/associate-dhcp-options.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将指定的 DHCP 选项集与指定的 VPC 相关联。**
```
Register-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d -VpcId vpc-12345678
```
**示例 2:此示例将默认 DHCP 选项集与指定的 VPC 相关联。**
```
Register-EC2DhcpOption -DhcpOptionsId default -VpcId vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AssociateDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将指定的 DHCP 选项集与指定的 VPC 相关联。**
```
Register-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d -VpcId vpc-12345678
```
**示例 2:此示例将默认 DHCP 选项集与指定的 VPC 相关联。**
```
Register-EC2DhcpOption -DhcpOptionsId default -VpcId vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AssociateDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `AssociateRouteTable` 与 CLI 配合使用
以下代码示例演示如何使用 `AssociateRouteTable`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**将路由表与子网相关联**
此示例将指定的路由表与指定的子网相关联。
命令:
```
aws ec2 associate-route-table --route-table-id rtb-22574640 --subnet-id subnet-9d4a7b6c
```
输出:
```
{
"AssociationId": "rtbassoc-781d0d1a"
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AssociateRouteTable](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/associate-route-table.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将指定的路由表与指定的子网相关联。**
```
Register-EC2RouteTable -RouteTableId rtb-1a2b3c4d -SubnetId subnet-1a2b3c4d
```
**输出**:
```
rtbassoc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AssociateRouteTable](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将指定的路由表与指定的子网相关联。**
```
Register-EC2RouteTable -RouteTableId rtb-1a2b3c4d -SubnetId subnet-1a2b3c4d
```
**输出**:
```
rtbassoc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AssociateRouteTable](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `AttachInternetGateway` 与 CLI 配合使用
以下代码示例演示如何使用 `AttachInternetGateway`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**将互联网网关连接到 VPC**
以下 `attach-internet-gateway` 示例将指定的互联网网关连接到特定 VPC。
```
aws ec2 attach-internet-gateway \
--internet-gateway-id igw-0d0fb496b3EXAMPLE \
--vpc-id vpc-0a60eb65b4EXAMPLE
```
此命令不生成任何输出。
有关更多信息,请参阅《*Amazon VPC 用户指南*》中的[互联网网关](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AttachInternetGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-internet-gateway.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将指定的互联网网关连接到指定的 VPC。**
```
Add-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d -VpcId vpc-12345678
```
**示例 2:此示例创建一个 VPC 和一个互联网网关,然后将互联网网关连接到 VPC。**
```
$vpc = New-EC2Vpc -CidrBlock 10.0.0.0/16
New-EC2InternetGateway | Add-EC2InternetGateway -VpcId $vpc.VpcId
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AttachInternetGateway](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将指定的互联网网关连接到指定的 VPC。**
```
Add-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d -VpcId vpc-12345678
```
**示例 2:此示例创建一个 VPC 和一个互联网网关,然后将互联网网关连接到 VPC。**
```
$vpc = New-EC2Vpc -CidrBlock 10.0.0.0/16
New-EC2InternetGateway | Add-EC2InternetGateway -VpcId $vpc.VpcId
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AttachInternetGateway](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `AttachNetworkInterface` 与 CLI 配合使用
以下代码示例演示如何使用 `AttachNetworkInterface`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:将网络接口连接到实例**
以下 `attach-network-interface` 示例将指定的网络接口连接到指定的实例。
```
aws ec2 attach-network-interface \
--network-interface-id eni-0dc56a8d4640ad10a \
--instance-id i-1234567890abcdef0 \
--device-index 1
```
输出:
```
{
"AttachmentId": "eni-attach-01a8fc87363f07cf9"
}
```
有关更多信息,请参阅《*Amazon EC2 用户指南*》中的[弹性网络接口](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html)。
**示例 2:将网络接口连接到具有多个网卡的实例**
以下 `attach-network-interface` 示例将指定的网络接口连接到指定的实例和网卡。
```
aws ec2 attach-network-interface \
--network-interface-id eni-07483b1897541ad83 \
--instance-id i-01234567890abcdef \
--network-card-index 1 \
--device-index 1
```
输出:
```
{
"AttachmentId": "eni-attach-0fbd7ee87a88cd06c"
}
```
有关更多信息,请参阅《*Amazon EC2 用户指南*》中的[弹性网络接口](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AttachNetworkInterface](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-network-interface.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将指定的网络接口连接到指定的实例。**
```
Add-EC2NetworkInterface -NetworkInterfaceId eni-12345678 -InstanceId i-1a2b3c4d -DeviceIndex 1
```
**输出**:
```
eni-attach-1a2b3c4d
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AttachNetworkInterface](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将指定的网络接口连接到指定的实例。**
```
Add-EC2NetworkInterface -NetworkInterfaceId eni-12345678 -InstanceId i-1a2b3c4d -DeviceIndex 1
```
**输出**:
```
eni-attach-1a2b3c4d
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AttachNetworkInterface](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `AttachVolume` 与 CLI 配合使用
以下代码示例演示如何使用 `AttachVolume`。
------
#### [ CLI ]
**AWS CLI**
**将卷连接到实例**
此示例命令将卷 (`vol-1234567890abcdef0`) 作为 `/dev/sdf` 连接到实例 (`i-01474ef662b89480`)。
命令:
```
aws ec2 attach-volume --volume-id vol-1234567890abcdef0 --instance-id i-01474ef662b89480 --device /dev/sdf
```
输出:
```
{
"AttachTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"InstanceId": "i-01474ef662b89480",
"VolumeId": "vol-1234567890abcdef0",
"State": "attaching",
"Device": "/dev/sdf"
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AttachVolume](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-volume.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将指定的卷连接到指定的实例,并使用指定的设备名称公开它。**
```
Add-EC2Volume -VolumeId vol-12345678 -InstanceId i-1a2b3c4d -Device /dev/sdh
```
**输出**:
```
AttachTime : 12/22/2015 1:53:58 AM
DeleteOnTermination : False
Device : /dev/sdh
InstanceId : i-1a2b3c4d
State : attaching
VolumeId : vol-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AttachVolume](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将指定的卷连接到指定的实例,并使用指定的设备名称公开它。**
```
Add-EC2Volume -VolumeId vol-12345678 -InstanceId i-1a2b3c4d -Device /dev/sdh
```
**输出**:
```
AttachTime : 12/22/2015 1:53:58 AM
DeleteOnTermination : False
Device : /dev/sdh
InstanceId : i-1a2b3c4d
State : attaching
VolumeId : vol-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AttachVolume](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `AttachVpnGateway` 与 CLI 配合使用
以下代码示例演示如何使用 `AttachVpnGateway`。
------
#### [ CLI ]
**AWS CLI**
**将虚拟专用网关连接到 VPC**
以下 `attach-vpn-gateway` 示例将指定的虚拟专用网关连接到指定的 VPC。
```
aws ec2 attach-vpn-gateway \
--vpn-gateway-id vgw-9a4cacf3 \
--vpc-id vpc-a01106c2
```
输出:
```
{
"VpcAttachment": {
"State": "attaching",
"VpcId": "vpc-a01106c2"
}
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AttachVpnGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-vpn-gateway.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将指定的虚拟专用网关连接到指定的 VPC。**
```
Add-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d -VpcId vpc-12345678
```
**输出**:
```
State VpcId
----- -----
attaching vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AttachVpnGateway](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将指定的虚拟专用网关连接到指定的 VPC。**
```
Add-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d -VpcId vpc-12345678
```
**输出**:
```
State VpcId
----- -----
attaching vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AttachVpnGateway](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `AuthorizeSecurityGroupEgress` 与 CLI 配合使用
以下代码示例演示如何使用 `AuthorizeSecurityGroupEgress`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:添加允许指向特定地址范围的出站流量的规则**
以下 `authorize-security-group-egress` 示例添加授予对 TCP 端口 80 上指定地址范围的访问权限的规则。
```
aws ec2 authorize-security-group-egress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges=[{CidrIp=10.0.0.0/16}]'
```
输出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0b15794cdb17bf29c",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": true,
"IpProtocol": "tcp",
"FromPort": 80,
"ToPort": 80,
"CidrIpv4": "10.0.0.0/16"
}
]
}
```
**示例 2:添加允许指向特定安全组的出站流量的规则**
以下 `authorize-security-group-egress` 示例添加授予对 TCP 端口 80 上指定安全组的访问权限的规则。
```
aws ec2 authorize-security-group-egress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=80,ToPort=80,UserIdGroupPairs=[{GroupId=sg-0aad1c26bbeec5c22}]'
```
输出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0b5dd815afcea9cc3",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": true,
"IpProtocol": "tcp",
"FromPort": 80,
"ToPort": 80,
"ReferencedGroupInfo": {
"GroupId": "sg-0aad1c26bbeec5c22",
"UserId": "123456789012"
}
}
]
}
```
有关更多信息,请参阅 *Amazon VPC 用户指南*中的[安全组](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AuthorizeSecurityGroupEgress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/authorize-security-group-egress.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例为 EC2-VPC 的指定安全组定义出口规则。此规则授予对 TCP 端口 80 上指定 IP 地址范围的访问权限。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
$ip = @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; IpRanges="203.0.113.0/24" }
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**示例 2:在 PowerShell 版本 2 中,必须使用 New-Object 来创建对象。 IpPermission **
```
$ip = New-Object Amazon.EC2.Model.IpPermission
$ip.IpProtocol = "tcp"
$ip.FromPort = 80
$ip.ToPort = 80
$ip.IpRanges.Add("203.0.113.0/24")
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**示例 3:此示例授予对 TCP 端口 80 上指定源安全组的访问权限。**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; UserIdGroupPairs=$ug } )
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AuthorizeSecurityGroupEgress](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例为 EC2-VPC 的指定安全组定义出口规则。此规则授予对 TCP 端口 80 上指定 IP 地址范围的访问权限。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
$ip = @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; IpRanges="203.0.113.0/24" }
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**示例 2:在 PowerShell 版本 2 中,必须使用 New-Object 来创建对象。 IpPermission **
```
$ip = New-Object Amazon.EC2.Model.IpPermission
$ip.IpProtocol = "tcp"
$ip.FromPort = 80
$ip.ToPort = 80
$ip.IpRanges.Add("203.0.113.0/24")
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**示例 3:此示例授予对 TCP 端口 80 上指定源安全组的访问权限。**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; UserIdGroupPairs=$ug } )
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AuthorizeSecurityGroupEgress](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `AuthorizeSecurityGroupIngress`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `AuthorizeSecurityGroupIngress`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Authorize the local computer ingress to EC2 instances associated
/// with the virtual private cloud (VPC) security group.
///
/// The name of the security group.
/// A Boolean value indicating the success of the action.
public async Task AuthorizeSecurityGroupIngress(string groupName)
{
try
{
// Get the IP address for the local computer.
var ipAddress = await GetIpAddress();
Console.WriteLine($"Your IP address is: {ipAddress}");
var ipRanges =
new List { new IpRange { CidrIp = $"{ipAddress}/32" } };
var permission = new IpPermission
{
Ipv4Ranges = ipRanges,
IpProtocol = "tcp",
FromPort = 22,
ToPort = 22
};
var permissions = new List { permission };
var response = await _amazonEC2.AuthorizeSecurityGroupIngressAsync(
new AuthorizeSecurityGroupIngressRequest(groupName, permissions));
return response.HttpStatusCode == HttpStatusCode.OK;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidPermission.Duplicate")
{
_logger.LogError(
$"The ingress rule already exists. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while authorizing ingress.: {ex.Message}");
throw;
}
}
///
/// Authorize the local computer for ingress to
/// the Amazon EC2 SecurityGroup.
///
/// The IPv4 address of the computer running the scenario.
private static async Task GetIpAddress()
{
var httpClient = new HttpClient();
var ipString = await httpClient.GetStringAsync("https://checkip.amazonaws.com");
// The IP address is returned with a new line
// character on the end. Trim off the whitespace and
// return the value to the caller.
return ipString.Trim();
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/AuthorizeSecurityGroupIngress)*中的。
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# function ec2_authorize_security_group_ingress
#
# This function authorizes an ingress rule for an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Parameters:
# -g security_group_id - The ID of the security group.
# -i ip_address - The IP address or CIDR block to authorize.
# -p protocol - The protocol to authorize (e.g., tcp, udp, icmp).
# -f from_port - The start of the port range to authorize.
# -t to_port - The end of the port range to authorize.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_authorize_security_group_ingress() {
local security_group_id ip_address protocol from_port to_port response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_authorize_security_group_ingress"
echo "Authorizes an ingress rule for an Amazon Elastic Compute Cloud (Amazon EC2) security group."
echo " -g security_group_id - The ID of the security group."
echo " -i ip_address - The IP address or CIDR block to authorize."
echo " -p protocol - The protocol to authorize (e.g., tcp, udp, icmp)."
echo " -f from_port - The start of the port range to authorize."
echo " -t to_port - The end of the port range to authorize."
echo ""
}
# Retrieve the calling parameters.
while getopts "g:i:p:f:t:h" option; do
case "${option}" in
g) security_group_id="${OPTARG}" ;;
i) ip_address="${OPTARG}" ;;
p) protocol="${OPTARG}" ;;
f) from_port="${OPTARG}" ;;
t) to_port="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$security_group_id" ]]; then
errecho "ERROR: You must provide a security group ID with the -g parameter."
usage
return 1
fi
if [[ -z "$ip_address" ]]; then
errecho "ERROR: You must provide an IP address or CIDR block with the -i parameter."
usage
return 1
fi
if [[ -z "$protocol" ]]; then
errecho "ERROR: You must provide a protocol with the -p parameter."
usage
return 1
fi
if [[ -z "$from_port" ]]; then
errecho "ERROR: You must provide a start port with the -f parameter."
usage
return 1
fi
if [[ -z "$to_port" ]]; then
errecho "ERROR: You must provide an end port with the -t parameter."
usage
return 1
fi
response=$(aws ec2 authorize-security-group-ingress \
--group-id "$security_group_id" \
--cidr "${ip_address}/32" \
--protocol "$protocol" \
--port "$from_port-$to_port" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports authorize-security-group-ingress operation failed.$response"
return 1
}
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/AuthorizeSecurityGroupIngress)*中的。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! Authorize ingress to an Amazon Elastic Compute Cloud (Amazon EC2) group.
/*!
\param groupID: The EC2 group ID.
\param clientConfiguration: The ClientConfiguration object.
\return bool: True if the operation was successful, false otherwise.
*/
bool
AwsDoc::EC2::authorizeSecurityGroupIngress(const Aws::String &groupID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest;
authorizeSecurityGroupIngressRequest.SetGroupId(groupID);
buildSampleIngressRule(authorizeSecurityGroupIngressRequest);
Aws::EC2::Model::AuthorizeSecurityGroupIngressOutcome authorizeSecurityGroupIngressOutcome =
ec2Client.AuthorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest);
if (authorizeSecurityGroupIngressOutcome.IsSuccess()) {
std::cout << "Successfully authorized security group ingress." << std::endl;
} else {
std::cerr << "Error authorizing security group ingress: "
<< authorizeSecurityGroupIngressOutcome.GetError().GetMessage() << std::endl;
}
return authorizeSecurityGroupIngressOutcome.IsSuccess();
}
```
用于构建入口规则的实用程序函数。
```
//! Build a sample ingress rule.
/*!
\param authorize_request: An 'AuthorizeSecurityGroupIngressRequest' instance.
\return void:
*/
void buildSampleIngressRule(
Aws::EC2::Model::AuthorizeSecurityGroupIngressRequest &authorize_request) {
Aws::String ingressIPRange = "203.0.113.0/24"; // Configure this for your allowed IP range.
Aws::EC2::Model::IpRange ip_range;
ip_range.SetCidrIp(ingressIPRange);
Aws::EC2::Model::IpPermission permission1;
permission1.SetIpProtocol("tcp");
permission1.SetToPort(80);
permission1.SetFromPort(80);
permission1.AddIpRanges(ip_range);
authorize_request.AddIpPermissions(permission1);
Aws::EC2::Model::IpPermission permission2;
permission2.SetIpProtocol("tcp");
permission2.SetToPort(22);
permission2.SetFromPort(22);
permission2.AddIpRanges(ip_range);
authorize_request.AddIpPermissions(permission2);
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/AuthorizeSecurityGroupIngress)*中的。
------
#### [ CLI ]
**AWS CLI**
**示例 1:添加允许入站 SSH 流量的规则**
以下 `authorize-security-group-ingress` 示例将添加一个规则,该规则允许入站流量通过 TCP 端口 22(SSH)。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--protocol tcp \
--port 22 \
--cidr 203.0.113.0/24
```
输出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-01afa97ef3e1bedfc",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"CidrIpv4": "203.0.113.0/24"
}
]
}
```
**示例 2:添加允许来自其他安全组的入站 HTTP 流量的规则**
以下 `authorize-security-group-ingress` 示例将添加一个规则,该规则允许源安全组通过 TCP 端口 80 进行入站访问`sg-1a2b3c4d`。源组必须在同一个 VPC 中,或者在对等 VPC 中(需要 VPC 对等连接)。允许的传入流量基于与源安全组相关联实例的私有 IP 地址(而不是公有 IP 或弹性 IP 地址)。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--protocol tcp \
--port 80 \
--source-group sg-1a2b3c4d
```
输出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-01f4be99110f638a7",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 80,
"ToPort": 80,
"ReferencedGroupInfo": {
"GroupId": "sg-1a2b3c4d",
"UserId": "123456789012"
}
}
]
}
```
**示例 3:在同一个调用中添加多个规则**
以下 `authorize-security-group-ingress` 示例使用 `ip-permissions` 参数添加两个入站规则,一个允许在 TCP 端口 3389(RDP)上进行入站访问,另一个启用 ping/ICMP。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges=[{CidrIp=172.31.0.0/16}]' 'IpProtocol=icmp,FromPort=-1,ToPort=-1,IpRanges=[{CidrIp=172.31.0.0/16}]'
```
输出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-00e06e5d3690f29f3",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 3389,
"ToPort": 3389,
"CidrIpv4": "172.31.0.0/16"
},
{
"SecurityGroupRuleId": "sgr-0a133dd4493944b87",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": -1,
"ToPort": -1,
"CidrIpv4": "172.31.0.0/16"
}
]
}
```
**示例 4:为 ICMP 流量添加规则**
以下 `authorize-security-group-ingress` 示例使用 `ip-permissions` 参数添加一个入站规则,该规则允许来自任何地方的 ICMP 消息 `Destination Unreachable: Fragmentation Needed and Don't Fragment was Set`(类型 3,代码 4)。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=icmp,FromPort=3,ToPort=4,IpRanges=[{CidrIp=0.0.0.0/0}]'
```
输出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0de3811019069b787",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "icmp",
"FromPort": 3,
"ToPort": 4,
"CidrIpv4": "0.0.0.0/0"
}
]
}
```
**示例 5:添加 IPv6 流量规则**
以下`authorize-security-group-ingress`示例使用`ip-permissions`参数添加一条入站规则,该规则允许从该 IPv6 范围进行 SSH 访问(端口 22)`2001:db8:1234:1a00::/64`。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=22,ToPort=22,Ipv6Ranges=[{CidrIpv6=2001:db8:1234:1a00::/64}]'
```
输出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0455bc68b60805563",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"CidrIpv6": "2001:db8:1234:1a00::/64"
}
]
}
```
**示例 6:添加 ICMPv6 流量规则**
以下`authorize-security-group-ingress`示例使用`ip-permissions`参数添加允许来自任何地方的 ICMPv6 流量的入站规则。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=icmpv6,Ipv6Ranges=[{CidrIpv6=::/0}]'
```
输出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-04b612d9363ab6327",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "icmpv6",
"FromPort": -1,
"ToPort": -1,
"CidrIpv6": "::/0"
}
]
}
```
**示例 7:添加带有描述的规则**
以下`authorize-security-group-ingress`示例使用`ip-permissions`参数添加入站规则,该规则允许来自指定 IPv4 地址范围的 RDP 流量。该规则包含描述,可帮助以后识别。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges=[{CidrIp=203.0.113.0/24,Description='RDP access from NY office'}]'
```
输出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0397bbcc01e974db3",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 3389,
"ToPort": 3389,
"CidrIpv4": "203.0.113.0/24",
"Description": "RDP access from NY office"
}
]
}
```
**示例 8:添加使用前缀列表的入站规则**
以下 `authorize-security-group-ingress` 示例使用 `ip-permissions` 参数添加一个入站规则,该规则允许指定前缀列表中 CIDR 范围的所有流量。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-04a351bfe432d4e71 \
--ip-permissions 'IpProtocol=all,PrefixListIds=[{PrefixListId=pl-002dc3ec097de1514}]'
```
输出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-09c74b32f677c6c7c",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "-1",
"FromPort": -1,
"ToPort": -1,
"PrefixListId": "pl-0721453c7ac4ec009"
}
]
}
```
有关更多信息,请参阅 *Amazon VPC 用户指南*中的[安全组](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[AuthorizeSecurityGroupIngress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/authorize-security-group-ingress.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Creates a new security group asynchronously with the specified group name, description, and VPC ID. It also
* authorizes inbound traffic on ports 80 and 22 from the specified IP address.
*
* @param groupName the name of the security group to create
* @param groupDesc the description of the security group
* @param vpcId the ID of the VPC in which to create the security group
* @param myIpAddress the IP address from which to allow inbound traffic (e.g., "192.168.1.1/0" to allow traffic from
* any IP address in the 192.168.1.0/24 subnet)
* @return a CompletableFuture that, when completed, returns the ID of the created security group
* @throws RuntimeException if there was a failure creating the security group or authorizing the inbound traffic
*/
public CompletableFuture createSecurityGroupAsync(String groupName, String groupDesc, String vpcId, String myIpAddress) {
CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder()
.groupName(groupName)
.description(groupDesc)
.vpcId(vpcId)
.build();
return getAsyncClient().createSecurityGroup(createRequest)
.thenCompose(createResponse -> {
String groupId = createResponse.groupId();
IpRange ipRange = IpRange.builder()
.cidrIp(myIpAddress + "/32")
.build();
IpPermission ipPerm = IpPermission.builder()
.ipProtocol("tcp")
.toPort(80)
.fromPort(80)
.ipRanges(ipRange)
.build();
IpPermission ipPerm2 = IpPermission.builder()
.ipProtocol("tcp")
.toPort(22)
.fromPort(22)
.ipRanges(ipRange)
.build();
AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder()
.groupName(groupName)
.ipPermissions(ipPerm, ipPerm2)
.build();
return getAsyncClient().authorizeSecurityGroupIngress(authRequest)
.thenApply(authResponse -> groupId);
})
.whenComplete((result, exception) -> {
if (exception != null) {
if (exception instanceof CompletionException && exception.getCause() instanceof Ec2Exception) {
throw (Ec2Exception) exception.getCause();
} else {
throw new RuntimeException("Failed to create security group: " + exception.getMessage(), exception);
}
}
});
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AuthorizeSecurityGroupIngress)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import {
AuthorizeSecurityGroupIngressCommand,
EC2Client,
} from "@aws-sdk/client-ec2";
/**
* Adds the specified inbound (ingress) rules to a security group.
* @param {{ groupId: string, ipAddress: string }} options
*/
export const main = async ({ groupId, ipAddress }) => {
const client = new EC2Client({});
const command = new AuthorizeSecurityGroupIngressCommand({
// Use a group ID from the AWS console or
// the DescribeSecurityGroupsCommand.
GroupId: groupId,
IpPermissions: [
{
IpProtocol: "tcp",
FromPort: 22,
ToPort: 22,
// The IP address to authorize.
// For more information on this notation, see
// https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation
IpRanges: [{ CidrIp: `${ipAddress}/32` }],
},
],
});
try {
const { SecurityGroupRules } = await client.send(command);
console.log(JSON.stringify(SecurityGroupRules, null, 2));
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidGroupId.Malformed") {
console.warn(`${caught.message}. Please provide a valid GroupId.`);
} else {
throw caught;
}
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AuthorizeSecurityGroupIngressCommand)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
suspend fun createEC2SecurityGroupSc(
groupNameVal: String?,
groupDescVal: String?,
vpcIdVal: String?,
myIpAddress: String?,
): String? {
val request =
CreateSecurityGroupRequest {
groupName = groupNameVal
description = groupDescVal
vpcId = vpcIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val resp = ec2.createSecurityGroup(request)
val ipRange =
IpRange {
cidrIp = "$myIpAddress/0"
}
val ipPerm =
IpPermission {
ipProtocol = "tcp"
toPort = 80
fromPort = 80
ipRanges = listOf(ipRange)
}
val ipPerm2 =
IpPermission {
ipProtocol = "tcp"
toPort = 22
fromPort = 22
ipRanges = listOf(ipRange)
}
val authRequest =
AuthorizeSecurityGroupIngressRequest {
groupName = groupNameVal
ipPermissions = listOf(ipPerm, ipPerm2)
}
ec2.authorizeSecurityGroupIngress(authRequest)
println("Successfully added ingress policy to Security Group $groupNameVal")
return resp.groupId
}
}
```
+ 有关 API 的详细信息,请参阅适用[AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例定义 EC2-VPC 的安全组的入口规则。这些规则为 SSH(端口 22)和 RDC(端口 3389)授予对特定 IP 地址的访问权限。请注意,您必须使用安全组 ID 而不是安全组名称来识别 EC2-VPC 的安全组。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**示例 2:在 PowerShell 版本 2 中,必须使用 New-Object 来创建对象。 IpPermission **
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**示例 3:此示例为 EC2-Classic 的安全组定义入口规则。这些规则为 SSH(端口 22)和 RDC(端口 3389)授予对特定 IP 地址的访问权限。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**示例 4:在 PowerShell 版本 2 中,必须使用 New-Object 来创建对象。 IpPermission **
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**示例 5:此示例授予 TCP 端口 8081 从指定的源安全组(sg-1a2b3c4d)到指定的安全组(sg-12345678)的访问权限。**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="8081"; ToPort="8081"; UserIdGroupPairs=$ug } )
```
**示例 6:此示例将 CIDR 5.5.5.5/32 添加到 TCP 端口 22 流量的安全组 sg-1234abcd 的入口规则中,并附有描述。**
```
$IpRange = New-Object -TypeName Amazon.EC2.Model.IpRange
$IpRange.CidrIp = "5.5.5.5/32"
$IpRange.Description = "SSH from Office"
$IpPermission = New-Object Amazon.EC2.Model.IpPermission
$IpPermission.IpProtocol = "tcp"
$IpPermission.ToPort = 22
$IpPermission.FromPort = 22
$IpPermission.Ipv4Ranges = $IpRange
Grant-EC2SecurityGroupIngress -GroupId sg-1234abcd -IpPermission $IpPermission
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例定义 EC2-VPC 的安全组的入口规则。这些规则为 SSH(端口 22)和 RDC(端口 3389)授予对特定 IP 地址的访问权限。请注意,您必须使用安全组 ID 而不是安全组名称来识别 EC2-VPC 的安全组。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**示例 2:在 PowerShell 版本 2 中,必须使用 New-Object 来创建对象。 IpPermission **
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**示例 3:此示例为 EC2-Classic 的安全组定义入口规则。这些规则为 SSH(端口 22)和 RDC(端口 3389)授予对特定 IP 地址的访问权限。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**示例 4:在 PowerShell 版本 2 中,必须使用 New-Object 来创建对象。 IpPermission **
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**示例 5:此示例授予 TCP 端口 8081 从指定的源安全组(sg-1a2b3c4d)到指定的安全组(sg-12345678)的访问权限。**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="8081"; ToPort="8081"; UserIdGroupPairs=$ug } )
```
**示例 6:此示例将 CIDR 5.5.5.5/32 添加到 TCP 端口 22 流量的安全组 sg-1234abcd 的入口规则中,并附有描述。**
```
$IpRange = New-Object -TypeName Amazon.EC2.Model.IpRange
$IpRange.CidrIp = "5.5.5.5/32"
$IpRange.Description = "SSH from Office"
$IpPermission = New-Object Amazon.EC2.Model.IpPermission
$IpPermission.IpProtocol = "tcp"
$IpPermission.ToPort = 22
$IpPermission.FromPort = 22
$IpPermission.Ipv4Ranges = $IpRange
Grant-EC2SecurityGroupIngress -GroupId sg-1234abcd -IpPermission $IpPermission
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def authorize_ingress(self, ssh_ingress_ip: str) -> Optional[Dict[str, Any]]:
"""
Adds a rule to the security group to allow access to SSH.
:param ssh_ingress_ip: The IP address that is granted inbound access to connect
to port 22 over TCP, used for SSH.
:return: The response to the authorization request. The 'Return' field of the
response indicates whether the request succeeded or failed, or None if no security group is set.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
if self.security_group is None:
logger.info("No security group to update.")
return None
try:
ip_permissions = [
{
# SSH ingress open to only the specified IP address.
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"IpRanges": [{"CidrIp": f"{ssh_ingress_ip}/32"}],
}
]
response = self.ec2_client.authorize_security_group_ingress(
GroupId=self.security_group, IpPermissions=ip_permissions
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidPermission.Duplicate":
logger.error(
f"The SSH ingress rule for IP {ssh_ingress_ip} already exists"
f"in security group '{self.security_group}'."
)
raise
else:
return response
```
+ 有关 API 的详细信息,请参阅适用[AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AuthorizeSecurityGroupIngress)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/// Add an ingress rule to a security group explicitly allowing IPv4 address
/// as {ip}/32 over TCP port 22.
pub async fn authorize_security_group_ssh_ingress(
&self,
group_id: &str,
ingress_ips: Vec,
) -> Result<(), EC2Error> {
tracing::info!("Authorizing ingress for security group {group_id}");
self.client
.authorize_security_group_ingress()
.group_id(group_id)
.set_ip_permissions(Some(
ingress_ips
.into_iter()
.map(|ip| {
IpPermission::builder()
.ip_protocol("tcp")
.from_port(22)
.to_port(22)
.ip_ranges(IpRange::builder().cidr_ip(format!("{ip}/32")).build())
.build()
})
.collect(),
))
.send()
.await?;
Ok(())
}
```
+ 有关 API 的详细信息,请参阅适用[AuthorizeSecurityGroupIngress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.authorize_security_group_ingress)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
" Create IP permissions for SSH access (port 22)
" iv_cidr_ip = '192.0.2.0/24'
DATA lt_ip_permissions TYPE /aws1/cl_ec2ippermission=>tt_ippermissionlist.
DATA(lo_ip_permission) = NEW /aws1/cl_ec2ippermission(
iv_ipprotocol = 'tcp'
iv_fromport = 22
iv_toport = 22
it_ipranges = VALUE /aws1/cl_ec2iprange=>tt_iprangelist(
( NEW /aws1/cl_ec2iprange( iv_cidrip = iv_cidr_ip ) )
)
).
APPEND lo_ip_permission TO lt_ip_permissions.
TRY.
oo_result = lo_ec2->authsecuritygroupingress( " oo_result is returned for testing purposes. "
iv_groupid = iv_group_id
it_ippermissions = lt_ip_permissions ).
MESSAGE 'Authorized ingress rule for security group.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import AWSEC2
/// Authorize ingress of connections for the security group.
///
/// - Parameters:
/// - groupId: The group ID of the security group to authorize access for.
/// - ipAddress: The IP address of the device to grant access to.
///
/// - Returns: `true` if access is successfully granted; otherwise `false`.
func authorizeSecurityGroupIngress(groupId: String, ipAddress: String) async -> Bool {
let ipRange = EC2ClientTypes.IpRange(cidrIp: "\(ipAddress)/0")
let httpPermission = EC2ClientTypes.IpPermission(
fromPort: 80,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 80
)
let sshPermission = EC2ClientTypes.IpPermission(
fromPort: 22,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 22
)
do {
_ = try await ec2Client.authorizeSecurityGroupIngress(
input: AuthorizeSecurityGroupIngressInput(
groupId: groupId,
ipPermissions: [httpPermission, sshPermission]
)
)
return true
} catch {
print("*** Error authorizing ingress for the security group: \(error.localizedDescription)")
return false
}
}
```
+ 如需了解 API 的详细信息,请参阅适用[AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/authorizesecuritygroupingress(input:))于 S *wift 的AWS SDK API 参考*。
------
# 将 `CancelCapacityReservation` 与 CLI 配合使用
以下代码示例演示如何使用 `CancelCapacityReservation`。
------
#### [ CLI ]
**AWS CLI**
**取消容量预留**
以下 `cancel-capacity-reservation` 示例将取消指定的容量预留。
```
aws ec2 cancel-capacity-reservation \
--capacity-reservation-id cr-1234abcd56EXAMPLE
```
输出:
```
{
"Return": true
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[取消容量预留](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-release.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CancelCapacityReservation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-capacity-reservation.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例取消容量预留 cr-0c1f2345db6f7cdba**
```
Remove-EC2CapacityReservation -CapacityReservationId cr-0c1f2345db6f7cdba
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2CapacityReservation (CancelCapacityReservation)" on target "cr-0c1f2345db6f7cdba".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y
True
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CancelCapacityReservation](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例取消容量预留 cr-0c1f2345db6f7cdba**
```
Remove-EC2CapacityReservation -CapacityReservationId cr-0c1f2345db6f7cdba
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2CapacityReservation (CancelCapacityReservation)" on target "cr-0c1f2345db6f7cdba".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y
True
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CancelCapacityReservation](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CancelImportTask` 与 CLI 配合使用
以下代码示例演示如何使用 `CancelImportTask`。
------
#### [ CLI ]
**AWS CLI**
**取消导入任务**
以下 `cancel-import-task` 示例将取消指定导入映像任务。
```
aws ec2 cancel-import-task \
--import-task-id import-ami-1234567890abcdef0
```
输出:
```
{
"ImportTaskId": "import-ami-1234567890abcdef0",
"PreviousState": "active",
"State": "deleting"
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CancelImportTask](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-import-task.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例取消指定的导入任务(快照或映像导入)。如果需要,可以使用 `-CancelReason` 参数提供原因。**
```
Stop-EC2ImportTask -ImportTaskId import-ami-abcdefgh
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CancelImportTask](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例取消指定的导入任务(快照或映像导入)。如果需要,可以使用 `-CancelReason` 参数提供原因。**
```
Stop-EC2ImportTask -ImportTaskId import-ami-abcdefgh
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CancelImportTask](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CancelSpotFleetRequests` 与 CLI 配合使用
以下代码示例演示如何使用 `CancelSpotFleetRequests`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:取消竞价型实例集请求并终止关联的实例**
以下 `cancel-spot-fleet-requests` 示例将取消竞价型实例集请求并终止关联的按需型实例和竞价型实例。
```
aws ec2 cancel-spot-fleet-requests \
--spot-fleet-request-ids sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE \
--terminate-instances
```
输出:
```
{
"SuccessfulFleetRequests": [
{
"SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE",
"CurrentSpotFleetRequestState": "cancelled_terminating",
"PreviousSpotFleetRequestState": "active"
}
],
"UnsuccessfulFleetRequests": []
}
```
**示例 2:取消竞价型实例集请求而不终止关联的实例**
以下 `cancel-spot-fleet-requests` 示例将取消竞价型实例集请求而不终止关联的按需型实例和竞价型实例。
```
aws ec2 cancel-spot-fleet-requests \
--spot-fleet-request-ids sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE \
--no-terminate-instances
```
输出:
```
{
"SuccessfulFleetRequests": [
{
"SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE",
"CurrentSpotFleetRequestState": "cancelled_running",
"PreviousSpotFleetRequestState": "active"
}
],
"UnsuccessfulFleetRequests": []
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[取消竞价型实例集请求](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cancel-spot-fleet.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CancelSpotFleetRequests](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-spot-fleet-requests.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例取消指定的竞价型实例集请求并终止关联的竞价型实例。**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $true
```
**示例 2:此示例取消指定的竞价型实例集请求,但不终止关联的竞价型实例。**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $false
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CancelSpotFleetRequests](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例取消指定的竞价型实例集请求并终止关联的竞价型实例。**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $true
```
**示例 2:此示例取消指定的竞价型实例集请求,但不终止关联的竞价型实例。**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $false
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CancelSpotFleetRequests](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CancelSpotInstanceRequests` 与 CLI 配合使用
以下代码示例演示如何使用 `CancelSpotInstanceRequests`。
------
#### [ CLI ]
**AWS CLI**
**取消竞价型实例请求**
此示例命令将取消竞价型实例请求。
命令:
```
aws ec2 cancel-spot-instance-requests --spot-instance-request-ids sir-08b93456
```
输出:
```
{
"CancelledSpotInstanceRequests": [
{
"State": "cancelled",
"SpotInstanceRequestId": "sir-08b93456"
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CancelSpotInstanceRequests](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-spot-instance-requests.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例取消指定的竞价型实例请求。**
```
Stop-EC2SpotInstanceRequest -SpotInstanceRequestId sir-12345678
```
**输出**:
```
SpotInstanceRequestId State
--------------------- -----
sir-12345678 cancelled
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CancelSpotInstanceRequests](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例取消指定的竞价型实例请求。**
```
Stop-EC2SpotInstanceRequest -SpotInstanceRequestId sir-12345678
```
**输出**:
```
SpotInstanceRequestId State
--------------------- -----
sir-12345678 cancelled
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CancelSpotInstanceRequests](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `ConfirmProductInstance` 与 CLI 配合使用
以下代码示例演示如何使用 `ConfirmProductInstance`。
------
#### [ CLI ]
**AWS CLI**
**确认产品实例**
此示例确定指定的产品代码是否与指定的实例相关联。
命令:
```
aws ec2 confirm-product-instance --product-code 774F4FF8 --instance-id i-1234567890abcdef0
```
输出:
```
{
"OwnerId": "123456789012"
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[ConfirmProductInstance](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/confirm-product-instance.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例确定指定的产品代码是否与指定的实例相关联。**
```
Confirm-EC2ProductInstance -ProductCode 774F4FF8 -InstanceId i-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [ConfirmProductInstance](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例确定指定的产品代码是否与指定的实例相关联。**
```
Confirm-EC2ProductInstance -ProductCode 774F4FF8 -InstanceId i-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [ConfirmProductInstance](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CopyImage` 与 CLI 配合使用
以下代码示例演示如何使用 `CopyImage`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:将 AMI 复制到其他区域**
以下 `copy-image` 示例命令将指定的 AMI 从 `us-west-2` 区域复制到 `us-east-1` 区域,并添加简短描述。
```
aws ec2 copy-image \
--region us-east-1 \
--name ami-name \
--source-region us-west-2 \
--source-image-id ami-066877671789bd71b \
--description "This is my copied image."
```
输出:
```
{
"ImageId": "ami-0123456789abcdefg"
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[复制 AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html)。
**示例 2:将 AMI 复制到其他区域并加密备份快照**
以下 `copy-image` 命令将指定的 AMI 从 `us-west-2` 区域复制到当前区域,并使用指定的 KMS 密钥加密备份快照。
```
aws ec2 copy-image \
--source-region us-west-2 \
--name ami-name \
--source-image-id ami-066877671789bd71b \
--encrypted \
--kms-key-id alias/my-kms-key
```
输出:
```
{
"ImageId": "ami-0123456789abcdefg"
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[复制 AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html)。
**示例 3:在复制 AMI 时包含用户定义的 AMI 标签**
在复制 AMI 时,以下 `copy-image` 命令使用 `--copy-image-tags` 参数复制用户定义的 AMI 标签。
```
aws ec2 copy-image \
--region us-east-1 \
--name ami-name \
--source-region us-west-2 \
--source-image-id ami-066877671789bd71b \
--description "This is my copied image."
--copy-image-tags
```
输出:
```
{
"ImageId": "ami-0123456789abcdefg"
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[复制 AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CopyImage](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/copy-image.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将“欧洲地区(爱尔兰)”区域中的指定 AMI 复制到“美国西部(俄勒冈州)”区域。如果未指定 -Region,则使用当前默认区域作为目标区域。**
```
Copy-EC2Image -SourceRegion eu-west-1 -SourceImageId ami-12345678 -Region us-west-2 -Name "Copy of ami-12345678"
```
**输出**:
```
ami-87654321
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CopyImage](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将“欧洲地区(爱尔兰)”区域中的指定 AMI 复制到“美国西部(俄勒冈州)”区域。如果未指定 -Region,则使用当前默认区域作为目标区域。**
```
Copy-EC2Image -SourceRegion eu-west-1 -SourceImageId ami-12345678 -Region us-west-2 -Name "Copy of ami-12345678"
```
**输出**:
```
ami-87654321
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CopyImage](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CopySnapshot` 与 CLI 配合使用
以下代码示例演示如何使用 `CopySnapshot`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:将快照复制到其他区域**
以下 `copy-snapshot` 示例命令将指定的快照从 `us-west-2` 区域复制到 `us-east-1` 区域,并添加简短描述。
```
aws ec2 copy-snapshot \
--region us-east-1 \
--source-region us-west-2 \
--source-snapshot-id snap-066877671789bd71b \
--description 'This is my copied snapshot.'
```
输出:
```
{
"SnapshotId": "snap-066877671789bd71b"
}
```
**示例 2:复制未加密的快照并加密新快照**
以下 `copy-snapshot` 命令将指定的未加密快照从 `us-west-2` 区域复制到当前区域,并使用指定的 KMS 密钥加密新快照。
```
aws ec2 copy-snapshot \
--source-region us-west-2 \
--source-snapshot-id snap-066877671789bd71b \
--encrypted \
--kms-key-id alias/my-kms-key
```
输出:
```
{
"SnapshotId": "snap-066877671789bd71b"
}
```
有关更多信息,请参阅《Amazon EBS User Guide》**中的 [Copy an Amazon EBS snapshot](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-copy-snapshot.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CopySnapshot](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/copy-snapshot.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将指定的快照从欧洲地区(爱尔兰)区域复制到美国西部(俄勒冈州)区域。**
```
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678 -Region us-west-2
```
**示例 2:如果您设置了默认区域并省略了 Region 参数,则默认目标区域为默认区域。**
```
Set-DefaultAWSRegion us-west-2
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CopySnapshot](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将指定的快照从欧洲地区(爱尔兰)区域复制到美国西部(俄勒冈州)区域。**
```
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678 -Region us-west-2
```
**示例 2:如果您设置了默认区域并省略了 Region 参数,则默认目标区域为默认区域。**
```
Set-DefaultAWSRegion us-west-2
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CopySnapshot](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateCapacityReservation` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateCapacityReservation`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:创建容量预留**
以下`create-capacity-reservation`示例在`eu-west-1a`可用区创建容量预留,您可以在其中启动三个运行 Linux/Unix 操作系统的`t2.medium`实例。默认情况下,容量预留是在开放实例匹配条件下创建的,不支持临时存储,在您手动取消容量预留之前,它将保持活动状态。
```
aws ec2 create-capacity-reservation \
--availability-zone eu-west-1a \
--instance-type t2.medium \
--instance-platform Linux/UNIX \
--instance-count 3
```
输出:
```
{
"CapacityReservation": {
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"EndDateType": "unlimited",
"AvailabilityZone": "eu-west-1a",
"InstanceMatchCriteria": "open",
"EphemeralStorage": false,
"CreateDate": "2019-08-16T09:27:35.000Z",
"AvailableInstanceCount": 3,
"InstancePlatform": "Linux/UNIX",
"TotalInstanceCount": 3,
"State": "active",
"Tenancy": "default",
"EbsOptimized": false,
"InstanceType": "t2.medium"
}
}
```
**示例 2:创建在指定日期/时间自动结束的容量预留**
以下`create-capacity-reservation`示例在`eu-west-1a`可用区创建容量预留,您可以在其中启动三个运行 Linux/Unix 操作系统的`m5.large`实例。此容量预留于 2019 年 8 月 31 日 23:59:59 自动结束。
```
aws ec2 create-capacity-reservation \
--availability-zone eu-west-1a \
--instance-type m5.large \
--instance-platform Linux/UNIX \
--instance-count 3 \
--end-date-type limited \
--end-date 2019-08-31T23:59:59Z
```
输出:
```
{
"CapacityReservation": {
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"EndDateType": "limited",
"AvailabilityZone": "eu-west-1a",
"EndDate": "2019-08-31T23:59:59.000Z",
"InstanceMatchCriteria": "open",
"EphemeralStorage": false,
"CreateDate": "2019-08-16T10:15:53.000Z",
"AvailableInstanceCount": 3,
"InstancePlatform": "Linux/UNIX",
"TotalInstanceCount": 3,
"State": "active",
"Tenancy": "default",
"EbsOptimized": false,
"InstanceType": "m5.large"
}
}
```
**示例 3:创建只接受目标实例启动的容量预留**
以下 `create-capacity-reservation` 示例将创建一个仅接受目标实例启动的容量预留。
```
aws ec2 create-capacity-reservation \
--availability-zone eu-west-1a \
--instance-type m5.large \
--instance-platform Linux/UNIX \
--instance-count 3 \
--instance-match-criteria targeted
```
输出:
```
{
"CapacityReservation": {
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"EndDateType": "unlimited",
"AvailabilityZone": "eu-west-1a",
"InstanceMatchCriteria": "targeted",
"EphemeralStorage": false,
"CreateDate": "2019-08-16T10:21:57.000Z",
"AvailableInstanceCount": 3,
"InstancePlatform": "Linux/UNIX",
"TotalInstanceCount": 3,
"State": "active",
"Tenancy": "default",
"EbsOptimized": false,
"InstanceType": "m5.large"
}
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[创建容量预留](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateCapacityReservation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-capacity-reservation.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例使用指定的属性创建新的容量预留。**
```
Add-EC2CapacityReservation -InstanceType m4.xlarge -InstanceCount 2 -AvailabilityZone eu-west-1b -EbsOptimized True -InstancePlatform Windows
```
**输出**:
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateCapacityReservation](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例使用指定的属性创建新的容量预留。**
```
Add-EC2CapacityReservation -InstanceType m4.xlarge -InstanceCount 2 -AvailabilityZone eu-west-1b -EbsOptimized True -InstancePlatform Windows
```
**输出**:
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateCapacityReservation](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateCustomerGateway` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateCustomerGateway`。
------
#### [ CLI ]
**AWS CLI**
**创建客户网关**
此示例为其外部接口创建一个具有指定 IP 地址的客户网关。
命令:
```
aws ec2 create-customer-gateway --type ipsec.1 --public-ip 12.1.2.3 --bgp-asn 65534
```
输出:
```
{
"CustomerGateway": {
"CustomerGatewayId": "cgw-0e11f167",
"IpAddress": "12.1.2.3",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65534"
}
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateCustomerGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-customer-gateway.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例创建指定的客户网关。**
```
New-EC2CustomerGateway -Type ipsec.1 -PublicIp 203.0.113.12 -BgpAsn 65534
```
**输出**:
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateCustomerGateway](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例创建指定的客户网关。**
```
New-EC2CustomerGateway -Type ipsec.1 -PublicIp 203.0.113.12 -BgpAsn 65534
```
**输出**:
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateCustomerGateway](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateDhcpOptions` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateDhcpOptions`。
------
#### [ CLI ]
**AWS CLI**
**创建 DHCP 选项集**
以下 `create-dhcp-options` 示例创建 DHCP 选项集,该选项集用于指定域名、域名服务器和 NetBIOS 节点类型。
```
aws ec2 create-dhcp-options \
--dhcp-configuration \
"Key=domain-name-servers,Values=10.2.5.1,10.2.5.2" \
"Key=domain-name,Values=example.com" \
"Key=netbios-node-type,Values=2"
```
输出:
```
{
"DhcpOptions": {
"DhcpConfigurations": [
{
"Key": "domain-name",
"Values": [
{
"Value": "example.com"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "10.2.5.1"
},
{
"Value": "10.2.5.2"
}
]
},
{
"Key": "netbios-node-type",
"Values": [
{
"Value": "2"
}
]
}
],
"DhcpOptionsId": "dopt-06d52773eff4c55f3"
}
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-dhcp-options.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例创建指定的 DHCP 选项集。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
$options = @( @{Key="domain-name";Values=@("abc.local")}, @{Key="domain-name-servers";Values=@("10.0.0.101","10.0.0.102")})
New-EC2DhcpOption -DhcpConfiguration $options
```
**输出**:
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
```
**示例 2:在 PowerShell 版本 2 中,必须使用 New-Object 来创建每个 DHCP 选项。**
```
$option1 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option1.Key = "domain-name"
$option1.Values = "abc.local"
$option2 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option2.Key = "domain-name-servers"
$option2.Values = @("10.0.0.101","10.0.0.102")
New-EC2DhcpOption -DhcpConfiguration @($option1, $option2)
```
**输出**:
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例创建指定的 DHCP 选项集。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
$options = @( @{Key="domain-name";Values=@("abc.local")}, @{Key="domain-name-servers";Values=@("10.0.0.101","10.0.0.102")})
New-EC2DhcpOption -DhcpConfiguration $options
```
**输出**:
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
```
**示例 2:在 PowerShell 版本 2 中,必须使用 New-Object 来创建每个 DHCP 选项。**
```
$option1 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option1.Key = "domain-name"
$option1.Values = "abc.local"
$option2 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option2.Key = "domain-name-servers"
$option2.Values = @("10.0.0.101","10.0.0.102")
New-EC2DhcpOption -DhcpConfiguration @($option1, $option2)
```
**输出**:
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateFlowLogs` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateFlowLogs`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:创建流日志**
以下 `create-flow-logs` 示例将创建流日志,该日志将捕获指定网络接口的所有已拒绝流量。使用指定 IAM 角色中的权限将流 CloudWatch 日志传输到 Logs 中的日志组。
```
aws ec2 create-flow-logs \
--resource-type NetworkInterface \
--resource-ids eni-11223344556677889 \
--traffic-type REJECT \
--log-group-name my-flow-logs \
--deliver-logs-permission-arn arn:aws:iam::123456789101:role/publishFlowLogs
```
输出:
```
{
"ClientToken": "so0eNA2uSHUNlHI0S2cJ305GuIX1CezaRdGtexample",
"FlowLogIds": [
"fl-12345678901234567"
],
"Unsuccessful": []
}
```
有关更多信息,请参阅《Amazon VPC 用户指南》**中的 [VPC 流日志](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html)。
**示例 2:使用自定义格式创建流日志**
以下 `create-flow-logs` 示例将创建流日志,以捕获指定 VPC 的所有流量并将流日志传输到 Amazon S3 存储桶。`--log-format` 参数指定流日志记录的自定义格式。要在 Windows 上运行此命令,请将单引号(')更改为双引号(")。
```
aws ec2 create-flow-logs \
--resource-type VPC \
--resource-ids vpc-00112233344556677 \
--traffic-type ALL \
--log-destination-type s3 \
--log-destination arn:aws:s3:::flow-log-bucket/my-custom-flow-logs/ \
--log-format '${version} ${vpc-id} ${subnet-id} ${instance-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${tcp-flags} ${type} ${pkt-srcaddr} ${pkt-dstaddr}'
```
有关更多信息,请参阅《Amazon VPC 用户指南》**中的 [VPC 流日志](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html)。
**示例 3:创建最大聚合间隔为一分钟的流日志**
以下 `create-flow-logs` 示例将创建流日志,以捕获指定 VPC 的所有流量并将流日志传输到 Amazon S3 存储桶。`--max-aggregation-interval` 参数指定的最大聚合间隔为 60 秒(1 分钟)。
```
aws ec2 create-flow-logs \
--resource-type VPC \
--resource-ids vpc-00112233344556677 \
--traffic-type ALL \
--log-destination-type s3 \
--log-destination arn:aws:s3:::flow-log-bucket/my-custom-flow-logs/ \
--max-aggregation-interval 60
```
有关更多信息,请参阅《Amazon VPC 用户指南》**中的 [VPC 流日志](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateFlowLogs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-flow-logs.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例使用 “管理员” 角色的权限将子网子网-1d234567 的 EC2 流日志创建到 cloud-watch-log名为 “subnet1-log” 的所有 “拒绝” 流量**
```
New-EC2FlowLog -ResourceId "subnet-1d234567" -LogDestinationType cloud-watch-logs -LogGroupName subnet1-log -TrafficType "REJECT" -ResourceType Subnet -DeliverLogsPermissionArn "arn:aws:iam::98765432109:role/Admin"
```
**输出**:
```
ClientToken FlowLogIds Unsuccessful
----------- ---------- ------------
m1VN2cxP3iB4qo//VUKl5EU6cF7gQLOxcqNefvjeTGw= {fl-012fc34eed5678c9d} {}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateFlowLogs](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例使用 “管理员” 角色的权限将子网子网-1d234567 的 EC2 流日志创建到 cloud-watch-log名为 “subnet1-log” 的所有 “拒绝” 流量**
```
New-EC2FlowLog -ResourceId "subnet-1d234567" -LogDestinationType cloud-watch-logs -LogGroupName subnet1-log -TrafficType "REJECT" -ResourceType Subnet -DeliverLogsPermissionArn "arn:aws:iam::98765432109:role/Admin"
```
**输出**:
```
ClientToken FlowLogIds Unsuccessful
----------- ---------- ------------
m1VN2cxP3iB4qo//VUKl5EU6cF7gQLOxcqNefvjeTGw= {fl-012fc34eed5678c9d} {}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateImage` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateImage`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:从 Amazon EBS 支持的实例创建 AMI**
以下 `create-image` 示例从指定的实例创建 AMI。
```
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--description "An AMI for my server"
```
输出:
```
{
"ImageId": "ami-abcdef01234567890"
}
```
有关为 AMI 指定块设备映射的更多信息,请参阅《Amazon EC2 用户指南》**中的[为 AMI 指定块设备映射](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#create-ami-bdm)。
**示例 2:在不重启的情况下从 Amazon EBS 支持的实例创建 AMI**
以下 `create-image` 示例创建 AMI 并设置 --no-reboot 参数,这样在创建映像之前就不会重启实例。
```
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--no-reboot
```
输出:
```
{
"ImageId": "ami-abcdef01234567890"
}
```
有关为 AMI 指定块设备映射的更多信息,请参阅《Amazon EC2 用户指南》**中的[为 AMI 指定块设备映射](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#create-ami-bdm)。
**示例 3:在创建时标记 AMI 和快照**
以下 `create-image` 示例创建 AMI,并使用相同的标签 `cost-center=cc123` 标记 AMI 和快照。
```
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--tag-specifications "ResourceType=image,Tags=[{Key=cost-center,Value=cc123}]" "ResourceType=snapshot,Tags=[{Key=cost-center,Value=cc123}]"
```
输出:
```
{
"ImageId": "ami-abcdef01234567890"
}
```
有关在创建时标记资源的更多信息,请参阅《Amazon EC2 用户指南》**中的[在创建资源时添加标签](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-on-create-examples)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateImage](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-image.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例从指定的实例创建具有指定名称和描述的 AMI。Amazon EC2 在创建映像前尝试彻底关闭实例,并在完成后重新启动实例。**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI"
```
**示例 2:此示例从指定的实例创建具有指定名称和描述的 AMI。Amazon EC2 无需关闭和重新启动实例即可创建映像;因此,无法保证所创建映像上的文件系统完整性。**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -NoReboot $true
```
**示例 3:此示例创建一个包含三个卷的 AMI。第一个卷基于 Amazon EBS 快照。第二个卷是一个空的 100 GiB Amazon EBS 卷。第三卷是一个实例存储卷。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
$ebsBlock1 = @{SnapshotId="snap-1a2b3c4d"}
$ebsBlock2 = @{VolumeSize=100}
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -BlockDeviceMapping @( @{DeviceName="/dev/sdf";Ebs=$ebsBlock1}, @{DeviceName="/dev/sdg";Ebs=$ebsBlock2}, @{DeviceName="/dev/sdc";VirtualName="ephemeral0"})
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateImage](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例从指定的实例创建具有指定名称和描述的 AMI。Amazon EC2 在创建映像前尝试彻底关闭实例,并在完成后重新启动实例。**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI"
```
**示例 2:此示例从指定的实例创建具有指定名称和描述的 AMI。Amazon EC2 无需关闭和重新启动实例即可创建映像;因此,无法保证所创建映像上的文件系统完整性。**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -NoReboot $true
```
**示例 3:此示例创建一个包含三个卷的 AMI。第一个卷基于 Amazon EBS 快照。第二个卷是一个空的 100 GiB Amazon EBS 卷。第三卷是一个实例存储卷。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
$ebsBlock1 = @{SnapshotId="snap-1a2b3c4d"}
$ebsBlock2 = @{VolumeSize=100}
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -BlockDeviceMapping @( @{DeviceName="/dev/sdf";Ebs=$ebsBlock1}, @{DeviceName="/dev/sdg";Ebs=$ebsBlock2}, @{DeviceName="/dev/sdc";VirtualName="ephemeral0"})
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateImage](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateInstanceExportTask` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateInstanceExportTask`。
------
#### [ CLI ]
**AWS CLI**
**导出实例**
此示例命令将创建一个任务,用于将实例 i-1234567890abcdef0 导出到 Amazon S3 存储桶 myexportbucket。
命令:
```
aws ec2 create-instance-export-task --description "RHEL5 instance" --instance-id i-1234567890abcdef0 --target-environment vmware --export-to-s3-task DiskImageFormat=vmdk,ContainerFormat=ova,S3Bucket=myexportbucket,S3Prefix=RHEL5
```
输出:
```
{
"ExportTask": {
"State": "active",
"InstanceExportDetails": {
"InstanceId": "i-1234567890abcdef0",
"TargetEnvironment": "vmware"
},
"ExportToS3Task": {
"S3Bucket": "myexportbucket",
"S3Key": "RHEL5export-i-fh8sjjsq.ova",
"DiskImageFormat": "vmdk",
"ContainerFormat": "ova"
},
"Description": "RHEL5 instance",
"ExportTaskId": "export-i-fh8sjjsq"
}
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateInstanceExportTask](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-instance-export-task.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例将已停止的实例 `i-0800b00a00EXAMPLE` 作为虚拟硬盘(VHD)导出到 S3 存储桶 `testbucket-export-instances-2019`。目标环境是`Microsoft`,添加区域参数是因为实例位于该区域,而用户的默认`us-east-1` AWS 区域不是 us-east-1。要获取导出任务的状态,请复制此命令的结果中的 `ExportTaskId` 值,然后运行 `Get-EC2ExportTask -ExportTaskId export_task_ID_from_results.`**
```
New-EC2InstanceExportTask -InstanceId i-0800b00a00EXAMPLE -ExportToS3Task_DiskImageFormat VHD -ExportToS3Task_S3Bucket "amzn-s3-demo-bucket" -TargetEnvironment Microsoft -Region us-east-1
```
**输出**:
```
Description :
ExportTaskId : export-i-077c73108aEXAMPLE
ExportToS3Task : Amazon.EC2.Model.ExportToS3Task
InstanceExportDetails : Amazon.EC2.Model.InstanceExportDetails
State : active
StatusMessage :
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateInstanceExportTask](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例将已停止的实例 `i-0800b00a00EXAMPLE` 作为虚拟硬盘(VHD)导出到 S3 存储桶 `testbucket-export-instances-2019`。目标环境是`Microsoft`,添加区域参数是因为实例位于该区域,而用户的默认`us-east-1` AWS 区域不是 us-east-1。要获取导出任务的状态,请复制此命令的结果中的 `ExportTaskId` 值,然后运行 `Get-EC2ExportTask -ExportTaskId export_task_ID_from_results.`**
```
New-EC2InstanceExportTask -InstanceId i-0800b00a00EXAMPLE -ExportToS3Task_DiskImageFormat VHD -ExportToS3Task_S3Bucket "amzn-s3-demo-bucket" -TargetEnvironment Microsoft -Region us-east-1
```
**输出**:
```
Description :
ExportTaskId : export-i-077c73108aEXAMPLE
ExportToS3Task : Amazon.EC2.Model.ExportToS3Task
InstanceExportDetails : Amazon.EC2.Model.InstanceExportDetails
State : active
StatusMessage :
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateInstanceExportTask](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateInternetGateway` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateInternetGateway`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**创建互联网网关**
以下 `create-internet-gateway` 示例将创建带有标签 `Name=my-igw` 的互联网网关。
```
aws ec2 create-internet-gateway \
--tag-specifications ResourceType=internet-gateway,Tags=[{Key=Name,Value=my-igw}]
```
输出:
```
{
"InternetGateway": {
"Attachments": [],
"InternetGatewayId": "igw-0d0fb496b3994d755",
"OwnerId": "123456789012",
"Tags": [
{
"Key": "Name",
"Value": "my-igw"
}
]
}
}
```
有关更多信息,请参阅《*Amazon VPC 用户指南*》中的[互联网网关](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateInternetGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-internet-gateway.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例创建互联网网关。**
```
New-EC2InternetGateway
```
**输出**:
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{} igw-1a2b3c4d {}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateInternetGateway](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例创建互联网网关。**
```
New-EC2InternetGateway
```
**输出**:
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{} igw-1a2b3c4d {}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateInternetGateway](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `CreateKeyPair`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `CreateKeyPair`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Create an Amazon EC2 key pair with a specified name.
///
/// The name for the new key pair.
/// The Amazon EC2 key pair created.
public async Task CreateKeyPair(string keyPairName)
{
try
{
var request = new CreateKeyPairRequest { KeyName = keyPairName, };
var response = await _amazonEC2.CreateKeyPairAsync(request);
var kp = response.KeyPair;
// Return the key pair so it can be saved if needed.
// Wait until the key pair exists.
int retries = 5;
while (retries-- > 0)
{
Console.WriteLine($"Checking for new KeyPair {keyPairName}...");
var keyPairs = await DescribeKeyPairs(keyPairName);
if (keyPairs.Any())
{
return kp;
}
Thread.Sleep(5000);
retries--;
}
_logger.LogError($"Unable to find newly created KeyPair {keyPairName}.");
throw new DoesNotExistException("KeyPair not found");
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidKeyPair.Duplicate")
{
_logger.LogError(
$"A key pair called {keyPairName} already exists.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while creating the key pair.: {ex.Message}");
throw;
}
}
///
/// Save KeyPair information to a temporary file.
///
/// The name of the key pair.
/// The full path to the temporary file.
public string SaveKeyPair(KeyPair keyPair)
{
var tempPath = Path.GetTempPath();
var tempFileName = $"{tempPath}\\{Path.GetRandomFileName()}";
var pemFileName = Path.ChangeExtension(tempFileName, "pem");
// Save the key pair to a file in a temporary folder.
using var stream = new FileStream(pemFileName, FileMode.Create);
using var writer = new StreamWriter(stream);
writer.WriteLine(keyPair.KeyMaterial);
return pemFileName;
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[CreateKeyPair](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/CreateKeyPair)*中的。
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# function ec2_create_keypair
#
# This function creates an Amazon Elastic Compute Cloud (Amazon EC2) ED25519 or 2048-bit RSA key pair
# and writes it to a file.
#
# Parameters:
# -n key_pair_name - A key pair name.
# -f file_path - File to store the key pair.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_create_keypair() {
local key_pair_name file_path response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_create_keypair"
echo "Creates an Amazon Elastic Compute Cloud (Amazon EC2) ED25519 or 2048-bit RSA key pair"
echo " and writes it to a file."
echo " -n key_pair_name - A key pair name."
echo " -f file_path - File to store the key pair."
echo ""
}
# Retrieve the calling parameters.
while getopts "n:f:h" option; do
case "${option}" in
n) key_pair_name="${OPTARG}" ;;
f) file_path="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$key_pair_name" ]]; then
errecho "ERROR: You must provide a key name with the -n parameter."
usage
return 1
fi
if [[ -z "$file_path" ]]; then
errecho "ERROR: You must provide a file path with the -f parameter."
usage
return 1
fi
response=$(aws ec2 create-key-pair \
--key-name "$key_pair_name" \
--query 'KeyMaterial' \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports create-access-key operation failed.$response"
return 1
}
if [[ -n "$file_path" ]]; then
echo "$response" >"$file_path"
fi
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateKeyPair](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/CreateKeyPair)*中的。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! Create an Amazon Elastic Compute Cloud (Amazon EC2) instance key pair.
/*!
\param keyPairName: A name for a key pair.
\param keyFilePath: File path where the credentials are stored. Ignored if it is an empty string;
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::createKeyPair(const Aws::String &keyPairName, const Aws::String &keyFilePath,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::CreateKeyPairRequest request;
request.SetKeyName(keyPairName);
Aws::EC2::Model::CreateKeyPairOutcome outcome = ec2Client.CreateKeyPair(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to create key pair - " << keyPairName << ". " <<
outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully created key pair named " <<
keyPairName << std::endl;
if (!keyFilePath.empty()) {
std::ofstream keyFile(keyFilePath.c_str());
keyFile << outcome.GetResult().GetKeyMaterial();
keyFile.close();
std::cout << "Keys written to the file " <<
keyFilePath << std::endl;
}
}
return outcome.IsSuccess();
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/CreateKeyPair)*中的。
------
#### [ CLI ]
**AWS CLI**
**创建密钥对**
本示例将创建一个名为 `MyKeyPair` 的密钥对。
命令:
```
aws ec2 create-key-pair --key-name MyKeyPair
```
输出是私有密钥和密钥指纹的 ASCII 版本。需要将密钥保存到文件中。
有关更多信息,请参阅《AWS 命令行界面用户指南》**中的“使用密钥对”。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateKeyPair](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-key-pair.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Creates a new key pair asynchronously.
*
* @param keyName the name of the key pair to create
* @param fileName the name of the file to write the key material to
* @return a {@link CompletableFuture} that represents the asynchronous operation
* of creating the key pair and writing the key material to a file
*/
public CompletableFuture createKeyPairAsync(String keyName, String fileName) {
CreateKeyPairRequest request = CreateKeyPairRequest.builder()
.keyName(keyName)
.build();
CompletableFuture responseFuture = getAsyncClient().createKeyPair(request);
responseFuture.whenComplete((response, exception) -> {
if (response != null) {
try {
BufferedWriter writer = new BufferedWriter(new FileWriter(fileName));
writer.write(response.keyMaterial());
writer.close();
} catch (IOException e) {
throw new RuntimeException("Failed to write key material to file: " + e.getMessage(), e);
}
} else {
throw new RuntimeException("Failed to create key pair: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateKeyPair)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { CreateKeyPairCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Creates an ED25519 or 2048-bit RSA key pair with the specified name and in the specified PEM or PPK format.
* Amazon EC2 stores the public key and displays the private key for you to save to a file.
* @param {{ keyName: string }} options
*/
export const main = async ({ keyName }) => {
const client = new EC2Client({});
const command = new CreateKeyPairCommand({
KeyName: keyName,
});
try {
const { KeyMaterial, KeyName } = await client.send(command);
console.log(KeyName);
console.log(KeyMaterial);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidKeyPair.Duplicate") {
console.warn(`${caught.message}. Try another key name.`);
} else {
throw caught;
}
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[CreateKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateKeyPairCommand)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
suspend fun createEC2KeyPair(keyNameVal: String) {
val request =
CreateKeyPairRequest {
keyName = keyNameVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.createKeyPair(request)
println("The key ID is ${response.keyPairId}")
}
}
```
+ 有关 API 的详细信息,请参阅适用[CreateKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例创建一个密钥对,并在具有指定名称的文件中捕获经过 PEM 编码的 RSA 私有密钥。使用时 PowerShell,必须将编码设置为 ascii 才能生成有效的密钥。有关更多信息,请参阅 AWS 命令行界面用户指南中的创建、显示和删除 Amazon EC2 密钥对 (https://docs.aws.amazon.com/cli/latest/userguide/cli-services-ec2-keypairs.html)。**
```
(New-EC2KeyPair -KeyName "my-key-pair").KeyMaterial | Out-File -Encoding ascii -FilePath C:\path\my-key-pair.pem
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateKeyPair](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例创建一个密钥对,并在具有指定名称的文件中捕获经过 PEM 编码的 RSA 私有密钥。使用时 PowerShell,必须将编码设置为 ascii 才能生成有效的密钥。有关更多信息,请参阅 AWS 命令行界面用户指南中的创建、显示和删除 Amazon EC2 密钥对 (https://docs.aws.amazon.com/cli/latest/userguide/cli-services-ec2-keypairs.html)。**
```
(New-EC2KeyPair -KeyName "my-key-pair").KeyMaterial | Out-File -Encoding ascii -FilePath C:\path\my-key-pair.pem
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateKeyPair](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def create(self, key_name: str) -> dict:
"""
Creates a key pair that can be used to securely connect to an EC2 instance.
The returned key pair contains private key information that cannot be retrieved
again. The private key data is stored as a .pem file.
:param key_name: The name of the key pair to create.
:return: A dictionary representing the Boto3 KeyPair object that represents the newly created key pair.
:raises ClientError: If there is an error in creating the key pair, for example, if a key pair with the same name already exists.
"""
try:
response = self.ec2_client.create_key_pair(KeyName=key_name)
self.key_pair = response
self.key_file_path = os.path.join(
self.key_file_dir.name, f"{self.key_pair['KeyName']}.pem"
)
with open(self.key_file_path, "w") as key_file:
key_file.write(self.key_pair["KeyMaterial"])
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidKeyPair.Duplicate":
logger.error(
f"A key pair called {key_name} already exists. "
"Please choose a different name for your key pair "
"or delete the existing key pair before creating."
)
raise
else:
return self.key_pair
```
+ 有关 API 的详细信息,请参阅适用[CreateKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateKeyPair)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Ruby ]
**适用于 Ruby 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
# This code example does the following:
# 1. Creates a key pair in Amazon Elastic Compute Cloud (Amazon EC2).
# 2. Displays information about available key pairs.
# 3. Deletes the key pair.
require 'aws-sdk-ec2'
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @param key_pair_name [String] The name for the key pair and private
# key file.
# @return [Boolean] true if the key pair and private key file were
# created; otherwise, false.
# @example
# exit 1 unless key_pair_created?(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'my-key-pair'
# )
def key_pair_created?(ec2_client, key_pair_name)
key_pair = ec2_client.create_key_pair(key_name: key_pair_name)
puts "Created key pair '#{key_pair.key_name}' with fingerprint " \
"'#{key_pair.key_fingerprint}' and ID '#{key_pair.key_pair_id}'."
filename = File.join(Dir.home, "#{key_pair_name}.pem")
File.open(filename, 'w') { |file| file.write(key_pair.key_material) }
puts "Private key file saved locally as '#{filename}'."
true
rescue Aws::EC2::Errors::InvalidKeyPairDuplicate
puts "Error creating key pair: a key pair named '#{key_pair_name}' " \
'already exists.'
false
rescue StandardError => e
puts "Error creating key pair or saving private key file: #{e.message}"
false
end
# Displays information about available key pairs in
# Amazon Elastic Compute Cloud (Amazon EC2).
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @example
# describe_key_pairs(Aws::EC2::Client.new(region: 'us-west-2'))
def describe_key_pairs(ec2_client)
result = ec2_client.describe_key_pairs
if result.key_pairs.count.zero?
puts 'No key pairs found.'
else
puts 'Key pair names:'
result.key_pairs.each do |key_pair|
puts key_pair.key_name
end
end
rescue StandardError => e
puts "Error getting information about key pairs: #{e.message}"
end
# Deletes a key pair in Amazon Elastic Compute Cloud (Amazon EC2).
#
# Prerequisites:
#
# - The key pair to delete.
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @param key_pair_name [String] The name of the key pair to delete.
# @return [Boolean] true if the key pair was deleted; otherwise, false.
# @example
# exit 1 unless key_pair_deleted?(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'my-key-pair'
# )
def key_pair_deleted?(ec2_client, key_pair_name)
ec2_client.delete_key_pair(key_name: key_pair_name)
true
rescue StandardError => e
puts "Error deleting key pair: #{e.message}"
false
end
# Example usage:
def run_me
key_pair_name = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-key-pairs.rb KEY_PAIR_NAME REGION'
puts 'Example: ruby ec2-ruby-example-key-pairs.rb my-key-pair us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
elsif ARGV.count.zero?
key_pair_name = 'my-key-pair'
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
key_pair_name = ARGV[0]
region = ARGV[1]
end
ec2_client = Aws::EC2::Client.new(region: region)
puts 'Displaying existing key pair names before creating this key pair...'
describe_key_pairs(ec2_client)
puts '-' * 10
puts 'Creating key pair...'
unless key_pair_created?(ec2_client, key_pair_name)
puts 'Stopping program.'
exit 1
end
puts '-' * 10
puts 'Displaying existing key pair names after creating this key pair...'
describe_key_pairs(ec2_client)
puts '-' * 10
puts 'Deleting key pair...'
unless key_pair_deleted?(ec2_client, key_pair_name)
puts 'Stopping program. You must delete the key pair yourself.'
exit 1
end
puts 'Key pair deleted.'
puts '-' * 10
puts 'Now that the key pair is deleted, ' \
'also deleting the related private key pair file...'
filename = File.join(Dir.home, "#{key_pair_name}.pem")
File.delete(filename)
if File.exist?(filename)
puts "Could not delete file at '#{filename}'. You must delete it yourself."
else
puts 'File deleted.'
end
puts '-' * 10
puts 'Displaying existing key pair names after deleting this key pair...'
describe_key_pairs(ec2_client)
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 有关 API 的详细信息,请参阅 *适用于 Ruby 的 AWS SDK API 参考[CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateKeyPair)*中的。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
Rust 实现方案,它调用 EC2 客户端的 create\$1key\$1pair 并提取返回的材料。
```
pub async fn create_key_pair(&self, name: String) -> Result<(KeyPairInfo, String), EC2Error> {
tracing::info!("Creating key pair {name}");
let output = self.client.create_key_pair().key_name(name).send().await?;
let info = KeyPairInfo::builder()
.set_key_name(output.key_name)
.set_key_fingerprint(output.key_fingerprint)
.set_key_pair_id(output.key_pair_id)
.build();
let material = output
.key_material
.ok_or_else(|| EC2Error::new("Create Key Pair has no key material"))?;
Ok((info, material))
}
```
一个函数,它调用 create\$1key impl 并安全地保存 PEM 私有密钥。
```
/// Creates a key pair that can be used to securely connect to an EC2 instance.
/// The returned key pair contains private key information that cannot be retrieved
/// again. The private key data is stored as a .pem file.
///
/// :param key_name: The name of the key pair to create.
pub async fn create(
&mut self,
ec2: &EC2,
util: &Util,
key_name: String,
) -> Result {
let (key_pair, material) = ec2.create_key_pair(key_name.clone()).await.map_err(|e| {
self.key_pair = KeyPairInfo::builder().key_name(key_name.clone()).build();
e.add_message(format!("Couldn't create key {key_name}"))
})?;
let path = self.key_file_dir.join(format!("{key_name}.pem"));
// Save the key_pair information immediately, so it can get cleaned up if write_secure fails.
self.key_file_path = Some(path.clone());
self.key_pair = key_pair.clone();
util.write_secure(&key_name, &path, material)?;
Ok(key_pair)
}
```
+ 有关 API 的详细信息,请参阅适用[CreateKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_key_pair)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
oo_result = lo_ec2->createkeypair( iv_keyname = iv_key_name ). " oo_result is returned for testing purposes. "
MESSAGE 'Amazon EC2 key pair created.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[CreateKeyPair](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import AWSEC2
/// Create a new RSA key pair and save the private key to a randomly-named
/// file in the temporary directory.
///
/// - Parameter name: The name of the key pair to create.
///
/// - Returns: The URL of the newly created `.pem` file or `nil` if unable
/// to create the key pair.
func createKeyPair(name: String) async -> URL? {
do {
let output = try await ec2Client.createKeyPair(
input: CreateKeyPairInput(
keyName: name
)
)
guard let keyMaterial = output.keyMaterial else {
return nil
}
// Build the URL of the temporary private key file.
let fileURL = URL.temporaryDirectory
.appendingPathComponent(name)
.appendingPathExtension("pem")
do {
try keyMaterial.write(to: fileURL, atomically: true, encoding: String.Encoding.utf8)
return fileURL
} catch {
print("*** Failed to write the private key.")
return nil
}
} catch {
print("*** Unable to create the key pair.")
return nil
}
}
```
+ 如需了解 API 的详细信息,请参阅适用[CreateKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createkeypair(input:))于 S *wift 的AWS SDK API 参考*。
------
# `CreateLaunchTemplate`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `CreateLaunchTemplate`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [构建和管理弹性服务](ec2_example_cross_ResilientService_section.md)
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Creates an Amazon EC2 launch template to use with Amazon EC2 Auto Scaling.
/// The launch template specifies a Bash script in its user data field that runs after
/// the instance is started. This script installs the Python packages and starts a Python
/// web server on the instance.
///
/// The path to a Bash script file that is run.
/// The path to a permissions policy to create and attach to the profile.
/// The template object.
public async Task CreateTemplate(string startupScriptPath, string instancePolicyPath)
{
try
{
await CreateKeyPair(_keyPairName);
await CreateInstanceProfileWithName(_instancePolicyName, _instanceRoleName,
_instanceProfileName, instancePolicyPath);
var startServerText = await File.ReadAllTextAsync(startupScriptPath);
var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(startServerText);
var amiLatest = await _amazonSsm.GetParameterAsync(
new GetParameterRequest() { Name = _amiParam });
var amiId = amiLatest.Parameter.Value;
var launchTemplateResponse = await _amazonEc2.CreateLaunchTemplateAsync(
new CreateLaunchTemplateRequest()
{
LaunchTemplateName = _launchTemplateName,
LaunchTemplateData = new RequestLaunchTemplateData()
{
InstanceType = _instanceType,
ImageId = amiId,
IamInstanceProfile =
new
LaunchTemplateIamInstanceProfileSpecificationRequest()
{
Name = _instanceProfileName
},
KeyName = _keyPairName,
UserData = System.Convert.ToBase64String(plainTextBytes)
}
});
return launchTemplateResponse.LaunchTemplate;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidLaunchTemplateName.AlreadyExistsException")
{
_logger.LogError($"Could not create the template, the name {_launchTemplateName} already exists. " +
$"Please try again with a unique name.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while creating the template.: {ex.Message}");
throw;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[CreateLaunchTemplate](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/CreateLaunchTemplate)*中的。
------
#### [ CLI ]
**AWS CLI**
**示例 1:创建启动模板**
以下`create-launch-template`示例创建了一个启动模板,该模板指定了启动实例的子网,为该实例分配了公有 IP IPv6 地址和地址,并为该实例创建了标签。
```
aws ec2 create-launch-template \
--launch-template-name TemplateForWebServer \
--version-description WebVersion1 \
--launch-template-data '{"NetworkInterfaces":[{"AssociatePublicIpAddress":true,"DeviceIndex":0,"Ipv6AddressCount":1,"SubnetId":"subnet-7b16de0c"}],"ImageId":"ami-8c1be5f6","InstanceType":"t2.small","TagSpecifications":[{"ResourceType":"instance","Tags":[{"Key":"purpose","Value":"webserver"}]}]}'
```
输出:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 1,
"LaunchTemplateId": "lt-01238c059e3466abc",
"LaunchTemplateName": "TemplateForWebServer",
"DefaultVersionNumber": 1,
"CreatedBy": "arn:aws:iam::123456789012:user/Bob",
"CreateTime": "2019-01-27T09:13:24.000Z"
}
}
```
有关更多信息,请参阅《Amazon Elastic Compute Cloud 用户指南》**中的“从启动模板启动实例”。有关引用 JSON 格式参数的信息,请参阅《AWS 命令行界面用户指南》**中的“引用字符串”。
**示例 2:为 Amazon EC2 Auto Scaling 创建启动模板**
以下 `create-launch-template` 示例创建一个具有多个标签和块设备映射的启动模板,以在实例启动时指定一个附加 EBS 卷。为 `Groups` 指定一个值,该值与 VPC 的安全组对应,自动扩缩组会将实例启动到该安全组中。指定 VPC 和子网作为自动扩缩组的属性。
```
aws ec2 create-launch-template \
--launch-template-name TemplateForAutoScaling \
--version-description AutoScalingVersion1 \
--launch-template-data '{"NetworkInterfaces":[{"DeviceIndex":0,"AssociatePublicIpAddress":true,"Groups":["sg-7c227019,sg-903004f8"],"DeleteOnTermination":true}],"ImageId":"ami-b42209de","InstanceType":"m4.large","TagSpecifications":[{"ResourceType":"instance","Tags":[{"Key":"environment","Value":"production"},{"Key":"purpose","Value":"webserver"}]},{"ResourceType":"volume","Tags":[{"Key":"environment","Value":"production"},{"Key":"cost-center","Value":"cc123"}]}],"BlockDeviceMappings":[{"DeviceName":"/dev/sda1","Ebs":{"VolumeSize":100}}]}' --region us-east-1
```
输出:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 1,
"LaunchTemplateId": "lt-0123c79c33a54e0abc",
"LaunchTemplateName": "TemplateForAutoScaling",
"DefaultVersionNumber": 1,
"CreatedBy": "arn:aws:iam::123456789012:user/Bob",
"CreateTime": "2019-04-30T18:16:06.000Z"
}
}
```
有关更多信息,请参阅《Amazon EC2 Auto Scaling 用户指南》**中的“为自动扩缩组创建启动模板”。有关引用 JSON 格式参数的信息,请参阅《AWS 命令行界面用户指南》**中的“引用字符串”。
**示例 3:创建指定对 EBS 卷进行加密的启动模板**
以下 `create-launch-template` 示例创建一个启动模板,其中包括根据未加密的快照创建的加密 EBS 卷。同时还会在创建过程中标记卷。如果默认情况下禁用了加密,则必须指定以下示例中所示的 `"Encrypted"` 选项。如果使用 `"KmsKeyId"` 选项来指定客户托管的 CMK,则即使默认情况下启用了加密,也必须指定 `"Encrypted"` 选项。
```
aws ec2 create-launch-template \
--launch-template-name TemplateForEncryption \
--launch-template-data file://config.json
```
`config.json` 的内容:
```
{
"BlockDeviceMappings":[
{
"DeviceName":"/dev/sda1",
"Ebs":{
"VolumeType":"gp2",
"DeleteOnTermination":true,
"SnapshotId":"snap-066877671789bd71b",
"Encrypted":true,
"KmsKeyId":"arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef"
}
}
],
"ImageId":"ami-00068cd7555f543d5",
"InstanceType":"c5.large",
"TagSpecifications":[
{
"ResourceType":"volume",
"Tags":[
{
"Key":"encrypted",
"Value":"yes"
}
]
}
]
}
```
输出:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 1,
"LaunchTemplateId": "lt-0d5bd51bcf8530abc",
"LaunchTemplateName": "TemplateForEncryption",
"DefaultVersionNumber": 1,
"CreatedBy": "arn:aws:iam::123456789012:user/Bob",
"CreateTime": "2020-01-07T19:08:36.000Z"
}
}
```
有关更多信息,请参阅《Amazon Elastic Compute Cloud 用户指南》**中的“从快照恢复 Amazon EBS 卷且默认情况下加密”。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateLaunchTemplate](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-launch-template.html)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cross-services/wkflw-resilient-service#code-examples)中查找完整示例,了解如何进行设置和运行。
```
const ssmClient = new SSMClient({});
const { Parameter } = await ssmClient.send(
new GetParameterCommand({
Name: "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2",
}),
);
const ec2Client = new EC2Client({});
await ec2Client.send(
new CreateLaunchTemplateCommand({
LaunchTemplateName: NAMES.launchTemplateName,
LaunchTemplateData: {
InstanceType: "t3.micro",
ImageId: Parameter.Value,
IamInstanceProfile: { Name: NAMES.instanceProfileName },
UserData: readFileSync(
join(RESOURCES_PATH, "server_startup_script.sh"),
).toString("base64"),
KeyName: NAMES.keyPairName,
},
}),
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[CreateLaunchTemplate](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateLaunchTemplateCommand)*中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
此示例创建一个启动模板,其中包括向实例授予特定权限的实例配置文件以及启动后在实例上运行的用户数据 Bash 脚本。
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def create_template(
self, server_startup_script_file: str, instance_policy_file: str
) -> Dict[str, Any]:
"""
Creates an Amazon EC2 launch template to use with Amazon EC2 Auto Scaling. The
launch template specifies a Bash script in its user data field that runs after
the instance is started. This script installs Python packages and starts a
Python web server on the instance.
:param server_startup_script_file: The path to a Bash script file that is run
when an instance starts.
:param instance_policy_file: The path to a file that defines a permissions policy
to create and attach to the instance profile.
:return: Information about the newly created template.
"""
template = {}
try:
# Create key pair and instance profile
self.create_key_pair(self.key_pair_name)
self.create_instance_profile(
instance_policy_file,
self.instance_policy_name,
self.instance_role_name,
self.instance_profile_name,
)
# Read the startup script
with open(server_startup_script_file) as file:
start_server_script = file.read()
# Get the latest AMI ID
ami_latest = self.ssm_client.get_parameter(Name=self.ami_param)
ami_id = ami_latest["Parameter"]["Value"]
# Create the launch template
lt_response = self.ec2_client.create_launch_template(
LaunchTemplateName=self.launch_template_name,
LaunchTemplateData={
"InstanceType": self.inst_type,
"ImageId": ami_id,
"IamInstanceProfile": {"Name": self.instance_profile_name},
"UserData": base64.b64encode(
start_server_script.encode(encoding="utf-8")
).decode(encoding="utf-8"),
"KeyName": self.key_pair_name,
},
)
template = lt_response["LaunchTemplate"]
log.info(
f"Created launch template {self.launch_template_name} for AMI {ami_id} on {self.inst_type}."
)
except ClientError as err:
log.error(f"Failed to create launch template {self.launch_template_name}.")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidLaunchTemplateName.AlreadyExistsException":
log.info(
f"Launch template {self.launch_template_name} already exists, nothing to do."
)
log.error(f"Full error:\n\t{err}")
return template
```
+ 有关 API 的详细信息,请参阅适用[CreateLaunchTemplate](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateLaunchTemplate)于 *Python 的AWS SDK (Boto3) API 参考*。
------
# 将 `CreateNetworkAcl` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateNetworkAcl`。
------
#### [ CLI ]
**AWS CLI**
**创建网络 ACL**
此示例将为指定的 VPC 创建网络 ACL。
命令:
```
aws ec2 create-network-acl --vpc-id vpc-a01106c2
```
输出:
```
{
"NetworkAcl": {
"Associations": [],
"NetworkAclId": "acl-5fb85d36",
"VpcId": "vpc-a01106c2",
"Tags": [],
"Entries": [
{
"CidrBlock": "0.0.0.0/0",
"RuleNumber": 32767,
"Protocol": "-1",
"Egress": true,
"RuleAction": "deny"
},
{
"CidrBlock": "0.0.0.0/0",
"RuleNumber": 32767,
"Protocol": "-1",
"Egress": false,
"RuleAction": "deny"
}
],
"IsDefault": false
}
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateNetworkAcl](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-network-acl.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例为指定的 VPC 创建网络 ACL。**
```
New-EC2NetworkAcl -VpcId vpc-12345678
```
**输出**:
```
Associations : {}
Entries : {Amazon.EC2.Model.NetworkAclEntry, Amazon.EC2.Model.NetworkAclEntry}
IsDefault : False
NetworkAclId : acl-12345678
Tags : {}
VpcId : vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateNetworkAcl](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例为指定的 VPC 创建网络 ACL。**
```
New-EC2NetworkAcl -VpcId vpc-12345678
```
**输出**:
```
Associations : {}
Entries : {Amazon.EC2.Model.NetworkAclEntry, Amazon.EC2.Model.NetworkAclEntry}
IsDefault : False
NetworkAclId : acl-12345678
Tags : {}
VpcId : vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateNetworkAcl](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateNetworkAclEntry` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateNetworkAclEntry`。
------
#### [ CLI ]
**AWS CLI**
**创建网络 ACL 条目**
此示例将为指定的网络 ACL 创建一个条目。该规则允许从 UDP 端口 53 (DNS) 上的任何 IPv4 地址 (0.0.0.0/0) 进入任何关联子网的入口流量。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 create-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 100 --protocol udp --port-range From=53,To=53 --cidr-block 0.0.0.0/0 --rule-action allow
```
此示例为指定的网络 ACL 创建了一条规则,该规则允许来自 TCP 端口 80 (HTTP) 上的任何 IPv6 地址 (:: /0) 的入口流量。
命令:
```
aws ec2 create-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 120 --protocol tcp --port-range From=80,To=80 --ipv6-cidr-block ::/0 --rule-action allow
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateNetworkAclEntry](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-network-acl-entry.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例为指定的网络 ACL 创建一个条目。该规则可让来自 UDP 端口 53(DNS)上任何地址(0.0.0.0/0)的入站流量进入任何关联的子网。**
```
New-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100 -Protocol 17 -PortRange_From 53 -PortRange_To 53 -CidrBlock 0.0.0.0/0 -RuleAction allow
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateNetworkAclEntry](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例为指定的网络 ACL 创建一个条目。该规则可让来自 UDP 端口 53(DNS)上任何地址(0.0.0.0/0)的入站流量进入任何关联的子网。**
```
New-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100 -Protocol 17 -PortRange_From 53 -PortRange_To 53 -CidrBlock 0.0.0.0/0 -RuleAction allow
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateNetworkAclEntry](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateNetworkInterface` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateNetworkInterface`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:为网络接口指定 IPv4 地址**
以下`create-network-interface`示例使用指定的主 IPv4 地址为指定子网创建网络接口。
```
aws ec2 create-network-interface \
--subnet-id subnet-00a24d0d67acf6333 \
--description "my network interface" \
--groups sg-09dfba7ed20cda78b \
--private-ip-address 10.0.8.17
```
输出:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"Description": "my network interface",
"Groups": [
{
"GroupName": "my-security-group",
"GroupId": "sg-09dfba7ed20cda78b"
}
],
"InterfaceType": "interface",
"Ipv6Addresses": [],
"MacAddress": "06:6a:0f:9a:49:37",
"NetworkInterfaceId": "eni-0492b355f0cf3b3f8",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.17",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-17.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.17"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b"
}
}
```
**示例 2:使用 IPv4 地址和地址创建网络接口 IPv6 **
以下 `create-network-interface` 示例将使用由 Amazon EC2 选择的 IPv4 地址和 IPv6 地址为指定子网创建网络接口。
```
aws ec2 create-network-interface \
--subnet-id subnet-00a24d0d67acf6333 \
--description "my dual stack network interface" \
--ipv6-address-count 1 \
--groups sg-09dfba7ed20cda78b
```
输出:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"Description": "my dual stack network interface",
"Groups": [
{
"GroupName": "my-security-group",
"GroupId": "sg-09dfba7ed20cda78b"
}
],
"InterfaceType": "interface",
"Ipv6Addresses": [
{
"Ipv6Address": "2600:1f13:cfe:3650:a1dc:237c:393a:4ba7",
"IsPrimaryIpv6": false
}
],
"MacAddress": "06:b8:68:d2:b2:2d",
"NetworkInterfaceId": "eni-05da417453f9a84bf",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.18",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.18"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b",
"Ipv6Address": "2600:1f13:cfe:3650:a1dc:237c:393a:4ba7"
}
}
```
**示例 3:使用连接跟踪配置选项创建网络接口**
以下 `create-network-interface` 示例将创建网络接口并配置空闲连接跟踪超时。
```
aws ec2 create-network-interface \
--subnet-id subnet-00a24d0d67acf6333 \
--groups sg-02e57dbcfe0331c1b \
--connection-tracking-specification TcpEstablishedTimeout=86400,UdpTimeout=60
```
输出:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"ConnectionTrackingConfiguration": {
"TcpEstablishedTimeout": 86400,
"UdpTimeout": 60
},
"Description": "",
"Groups": [
{
"GroupName": "my-security-group",
"GroupId": "sg-02e57dbcfe0331c1b"
}
],
"InterfaceType": "interface",
"Ipv6Addresses": [],
"MacAddress": "06:4c:53:de:6d:91",
"NetworkInterfaceId": "eni-0c133586e08903d0b",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-94.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.94",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-94.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.94"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b"
}
}
```
**示例 4:创建 Elastic Fabric Adapter**
以下 `create-network-interface` 示例将创建 EFA。
```
aws ec2 create-network-interface \
--interface-type efa \
--subnet-id subnet-00a24d0d67acf6333 \
--description "my efa" \
--groups sg-02e57dbcfe0331c1b
```
输出:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"Description": "my efa",
"Groups": [
{
"GroupName": "my-efa-sg",
"GroupId": "sg-02e57dbcfe0331c1b"
}
],
"InterfaceType": "efa",
"Ipv6Addresses": [],
"MacAddress": "06:d7:a4:f7:4d:57",
"NetworkInterfaceId": "eni-034acc2885e862b65",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-180.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.180",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-180.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.180"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b"
}
}
```
有关更多信息,请参阅《*Amazon EC2 用户指南*》中的[弹性网络接口](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateNetworkInterface](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-network-interface.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例创建指定的网络接口。**
```
New-EC2NetworkInterface -SubnetId subnet-1a2b3c4d -Description "my network interface" -Group sg-12345678 -PrivateIpAddress 10.0.0.17
```
**输出**:
```
Association :
Attachment :
AvailabilityZone : us-west-2c
Description : my network interface
Groups : {my-security-group}
MacAddress : 0a:72:bc:1a:cd:7f
NetworkInterfaceId : eni-12345678
OwnerId : 123456789012
PrivateDnsName : ip-10-0-0-17.us-west-2.compute.internal
PrivateIpAddress : 10.0.0.17
PrivateIpAddresses : {}
RequesterId :
RequesterManaged : False
SourceDestCheck : True
Status : pending
SubnetId : subnet-1a2b3c4d
TagSet : {}
VpcId : vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateNetworkInterface](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例创建指定的网络接口。**
```
New-EC2NetworkInterface -SubnetId subnet-1a2b3c4d -Description "my network interface" -Group sg-12345678 -PrivateIpAddress 10.0.0.17
```
**输出**:
```
Association :
Attachment :
AvailabilityZone : us-west-2c
Description : my network interface
Groups : {my-security-group}
MacAddress : 0a:72:bc:1a:cd:7f
NetworkInterfaceId : eni-12345678
OwnerId : 123456789012
PrivateDnsName : ip-10-0-0-17.us-west-2.compute.internal
PrivateIpAddress : 10.0.0.17
PrivateIpAddresses : {}
RequesterId :
RequesterManaged : False
SourceDestCheck : True
Status : pending
SubnetId : subnet-1a2b3c4d
TagSet : {}
VpcId : vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateNetworkInterface](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreatePlacementGroup` 与 CLI 配合使用
以下代码示例演示如何使用 `CreatePlacementGroup`。
------
#### [ CLI ]
**AWS CLI**
**创建置放群组**
此示例命令将使用指定名称创建置放群组。
命令:
```
aws ec2 create-placement-group --group-name my-cluster --strategy cluster
```
**创建分区置放群组**
此示例命令将创建一个名为 `HDFS-Group-A` 的分区置放群组,其中包含 5 个分区。
命令:
```
aws ec2 create-placement-group --group-name HDFS-Group-A --strategy partition --partition-count 5
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreatePlacementGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-placement-group.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例命令使用指定的名称创建置放群组。**
```
New-EC2PlacementGroup -GroupName my-placement-group -Strategy cluster
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreatePlacementGroup](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例命令使用指定的名称创建置放群组。**
```
New-EC2PlacementGroup -GroupName my-placement-group -Strategy cluster
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreatePlacementGroup](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateRoute` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateRoute`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
+ [中转网关入门](ec2_example_vpc_TransitGatewayGettingStarted_section.md)
------
#### [ CLI ]
**AWS CLI**
**创建路由**
此示例将为指定的路由表创建路由。该路由匹配所有 IPv4 流量 (`0.0.0.0/0`),并将其路由到指定的 Internet 网关。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 create-route --route-table-id rtb-22574640 --destination-cidr-block 0.0.0.0/0 --gateway-id igw-c0a643a9
```
此示例命令在路由表 rtb-g8ff4ea2 中创建路由。该路由匹配 IPv4 CIDR 块 10.0.0.0/16 的流量,并将其路由到 VPC 对等连接 pcx-111aaa22。此路由可将流量定向到 VPC 对等连接中的对等 VPC。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 create-route --route-table-id rtb-g8ff4ea2 --destination-cidr-block 10.0.0.0/16 --vpc-peering-connection-id pcx-1a2b3c4d
```
此示例在指定的路由表中创建一条匹配所有 IPv6 流量 (`::/0`) 的路由,并将其路由到指定的仅限出口 Internet 网关。
命令:
```
aws ec2 create-route --route-table-id rtb-dce620b8 --destination-ipv6-cidr-block ::/0 --egress-only-internet-gateway-id eigw-01eadbd45ecd7943f
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-route.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例为指定的路由表创建指定的路由。该路由匹配所有流量,并将其路由到指定的互联网网关。**
```
New-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0 -GatewayId igw-1a2b3c4d
```
**输出**:
```
True
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateRoute](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例为指定的路由表创建指定的路由。该路由匹配所有流量,并将其路由到指定的互联网网关。**
```
New-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0 -GatewayId igw-1a2b3c4d
```
**输出**:
```
True
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateRoute](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `CreateRouteTable`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `CreateRouteTable`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**创建路由表**
本示例为指定的 VPC 创建路由表。
命令:
```
aws ec2 create-route-table --vpc-id vpc-a01106c2
```
输出:
```
{
"RouteTable": {
"Associations": [],
"RouteTableId": "rtb-22574640",
"VpcId": "vpc-a01106c2",
"PropagatingVgws": [],
"Tags": [],
"Routes": [
{
"GatewayId": "local",
"DestinationCidrBlock": "10.0.0.0/16",
"State": "active"
}
]
}
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateRouteTable](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-route-table.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例为指定的 VPC 创建路由表。**
```
New-EC2RouteTable -VpcId vpc-12345678
```
**输出**:
```
Associations : {}
PropagatingVgws : {}
Routes : {}
RouteTableId : rtb-1a2b3c4d
Tags : {}
VpcId : vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateRouteTable](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例为指定的 VPC 创建路由表。**
```
New-EC2RouteTable -VpcId vpc-12345678
```
**输出**:
```
Associations : {}
PropagatingVgws : {}
Routes : {}
RouteTableId : rtb-1a2b3c4d
Tags : {}
VpcId : vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateRouteTable](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Ruby ]
**适用于 Ruby 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
require 'aws-sdk-ec2'
# Prerequisites:
#
# - A VPC in Amazon VPC.
# - A subnet in that VPC.
# - A gateway attached to that subnet.
#
# @param ec2_resource [Aws::EC2::Resource] An initialized
# Amazon Elastic Compute Cloud (Amazon EC2) resource object.
# @param vpc_id [String] The ID of the VPC for the route table.
# @param subnet_id [String] The ID of the subnet for the route table.
# @param gateway_id [String] The ID of the gateway for the route.
# @param destination_cidr_block [String] The destination CIDR block
# for the route.
# @param tag_key [String] The key portion of the tag for the route table.
# @param tag_value [String] The value portion of the tag for the route table.
# @return [Boolean] true if the route table was created and associated;
# otherwise, false.
# @example
# exit 1 unless route_table_created_and_associated?(
# Aws::EC2::Resource.new(region: 'us-west-2'),
# 'vpc-0b6f769731EXAMPLE',
# 'subnet-03d9303b57EXAMPLE',
# 'igw-06ca90c011EXAMPLE',
# '0.0.0.0/0',
# 'my-key',
# 'my-value'
# )
def route_table_created_and_associated?(
ec2_resource,
vpc_id,
subnet_id,
gateway_id,
destination_cidr_block,
tag_key,
tag_value
)
route_table = ec2_resource.create_route_table(vpc_id: vpc_id)
puts "Created route table with ID '#{route_table.id}'."
route_table.create_tags(
tags: [
{
key: tag_key,
value: tag_value
}
]
)
puts 'Added tags to route table.'
route_table.create_route(
destination_cidr_block: destination_cidr_block,
gateway_id: gateway_id
)
puts 'Created route with destination CIDR block ' \
"'#{destination_cidr_block}' and associated with gateway " \
"with ID '#{gateway_id}'."
route_table.associate_with_subnet(subnet_id: subnet_id)
puts "Associated route table with subnet with ID '#{subnet_id}'."
true
rescue StandardError => e
puts "Error creating or associating route table: #{e.message}"
puts 'If the route table was created but not associated, you should ' \
'clean up by deleting the route table.'
false
end
# Example usage:
def run_me
vpc_id = ''
subnet_id = ''
gateway_id = ''
destination_cidr_block = ''
tag_key = ''
tag_value = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-create-route-table.rb ' \
'VPC_ID SUBNET_ID GATEWAY_ID DESTINATION_CIDR_BLOCK ' \
'TAG_KEY TAG_VALUE REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-create-route-table.rb ' \
'vpc-0b6f769731EXAMPLE subnet-03d9303b57EXAMPLE igw-06ca90c011EXAMPLE ' \
"'0.0.0.0/0' my-key my-value us-west-2"
exit 1
# If no values are specified at the command prompt, use these default values.
elsif ARGV.count.zero?
vpc_id = 'vpc-0b6f769731EXAMPLE'
subnet_id = 'subnet-03d9303b57EXAMPLE'
gateway_id = 'igw-06ca90c011EXAMPLE'
destination_cidr_block = '0.0.0.0/0'
tag_key = 'my-key'
tag_value = 'my-value'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
vpc_id = ARGV[0]
subnet_id = ARGV[1]
gateway_id = ARGV[2]
destination_cidr_block = ARGV[3]
tag_key = ARGV[4]
tag_value = ARGV[5]
region = ARGV[6]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
if route_table_created_and_associated?(
ec2_resource,
vpc_id,
subnet_id,
gateway_id,
destination_cidr_block,
tag_key,
tag_value
)
puts 'Route table created and associated.'
else
puts 'Route table not created or not associated.'
end
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 有关 API 的详细信息,请参阅 *适用于 Ruby 的 AWS SDK API 参考[CreateRouteTable](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateRouteTable)*中的。
------
# `CreateSecurityGroup`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `CreateSecurityGroup`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Create an Amazon EC2 security group with a specified name and description.
///
/// The name for the new security group.
/// A description of the new security group.
/// The group Id of the new security group.
public async Task CreateSecurityGroup(string groupName, string groupDescription)
{
try
{
var response = await _amazonEC2.CreateSecurityGroupAsync(
new CreateSecurityGroupRequest(groupName, groupDescription));
// Wait until the security group exists.
int retries = 5;
while (retries-- > 0)
{
var groups = await DescribeSecurityGroups(response.GroupId);
if (groups.Any())
{
return response.GroupId;
}
Thread.Sleep(5000);
retries--;
}
_logger.LogError($"Unable to find newly created group {groupName}.");
throw new DoesNotExistException("security group not found");
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "ResourceAlreadyExists")
{
_logger.LogError(
$"A security group with the name {groupName} already exists. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while creating the security group.: {ex.Message}");
throw;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[CreateSecurityGroup](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/CreateSecurityGroup)*中的。
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# function ec2_create_security_group
#
# This function creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Parameters:
# -n security_group_name - The name of the security group.
# -d security_group_description - The description of the security group.
#
# Returns:
# The ID of the created security group, or an error message if the operation fails.
# And:
# 0 - If successful.
# 1 - If it fails.
#
###############################################################################
function ec2_create_security_group() {
local security_group_name security_group_description response
# Function to display usage information
function usage() {
echo "function ec2_create_security_group"
echo "Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group."
echo " -n security_group_name - The name of the security group."
echo " -d security_group_description - The description of the security group."
echo ""
}
# Parse the command-line arguments
while getopts "n:d:h" option; do
case "${option}" in
n) security_group_name="${OPTARG}" ;;
d) security_group_description="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
# Validate the input parameters
if [[ -z "$security_group_name" ]]; then
errecho "ERROR: You must provide a security group name with the -n parameter."
return 1
fi
if [[ -z "$security_group_description" ]]; then
errecho "ERROR: You must provide a security group description with the -d parameter."
return 1
fi
# Create the security group
response=$(aws ec2 create-security-group \
--group-name "$security_group_name" \
--description "$security_group_description" \
--query "GroupId" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports create-security-group operation failed."
errecho "$response"
return 1
}
echo "$response"
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateSecurityGroup](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/CreateSecurityGroup)*中的。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! Create a security group.
/*!
\param groupName: A security group name.
\param description: A description.
\param vpcID: A virtual private cloud (VPC) ID.
\param[out] groupIDResult: A string to receive the group ID.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::createSecurityGroup(const Aws::String &groupName,
const Aws::String &description,
const Aws::String &vpcID,
Aws::String &groupIDResult,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::CreateSecurityGroupRequest request;
request.SetGroupName(groupName);
request.SetDescription(description);
request.SetVpcId(vpcID);
const Aws::EC2::Model::CreateSecurityGroupOutcome outcome =
ec2Client.CreateSecurityGroup(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to create security group:" <<
outcome.GetError().GetMessage() << std::endl;
return false;
}
std::cout << "Successfully created security group named " << groupName <<
std::endl;
groupIDResult = outcome.GetResult().GetGroupId();
return true;
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/CreateSecurityGroup)*中的。
------
#### [ CLI ]
**AWS CLI**
**为 EC2-Classic 创建安全组**
本示例将创建一个名为 `MySecurityGroup` 的安全组。
命令:
```
aws ec2 create-security-group --group-name MySecurityGroup --description "My security group"
```
输出:
```
{
"GroupId": "sg-903004f8"
}
```
**为 EC2-VPC 创建安全组**
本示例为指定的 VPC 创建名为 `MySecurityGroup` 的安全组。
命令:
```
aws ec2 create-security-group --group-name MySecurityGroup --description "My security group" --vpc-id vpc-1a2b3c4d
```
输出:
```
{
"GroupId": "sg-903004f8"
}
```
有关更多信息,请参阅《AWS 命令行界面用户指南》**中的“使用安全组”。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateSecurityGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-security-group.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Creates a new security group asynchronously with the specified group name, description, and VPC ID. It also
* authorizes inbound traffic on ports 80 and 22 from the specified IP address.
*
* @param groupName the name of the security group to create
* @param groupDesc the description of the security group
* @param vpcId the ID of the VPC in which to create the security group
* @param myIpAddress the IP address from which to allow inbound traffic (e.g., "192.168.1.1/0" to allow traffic from
* any IP address in the 192.168.1.0/24 subnet)
* @return a CompletableFuture that, when completed, returns the ID of the created security group
* @throws RuntimeException if there was a failure creating the security group or authorizing the inbound traffic
*/
public CompletableFuture createSecurityGroupAsync(String groupName, String groupDesc, String vpcId, String myIpAddress) {
CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder()
.groupName(groupName)
.description(groupDesc)
.vpcId(vpcId)
.build();
return getAsyncClient().createSecurityGroup(createRequest)
.thenCompose(createResponse -> {
String groupId = createResponse.groupId();
IpRange ipRange = IpRange.builder()
.cidrIp(myIpAddress + "/32")
.build();
IpPermission ipPerm = IpPermission.builder()
.ipProtocol("tcp")
.toPort(80)
.fromPort(80)
.ipRanges(ipRange)
.build();
IpPermission ipPerm2 = IpPermission.builder()
.ipProtocol("tcp")
.toPort(22)
.fromPort(22)
.ipRanges(ipRange)
.build();
AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder()
.groupName(groupName)
.ipPermissions(ipPerm, ipPerm2)
.build();
return getAsyncClient().authorizeSecurityGroupIngress(authRequest)
.thenApply(authResponse -> groupId);
})
.whenComplete((result, exception) -> {
if (exception != null) {
if (exception instanceof CompletionException && exception.getCause() instanceof Ec2Exception) {
throw (Ec2Exception) exception.getCause();
} else {
throw new RuntimeException("Failed to create security group: " + exception.getMessage(), exception);
}
}
});
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateSecurityGroup)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { CreateSecurityGroupCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Creates a security group.
* @param {{ groupName: string, description: string }} options
*/
export const main = async ({ groupName, description }) => {
const client = new EC2Client({});
const command = new CreateSecurityGroupCommand({
// Up to 255 characters in length. Cannot start with sg-.
GroupName: groupName,
// Up to 255 characters in length.
Description: description,
});
try {
const { GroupId } = await client.send(command);
console.log(GroupId);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}.`);
} else {
throw caught;
}
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[CreateSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateSecurityGroupCommand)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
suspend fun createEC2SecurityGroup(
groupNameVal: String?,
groupDescVal: String?,
vpcIdVal: String?,
): String? {
val request =
CreateSecurityGroupRequest {
groupName = groupNameVal
description = groupDescVal
vpcId = vpcIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val resp = ec2.createSecurityGroup(request)
val ipRange =
IpRange {
cidrIp = "0.0.0.0/0"
}
val ipPerm =
IpPermission {
ipProtocol = "tcp"
toPort = 80
fromPort = 80
ipRanges = listOf(ipRange)
}
val ipPerm2 =
IpPermission {
ipProtocol = "tcp"
toPort = 22
fromPort = 22
ipRanges = listOf(ipRange)
}
val authRequest =
AuthorizeSecurityGroupIngressRequest {
groupName = groupNameVal
ipPermissions = listOf(ipPerm, ipPerm2)
}
ec2.authorizeSecurityGroupIngress(authRequest)
println("Successfully added ingress policy to Security Group $groupNameVal")
return resp.groupId
}
}
```
+ 有关 API 的详细信息,请参阅适用[CreateSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例为指定的 VPC 创建一个安全组。**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group" -VpcId vpc-12345678
```
**输出**:
```
sg-12345678
```
**示例 2:此示例为 EC2-Classic 创建一个安全组。**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group"
```
**输出**:
```
sg-45678901
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateSecurityGroup](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例为指定的 VPC 创建一个安全组。**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group" -VpcId vpc-12345678
```
**输出**:
```
sg-12345678
```
**示例 2:此示例为 EC2-Classic 创建一个安全组。**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group"
```
**输出**:
```
sg-45678901
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateSecurityGroup](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(self, group_name: str, group_description: str) -> str:
"""
Creates a security group in the default virtual private cloud (VPC) of the current account.
:param group_name: The name of the security group to create.
:param group_description: The description of the security group to create.
:return: The ID of the newly created security group.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
try:
response = self.ec2_client.create_security_group(
GroupName=group_name, Description=group_description
)
self.security_group = response["GroupId"]
except ClientError as err:
if err.response["Error"]["Code"] == "ResourceAlreadyExists":
logger.error(
f"Security group '{group_name}' already exists. Please choose a different name."
)
raise
else:
return self.security_group
```
+ 有关 API 的详细信息,请参阅适用[CreateSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateSecurityGroup)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Ruby ]
**适用于 Ruby 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
# This code example does the following:
# 1. Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.
# 2. Adds inbound rules to the security group.
# 3. Displays information about available security groups.
# 4. Deletes the security group.
require 'aws-sdk-ec2'
# Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Prerequisites:
#
# - A VPC in Amazon Virtual Private Cloud (Amazon VPC).
#
# @param ec2_client [Aws::EC2::Client] An initialized
# Amazon EC2 client.
# @param group_name [String] A name for the security group.
# @param description [String] A description for the security group.
# @param vpc_id [String] The ID of the VPC for the security group.
# @return [String] The ID of security group that was created.
# @example
# puts create_security_group(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'my-security-group',
# 'This is my security group.',
# 'vpc-6713dfEX'
# )
def create_security_group(ec2_client, group_name, description, vpc_id)
security_group = ec2_client.create_security_group(
group_name: group_name,
description: description,
vpc_id: vpc_id
)
puts "Created security group '#{group_name}' with ID " \
"'#{security_group.group_id}' in VPC with ID '#{vpc_id}'."
security_group.group_id
rescue StandardError => e
puts "Error creating security group: #{e.message}"
'Error'
end
# Adds an inbound rule to an Amazon Elastic Compute Cloud (Amazon EC2)
# security group.
#
# Prerequisites:
#
# - The security group.
#
# @param ec2_client [Aws::EC2::Client] An initialized Amazon EC2 client.
# @param security_group_id [String] The ID of the security group.
# @param ip_protocol [String] The network protocol for the inbound rule.
# @param from_port [String] The originating port for the inbound rule.
# @param to_port [String] The destination port for the inbound rule.
# @param cidr_ip_range [String] The CIDR IP range for the inbound rule.
# @return
# @example
# exit 1 unless security_group_ingress_authorized?(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'sg-030a858e078f1b9EX',
# 'tcp',
# '80',
# '80',
# '0.0.0.0/0'
# )
def security_group_ingress_authorized?(
ec2_client, security_group_id, ip_protocol, from_port, to_port, cidr_ip_range
)
ec2_client.authorize_security_group_ingress(
group_id: security_group_id,
ip_permissions: [
{
ip_protocol: ip_protocol,
from_port: from_port,
to_port: to_port,
ip_ranges: [
{
cidr_ip: cidr_ip_range
}
]
}
]
)
puts "Added inbound rule to security group '#{security_group_id}' for protocol " \
"'#{ip_protocol}' from port '#{from_port}' to port '#{to_port}' " \
"with CIDR IP range '#{cidr_ip_range}'."
true
rescue StandardError => e
puts "Error adding inbound rule to security group: #{e.message}"
false
end
# Refactored method to simplify complexity for describing security group permissions
def format_port_information(perm)
from_port_str = perm.from_port == '-1' || perm.from_port == -1 ? 'All' : perm.from_port.to_s
to_port_str = perm.to_port == '-1' || perm.to_port == -1 ? 'All' : perm.to_port.to_s
{ from_port: from_port_str, to_port: to_port_str }
end
# Displays information about a security group's IP permissions set in
# Amazon Elastic Compute Cloud (Amazon EC2).
def describe_security_group_permissions(perm)
ports = format_port_information(perm)
print " Protocol: #{perm.ip_protocol == '-1' ? 'All' : perm.ip_protocol}"
print ", From: #{ports[:from_port]}, To: #{ports[:to_port]}"
print ", CIDR IPv6: #{perm.ipv_6_ranges[0].cidr_ipv_6}" if perm.key?(:ipv_6_ranges) && perm.ipv_6_ranges.count.positive?
print ", CIDR IPv4: #{perm.ip_ranges[0].cidr_ip}" if perm.key?(:ip_ranges) && perm.ip_ranges.count.positive?
print "\n"
end
# Displays information about available security groups in
# Amazon Elastic Compute Cloud (Amazon EC2).
def describe_security_groups(ec2_client)
response = ec2_client.describe_security_groups
if response.security_groups.count.positive?
response.security_groups.each do |sg|
display_group_details(sg)
end
else
puts 'No security groups found.'
end
rescue StandardError => e
puts "Error getting information about security groups: #{e.message}"
end
# Helper method to display the details of security groups
def display_group_details(sg)
puts '-' * (sg.group_name.length + 13)
puts "Name: #{sg.group_name}"
puts "Description: #{sg.description}"
puts "Group ID: #{sg.group_id}"
puts "Owner ID: #{sg.owner_id}"
puts "VPC ID: #{sg.vpc_id}"
display_group_tags(sg.tags) if sg.tags.count.positive?
display_group_permissions(sg)
end
def display_group_tags(tags)
puts 'Tags:'
tags.each do |tag|
puts " Key: #{tag.key}, Value: #{tag.value}"
end
end
def display_group_permissions(sg)
if sg.ip_permissions.count.positive?
puts 'Inbound rules:'
sg.ip_permissions.each do |p|
describe_security_group_permissions(p)
end
end
return if sg.ip_permissions_egress.empty?
puts 'Outbound rules:'
sg.ip_permissions_egress.each do |p|
describe_security_group_permissions(p)
end
end
# Deletes an Amazon Elastic Compute Cloud (Amazon EC2)
# security group.
def security_group_deleted?(ec2_client, security_group_id)
ec2_client.delete_security_group(group_id: security_group_id)
puts "Deleted security group '#{security_group_id}'."
true
rescue StandardError => e
puts "Error deleting security group: #{e.message}"
false
end
# Example usage with refactored run_me to reduce complexity
def run_me
group_name, description, vpc_id, ip_protocol_http, from_port_http, to_port_http, \
cidr_ip_range_http, ip_protocol_ssh, from_port_ssh, to_port_ssh, \
cidr_ip_range_ssh, region = process_arguments
ec2_client = Aws::EC2::Client.new(region: region)
security_group_id = attempt_create_security_group(ec2_client, group_name, description, vpc_id)
security_group_exists = security_group_id != 'Error'
if security_group_exists
add_inbound_rules(ec2_client, security_group_id, ip_protocol_http, from_port_http, to_port_http, cidr_ip_range_http)
add_inbound_rules(ec2_client, security_group_id, ip_protocol_ssh, from_port_ssh, to_port_ssh, cidr_ip_range_ssh)
end
describe_security_groups(ec2_client)
attempt_delete_security_group(ec2_client, security_group_id) if security_group_exists
end
def process_arguments
if ARGV[0] == '--help' || ARGV[0] == '-h'
display_help
exit 1
elsif ARGV.count.zero?
default_values
else
ARGV
end
end
def attempt_create_security_group(ec2_client, group_name, description, vpc_id)
puts 'Attempting to create security group...'
security_group_id = create_security_group(ec2_client, group_name, description, vpc_id)
puts 'Could not create security group. Skipping this step.' if security_group_id == 'Error'
security_group_id
end
def add_inbound_rules(ec2_client, security_group_id, ip_protocol, from_port, to_port, cidr_ip_range)
puts 'Attempting to add inbound rules to security group...'
return if security_group_ingress_authorized?(ec2_client, security_group_id, ip_protocol, from_port, to_port,
cidr_ip_range)
puts 'Could not add inbound rule to security group. Skipping this step.'
end
def attempt_delete_security_group(ec2_client, security_group_id)
puts "\nAttempting to delete security group..."
return if security_group_deleted?(ec2_client, security_group_id)
puts 'Could not delete security group. You must delete it yourself.'
end
def display_help
puts 'Usage: ruby ec2-ruby-example-security-group.rb ' \
'GROUP_NAME DESCRIPTION VPC_ID IP_PROTOCOL_1 FROM_PORT_1 TO_PORT_1 ' \
'CIDR_IP_RANGE_1 IP_PROTOCOL_2 FROM_PORT_2 TO_PORT_2 ' \
'CIDR_IP_RANGE_2 REGION'
puts 'Example: ruby ec2-ruby-example-security-group.rb ' \
"my-security-group 'This is my security group.' vpc-6713dfEX " \
"tcp 80 80 '0.0.0.0/0' tcp 22 22 '0.0.0.0/0' us-west-2"
end
def default_values
[
'my-security-group', 'This is my security group.', 'vpc-6713dfEX', 'tcp', '80', '80',
'0.0.0.0/0', 'tcp', '22', '22', '0.0.0.0/0', 'us-west-2'
]
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 有关 API 的详细信息,请参阅 *适用于 Ruby 的 AWS SDK API 参考[CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateSecurityGroup)*中的。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
pub async fn create_security_group(
&self,
name: &str,
description: &str,
) -> Result {
tracing::info!("Creating security group {name}");
let create_output = self
.client
.create_security_group()
.group_name(name)
.description(description)
.send()
.await
.map_err(EC2Error::from)?;
let group_id = create_output
.group_id
.ok_or_else(|| EC2Error::new("Missing security group id after creation"))?;
let group = self
.describe_security_group(&group_id)
.await?
.ok_or_else(|| {
EC2Error::new(format!("Could not find security group with id {group_id}"))
})?;
tracing::info!("Created security group {name} as {group_id}");
Ok(group)
}
```
+ 有关 API 的详细信息,请参阅适用[CreateSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_security_group)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
oo_result = lo_ec2->createsecuritygroup( " oo_result is returned for testing purposes. "
iv_description = 'Security group example'
iv_groupname = iv_security_group_name
iv_vpcid = iv_vpc_id ).
MESSAGE 'Security group created.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[CreateSecurityGroup](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import AWSEC2
/// Create a new security group.
///
/// - Parameters:
/// - groupName: The name of the group to create.
/// - groupDescription: A description of the new security group.
///
/// - Returns: The ID string of the new security group.
func createSecurityGroup(name groupName: String, description groupDescription: String) async -> String? {
do {
let output = try await ec2Client.createSecurityGroup(
input: CreateSecurityGroupInput(
description: groupDescription,
groupName: groupName
)
)
return output.groupId
} catch {
print("*** Error creating the security group: \(error.localizedDescription)")
return nil
}
}
```
+ 如需了解 API 的详细信息,请参阅适用[CreateSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createsecuritygroup(input:))于 S *wift 的AWS SDK API 参考*。
------
# 将 `CreateSnapshot` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateSnapshot`。
------
#### [ CLI ]
**AWS CLI**
**创建快照**
此示例命令将创建卷 ID 为 `vol-1234567890abcdef0` 的卷的快照,并提供简短描述以标识快照。
命令:
```
aws ec2 create-snapshot --volume-id vol-1234567890abcdef0 --description "This is my root volume snapshot"
```
输出:
```
{
"Description": "This is my root volume snapshot",
"Tags": [],
"Encrypted": false,
"VolumeId": "vol-1234567890abcdef0",
"State": "pending",
"VolumeSize": 8,
"StartTime": "2018-02-28T21:06:01.000Z",
"Progress": "",
"OwnerId": "012345678910",
"SnapshotId": "snap-066877671789bd71b"
}
```
**创建具有标签的快照**
此示例命令将创建快照并应用两个标签:purpose=prod 和 costcenter=123。
命令:
```
aws ec2 create-snapshot --volume-id vol-1234567890abcdef0 --description 'Prod backup' --tag-specifications 'ResourceType=snapshot,Tags=[{Key=purpose,Value=prod},{Key=costcenter,Value=123}]'
```
输出:
```
{
"Description": "Prod backup",
"Tags": [
{
"Value": "prod",
"Key": "purpose"
},
{
"Value": "123",
"Key": "costcenter"
}
],
"Encrypted": false,
"VolumeId": "vol-1234567890abcdef0",
"State": "pending",
"VolumeSize": 8,
"StartTime": "2018-02-28T21:06:06.000Z",
"Progress": "",
"OwnerId": "012345678910",
"SnapshotId": "snap-09ed24a70bc19bbe4"
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateSnapshot](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-snapshot.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例创建指定卷的快照。**
```
New-EC2Snapshot -VolumeId vol-12345678 -Description "This is a test"
```
**输出**:
```
DataEncryptionKeyId :
Description : This is a test
Encrypted : False
KmsKeyId :
OwnerAlias :
OwnerId : 123456789012
Progress :
SnapshotId : snap-12345678
StartTime : 12/22/2015 1:28:42 AM
State : pending
StateMessage :
Tags : {}
VolumeId : vol-12345678
VolumeSize : 20
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateSnapshot](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例创建指定卷的快照。**
```
New-EC2Snapshot -VolumeId vol-12345678 -Description "This is a test"
```
**输出**:
```
DataEncryptionKeyId :
Description : This is a test
Encrypted : False
KmsKeyId :
OwnerAlias :
OwnerId : 123456789012
Progress :
SnapshotId : snap-12345678
StartTime : 12/22/2015 1:28:42 AM
State : pending
StateMessage :
Tags : {}
VolumeId : vol-12345678
VolumeSize : 20
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateSnapshot](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateSpotDatafeedSubscription` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateSpotDatafeedSubscription`。
------
#### [ CLI ]
**AWS CLI**
**创建竞价型实例数据源**
以下 `create-spot-datafeed-subscription` 示例将创建竞价型实例数据源。
```
aws ec2 create-spot-datafeed-subscription \
--bucket amzn-s3-demo-bucket \
--prefix spot-data-feed
```
输出:
```
{
"SpotDatafeedSubscription": {
"Bucket": "amzn-s3-demo-bucket",
"OwnerId": "123456789012",
"Prefix": "spot-data-feed",
"State": "Active"
}
}
```
数据源存储在您指定的 Amazon S3 存储桶中。此数据源的文件名采用以下格式。
```
amzn-s3-demo-bucket.s3.amazonaws.com/spot-data-feed/123456789012.YYYY-MM-DD-HH.n.abcd1234.gz
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[竞价型实例数据源](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateSpotDatafeedSubscription](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-spot-datafeed-subscription.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例创建竞价型实例数据源。**
```
New-EC2SpotDatafeedSubscription -Bucket amzn-s3-demo-bucket -Prefix spotdata
```
**输出**:
```
Bucket : amzn-s3-demo-bucket
Fault :
OwnerId : 123456789012
Prefix : spotdata
State : Active
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例创建竞价型实例数据源。**
```
New-EC2SpotDatafeedSubscription -Bucket amzn-s3-demo-bucket -Prefix spotdata
```
**输出**:
```
Bucket : amzn-s3-demo-bucket
Fault :
OwnerId : 123456789012
Prefix : spotdata
State : Active
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `CreateSubnet`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `CreateSubnet`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
+ [中转网关入门](ec2_example_vpc_TransitGatewayGettingStarted_section.md)
------
#### [ CLI ]
**AWS CLI**
**示例 1:创建仅包含 IPv4 CIDR 块的子网**
以下`create-subnet`示例使用指定 IPv4 CIDR 块在指定 VPC 中创建子网。
```
aws ec2 create-subnet \
--vpc-id vpc-081ec835f3EXAMPLE \
--cidr-block 10.0.0.0/24 \
--tag-specifications ResourceType=subnet,Tags=[{Key=Name,Value=my-ipv4-only-subnet}]
```
输出:
```
{
"Subnet": {
"AvailabilityZone": "us-west-2a",
"AvailabilityZoneId": "usw2-az2",
"AvailableIpAddressCount": 251,
"CidrBlock": "10.0.0.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-0e99b93155EXAMPLE",
"VpcId": "vpc-081ec835f3EXAMPLE",
"OwnerId": "123456789012",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [],
"Tags": [
{
"Key": "Name",
"Value": "my-ipv4-only-subnet"
}
],
"SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0e99b93155EXAMPLE"
}
}
```
**示例 2:创建同时包含 IPv4 和 IPv6 CIDR 块的子网**
以下`create-subnet`示例使用指定的 IPv4 和 IPv6 CIDR 块在指定 VPC 中创建一个子网。
```
aws ec2 create-subnet \
--vpc-id vpc-081ec835f3EXAMPLE \
--cidr-block 10.0.0.0/24 \
--ipv6-cidr-block 2600:1f16:cfe:3660::/64 \
--tag-specifications ResourceType=subnet,Tags=[{Key=Name,Value=my-ipv4-ipv6-subnet}]
```
输出:
```
{
"Subnet": {
"AvailabilityZone": "us-west-2a",
"AvailabilityZoneId": "usw2-az2",
"AvailableIpAddressCount": 251,
"CidrBlock": "10.0.0.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-0736441d38EXAMPLE",
"VpcId": "vpc-081ec835f3EXAMPLE",
"OwnerId": "123456789012",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [
{
"AssociationId": "subnet-cidr-assoc-06c5f904499fcc623",
"Ipv6CidrBlock": "2600:1f13:cfe:3660::/64",
"Ipv6CidrBlockState": {
"State": "associating"
}
}
],
"Tags": [
{
"Key": "Name",
"Value": "my-ipv4-ipv6-subnet"
}
],
"SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0736441d38EXAMPLE"
}
}
```
**示例 3:创建仅包含 IPv6 CIDR 块的子网**
以下`create-subnet`示例使用指定 IPv6 CIDR 块在指定 VPC 中创建子网。
```
aws ec2 create-subnet \
--vpc-id vpc-081ec835f3EXAMPLE \
--ipv6-native \
--ipv6-cidr-block 2600:1f16:115:200::/64 \
--tag-specifications ResourceType=subnet,Tags=[{Key=Name,Value=my-ipv6-only-subnet}]
```
输出:
```
{
"Subnet": {
"AvailabilityZone": "us-west-2a",
"AvailabilityZoneId": "usw2-az2",
"AvailableIpAddressCount": 0,
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-03f720e7deEXAMPLE",
"VpcId": "vpc-081ec835f3EXAMPLE",
"OwnerId": "123456789012",
"AssignIpv6AddressOnCreation": true,
"Ipv6CidrBlockAssociationSet": [
{
"AssociationId": "subnet-cidr-assoc-01ef639edde556709",
"Ipv6CidrBlock": "2600:1f13:cfe:3660::/64",
"Ipv6CidrBlockState": {
"State": "associating"
}
}
],
"Tags": [
{
"Key": "Name",
"Value": "my-ipv6-only-subnet"
}
],
"SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-03f720e7deEXAMPLE"
}
}
```
有关更多信息,请参阅 *Amazon VPC 用户指南*中的[VPCs 和子网](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateSubnet](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-subnet.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例使用指定的 CIDR 创建子网。**
```
New-EC2Subnet -VpcId vpc-12345678 -CidrBlock 10.0.0.0/24
```
**输出**:
```
AvailabilityZone : us-west-2c
AvailableIpAddressCount : 251
CidrBlock : 10.0.0.0/24
DefaultForAz : False
MapPublicIpOnLaunch : False
State : pending
SubnetId : subnet-1a2b3c4d
Tag : {}
VpcId : vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateSubnet](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例使用指定的 CIDR 创建子网。**
```
New-EC2Subnet -VpcId vpc-12345678 -CidrBlock 10.0.0.0/24
```
**输出**:
```
AvailabilityZone : us-west-2c
AvailableIpAddressCount : 251
CidrBlock : 10.0.0.0/24
DefaultForAz : False
MapPublicIpOnLaunch : False
State : pending
SubnetId : subnet-1a2b3c4d
Tag : {}
VpcId : vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateSubnet](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Ruby ]
**适用于 Ruby 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
require 'aws-sdk-ec2'
# Creates a subnet within a virtual private cloud (VPC) in
# Amazon Virtual Private Cloud (Amazon VPC) and then tags
# the subnet.
#
# Prerequisites:
#
# - A VPC in Amazon VPC.
#
# @param ec2_resource [Aws::EC2::Resource] An initialized
# Amazon Elastic Compute Cloud (Amazon EC2) resource object.
# @param vpc_id [String] The ID of the VPC for the subnet.
# @param cidr_block [String] The IPv4 CIDR block for the subnet.
# @param availability_zone [String] The ID of the Availability Zone
# for the subnet.
# @param tag_key [String] The key portion of the tag for the subnet.
# @param tag_vlue [String] The value portion of the tag for the subnet.
# @return [Boolean] true if the subnet was created and tagged;
# otherwise, false.
# @example
# exit 1 unless subnet_created_and_tagged?(
# Aws::EC2::Resource.new(region: 'us-west-2'),
# 'vpc-6713dfEX',
# '10.0.0.0/24',
# 'us-west-2a',
# 'my-key',
# 'my-value'
# )
def subnet_created_and_tagged?(
ec2_resource,
vpc_id,
cidr_block,
availability_zone,
tag_key,
tag_value
)
subnet = ec2_resource.create_subnet(
vpc_id: vpc_id,
cidr_block: cidr_block,
availability_zone: availability_zone
)
subnet.create_tags(
tags: [
{
key: tag_key,
value: tag_value
}
]
)
puts "Subnet created with ID '#{subnet.id}' in VPC with ID '#{vpc_id}' " \
"and CIDR block '#{cidr_block}' in availability zone " \
"'#{availability_zone}' and tagged with key '#{tag_key}' and " \
"value '#{tag_value}'."
true
rescue StandardError => e
puts "Error creating or tagging subnet: #{e.message}"
false
end
# Example usage:
def run_me
vpc_id = ''
cidr_block = ''
availability_zone = ''
tag_key = ''
tag_value = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-create-subnet.rb ' \
'VPC_ID CIDR_BLOCK AVAILABILITY_ZONE TAG_KEY TAG_VALUE REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-create-subnet.rb ' \
'vpc-6713dfEX 10.0.0.0/24 us-west-2a my-key my-value us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
elsif ARGV.count.zero?
vpc_id = 'vpc-6713dfEX'
cidr_block = '10.0.0.0/24'
availability_zone = 'us-west-2a'
tag_key = 'my-key'
tag_value = 'my-value'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
vpc_id = ARGV[0]
cidr_block = ARGV[1]
availability_zone = ARGV[2]
tag_key = ARGV[3]
tag_value = ARGV[4]
region = ARGV[5]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
if subnet_created_and_tagged?(
ec2_resource,
vpc_id,
cidr_block,
availability_zone,
tag_key,
tag_value
)
puts 'Subnet created and tagged.'
else
puts 'Subnet not created or not tagged.'
end
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 有关 API 的详细信息,请参阅 *适用于 Ruby 的 AWS SDK API 参考[CreateSubnet](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateSubnet)*中的。
------
# `CreateTags`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `CreateTags`。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! Add or overwrite only the specified tags for the specified Amazon Elastic Compute Cloud (Amazon EC2) resource or resources.
/*!
\param resources: The resources for the tags.
\param tags: Vector of tags.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::createTags(const Aws::Vector &resources,
const Aws::Vector &tags,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::CreateTagsRequest createTagsRequest;
createTagsRequest.SetResources(resources);
createTagsRequest.SetTags(tags);
Aws::EC2::Model::CreateTagsOutcome outcome = ec2Client.CreateTags(createTagsRequest);
if (outcome.IsSuccess()) {
std::cout << "Successfully created tags for resources" << std::endl;
} else {
std::cerr << "Failed to create tags for resources, " << outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[CreateTags](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/CreateTags)*中的。
------
#### [ CLI ]
**AWS CLI**
**示例 1:将标签添加到资源**
以下 `create-tags` 示例将标签 `Stack=production` 添加到指定的映像,或者覆盖 AMI 的现有标签(其中标签键为 `Stack`)。
```
aws ec2 create-tags \
--resources ami-1234567890abcdef0 \
--tags Key=Stack,Value=production
```
此命令不生成任何输出
**示例 2:将标签添加到多个资源**
以下 `create-tags` 示例为 AMI 和实例添加(或覆盖)两个标签。其中一个标签有一个键(`webserver`),但没有值(值设置为空字符串)。另一个标签有一个键(`stack`)和一个值(`Production`)。
```
aws ec2 create-tags \
--resources ami-1a2b3c4d i-1234567890abcdef0 \
--tags Key=webserver,Value= Key=stack,Value=Production
```
此命令不生成任何输出
**示例 3:添加包含特殊字符的标签**
以下 `create-tags` 示例为实例添加标签 `[Group]=test`。方括号([ 和 ])是特殊字符,必须对其进行转义。以下示例还使用适用于每个环境的行延续字符。
如果使用的是 Windows,请用双引号(")将具有特殊字符的元素引起来,然后在每个双引号字符前面添加反斜杠(\$1),如下所示。
```
aws ec2 create-tags ^
--resources i-1234567890abcdef0 ^
--tags Key=\"[Group]\",Value=test
```
如果您使用的是 Windows PowerShell,请在元素中使用双引号 (“) 将带有特殊字符的值括起来,在每个双引号字符前面加一个反斜杠 (\$1),然后用单引号 (') 将整个键和值结构括起来,如下所示。
```
aws ec2 create-tags `
--resources i-1234567890abcdef0 `
--tags 'Key=\"[Group]\",Value=test'
```
如果使用的是 Linux 或 OS X,请使用双引号(")将具有特殊字符的元素引起来,然后使用单引号(')将整个键和值结构引起来,如下所示。
```
aws ec2 create-tags \
--resources i-1234567890abcdef0 \
--tags 'Key="[Group]",Value=test'
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[标记 Amazon EC2 资源](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateTags](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-tags.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例向指定的资源添加单个标签。标签键为 “myTag”,标签值为 “myTagValue”。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
New-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag"; Value="myTagValue" }
```
**示例 2:此示例更新指定的标签,或将其添加到指定的资源。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
New-EC2Tag -Resource i-12345678 -Tag @( @{ Key="myTag"; Value="newTagValue" }, @{ Key="test"; Value="anotherTagValue" } )
```
**示例 3:在 PowerShell 版本 2 中,必须使用 New-Object 为标签参数创建标签。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
New-EC2Tag -Resource i-12345678 -Tag $tag
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateTags](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例向指定的资源添加单个标签。标签键为 “myTag”,标签值为 “myTagValue”。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
New-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag"; Value="myTagValue" }
```
**示例 2:此示例更新指定的标签,或将其添加到指定的资源。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
New-EC2Tag -Resource i-12345678 -Tag @( @{ Key="myTag"; Value="newTagValue" }, @{ Key="test"; Value="anotherTagValue" } )
```
**示例 3:在 PowerShell 版本 2 中,必须使用 New-Object 为标签参数创建标签。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
New-EC2Tag -Resource i-12345678 -Tag $tag
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateTags](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
此示例在创建实例后应用 Name 标签。
```
pub async fn create_instance<'a>(
&self,
image_id: &'a str,
instance_type: InstanceType,
key_pair: &'a KeyPairInfo,
security_groups: Vec<&'a SecurityGroup>,
) -> Result {
let run_instances = self
.client
.run_instances()
.image_id(image_id)
.instance_type(instance_type)
.key_name(
key_pair
.key_name()
.ok_or_else(|| EC2Error::new("Missing key name when launching instance"))?,
)
.set_security_group_ids(Some(
security_groups
.iter()
.filter_map(|sg| sg.group_id.clone())
.collect(),
))
.min_count(1)
.max_count(1)
.send()
.await?;
if run_instances.instances().is_empty() {
return Err(EC2Error::new("Failed to create instance"));
}
let instance_id = run_instances.instances()[0].instance_id().unwrap();
let response = self
.client
.create_tags()
.resources(instance_id)
.tags(
Tag::builder()
.key("Name")
.value("From SDK Examples")
.build(),
)
.send()
.await;
match response {
Ok(_) => tracing::info!("Created {instance_id} and applied tags."),
Err(err) => {
tracing::info!("Error applying tags to {instance_id}: {err:?}");
return Err(err.into());
}
}
tracing::info!("Instance is created.");
Ok(instance_id.to_string())
}
```
+ 有关 API 的详细信息,请参阅适用[CreateTags](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_tags)于 *Rust 的AWS SDK API 参考*。
------
# 将 `CreateVolume` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateVolume`。
------
#### [ CLI ]
**AWS CLI**
**创建空通用型 SSD(gp2)卷**
以下 `create-volume` 示例将在指定的可用区中创建一个 80 GiB 的通用型 SSD(gp2)卷。请注意,当前区域必须为 `us-east-1`,或者您可以添加 `--region` 参数来为命令指定区域。
```
aws ec2 create-volume \
--volume-type gp2 \
--size 80 \
--availability-zone us-east-1a
```
输出:
```
{
"AvailabilityZone": "us-east-1a",
"Tags": [],
"Encrypted": false,
"VolumeType": "gp2",
"VolumeId": "vol-1234567890abcdef0",
"State": "creating",
"Iops": 240,
"SnapshotId": "",
"CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"Size": 80
}
```
如果您未指定卷类型,则默认卷类型为 `gp2`。
```
aws ec2 create-volume \
--size 80 \
--availability-zone us-east-1a
```
**示例 2:从快照创建预调配 IOPS SSD(io1)卷**
以下 `create-volume` 示例将使用指定的快照在指定的可用区中创建具有 1000 预调配 IOPS 的预调配 IOPS SSD(io1)卷。
```
aws ec2 create-volume \
--volume-type io1 \
--iops 1000 \
--snapshot-id snap-066877671789bd71b \
--availability-zone us-east-1a
```
输出:
```
{
"AvailabilityZone": "us-east-1a",
"Tags": [],
"Encrypted": false,
"VolumeType": "io1",
"VolumeId": "vol-1234567890abcdef0",
"State": "creating",
"Iops": 1000,
"SnapshotId": "snap-066877671789bd71b",
"CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"Size": 500
}
```
**示例 3:创建加密卷**
以下 `create-volume` 示例使用 EBS 加密的默认 CMK 创建加密卷。如果默认情况下禁用了加密,则必须按以下方式指定 `--encrypted` 参数。
```
aws ec2 create-volume \
--size 80 \
--encrypted \
--availability-zone us-east-1a
```
输出:
```
{
"AvailabilityZone": "us-east-1a",
"Tags": [],
"Encrypted": true,
"VolumeType": "gp2",
"VolumeId": "vol-1234567890abcdef0",
"State": "creating",
"Iops": 240,
"SnapshotId": "",
"CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"Size": 80
}
```
如果默认情况下启用了加密,则即使没有 `--encrypted` 参数,以下示例命令会创建一个加密卷。
```
aws ec2 create-volume \
--size 80 \
--availability-zone us-east-1a
```
如果您使用 `--kms-key-id` 参数指定客户托管的 CMK,则即使默认情况下已启用加密,也必须指定 `--encrypted` 参数。
```
aws ec2 create-volume \
--volume-type gp2 \
--size 80 \
--encrypted \
--kms-key-id 0ea3fef3-80a7-4778-9d8c-1c0c6EXAMPLE \
--availability-zone us-east-1a
```
**示例 4:创建带有标签的卷**
以下 `create-volume` 示例将创建一个卷并添加两个标签。
```
aws ec2 create-volume \
--availability-zone us-east-1a \
--volume-type gp2 \
--size 80 \
--tag-specifications 'ResourceType=volume,Tags=[{Key=purpose,Value=production},{Key=cost-center,Value=cc123}]'
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateVolume](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-volume.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例创建指定的卷。**
```
New-EC2Volume -Size 50 -AvailabilityZone us-west-2a -VolumeType gp2
```
**输出**:
```
Attachments : {}
AvailabilityZone : us-west-2a
CreateTime : 12/22/2015 1:42:07 AM
Encrypted : False
Iops : 150
KmsKeyId :
Size : 50
SnapshotId :
State : creating
Tags : {}
VolumeId : vol-12345678
VolumeType : gp2
```
**示例 2:此示例请求创建一个卷,并应用键为 stack 且值为 production 的标签。**
```
$tag = @{ Key="stack"; Value="production" }
$tagspec = new-object Amazon.EC2.Model.TagSpecification
$tagspec.ResourceType = "volume"
$tagspec.Tags.Add($tag)
New-EC2Volume -Size 80 -AvailabilityZone "us-west-2a" -TagSpecification $tagspec
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateVolume](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例创建指定的卷。**
```
New-EC2Volume -Size 50 -AvailabilityZone us-west-2a -VolumeType gp2
```
**输出**:
```
Attachments : {}
AvailabilityZone : us-west-2a
CreateTime : 12/22/2015 1:42:07 AM
Encrypted : False
Iops : 150
KmsKeyId :
Size : 50
SnapshotId :
State : creating
Tags : {}
VolumeId : vol-12345678
VolumeType : gp2
```
**示例 2:此示例请求创建一个卷,并应用键为 stack 且值为 production 的标签。**
```
$tag = @{ Key="stack"; Value="production" }
$tagspec = new-object Amazon.EC2.Model.TagSpecification
$tagspec.ResourceType = "volume"
$tagspec.Tags.Add($tag)
New-EC2Volume -Size 80 -AvailabilityZone "us-west-2a" -TagSpecification $tagspec
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateVolume](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `CreateVpc`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `CreateVpc`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
+ [中转网关入门](ec2_example_vpc_TransitGatewayGettingStarted_section.md)
+ [VPC IPAM 入门](ec2_example_vpc_GettingStartedIpam_section.md)
------
#### [ CLI ]
**AWS CLI**
**示例 1:创建 VPC**
以下`create-vpc`示例使用指定 IPv4 CIDR 块和名称标签创建一个 VPC。
```
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--tag-specifications ResourceType=vpc,Tags=[{Key=Name,Value=MyVpc}]
```
输出:
```
{
"Vpc": {
"CidrBlock": "10.0.0.0/16",
"DhcpOptionsId": "dopt-5EXAMPLE",
"State": "pending",
"VpcId": "vpc-0a60eb65b4EXAMPLE",
"OwnerId": "123456789012",
"InstanceTenancy": "default",
"Ipv6CidrBlockAssociationSet": [],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-07501b79ecEXAMPLE",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false,
"Tags": [
{
"Key": "Name",
"Value": MyVpc"
}
]
}
}
```
**示例 2:创建具有专用租赁的 VPC**
以下`create-vpc`示例使用指定 IPv4 CIDR 块和专用租户创建一个 VPC。
```
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--instance-tenancy dedicated
```
输出:
```
{
"Vpc": {
"CidrBlock": "10.0.0.0/16",
"DhcpOptionsId": "dopt-19edf471",
"State": "pending",
"VpcId": "vpc-0a53287fa4EXAMPLE",
"OwnerId": "111122223333",
"InstanceTenancy": "dedicated",
"Ipv6CidrBlockAssociationSet": [],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-00b24cc1c2EXAMPLE",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false
}
}
```
**示例 3:创建带有 IPv6 CIDR 块的 VPC**
以下`create-vpc`示例使用亚马逊提供的 IPv6 CIDR 块创建一个 VPC。
```
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--amazon-provided-ipv6-cidr-block
```
输出:
```
{
"Vpc": {
"CidrBlock": "10.0.0.0/16",
"DhcpOptionsId": "dopt-dEXAMPLE",
"State": "pending",
"VpcId": "vpc-0fc5e3406bEXAMPLE",
"OwnerId": "123456789012",
"InstanceTenancy": "default",
"Ipv6CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-068432c60bEXAMPLE",
"Ipv6CidrBlock": "",
"Ipv6CidrBlockState": {
"State": "associating"
},
"Ipv6Pool": "Amazon",
"NetworkBorderGroup": "us-west-2"
}
],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-0669f8f9f5EXAMPLE",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false
}
}
```
**示例 4:从 IPAM 池中创建具有 CIDR 的 VPC**
以下 `create-vpc` 示例从 Amazon VPC IP 地址管理器(IPAM)池,创建具有 CIDR 的 VPC。
Linux 和 macOS:
```
aws ec2 create-vpc \
--ipv4-ipam-pool-id ipam-pool-0533048da7d823723 \
--tag-specifications ResourceType=vpc,Tags='[{Key=Environment,Value="Preprod"},{Key=Owner,Value="Build Team"}]'
```
Windows:
```
aws ec2 create-vpc ^
--ipv4-ipam-pool-id ipam-pool-0533048da7d823723 ^
--tag-specifications ResourceType=vpc,Tags=[{Key=Environment,Value="Preprod"},{Key=Owner,Value="Build Team"}]
```
输出:
```
{
"Vpc": {
"CidrBlock": "10.0.1.0/24",
"DhcpOptionsId": "dopt-2afccf50",
"State": "pending",
"VpcId": "vpc-010e1791024eb0af9",
"OwnerId": "123456789012",
"InstanceTenancy": "default",
"Ipv6CidrBlockAssociationSet": [],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-0a77de1d803226d4b",
"CidrBlock": "10.0.1.0/24",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false,
"Tags": [
{
"Key": "Environment",
"Value": "Preprod"
},
{
"Key": "Owner",
"Value": "Build Team"
}
]
}
}
```
有关更多信息,请参阅《Amazon VPC IPAM 用户指南》**中的[创建使用 IPAM 池 CIDR 的 VPC](https://docs.aws.amazon.com/vpc/latest/ipam/create-vpc-ipam.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateVpc](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpc.html)*中的。
------
#### [ PHP ]
**适用于 PHP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* @param string $cidr
* @return array
*/
public function createVpc(string $cidr): array
{
try {
$result = $this->ec2Client->createVpc([
"CidrBlock" => $cidr,
]);
return $result['Vpc'];
}catch(Ec2Exception $caught){
echo "There was a problem creating the VPC: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 PHP 的 AWS SDK API 参考[CreateVpc](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/CreateVpc)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例使用指定的 CIDR 创建 VPC。Amazon VPC 还会为 VPC 创建以下各项:默认 DHCP 选项集、主路由表和默认网络 ACL。**
```
New-EC2VPC -CidrBlock 10.0.0.0/16
```
**输出**:
```
CidrBlock : 10.0.0.0/16
DhcpOptionsId : dopt-1a2b3c4d
InstanceTenancy : default
IsDefault : False
State : pending
Tags : {}
VpcId : vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateVpc](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例使用指定的 CIDR 创建 VPC。Amazon VPC 还会为 VPC 创建以下各项:默认 DHCP 选项集、主路由表和默认网络 ACL。**
```
New-EC2VPC -CidrBlock 10.0.0.0/16
```
**输出**:
```
CidrBlock : 10.0.0.0/16
DhcpOptionsId : dopt-1a2b3c4d
InstanceTenancy : default
IsDefault : False
State : pending
Tags : {}
VpcId : vpc-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateVpc](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(self, cidr_block: str) -> str:
"""
Creates a new Amazon VPC with the specified CIDR block.
:param cidr_block: The CIDR block for the new VPC, such as '10.0.0.0/16'.
:return: The ID of the new VPC.
"""
try:
response = self.ec2_client.create_vpc(CidrBlock=cidr_block)
vpc_id = response["Vpc"]["VpcId"]
waiter = self.ec2_client.get_waiter("vpc_available")
waiter.wait(VpcIds=[vpc_id])
return vpc_id
except ClientError as client_error:
logging.error(
"Couldn't create the vpc. Here's why: %s",
client_error.response["Error"]["Message"],
)
raise
```
+ 有关 API 的详细信息,请参阅适用[CreateVpc](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateVpc)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Ruby ]
**适用于 Ruby 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
require 'aws-sdk-ec2'
# Creates a virtual private cloud (VPC) in
# Amazon Virtual Private Cloud (Amazon VPC) and then tags
# the VPC.
#
# @param ec2_resource [Aws::EC2::Resource] An initialized
# Amazon Elastic Compute Cloud (Amazon EC2) resource object.
# @param cidr_block [String] The IPv4 CIDR block for the subnet.
# @param tag_key [String] The key portion of the tag for the VPC.
# @param tag_value [String] The value portion of the tag for the VPC.
# @return [Boolean] true if the VPC was created and tagged;
# otherwise, false.
# @example
# exit 1 unless vpc_created_and_tagged?(
# Aws::EC2::Resource.new(region: 'us-west-2'),
# '10.0.0.0/24',
# 'my-key',
# 'my-value'
# )
def vpc_created_and_tagged?(
ec2_resource,
cidr_block,
tag_key,
tag_value
)
vpc = ec2_resource.create_vpc(cidr_block: cidr_block)
# Create a public DNS by enabling DNS support and DNS hostnames.
vpc.modify_attribute(enable_dns_support: { value: true })
vpc.modify_attribute(enable_dns_hostnames: { value: true })
vpc.create_tags(tags: [{ key: tag_key, value: tag_value }])
puts "Created VPC with ID '#{vpc.id}' and tagged with key " \
"'#{tag_key}' and value '#{tag_value}'."
true
rescue StandardError => e
puts e.message
false
end
# Example usage:
def run_me
cidr_block = ''
tag_key = ''
tag_value = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-create-vpc.rb ' \
'CIDR_BLOCK TAG_KEY TAG_VALUE REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-create-vpc.rb ' \
'10.0.0.0/24 my-key my-value us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
elsif ARGV.count.zero?
cidr_block = '10.0.0.0/24'
tag_key = 'my-key'
tag_value = 'my-value'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
cidr_block = ARGV[0]
tag_key = ARGV[1]
tag_value = ARGV[2]
region = ARGV[3]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
if vpc_created_and_tagged?(
ec2_resource,
cidr_block,
tag_key,
tag_value
)
puts 'VPC created and tagged.'
else
puts 'VPC not created or not tagged.'
end
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 有关 API 的详细信息,请参阅 *适用于 Ruby 的 AWS SDK API 参考[CreateVpc](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateVpc)*中的。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
" iv_cidr_block = '10.0.0.0/16'
TRY.
oo_result = lo_ec2->createvpc( iv_cidrblock = iv_cidr_block ). " oo_result is returned for testing purposes. "
DATA(lv_vpc_id) = oo_result->get_vpc( )->get_vpcid( ).
MESSAGE 'Created VPC.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[CreateVpc](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `CreateVpcEndpoint`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `CreateVpcEndpoint`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
------
#### [ CLI ]
**AWS CLI**
**示例 1:创建网关端点**
以下 `create-vpc-endpoint` 示例将在 `us-east-1` 区域中的 VPC `vpc-1a2b3c4d` 和 Amazon S3 之间创建一个网关 VPC 端点,并将路由表 `rtb-11aa22bb` 与该端点相关联。
```
aws ec2 create-vpc-endpoint \
--vpc-id vpc-1a2b3c4d \
--service-name com.amazonaws.us-east-1.s3 \
--route-table-ids rtb-11aa22bb
```
输出:
```
{
"VpcEndpoint": {
"PolicyDocument": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"\*\",\"Action\":\"\*\",\"Resource\":\"\*\"}]}",
"VpcId": "vpc-1a2b3c4d",
"State": "available",
"ServiceName": "com.amazonaws.us-east-1.s3",
"RouteTableIds": [
"rtb-11aa22bb"
],
"VpcEndpointId": "vpc-1a2b3c4d",
"CreationTimestamp": "2015-05-15T09:40:50Z"
}
}
```
有关更多信息,请参阅《*AWS PrivateLink 用户指南》*中的[创建网关终端节点](https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html#create-gateway-endpoint-s3)。
**示例 2:创建接口端点**
以下 `create-vpc-endpoint` 示例将在 `us-east-1` 区域中的 VPC `vpc-1a2b3c4d` 和 Amazon S3 之间创建一个接口 VPC 端点。该命令在将子网 `subnet-1a2b3c4d` 中创建端点,将其与安全组 `sg-1a2b3c4d` 相关联,并添加一个键为“Service”且值为“S3”的标签。
```
aws ec2 create-vpc-endpoint \
--vpc-id vpc-1a2b3c4d \
--vpc-endpoint-type Interface \
--service-name com.amazonaws.us-east-1.s3 \
--subnet-ids subnet-7b16de0c \
--security-group-id sg-1a2b3c4d \
--tag-specifications ResourceType=vpc-endpoint,Tags=[{Key=service,Value=S3}]
```
输出:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-1a2b3c4d5e6f1a2b3",
"VpcEndpointType": "Interface",
"VpcId": "vpc-1a2b3c4d",
"ServiceName": "com.amazonaws.us-east-1.s3",
"State": "pending",
"RouteTableIds": [],
"SubnetIds": [
"subnet-1a2b3c4d"
],
"Groups": [
{
"GroupId": "sg-1a2b3c4d",
"GroupName": "default"
}
],
"PrivateDnsEnabled": false,
"RequesterManaged": false,
"NetworkInterfaceIds": [
"eni-0b16f0581c8ac6877"
],
"DnsEntries": [
{
"DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg.s3.us-east-1.vpce.amazonaws.com",
"HostedZoneId": "Z7HUB22UULQXV"
},
{
"DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg-us-east-1c.s3.us-east-1.vpce.amazonaws.com",
"HostedZoneId": "Z7HUB22UULQXV"
}
],
"CreationTimestamp": "2021-03-05T14:46:16.030000+00:00",
"Tags": [
{
"Key": "service",
"Value": "S3"
}
],
"OwnerId": "123456789012"
}
}
```
有关更多信息,请参阅*AWS PrivateLink 用户指南*中的[创建接口 VPC 终端节点](https://docs.aws.amazon.com/vpc/latest/privatelink/create-interface-endpoint.html)。
**示例 3:创建网关负载均衡器端点**
以下 `create-vpc-endpoint` 示例将在 VPC `vpc-111122223333aabbc` 和使用网关负载均衡器配置的服务之间创建一个网关负载均衡器端点。
```
aws ec2 create-vpc-endpoint \
--service-name com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123 \
--vpc-endpoint-type GatewayLoadBalancer \
--vpc-id vpc-111122223333aabbc \
--subnet-ids subnet-0011aabbcc2233445
```
输出:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-aabbaabbaabbaabba",
"VpcEndpointType": "GatewayLoadBalancer",
"VpcId": "vpc-111122223333aabbc",
"ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123",
"State": "pending",
"SubnetIds": [
"subnet-0011aabbcc2233445"
],
"RequesterManaged": false,
"NetworkInterfaceIds": [
"eni-01010120203030405"
],
"CreationTimestamp": "2020-11-11T08:06:03.522Z",
"OwnerId": "123456789012"
}
}
```
有关更多信息,请参阅《*AWS PrivateLink 用户指南》*中的 [Gateway Load Balancer 终端节点](https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-load-balancer-endpoints.html)。
**示例 4:创建资源端点**
以下 `create-vpc-endpoint` 示例创建了一个资源端点。
```
aws ec2 create-vpc-endpoint \
--vpc-endpoint-type Resource \
--vpc-id vpc-111122223333aabbc \
--subnet-ids subnet-0011aabbcc2233445 \
--resource-configuration-arn arn:aws:vpc-lattice-us-east-1:123456789012:resourceconfiguration/rcfg-0123abcde98765432
```
输出:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-00939a7ed9EXAMPLE",
"VpcEndpointType": "Resource",
"VpcId": "vpc-111122223333aabbc",
"State": "Pending",
"SubnetIds": [
"subnet-0011aabbcc2233445"
],
"Groups": [
{
"GroupId": "sg-03e2f15fbfc09b000",
"GroupName": "default"
}
],
"IpAddressType": "IPV4",
"PrivateDnsEnabled": false,
"CreationTimestamp": "2025-02-06T23:38:49.525000+00:00",
"Tags": [],
"OwnerId": "123456789012",
"ResourceConfigurationArn": "arn:aws:vpc-lattice:us-east-1:123456789012:resourceconfiguration/rcfg-0123abcde98765432"
}
}
```
有关更多信息,请参阅《*AWS PrivateLink 用户指南》*中的[资源端点](https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-resources.html)。
**示例 5:创建服务网络端点**
以下 `create-vpc-endpoint` 示例创建了一个服务网络端点。
```
aws ec2 create-vpc-endpoint \
--vpc-endpoint-type ServiceNetwork \
--vpc-id vpc-111122223333aabbc \
--subnet-ids subnet-0011aabbcc2233445 \
--service-network-arn arn:aws:vpc-lattice:us-east-1:123456789012:servicenetwork/sn-0101abcd5432abcd0 \
--security-group-ids sg-0123456789012abcd
```
输出:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-0f00567fa8EXAMPLE",
"VpcEndpointType": "ServiceNetwork",
"VpcId": "vpc-111122223333aabbc",
"State": "Pending",
"SubnetIds": [
"subnet-0011aabbcc2233445"
],
"Groups": [
{
"GroupId": "sg-0123456789012abcd",
"GroupName": "my-security-group"
}
],
"IpAddressType": "IPV4",
"PrivateDnsEnabled": false,
"CreationTimestamp": "2025-02-06T23:44:20.449000+00:00",
"Tags": [],
"OwnerId": "123456789012",
"ServiceNetworkArn": "arn:aws:vpc-lattice:us-east-1:123456789012:servicenetwork/sn-0101abcd5432abcd0"
}
}
```
有关更多信息,请参阅《*AWS PrivateLink 用户指南》*中的[服务网络端点](https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-service-networks.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateVpcEndpoint](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpc-endpoint.html)*中的。
------
#### [ PHP ]
**适用于 PHP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* @param string $serviceName
* @param string $vpcId
* @param array $routeTableIds
* @return array
*/
public function createVpcEndpoint(string $serviceName, string $vpcId, array $routeTableIds): array
{
try {
$result = $this->ec2Client->createVpcEndpoint([
'ServiceName' => $serviceName,
'VpcId' => $vpcId,
'RouteTableIds' => $routeTableIds,
]);
return $result["VpcEndpoint"];
} catch(Ec2Exception $caught){
echo "There was a problem creating the VPC Endpoint: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 PHP 的 AWS SDK API 参考[CreateVpcEndpoint](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/CreateVpcEndpoint)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例在 VPC vpc-0fc1ff23f45b678eb 中为服务 com.amazonaws.eu-west-1.s3 创建新的 VPC 端点**
```
New-EC2VpcEndpoint -ServiceName com.amazonaws.eu-west-1.s3 -VpcId vpc-0fc1ff23f45b678eb
```
**输出**:
```
ClientToken VpcEndpoint
----------- -----------
Amazon.EC2.Model.VpcEndpoint
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateVpcEndpoint](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例在 VPC vpc-0fc1ff23f45b678eb 中为服务 com.amazonaws.eu-west-1.s3 创建新的 VPC 端点**
```
New-EC2VpcEndpoint -ServiceName com.amazonaws.eu-west-1.s3 -VpcId vpc-0fc1ff23f45b678eb
```
**输出**:
```
ClientToken VpcEndpoint
----------- -----------
Amazon.EC2.Model.VpcEndpoint
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateVpcEndpoint](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create_vpc_endpoint(
self, vpc_id: str, service_name: str, route_table_ids: list[str]
) -> Dict[str, Any]:
"""
Creates a new VPC endpoint for the specified service and associates it with the specified route tables.
:param vpc_id: The ID of the VPC to create the endpoint in.
:param service_name: The name of the service to create the endpoint for.
:param route_table_ids: A list of IDs of the route tables to associate with the endpoint.
:return: A dictionary representing the newly created VPC endpoint.
"""
try:
response = self.ec2_client.create_vpc_endpoint(
VpcId=vpc_id,
ServiceName=service_name,
RouteTableIds=route_table_ids,
)
return response["VpcEndpoint"]
except ClientError as err:
logger.error(
"Couldn't create VPC endpoint for service %s. Here's why: %s: %s",
service_name,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
```
+ 有关 API 的详细信息,请参阅适用[CreateVpcEndpoint](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateVpcEndpoint)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
" iv_vpc_id = 'vpc-abc123'
" iv_service_name = 'com.amazonaws.region.service'
TRY.
oo_result = lo_ec2->createvpcendpoint( " oo_result is returned for testing purposes. "
iv_vpcid = iv_vpc_id
iv_servicename = iv_service_name
it_routetableids = it_route_table_ids ).
DATA(lv_vpc_endpoint_id) = oo_result->get_vpcendpoint( )->get_vpcendpointid( ).
MESSAGE 'Created VPC endpoint.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[CreateVpcEndpoint](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# 将 `CreateVpnConnection` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateVpnConnection`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:创建使用动态路由的 VPN 连接**
以下 `create-vpn-connection` 示例将在指定的虚拟私有网关和指定的客户网关之间创建 VPN 连接,并将标签应用于 VPN 连接。输出包括 XML 格式的客户网关设备的配置信息。
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--customer-gateway-id cgw-001122334455aabbc \
--vpn-gateway-id vgw-1a1a1a1a1a1a2b2b2 \
--tag-specification 'ResourceType=vpn-connection,Tags=[{Key=Name,Value=BGP-VPN}]'
```
输出:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "...configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-123123123123abcab",
"VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": false,
"LocalIpv4NetworkCidr": "0.0.0.0/0",
"RemoteIpv4NetworkCidr": "0.0.0.0/0",
"TunnelInsideIpVersion": "ipv4",
"TunnelOptions": [
{},
{}
]
},
"Routes": [],
"Tags": [
{
"Key": "Name",
"Value": "BGP-VPN"
}
]
}
}
```
有关更多信息,[请参阅《 AWS Site-to-Site VPN *用户指南》中的AWS Site-to-Site VPN* 工作原理](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html)。
**示例 2:创建使用静态路由的 VPN 连接**
以下 `create-vpn-connection` 示例将在指定的虚拟私有网关和指定的客户网关之间创建 VPN 连接。这些选项指定静态路由。输出包括 XML 格式的客户网关设备的配置信息。
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--customer-gateway-id cgw-001122334455aabbc \
--vpn-gateway-id vgw-1a1a1a1a1a1a2b2b2 \
--options "{\"StaticRoutesOnly\":true}"
```
输出:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "..configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-123123123123abcab",
"VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": true,
"LocalIpv4NetworkCidr": "0.0.0.0/0",
"RemoteIpv4NetworkCidr": "0.0.0.0/0",
"TunnelInsideIpVersion": "ipv4",
"TunnelOptions": [
{},
{}
]
},
"Routes": [],
"Tags": []
}
}
```
有关更多信息,[请参阅《 AWS Site-to-Site VPN *用户指南》中的AWS Site-to-Site VPN* 工作原理](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html)。
**示例 3:创建 VPN 连接并指定您自己的内部 CIDR 和预共享密钥**
以下 `create-vpn-connection` 示例将创建 VPN 连接,并为每个隧道指定内部 IP 地址 CIDR 块和自定义预共享密钥。将在 `CustomerGatewayConfiguration` 信息中返回指定值。
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--customer-gateway-id cgw-001122334455aabbc \
--vpn-gateway-id vgw-1a1a1a1a1a1a2b2b2 \
--options TunnelOptions='[{TunnelInsideCidr=169.254.12.0/30,PreSharedKey=ExamplePreSharedKey1},{TunnelInsideCidr=169.254.13.0/30,PreSharedKey=ExamplePreSharedKey2}]'
```
输出:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "..configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-123123123123abcab",
"VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": false,
"LocalIpv4NetworkCidr": "0.0.0.0/0",
"RemoteIpv4NetworkCidr": "0.0.0.0/0",
"TunnelInsideIpVersion": "ipv4",
"TunnelOptions": [
{
"OutsideIpAddress": "203.0.113.3",
"TunnelInsideCidr": "169.254.12.0/30",
"PreSharedKey": "ExamplePreSharedKey1"
},
{
"OutsideIpAddress": "203.0.113.5",
"TunnelInsideCidr": "169.254.13.0/30",
"PreSharedKey": "ExamplePreSharedKey2"
}
]
},
"Routes": [],
"Tags": []
}
}
```
有关更多信息,[请参阅《 AWS Site-to-Site VPN *用户指南》中的AWS Site-to-Site VPN* 工作原理](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html)。
**示例 4:创建支持 IPv6 流量的 VPN 连接**
以下`create-vpn-connection`示例创建一个 VPN 连接,该连接支持指定传输网关和指定客户网关之间的 IPv6 流量。两条隧道的隧道选项都指定了 AWS 必须启动 IKE 协商的隧道。
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--transit-gateway-id tgw-12312312312312312 \
--customer-gateway-id cgw-001122334455aabbc \
--options TunnelInsideIpVersion=ipv6,TunnelOptions=[{StartupAction=start},{StartupAction=start}]
```
输出:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "..configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-11111111122222222",
"TransitGatewayId": "tgw-12312312312312312",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": false,
"LocalIpv6NetworkCidr": "::/0",
"RemoteIpv6NetworkCidr": "::/0",
"TunnelInsideIpVersion": "ipv6",
"TunnelOptions": [
{
"OutsideIpAddress": "203.0.113.3",
"StartupAction": "start"
},
{
"OutsideIpAddress": "203.0.113.5",
"StartupAction": "start"
}
]
},
"Routes": [],
"Tags": []
}
}
```
有关更多信息,[请参阅《 AWS Site-to-Site VPN *用户指南》中的AWS Site-to-Site VPN* 工作原理](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateVpnConnection](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpn-connection.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例在指定的虚拟专用网关和指定的客户网关之间创建 VPN 连接。输出包括网络管理员需要的配置信息(采用 XML 格式)。**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d
```
**输出**:
```
CustomerGatewayConfiguration : [XML document]
CustomerGatewayId : cgw-1a2b3c4d
Options :
Routes : {}
State : pending
Tags : {}
Type :
VgwTelemetry : {}
VpnConnectionId : vpn-12345678
VpnGatewayId : vgw-1a2b3c4d
```
**示例 2:此示例创建 VPN 连接,并在具有指定名称的文件中捕获配置。**
```
(New-EC2VpnConnection -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d).CustomerGatewayConfiguration | Out-File C:\path\vpn-configuration.xml
```
**示例 3:此示例在指定的虚拟专用网关和指定的客户网关之间创建 VPN 连接以及静态路由。**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d -Options_StaticRoutesOnly $true
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateVpnConnection](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例在指定的虚拟专用网关和指定的客户网关之间创建 VPN 连接。输出包括网络管理员需要的配置信息(采用 XML 格式)。**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d
```
**输出**:
```
CustomerGatewayConfiguration : [XML document]
CustomerGatewayId : cgw-1a2b3c4d
Options :
Routes : {}
State : pending
Tags : {}
Type :
VgwTelemetry : {}
VpnConnectionId : vpn-12345678
VpnGatewayId : vgw-1a2b3c4d
```
**示例 2:此示例创建 VPN 连接,并在具有指定名称的文件中捕获配置。**
```
(New-EC2VpnConnection -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d).CustomerGatewayConfiguration | Out-File C:\path\vpn-configuration.xml
```
**示例 3:此示例在指定的虚拟专用网关和指定的客户网关之间创建 VPN 连接以及静态路由。**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d -Options_StaticRoutesOnly $true
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateVpnConnection](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateVpnConnectionRoute` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateVpnConnectionRoute`。
------
#### [ CLI ]
**AWS CLI**
**为 VPN 连接创建静态路由**
此示例为指定的 VPN 连接创建静态路由。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 create-vpn-connection-route --vpn-connection-id vpn-40f41529 --destination-cidr-block 11.12.0.0/16
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateVpnConnectionRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpn-connection-route.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例为指定的 VPN 连接创建指定的静态路由。**
```
New-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例为指定的 VPN 连接创建指定的静态路由。**
```
New-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `CreateVpnGateway` 与 CLI 配合使用
以下代码示例演示如何使用 `CreateVpnGateway`。
------
#### [ CLI ]
**AWS CLI**
**创建虚拟私有网关**
此示例创建虚拟私有网关。
命令:
```
aws ec2 create-vpn-gateway --type ipsec.1
```
输出:
```
{
"VpnGateway": {
"AmazonSideAsn": 64512,
"State": "available",
"Type": "ipsec.1",
"VpnGatewayId": "vgw-9a4cacf3",
"VpcAttachments": []
}
}
```
**创建具有特定 Amazon 端 ASN 的虚拟私有网关**
此示例创建一个虚拟私有网关,并为 BGP 会话的 Amazon 端指定自治系统编号(ASN)。
命令:
```
aws ec2 create-vpn-gateway --type ipsec.1 --amazon-side-asn 65001
```
输出:
```
{
"VpnGateway": {
"AmazonSideAsn": 65001,
"State": "available",
"Type": "ipsec.1",
"VpnGatewayId": "vgw-9a4cacf3",
"VpcAttachments": []
}
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateVpnGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpn-gateway.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例创建指定的虚拟专用网关。**
```
New-EC2VpnGateway -Type ipsec.1
```
**输出**:
```
AvailabilityZone :
State : available
Tags : {}
Type : ipsec.1
VpcAttachments : {}
VpnGatewayId : vgw-1a2b3c4d
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [CreateVpnGateway](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例创建指定的虚拟专用网关。**
```
New-EC2VpnGateway -Type ipsec.1
```
**输出**:
```
AvailabilityZone :
State : available
Tags : {}
Type : ipsec.1
VpcAttachments : {}
VpnGatewayId : vgw-1a2b3c4d
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [CreateVpnGateway](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteCustomerGateway` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteCustomerGateway`。
------
#### [ CLI ]
**AWS CLI**
**删除客户网关**
此示例删除指定的客户网关。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-customer-gateway --customer-gateway-id cgw-0e11f167
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteCustomerGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-customer-gateway.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的客户网关。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2CustomerGateway (DeleteCustomerGateway)" on Target "cgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteCustomerGateway](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的客户网关。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2CustomerGateway (DeleteCustomerGateway)" on Target "cgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteCustomerGateway](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteDhcpOptions` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteDhcpOptions`。
------
#### [ CLI ]
**AWS CLI**
**删除 DHCP 选项集**
此示例删除指定的 DHCP 选项集。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-dhcp-options --dhcp-options-id dopt-d9070ebb
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-dhcp-options.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的 DHCP 选项集。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2DhcpOption (DeleteDhcpOptions)" on Target "dopt-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的 DHCP 选项集。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2DhcpOption (DeleteDhcpOptions)" on Target "dopt-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteFlowLogs` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteFlowLogs`。
------
#### [ CLI ]
**AWS CLI**
**删除流日志**
以下 `delete-flow-logs` 示例删除指定流日志。
```
aws ec2 delete-flow-logs --flow-log-id fl-11223344556677889
```
输出:
```
{
"Unsuccessful": []
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteFlowLogs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-flow-logs.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除了给定的 FlowLogId fl-01a2b3456a789c01**
```
Remove-EC2FlowLog -FlowLogId fl-01a2b3456a789c01
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2FlowLog (DeleteFlowLogs)" on target "fl-01a2b3456a789c01".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Y
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteFlowLogs](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除了给定的 FlowLogId fl-01a2b3456a789c01**
```
Remove-EC2FlowLog -FlowLogId fl-01a2b3456a789c01
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2FlowLog (DeleteFlowLogs)" on target "fl-01a2b3456a789c01".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Y
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteInternetGateway` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteInternetGateway`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**删除互联网网关**
以下 `delete-internet-gateway` 示例删除指定的互联网网关。
```
aws ec2 delete-internet-gateway \
--internet-gateway-id igw-0d0fb496b3EXAMPLE
```
此命令不生成任何输出。
有关更多信息,请参阅《*Amazon VPC 用户指南*》中的[互联网网关](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteInternetGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-internet-gateway.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的互联网网关。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2InternetGateway (DeleteInternetGateway)" on Target "igw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteInternetGateway](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的互联网网关。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2InternetGateway (DeleteInternetGateway)" on Target "igw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteInternetGateway](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `DeleteKeyPair`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DeleteKeyPair`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Delete an Amazon EC2 key pair.
///
/// The name of the key pair to delete.
/// A Boolean value indicating the success of the action.
public async Task DeleteKeyPair(string keyPairName)
{
try
{
await _amazonEC2.DeleteKeyPairAsync(new DeleteKeyPairRequest(keyPairName)).ConfigureAwait(false);
return true;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidKeyPair.NotFound")
{
_logger.LogError($"KeyPair {keyPairName} does not exist and cannot be deleted. Please verify the key pair name and try again.");
}
return false;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't delete the key pair because: {ex.Message}");
return false;
}
}
///
/// Delete the temporary file where the key pair information was saved.
///
/// The path to the temporary file.
public void DeleteTempFile(string tempFileName)
{
if (File.Exists(tempFileName))
{
File.Delete(tempFileName);
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[DeleteKeyPair](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DeleteKeyPair)*中的。
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# function ec2_delete_keypair
#
# This function deletes an Amazon EC2 ED25519 or 2048-bit RSA key pair.
#
# Parameters:
# -n key_pair_name - A key pair name.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_delete_keypair() {
local key_pair_name response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_delete_keypair"
echo "Deletes an Amazon EC2 ED25519 or 2048-bit RSA key pair."
echo " -n key_pair_name - A key pair name."
echo ""
}
# Retrieve the calling parameters.
while getopts "n:h" option; do
case "${option}" in
n) key_pair_name="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$key_pair_name" ]]; then
errecho "ERROR: You must provide a key pair name with the -n parameter."
usage
return 1
fi
response=$(aws ec2 delete-key-pair \
--key-name "$key_pair_name") || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports delete-key-pair operation failed.$response"
return 1
}
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteKeyPair](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DeleteKeyPair)*中的。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! Delete an Amazon Elastic Compute Cloud (Amazon EC2) instance key pair.
/*!
\param keyPairName: A name for a key pair.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::deleteKeyPair(const Aws::String &keyPairName,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DeleteKeyPairRequest request;
request.SetKeyName(keyPairName);
const Aws::EC2::Model::DeleteKeyPairOutcome outcome = ec2Client.DeleteKeyPair(
request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to delete key pair " << keyPairName <<
":" << outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully deleted key pair named " << keyPairName <<
std::endl;
}
return outcome.IsSuccess();
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[DeleteKeyPair](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DeleteKeyPair)*中的。
------
#### [ CLI ]
**AWS CLI**
**删除密钥对**
以下 `delete-key-pair` 示例删除指定密钥对。
```
aws ec2 delete-key-pair \
--key-name my-key-pair
```
输出:
```
{
"Return": true,
"KeyPairId": "key-03c8d3aceb53b507"
}
```
有关更多信息,请参阅《AWS 命令行界面用户指南》**中的[创建和删除密钥对](https://docs.aws.amazon.com/cli/latest/userguide/cli-ec2-keypairs.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteKeyPair](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-key-pair.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Deletes a key pair asynchronously.
*
* @param keyPair the name of the key pair to delete
* @return a {@link CompletableFuture} that represents the result of the asynchronous operation.
* The {@link CompletableFuture} will complete with a {@link DeleteKeyPairResponse} object
* that provides the result of the key pair deletion operation.
*/
public CompletableFuture deleteKeysAsync(String keyPair) {
DeleteKeyPairRequest request = DeleteKeyPairRequest.builder()
.keyName(keyPair)
.build();
// Initiate the asynchronous request to delete the key pair.
CompletableFuture response = getAsyncClient().deleteKeyPair(request);
return response.whenComplete((resp, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to delete key pair: " + keyPair, ex);
} else if (resp == null) {
throw new RuntimeException("No response received for deleting key pair: " + keyPair);
}
});
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[DeleteKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteKeyPair)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { DeleteKeyPairCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Deletes the specified key pair, by removing the public key from Amazon EC2.
* @param {{ keyName: string }} options
*/
export const main = async ({ keyName }) => {
const client = new EC2Client({});
const command = new DeleteKeyPairCommand({
KeyName: keyName,
});
try {
await client.send(command);
console.log("Successfully deleted key pair.");
} catch (caught) {
if (caught instanceof Error && caught.name === "MissingParameter") {
console.warn(`${caught.message}. Did you provide the required value?`);
} else {
throw caught;
}
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[DeleteKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteKeyPairCommand)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
suspend fun deleteKeys(keyPair: String?) {
val request =
DeleteKeyPairRequest {
keyName = keyPair
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteKeyPair(request)
println("Successfully deleted key pair named $keyPair")
}
}
```
+ 有关 API 的详细信息,请参阅适用[DeleteKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的密钥对。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2KeyPair -KeyName my-key-pair
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2KeyPair (DeleteKeyPair)" on Target "my-key-pair".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteKeyPair](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的密钥对。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2KeyPair -KeyName my-key-pair
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2KeyPair (DeleteKeyPair)" on Target "my-key-pair".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteKeyPair](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def delete(self, key_name: str) -> bool:
"""
Deletes a key pair by its name.
:param key_name: The name of the key pair to delete.
:return: A boolean indicating whether the deletion was successful.
:raises ClientError: If there is an error in deleting the key pair, for example,
if the key pair does not exist.
"""
try:
self.ec2_client.delete_key_pair(KeyName=key_name)
logger.info(f"Successfully deleted key pair: {key_name}")
self.key_pair = None
return True
except self.ec2_client.exceptions.ClientError as err:
logger.error(f"Deletion failed for key pair: {key_name}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidKeyPair.NotFound":
logger.error(
f"The key pair '{key_name}' does not exist and cannot be deleted. "
"Please verify the key pair name and try again."
)
raise
```
+ 有关 API 的详细信息,请参阅适用[DeleteKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteKeyPair)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
围绕 delete\$1key 的包装器,它也会移除备份的私有 PEM 密钥。
```
pub async fn delete(self, ec2: &EC2, util: &Util) -> Result<(), EC2Error> {
if let Some(key_name) = self.key_pair.key_name() {
ec2.delete_key_pair(key_name).await?;
if let Some(key_path) = self.key_file_path() {
if let Err(err) = util.remove(key_path) {
eprintln!("Failed to remove {key_path:?} ({err:?})");
}
}
}
Ok(())
}
```
```
pub async fn delete_key_pair(&self, key_name: &str) -> Result<(), EC2Error> {
let key_name: String = key_name.into();
tracing::info!("Deleting key pair {key_name}");
self.client
.delete_key_pair()
.key_name(key_name)
.send()
.await?;
Ok(())
}
```
+ 有关 API 的详细信息,请参阅适用[DeleteKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_key_pair)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
lo_ec2->deletekeypair( iv_keyname = iv_key_name ).
MESSAGE 'Amazon EC2 key pair deleted.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DeleteKeyPair](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import AWSEC2
/// Delete an EC2 key pair.
///
/// - Parameter keyPair: The name of the key pair to delete.
///
/// - Returns: `true` if the key pair is deleted successfully; otherwise
/// `false`.
func deleteKeyPair(keyPair: String) async -> Bool {
do {
_ = try await ec2Client.deleteKeyPair(
input: DeleteKeyPairInput(
keyName: keyPair
)
)
return true
} catch {
print("*** Error deleting the key pair: \(error.localizedDescription)")
return false
}
}
```
+ 如需了解 API 的详细信息,请参阅适用[DeleteKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletekeypair(input:))于 S *wift 的AWS SDK API 参考*。
------
# `DeleteLaunchTemplate`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DeleteLaunchTemplate`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [构建和管理弹性服务](ec2_example_cross_ResilientService_section.md)
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Delete a launch template by name.
///
/// The name of the template to delete.
/// Async task.
public async Task DeleteTemplateByName(string templateName)
{
try
{
await _amazonEc2.DeleteLaunchTemplateAsync(
new DeleteLaunchTemplateRequest()
{
LaunchTemplateName = templateName
});
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidLaunchTemplateName.NotFoundException")
{
_logger.LogError(
$"Could not delete the template, the name {_launchTemplateName} was not found.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while deleting the template.: {ex.Message}");
throw;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[DeleteLaunchTemplate](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DeleteLaunchTemplate)*中的。
------
#### [ CLI ]
**AWS CLI**
**删除启动模板**
此示例删除指定的启动模板。
命令:
```
aws ec2 delete-launch-template --launch-template-id lt-0abcd290751193123
```
输出:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 2,
"LaunchTemplateId": "lt-0abcd290751193123",
"LaunchTemplateName": "TestTemplate",
"DefaultVersionNumber": 2,
"CreatedBy": "arn:aws:iam::123456789012:root",
"CreateTime": "2017-11-23T16:46:25.000Z"
}
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteLaunchTemplate](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-launch-template.html)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cross-services/wkflw-resilient-service#code-examples)中查找完整示例,了解如何进行设置和运行。
```
await client.send(
new DeleteLaunchTemplateCommand({
LaunchTemplateName: NAMES.launchTemplateName,
}),
);
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[DeleteLaunchTemplate](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteLaunchTemplateCommand)*中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def delete_template(self):
"""
Deletes a launch template.
"""
try:
self.ec2_client.delete_launch_template(
LaunchTemplateName=self.launch_template_name
)
self.delete_instance_profile(
self.instance_profile_name, self.instance_role_name
)
log.info("Launch template %s deleted.", self.launch_template_name)
except ClientError as err:
if (
err.response["Error"]["Code"]
== "InvalidLaunchTemplateName.NotFoundException"
):
log.info(
"Launch template %s does not exist, nothing to do.",
self.launch_template_name,
)
log.error(f"Full error:\n\t{err}")
```
+ 有关 API 的详细信息,请参阅适用[DeleteLaunchTemplate](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteLaunchTemplate)于 *Python 的AWS SDK (Boto3) API 参考*。
------
# 将 `DeleteNetworkAcl` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteNetworkAcl`。
------
#### [ CLI ]
**AWS CLI**
**删除网络 ACL**
此示例删除指定的网络 ACL。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-network-acl --network-acl-id acl-5fb85d36
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteNetworkAcl](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-network-acl.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的网络 ACL。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2NetworkAcl -NetworkAclId acl-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAcl (DeleteNetworkAcl)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteNetworkAcl](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的网络 ACL。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2NetworkAcl -NetworkAclId acl-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAcl (DeleteNetworkAcl)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteNetworkAcl](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteNetworkAclEntry` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteNetworkAclEntry`。
------
#### [ CLI ]
**AWS CLI**
**删除网络 ACL 条目**
此示例从指定的网络 ACL 中删除编号为 100 的入口规则。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 100
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteNetworkAclEntry](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-network-acl-entry.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例从指定的网络 ACL 移除指定的规则。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAclEntry (DeleteNetworkAclEntry)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteNetworkAclEntry](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例从指定的网络 ACL 移除指定的规则。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAclEntry (DeleteNetworkAclEntry)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteNetworkAclEntry](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteNetworkInterface` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteNetworkInterface`。
------
#### [ CLI ]
**AWS CLI**
**删除网络接口**
此示例删除指定的网络接口。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-network-interface --network-interface-id eni-e5aa89a3
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteNetworkInterface](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-network-interface.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的网络接口。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2NetworkInterface -NetworkInterfaceId eni-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkInterface (DeleteNetworkInterface)" on Target "eni-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteNetworkInterface](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的网络接口。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2NetworkInterface -NetworkInterfaceId eni-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkInterface (DeleteNetworkInterface)" on Target "eni-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteNetworkInterface](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeletePlacementGroup` 与 CLI 配合使用
以下代码示例演示如何使用 `DeletePlacementGroup`。
------
#### [ CLI ]
**AWS CLI**
**删除置放群组**
此示例命令将删除指定的置放群组。
命令:
```
aws ec2 delete-placement-group --group-name my-cluster
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeletePlacementGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-placement-group.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的置放群组。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2PlacementGroup -GroupName my-placement-group
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2PlacementGroup (DeletePlacementGroup)" on Target "my-placement-group".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeletePlacementGroup](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的置放群组。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2PlacementGroup -GroupName my-placement-group
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2PlacementGroup (DeletePlacementGroup)" on Target "my-placement-group".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeletePlacementGroup](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteRoute` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteRoute`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [中转网关入门](ec2_example_vpc_TransitGatewayGettingStarted_section.md)
------
#### [ CLI ]
**AWS CLI**
**删除路由**
此示例从指定的路由表中删除指定的路由。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-route --route-table-id rtb-22574640 --destination-cidr-block 0.0.0.0/0
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-route.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例从指定的路由表中删除指定的路由。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Route (DeleteRoute)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteRoute](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例从指定的路由表中删除指定的路由。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Route (DeleteRoute)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteRoute](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteRouteTable` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteRouteTable`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**删除路由表**
此示例删除指定的路由表。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-route-table --route-table-id rtb-22574640
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteRouteTable](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-route-table.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的路由表。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2RouteTable -RouteTableId rtb-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2RouteTable (DeleteRouteTable)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteRouteTable](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的路由表。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2RouteTable -RouteTableId rtb-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2RouteTable (DeleteRouteTable)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteRouteTable](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `DeleteSecurityGroup`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DeleteSecurityGroup`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Delete an Amazon EC2 security group.
///
/// The name of the group to delete.
/// A Boolean value indicating the success of the action.
public async Task DeleteSecurityGroup(string groupId)
{
try
{
var response =
await _amazonEC2.DeleteSecurityGroupAsync(
new DeleteSecurityGroupRequest { GroupId = groupId });
return response.HttpStatusCode == HttpStatusCode.OK;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidGroup.NotFound")
{
_logger.LogError(
$"Security Group {groupId} does not exist and cannot be deleted. Please verify the ID and try again.");
}
return false;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't delete the security group because: {ex.Message}");
return false;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[DeleteSecurityGroup](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DeleteSecurityGroup)*中的。
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# function ec2_delete_security_group
#
# This function deletes an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Parameters:
# -i security_group_id - The ID of the security group to delete.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_delete_security_group() {
local security_group_id response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_delete_security_group"
echo "Deletes an Amazon Elastic Compute Cloud (Amazon EC2) security group."
echo " -i security_group_id - The ID of the security group to delete."
echo ""
}
# Retrieve the calling parameters.
while getopts "i:h" option; do
case "${option}" in
i) security_group_id="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$security_group_id" ]]; then
errecho "ERROR: You must provide a security group ID with the -i parameter."
usage
return 1
fi
response=$(aws ec2 delete-security-group --group-id "$security_group_id" --output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports delete-security-group operation failed.$response"
return 1
}
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteSecurityGroup](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DeleteSecurityGroup)*中的。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! Delete a security group.
/*!
\param securityGroupID: A security group ID.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::deleteSecurityGroup(const Aws::String &securityGroupID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DeleteSecurityGroupRequest request;
request.SetGroupId(securityGroupID);
Aws::EC2::Model::DeleteSecurityGroupOutcome outcome = ec2Client.DeleteSecurityGroup(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to delete security group " << securityGroupID <<
":" << outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully deleted security group " << securityGroupID <<
std::endl;
}
return outcome.IsSuccess();
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[DeleteSecurityGroup](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DeleteSecurityGroup)*中的。
------
#### [ CLI ]
**AWS CLI**
**[EC2-Classic] 删除安全组**
此示例删除名为 `MySecurityGroup` 的安全组。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-security-group --group-name MySecurityGroup
```
**[EC2-VPC] 删除安全组**
本示例将删除 ID 为 `sg-903004f8` 的安全组。请注意,您不能通过名称引用 EC2-VPC 的安全组。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-security-group --group-id sg-903004f8
```
有关更多信息,请参阅《AWS 命令行界面用户指南》**中的“使用安全组”。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteSecurityGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-security-group.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Deletes an EC2 security group asynchronously.
*
* @param groupId the ID of the security group to delete
* @return a CompletableFuture that completes when the security group is deleted
*/
public CompletableFuture deleteEC2SecGroupAsync(String groupId) {
DeleteSecurityGroupRequest request = DeleteSecurityGroupRequest.builder()
.groupId(groupId)
.build();
CompletableFuture response = getAsyncClient().deleteSecurityGroup(request);
return response.whenComplete((resp, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to delete security group with Id " + groupId, ex);
} else if (resp == null) {
throw new RuntimeException("No response received for deleting security group with Id " + groupId);
}
}).thenApply(resp -> null);
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[DeleteSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteSecurityGroup)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { DeleteSecurityGroupCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Deletes a security group.
* @param {{ groupId: string }} options
*/
export const main = async ({ groupId }) => {
const client = new EC2Client({});
const command = new DeleteSecurityGroupCommand({
GroupId: groupId,
});
try {
await client.send(command);
console.log("Security group deleted successfully.");
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidGroupId.Malformed") {
console.warn(`${caught.message}. Please provide a valid GroupId.`);
} else {
throw caught;
}
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[DeleteSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteSecurityGroupCommand)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
suspend fun deleteEC2SecGroup(groupIdVal: String) {
val request =
DeleteSecurityGroupRequest {
groupId = groupIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteSecurityGroup(request)
println("Successfully deleted Security Group with id $groupIdVal")
}
}
```
+ 有关 API 的详细信息,请参阅适用[DeleteSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除 EC2-VPC 的指定安全组。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2SecurityGroup -GroupId sg-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SecurityGroup (DeleteSecurityGroup)" on Target "sg-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
**示例 2:此示例删除 EC2-Classic 的指定安全组。**
```
Remove-EC2SecurityGroup -GroupName my-security-group -Force
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteSecurityGroup](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除 EC2-VPC 的指定安全组。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2SecurityGroup -GroupId sg-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SecurityGroup (DeleteSecurityGroup)" on Target "sg-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
**示例 2:此示例删除 EC2-Classic 的指定安全组。**
```
Remove-EC2SecurityGroup -GroupName my-security-group -Force
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteSecurityGroup](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def delete(self, security_group_id: str) -> bool:
"""
Deletes the specified security group.
:param security_group_id: The ID of the security group to delete. Required.
:returns: True if the deletion is successful.
:raises ClientError: If the security group cannot be deleted due to an AWS service error.
"""
try:
self.ec2_client.delete_security_group(GroupId=security_group_id)
logger.info(f"Successfully deleted security group '{security_group_id}'")
return True
except ClientError as err:
logger.error(f"Deletion failed for security group '{security_group_id}'")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidGroup.NotFound":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it does not exist."
)
elif error_code == "DependencyViolation":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it is still in use."
" Verify that it is:"
"\n\t- Detached from resources"
"\n\t- Removed from references in other groups"
"\n\t- Removed from VPC's as a default group"
)
raise
```
+ 有关 API 的详细信息,请参阅适用[DeleteSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteSecurityGroup)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
pub async fn delete_security_group(&self, group_id: &str) -> Result<(), EC2Error> {
tracing::info!("Deleting security group {group_id}");
self.client
.delete_security_group()
.group_id(group_id)
.send()
.await?;
Ok(())
}
```
+ 有关 API 的详细信息,请参阅适用[DeleteSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_security_group)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
lo_ec2->deletesecuritygroup( iv_groupid = iv_security_group_id ).
MESSAGE 'Security group deleted.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DeleteSecurityGroup](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import AWSEC2
/// Delete a security group.
///
/// - Parameter groupId: The ID of the security group to delete.
///
/// - Returns: `true` on successful deletion; `false` on error.
func deleteSecurityGroup(groupId: String) async -> Bool {
do {
_ = try await ec2Client.deleteSecurityGroup(
input: DeleteSecurityGroupInput(
groupId: groupId
)
)
return true
} catch {
print("*** Error deleting the security group: \(error.localizedDescription)")
return false
}
}
```
+ 如需了解 API 的详细信息,请参阅适用[DeleteSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletesecuritygroup(input:))于 S *wift 的AWS SDK API 参考*。
------
# `DeleteSnapshot`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DeleteSnapshot`。
------
#### [ CLI ]
**AWS CLI**
**删除快照**
本示例命令将删除快照 ID 为 `snap-1234567890abcdef0` 的快照。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-snapshot --snapshot-id snap-1234567890abcdef0
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteSnapshot](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-snapshot.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的快照。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2Snapshot -SnapshotId snap-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Snapshot (DeleteSnapshot)" on target "snap-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteSnapshot](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的快照。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2Snapshot -SnapshotId snap-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Snapshot (DeleteSnapshot)" on target "snap-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteSnapshot](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ebs#code-examples)中查找完整示例,了解如何进行设置和运行。
```
async fn delete_snapshot(client: &Client, id: &str) -> Result<(), Error> {
client.delete_snapshot().snapshot_id(id).send().await?;
println!("Deleted");
Ok(())
}
```
+ 有关 API 的详细信息,请参阅适用[DeleteSnapshot](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_snapshot)于 *Rust 的AWS SDK API 参考*。
------
# 将 `DeleteSpotDatafeedSubscription` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteSpotDatafeedSubscription`。
------
#### [ CLI ]
**AWS CLI**
**取消竞价型实例数据源订阅**
此示例命令将删除账户的竞价型数据源订阅。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-spot-datafeed-subscription
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteSpotDatafeedSubscription](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-spot-datafeed-subscription.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除竞价型实例数据源。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2SpotDatafeedSubscription
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SpotDatafeedSubscription (DeleteSpotDatafeedSubscription)" on Target "".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除竞价型实例数据源。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2SpotDatafeedSubscription
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SpotDatafeedSubscription (DeleteSpotDatafeedSubscription)" on Target "".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteSubnet` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteSubnet`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**删除子网**
此示例删除指定的子网。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-subnet --subnet-id subnet-9d4a7b6c
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteSubnet](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-subnet.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的子网。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2Subnet -SubnetId subnet-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Subnet (DeleteSubnet)" on Target "subnet-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteSubnet](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的子网。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2Subnet -SubnetId subnet-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Subnet (DeleteSubnet)" on Target "subnet-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteSubnet](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteTags` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteTags`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:从资源中删除标签**
以下 `delete-tags` 示例从指定映像中删除标签 `Stack=Test`。当您同时指定值和键名称时,只有当标签的值与指定值匹配时,才会删除该标签。
```
aws ec2 delete-tags \
--resources ami-1234567890abcdef0 \
--tags Key=Stack,Value=Test
```
可以选择为标签指定值。以下 `delete-tags` 示例从指定实例中删除键名称为 `purpose` 的标签(无论该标签的标签值如何)。
```
aws ec2 delete-tags \
--resources i-1234567890abcdef0 \
--tags Key=purpose
```
如果您将空字符串指定为标签值,则仅当标签的值为空字符串时,才会删除标签。以下 `delete-tags` 示例将空字符串指定为要删除的标签的标签值。
```
aws ec2 delete-tags \
--resources i-1234567890abcdef0 \
--tags Key=Name,Value=
```
**示例 2:从多个资源中删除标签**
以下 `delete-tags` 示例从实例和 AMI 中删除标签 ``Purpose=Test``。如上一个示例所示,您可以省略命令中的标签值。
```
aws ec2 delete-tags \
--resources i-1234567890abcdef0 ami-1234567890abcdef0 \
--tags Key=Purpose
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteTags](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-tags.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例从指定的资源删除指定的标签,无论标签值如何。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag" } -Force
```
**示例 2:此示例从指定的资源删除指定的标签,但前提是标签值匹配。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag";Value="myTagValue" } -Force
```
**示例 3:此示例从指定的资源删除指定的标签,无论标签值如何。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
**示例 4:此示例从指定的资源删除指定的标签,但前提是标签值匹配。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteTags](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例从指定的资源删除指定的标签,无论标签值如何。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag" } -Force
```
**示例 2:此示例从指定的资源删除指定的标签,但前提是标签值匹配。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag";Value="myTagValue" } -Force
```
**示例 3:此示例从指定的资源删除指定的标签,无论标签值如何。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
**示例 4:此示例从指定的资源删除指定的标签,但前提是标签值匹配。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteTags](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteVolume` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteVolume`。
------
#### [ CLI ]
**AWS CLI**
**删除卷**
此示例命令将删除卷 ID 为 `vol-049df61146c4d7901` 的可用卷。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-volume --volume-id vol-049df61146c4d7901
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteVolume](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-volume.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例分离指定的卷。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2Volume -VolumeId vol-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Volume (DeleteVolume)" on target "vol-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteVolume](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例分离指定的卷。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2Volume -VolumeId vol-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Volume (DeleteVolume)" on target "vol-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteVolume](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `DeleteVpc`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DeleteVpc`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
+ [VPC IPAM 入门](ec2_example_vpc_GettingStartedIpam_section.md)
------
#### [ CLI ]
**AWS CLI**
**删除 VPC**
此示例删除指定的 VPC。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-vpc --vpc-id vpc-a01106c2
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteVpc](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpc.html)*中的。
------
#### [ PHP ]
**适用于 PHP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* @param string $vpcId
* @return void
*/
public function deleteVpc(string $vpcId)
{
try {
$this->ec2Client->deleteVpc([
"VpcId" => $vpcId,
]);
}catch(Ec2Exception $caught){
echo "There was a problem deleting the VPC: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 PHP 的 AWS SDK API 参考[DeleteVpc](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/DeleteVpc)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的 VPC。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2Vpc -VpcId vpc-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Vpc (DeleteVpc)" on Target "vpc-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteVpc](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的 VPC。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2Vpc -VpcId vpc-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Vpc (DeleteVpc)" on Target "vpc-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteVpc](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def delete(self, vpc_id: str) -> None:
"""
Deletes the specified VPC.
:param vpc_id: The ID of the VPC to delete.
"""
try:
self.ec2_client.delete_vpc(VpcId=vpc_id)
except ClientError as err:
logger.error(
"Couldn't delete VPC %s. Here's why: %s: %s",
vpc_id,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
```
+ 有关 API 的详细信息,请参阅适用[DeleteVpc](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteVpc)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
lo_ec2->deletevpc( iv_vpcid = iv_vpc_id ).
MESSAGE 'Deleted VPC.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DeleteVpc](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `DeleteVpcEndpoints`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DeleteVpcEndpoints`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
------
#### [ CLI ]
**AWS CLI**
**删除端点**
此示例删除端点 vpce-aa22bb33 和 vpce-1a2b3c4d。如果命令部分成功或不成功,则会返回失败项目的列表。如果命令成功,则返回的列表为空。
命令:
```
aws ec2 delete-vpc-endpoints --vpc-endpoint-ids vpce-aa22bb33 vpce-1a2b3c4d
```
输出:
```
{
"Unsuccessful": []
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteVpcEndpoints](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpc-endpoints.html)*中的。
------
#### [ PHP ]
**适用于 PHP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* @param string $vpcEndpointId
* @return void
*/
public function deleteVpcEndpoint(string $vpcEndpointId)
{
try {
$this->ec2Client->deleteVpcEndpoints([
"VpcEndpointIds" => [$vpcEndpointId],
]);
}catch (Ec2Exception $caught){
echo "There was a problem deleting the VPC Endpoint: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 PHP 的 AWS SDK API 参考[DeleteVpcEndpoints](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/DeleteVpcEndpoints)*中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def delete_vpc_endpoints(self, vpc_endpoint_ids: list[str]) -> None:
"""
Deletes the specified VPC endpoints.
:param vpc_endpoint_ids: A list of IDs of the VPC endpoints to delete.
"""
try:
self.ec2_client.delete_vpc_endpoints(VpcEndpointIds=vpc_endpoint_ids)
except ClientError as err:
logger.error(
"Couldn't delete VPC endpoints %s. Here's why: %s: %s",
vpc_endpoint_ids,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
```
+ 有关 API 的详细信息,请参阅适用[DeleteVpcEndpoints](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteVpcEndpoints)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
lo_ec2->deletevpcendpoints( it_vpcendpointids = it_vpc_endpoint_ids ).
MESSAGE 'Deleted VPC endpoint(s).' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DeleteVpcEndpoints](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# 将 `DeleteVpnConnection` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteVpnConnection`。
------
#### [ CLI ]
**AWS CLI**
**删除 VPN 连接**
此示例删除指定的 VPN 连接。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-vpn-connection --vpn-connection-id vpn-40f41529
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteVpnConnection](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpn-connection.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的 VPN 连接。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2VpnConnection -VpnConnectionId vpn-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnection (DeleteVpnConnection)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteVpnConnection](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的 VPN 连接。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2VpnConnection -VpnConnectionId vpn-12345678
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnection (DeleteVpnConnection)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteVpnConnection](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteVpnConnectionRoute` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteVpnConnectionRoute`。
------
#### [ CLI ]
**AWS CLI**
**从 VPN 连接中删除静态路由**
此示例从指定的 VPN 连接中删除指定的静态路由。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-vpn-connection-route --vpn-connection-id vpn-40f41529 --destination-cidr-block 11.12.0.0/16
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteVpnConnectionRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpn-connection-route.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例从指定的 VPN 连接中移除指定的静态路由。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnectionRoute (DeleteVpnConnectionRoute)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例从指定的 VPN 连接中移除指定的静态路由。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnectionRoute (DeleteVpnConnectionRoute)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeleteVpnGateway` 与 CLI 配合使用
以下代码示例演示如何使用 `DeleteVpnGateway`。
------
#### [ CLI ]
**AWS CLI**
**删除虚拟私有网关**
此示例删除指定的虚拟私有网关。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 delete-vpn-gateway --vpn-gateway-id vgw-9a4cacf3
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteVpnGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpn-gateway.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例删除指定的虚拟专用网关。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnGateway (DeleteVpnGateway)" on Target "vgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeleteVpnGateway](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例删除指定的虚拟专用网关。除非您还指定了 Force 参数,否则在操作继续之前,系统会提示您进行确认。**
```
Remove-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d
```
**输出**:
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnGateway (DeleteVpnGateway)" on Target "vgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeleteVpnGateway](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DeregisterImage` 与 CLI 配合使用
以下代码示例演示如何使用 `DeregisterImage`。
------
#### [ CLI ]
**AWS CLI**
**取消注册 AMI**
此示例取消注册指定的 AMI。如果命令成功,则不返回任何输出。
命令:
```
aws ec2 deregister-image --image-id ami-4fa54026
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeregisterImage](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/deregister-image.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例取消注册指定的 AMI。**
```
Unregister-EC2Image -ImageId ami-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DeregisterImage](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例取消注册指定的 AMI。**
```
Unregister-EC2Image -ImageId ami-12345678
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DeregisterImage](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeAccountAttributes` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeAccountAttributes`。
------
#### [ CLI ]
**AWS CLI**
**描述您 AWS 账户的所有属性**
此示例描述了您的 AWS 账户的属性。
命令:
```
aws ec2 describe-account-attributes
```
输出:
```
{
"AccountAttributes": [
{
"AttributeName": "vpc-max-security-groups-per-interface",
"AttributeValues": [
{
"AttributeValue": "5"
}
]
},
{
"AttributeName": "max-instances",
"AttributeValues": [
{
"AttributeValue": "20"
}
]
},
{
"AttributeName": "supported-platforms",
"AttributeValues": [
{
"AttributeValue": "EC2"
},
{
"AttributeValue": "VPC"
}
]
},
{
"AttributeName": "default-vpc",
"AttributeValues": [
{
"AttributeValue": "none"
}
]
},
{
"AttributeName": "max-elastic-ips",
"AttributeValues": [
{
"AttributeValue": "5"
}
]
},
{
"AttributeName": "vpc-max-elastic-ips",
"AttributeValues": [
{
"AttributeValue": "5"
}
]
}
]
}
```
**描述您 AWS 账户的单一属性**
此示例描述了您的 AWS 账户的`supported-platforms`属性。
命令:
```
aws ec2 describe-account-attributes --attribute-names supported-platforms
```
输出:
```
{
"AccountAttributes": [
{
"AttributeName": "supported-platforms",
"AttributeValues": [
{
"AttributeValue": "EC2"
},
{
"AttributeValue": "VPC"
}
]
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeAccountAttributes](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-account-attributes.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述您是可以将实例启动到该区域中的 EC2 Classic 和 EC2-VPC,还是只能启动到 EC2-VPC。**
```
(Get-EC2AccountAttribute -AttributeName supported-platforms).AttributeValues
```
**输出**:
```
AttributeValue
--------------
EC2
VPC
```
**示例 2:此示例描述您的默认 VPC,或者如果您在该区域没有默认 VPC,则为“无”。**
```
(Get-EC2AccountAttribute -AttributeName default-vpc).AttributeValues
```
**输出**:
```
AttributeValue
--------------
vpc-12345678
```
**示例 3:此示例描述您可以运行的最大按需型实例数。**
```
(Get-EC2AccountAttribute -AttributeName max-instances).AttributeValues
```
**输出**:
```
AttributeValue
--------------
20
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeAccountAttributes](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述您是可以将实例启动到该区域中的 EC2 Classic 和 EC2-VPC,还是只能启动到 EC2-VPC。**
```
(Get-EC2AccountAttribute -AttributeName supported-platforms).AttributeValues
```
**输出**:
```
AttributeValue
--------------
EC2
VPC
```
**示例 2:此示例描述您的默认 VPC,或者如果您在该区域没有默认 VPC,则为“无”。**
```
(Get-EC2AccountAttribute -AttributeName default-vpc).AttributeValues
```
**输出**:
```
AttributeValue
--------------
vpc-12345678
```
**示例 3:此示例描述您可以运行的最大按需型实例数。**
```
(Get-EC2AccountAttribute -AttributeName max-instances).AttributeValues
```
**输出**:
```
AttributeValue
--------------
20
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeAccountAttributes](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `DescribeAddresses`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DescribeAddresses`。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! Describe all Elastic IP addresses.
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::describeAddresses(
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeAddressesRequest request;
Aws::EC2::Model::DescribeAddressesOutcome outcome = ec2Client.DescribeAddresses(request);
if (outcome.IsSuccess()) {
std::cout << std::left << std::setw(20) << "InstanceId" <<
std::setw(15) << "Public IP" << std::setw(10) << "Domain" <<
std::setw(30) << "Allocation ID" << std::setw(25) <<
"NIC ID" << std::endl;
const Aws::Vector &addresses = outcome.GetResult().GetAddresses();
for (const auto &address: addresses) {
Aws::String domainString =
Aws::EC2::Model::DomainTypeMapper::GetNameForDomainType(
address.GetDomain());
std::cout << std::left << std::setw(20) <<
address.GetInstanceId() << std::setw(15) <<
address.GetPublicIp() << std::setw(10) << domainString <<
std::setw(30) << address.GetAllocationId() << std::setw(25)
<< address.GetNetworkInterfaceId() << std::endl;
}
} else {
std::cerr << "Failed to describe Elastic IP addresses:" <<
outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[DescribeAddresses](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeAddresses)*中的。
------
#### [ CLI ]
**AWS CLI**
**示例 1:检索所有弹性 IP 地址的详细信息**
以下 `describe addresses` 示例显示有关弹性 IP 地址的详细信息。
```
aws ec2 describe-addresses
```
输出:
```
{
"Addresses": [
{
"InstanceId": "i-1234567890abcdef0",
"PublicIp": "198.51.100.0",
"PublicIpv4Pool": "amazon",
"Domain": "standard"
},
{
"Domain": "vpc",
"PublicIpv4Pool": "amazon",
"InstanceId": "i-1234567890abcdef0",
"NetworkInterfaceId": "eni-12345678",
"AssociationId": "eipassoc-12345678",
"NetworkInterfaceOwnerId": "123456789012",
"PublicIp": "203.0.113.0",
"AllocationId": "eipalloc-12345678",
"PrivateIpAddress": "10.0.1.241"
}
]
}
```
**示例 2:检索 EC2-VPC 弹性 IP 地址的详细信息**
以下 `describe-addresses` 示例显示,与 VPC 中的实例结合使用的弹性 IP 地址的详细信息。
```
aws ec2 describe-addresses \
--filters "Name=domain,Values=vpc"
```
输出:
```
{
"Addresses": [
{
"Domain": "vpc",
"PublicIpv4Pool": "amazon",
"InstanceId": "i-1234567890abcdef0",
"NetworkInterfaceId": "eni-12345678",
"AssociationId": "eipassoc-12345678",
"NetworkInterfaceOwnerId": "123456789012",
"PublicIp": "203.0.113.0",
"AllocationId": "eipalloc-12345678",
"PrivateIpAddress": "10.0.1.241"
}
]
}
```
**示例 3:检索由分配 ID 指定的弹性 IP 地址的详细信息**
以下 `describe-addresses` 示例显示有关具有指定分配 ID 的弹性 IP 地址的详细信息,该地址与 EC2-VPC 中的实例相关联。
```
aws ec2 describe-addresses \
--allocation-ids eipalloc-282d9641
```
输出:
```
{
"Addresses": [
{
"Domain": "vpc",
"PublicIpv4Pool": "amazon",
"InstanceId": "i-1234567890abcdef0",
"NetworkInterfaceId": "eni-1a2b3c4d",
"AssociationId": "eipassoc-123abc12",
"NetworkInterfaceOwnerId": "1234567891012",
"PublicIp": "203.0.113.25",
"AllocationId": "eipalloc-282d9641",
"PrivateIpAddress": "10.251.50.12"
}
]
}
```
**示例 4:检索由 VPC 私有 IP 地址指定的弹性 IP 地址的详细信息**
以下 `describe-addresses` 示例显示,与 EC2-VPC 中特定私有 IP 地址关联的弹性 IP 地址的详细信息。
```
aws ec2 describe-addresses \
--filters "Name=private-ip-address,Values=10.251.50.12"
```
**示例 5:检索 EC2-Classic 中有关弹性 IP 地址的详细信息**
以下 `describe-addresses` 示例显示有关在 EC2-Classic 中使用的弹性 IP 地址的详细信息。
```
aws ec2 describe-addresses \
--filters "Name=domain,Values=standard"
```
输出:
```
{
"Addresses": [
{
"InstanceId": "i-1234567890abcdef0",
"PublicIp": "203.0.110.25",
"PublicIpv4Pool": "amazon",
"Domain": "standard"
}
]
}
```
**示例 6:检索由公有 IP 地址指定的弹性 IP 地址详细信息**
以下 `describe-addresses` 示例显示有关具有值 `203.0.110.25` 的弹性 IP 地址的详细信息,该地址与 EC2-Classic 中的实例相关联。
```
aws ec2 describe-addresses \
--public-ips 203.0.110.25
```
输出:
```
{
"Addresses": [
{
"InstanceId": "i-1234567890abcdef0",
"PublicIp": "203.0.110.25",
"PublicIpv4Pool": "amazon",
"Domain": "standard"
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeAddresses](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-addresses.html)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { DescribeAddressesCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Describes the specified Elastic IP addresses or all of your Elastic IP addresses.
* @param {{ allocationId: string }} options
*/
export const main = async ({ allocationId }) => {
const client = new EC2Client({});
const command = new DescribeAddressesCommand({
// You can omit this property to show all addresses.
AllocationIds: [allocationId],
});
try {
const { Addresses } = await client.send(command);
const addressList = Addresses.map((address) => ` • ${address.PublicIp}`);
console.log("Elastic IP addresses:");
console.log(addressList.join("\n"));
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
console.warn(`${caught.message}. Please provide a valid AllocationId.`);
} else {
throw caught;
}
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[DescribeAddresses](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeAddressesCommand)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述 EC2-Classic 中实例的指定弹性 IP 地址。**
```
Get-EC2Address -AllocationId eipalloc-12345678
```
**输出**:
```
AllocationId : eipalloc-12345678
AssociationId : eipassoc-12345678
Domain : vpc
InstanceId : i-87654321
NetworkInterfaceId : eni-12345678
NetworkInterfaceOwnerId : 12345678
PrivateIpAddress : 10.0.2.172
PublicIp : 198.51.100.2
```
**示例 2:此示例描述 VPC 中实例的弹性 IP 地址。此语法需要 PowerShell 版本 3 或更高版本。**
```
Get-EC2Address -Filter @{ Name="domain";Values="vpc" }
```
**示例 3:此示例描述 EC2-Classic 中实例的指定弹性 IP 地址。**
```
Get-EC2Address -PublicIp 203.0.113.17
```
**输出**:
```
AllocationId :
AssociationId :
Domain : standard
InstanceId : i-12345678
NetworkInterfaceId :
NetworkInterfaceOwnerId :
PrivateIpAddress :
PublicIp : 203.0.113.17
```
**示例 4:此示例描述 EC2-Classic 中实例的弹性 IP 地址。此语法需要 PowerShell 版本 3 或更高版本。**
```
Get-EC2Address -Filter @{ Name="domain";Values="standard" }
```
**示例 5:此示例描述所有弹性 IP 地址。**
```
Get-EC2Address
```
**示例 6:此示例返回筛选条件中提供的实例 ID 的公有和私有 IP**
```
Get-EC2Address -Region eu-west-1 -Filter @{Name="instance-id";Values="i-0c12d3f4f567ffb89"} | Select-Object PrivateIpAddress, PublicIp
```
**输出**:
```
PrivateIpAddress PublicIp
---------------- --------
10.0.0.99 63.36.5.227
```
**示例 7:此示例检索所有 Elast IPs ic 及其分配 ID、关联 ID 和实例 ID**
```
Get-EC2Address -Region eu-west-1 | Select-Object InstanceId, AssociationId, AllocationId, PublicIp
```
**输出**:
```
InstanceId AssociationId AllocationId PublicIp
---------- ------------- ------------ --------
eipalloc-012e3b456789e1fad 17.212.120.178
i-0c123dfd3415bac67 eipassoc-0e123456bb7890bdb eipalloc-01cd23ebf45f7890c 17.212.124.77
eipalloc-012345678eeabcfad 17.212.225.7
i-0123d405c67e89a0c eipassoc-0c123b456783966ba eipalloc-0123cdd456a8f7892 37.216.52.173
i-0f1bf2f34c5678d09 eipassoc-0e12934568a952d96 eipalloc-0e1c23e4d5e6789e4 37.218.222.278
i-012e3cb4df567e8aa eipassoc-0d1b2fa4d67d03810 eipalloc-0123f456f78a01b58 37.210.82.27
i-0123bcf4b567890e1 eipassoc-01d2345f678903fb1 eipalloc-0e1db23cfef5c45c7 37.215.222.270
```
**示例 8:此示例获取与值为“Prod”的标签键“Category”匹配的 EC2 IP 地址列表**
```
Get-EC2Address -Filter @{Name="tag:Category";Values="Prod"}
```
**输出**:
```
AllocationId : eipalloc-0123f456f81a01b58
AssociationId : eipassoc-0d1b23a456d103810
CustomerOwnedIp :
CustomerOwnedIpv4Pool :
Domain : vpc
InstanceId : i-012e3cb4df567e1aa
NetworkBorderGroup : eu-west-1
NetworkInterfaceId : eni-0123f41d5a60d5f40
NetworkInterfaceOwnerId : 123456789012
PrivateIpAddress : 192.168.1.84
PublicIp : 34.250.81.29
PublicIpv4Pool : amazon
Tags : {Category, Name}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeAddresses](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述 EC2-Classic 中实例的指定弹性 IP 地址。**
```
Get-EC2Address -AllocationId eipalloc-12345678
```
**输出**:
```
AllocationId : eipalloc-12345678
AssociationId : eipassoc-12345678
Domain : vpc
InstanceId : i-87654321
NetworkInterfaceId : eni-12345678
NetworkInterfaceOwnerId : 12345678
PrivateIpAddress : 10.0.2.172
PublicIp : 198.51.100.2
```
**示例 2:此示例描述 VPC 中实例的弹性 IP 地址。此语法需要 PowerShell 版本 3 或更高版本。**
```
Get-EC2Address -Filter @{ Name="domain";Values="vpc" }
```
**示例 3:此示例描述 EC2-Classic 中实例的指定弹性 IP 地址。**
```
Get-EC2Address -PublicIp 203.0.113.17
```
**输出**:
```
AllocationId :
AssociationId :
Domain : standard
InstanceId : i-12345678
NetworkInterfaceId :
NetworkInterfaceOwnerId :
PrivateIpAddress :
PublicIp : 203.0.113.17
```
**示例 4:此示例描述 EC2-Classic 中实例的弹性 IP 地址。此语法需要 PowerShell 版本 3 或更高版本。**
```
Get-EC2Address -Filter @{ Name="domain";Values="standard" }
```
**示例 5:此示例描述所有弹性 IP 地址。**
```
Get-EC2Address
```
**示例 6:此示例返回筛选条件中提供的实例 ID 的公有和私有 IP**
```
Get-EC2Address -Region eu-west-1 -Filter @{Name="instance-id";Values="i-0c12d3f4f567ffb89"} | Select-Object PrivateIpAddress, PublicIp
```
**输出**:
```
PrivateIpAddress PublicIp
---------------- --------
10.0.0.99 63.36.5.227
```
**示例 7:此示例检索所有 Elast IPs ic 及其分配 ID、关联 ID 和实例 ID**
```
Get-EC2Address -Region eu-west-1 | Select-Object InstanceId, AssociationId, AllocationId, PublicIp
```
**输出**:
```
InstanceId AssociationId AllocationId PublicIp
---------- ------------- ------------ --------
eipalloc-012e3b456789e1fad 17.212.120.178
i-0c123dfd3415bac67 eipassoc-0e123456bb7890bdb eipalloc-01cd23ebf45f7890c 17.212.124.77
eipalloc-012345678eeabcfad 17.212.225.7
i-0123d405c67e89a0c eipassoc-0c123b456783966ba eipalloc-0123cdd456a8f7892 37.216.52.173
i-0f1bf2f34c5678d09 eipassoc-0e12934568a952d96 eipalloc-0e1c23e4d5e6789e4 37.218.222.278
i-012e3cb4df567e8aa eipassoc-0d1b2fa4d67d03810 eipalloc-0123f456f78a01b58 37.210.82.27
i-0123bcf4b567890e1 eipassoc-01d2345f678903fb1 eipalloc-0e1db23cfef5c45c7 37.215.222.270
```
**示例 8:此示例获取与值为“Prod”的标签键“Category”匹配的 EC2 IP 地址列表**
```
Get-EC2Address -Filter @{Name="tag:Category";Values="Prod"}
```
**输出**:
```
AllocationId : eipalloc-0123f456f81a01b58
AssociationId : eipassoc-0d1b23a456d103810
CustomerOwnedIp :
CustomerOwnedIpv4Pool :
Domain : vpc
InstanceId : i-012e3cb4df567e1aa
NetworkBorderGroup : eu-west-1
NetworkInterfaceId : eni-0123f41d5a60d5f40
NetworkInterfaceOwnerId : 123456789012
PrivateIpAddress : 192.168.1.84
PublicIp : 34.250.81.29
PublicIpv4Pool : amazon
Tags : {Category, Name}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeAddresses](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
oo_result = lo_ec2->describeaddresses( ). " oo_result is returned for testing purposes. "
DATA(lt_addresses) = oo_result->get_addresses( ).
MESSAGE 'Retrieved information about Elastic IP addresses.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DescribeAddresses](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `DescribeAvailabilityZones`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DescribeAvailabilityZones`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [构建和管理弹性服务](ec2_example_cross_ResilientService_section.md)
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
+ [中转网关入门](ec2_example_vpc_TransitGatewayGettingStarted_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Get a list of Availability Zones in the AWS Region of the Amazon EC2 Client.
///
/// A list of availability zones.
public async Task> DescribeAvailabilityZones()
{
try
{
var zoneResponse = await _amazonEc2.DescribeAvailabilityZonesAsync(
new DescribeAvailabilityZonesRequest());
return zoneResponse.AvailabilityZones.Select(z => z.ZoneName).ToList();
}
catch (AmazonEC2Exception ec2Exception)
{
_logger.LogError($"An Amazon EC2 error occurred while listing availability zones.: {ec2Exception.Message}");
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while listing availability zones.: {ex.Message}");
throw;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[DescribeAvailabilityZones](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeAvailabilityZones)*中的。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! DescribeAvailabilityZones
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
int AwsDoc::EC2::describeAvailabilityZones(const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeAvailabilityZonesRequest request;
Aws::EC2::Model::DescribeAvailabilityZonesOutcome outcome = ec2Client.DescribeAvailabilityZones(request);
if (outcome.IsSuccess()) {
std::cout << std::left <<
std::setw(32) << "ZoneName" <<
std::setw(20) << "State" <<
std::setw(32) << "Region" << std::endl;
const auto &zones =
outcome.GetResult().GetAvailabilityZones();
for (const auto &zone: zones) {
Aws::String stateString =
Aws::EC2::Model::AvailabilityZoneStateMapper::GetNameForAvailabilityZoneState(
zone.GetState());
std::cout << std::left <<
std::setw(32) << zone.GetZoneName() <<
std::setw(20) << stateString <<
std::setw(32) << zone.GetRegionName() << std::endl;
}
} else {
std::cerr << "Failed to describe availability zones:" <<
outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[DescribeAvailabilityZones](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeAvailabilityZones)*中的。
------
#### [ CLI ]
**AWS CLI**
**描述可用区**
以下示例 `describe-availability-zones` 显示了可供您使用的可用区详细信息。响应仅包括当前区域的可用区。在本示例中,将使用配置文件默认的 `us-west-2`(俄勒冈州)区域。
```
aws ec2 describe-availability-zones
```
输出:
```
{
"AvailabilityZones": [
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2a",
"ZoneId": "usw2-az1",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2b",
"ZoneId": "usw2-az2",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2c",
"ZoneId": "usw2-az3",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2d",
"ZoneId": "usw2-az4",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opted-in",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2-lax-1a",
"ZoneId": "usw2-lax1-az1",
"GroupName": "us-west-2-lax-1",
"NetworkBorderGroup": "us-west-2-lax-1"
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeAvailabilityZones](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-availability-zones.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述当前区域可供您使用的可用区。**
```
Get-EC2AvailabilityZone
```
**输出**:
```
Messages RegionName State ZoneName
-------- ---------- ----- --------
{} us-west-2 available us-west-2a
{} us-west-2 available us-west-2b
{} us-west-2 available us-west-2c
```
**示例 2:此示例描述所有处于受损状态的可用区。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
Get-EC2AvailabilityZone -Filter @{ Name="state";Values="impaired" }
```
**示例 3:在 PowerShell 版本 2 中,必须使用 New-Object 来创建过滤器。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = "impaired"
Get-EC2AvailabilityZone -Filter $filter
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeAvailabilityZones](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述当前区域可供您使用的可用区。**
```
Get-EC2AvailabilityZone
```
**输出**:
```
Messages RegionName State ZoneName
-------- ---------- ----- --------
{} us-west-2 available us-west-2a
{} us-west-2 available us-west-2b
{} us-west-2 available us-west-2c
```
**示例 2:此示例描述所有处于受损状态的可用区。此示例使用的语法需要 PowerShell 版本 3 或更高版本。**
```
Get-EC2AvailabilityZone -Filter @{ Name="state";Values="impaired" }
```
**示例 3:在 PowerShell 版本 2 中,必须使用 New-Object 来创建过滤器。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = "impaired"
Get-EC2AvailabilityZone -Filter $filter
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeAvailabilityZones](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def get_availability_zones(self) -> List[str]:
"""
Gets a list of Availability Zones in the AWS Region of the Amazon EC2 client.
:return: The list of Availability Zones for the client Region.
"""
try:
response = self.ec2_client.describe_availability_zones()
zones = [zone["ZoneName"] for zone in response["AvailabilityZones"]]
log.info(f"Retrieved {len(zones)} availability zones: {zones}.")
except ClientError as err:
log.error("Failed to retrieve availability zones.")
log.error(f"Full error:\n\t{err}")
else:
return zones
```
+ 有关 API 的详细信息,请参阅适用[DescribeAvailabilityZones](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeAvailabilityZones)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
oo_result = lo_ec2->describeavailabilityzones( ). " oo_result is returned for testing purposes. "
DATA(lt_zones) = oo_result->get_availabilityzones( ).
MESSAGE 'Retrieved information about Availability Zones.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DescribeAvailabilityZones](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# 将 `DescribeBundleTasks` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeBundleTasks`。
------
#### [ CLI ]
**AWS CLI**
**描述您的捆绑任务**
此示例描述了您的所有捆绑任务。
命令:
```
aws ec2 describe-bundle-tasks
```
输出:
```
{
"BundleTasks": [
{
"UpdateTime": "2015-09-15T13:26:54.000Z",
"InstanceId": "i-1234567890abcdef0",
"Storage": {
"S3": {
"Prefix": "winami",
"Bucket": "bundletasks"
}
},
"State": "bundling",
"StartTime": "2015-09-15T13:24:35.000Z",
"Progress": "3%",
"BundleId": "bun-2a4e041c"
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeBundleTasks](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-bundle-tasks.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定的捆绑包任务。**
```
Get-EC2BundleTask -BundleId bun-12345678
```
**示例 2:此示例描述状态为“完成”或“失败”的捆绑包任务。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "complete", "failed" )
Get-EC2BundleTask -Filter $filter
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeBundleTasks](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定的捆绑包任务。**
```
Get-EC2BundleTask -BundleId bun-12345678
```
**示例 2:此示例描述状态为“完成”或“失败”的捆绑包任务。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "complete", "failed" )
Get-EC2BundleTask -Filter $filter
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeBundleTasks](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeCapacityReservations` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeCapacityReservations`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:描述一个或多个容量预留**
以下`describe-capacity-reservations`示例显示了有关您在当前 AWS 地区的所有容量预留的详细信息。
```
aws ec2 describe-capacity-reservations
```
输出:
```
{
"CapacityReservations": [
{
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"OwnerId": "123456789111",
"CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-1234abcd56EXAMPLE",
"AvailabilityZoneId": "use1-az2",
"InstanceType": "c5.large",
"InstancePlatform": "Linux/UNIX",
"AvailabilityZone": "us-east-1a",
"Tenancy": "default",
"TotalInstanceCount": 1,
"AvailableInstanceCount": 1,
"EbsOptimized": true,
"EphemeralStorage": false,
"State": "active",
"StartDate": "2024-10-23T15:00:24+00:00",
"EndDateType": "unlimited",
"InstanceMatchCriteria": "open",
"CreateDate": "2024-10-23T15:00:24+00:00",
"Tags": [],
"CapacityAllocations": []
},
{
"CapacityReservationId": "cr-abcdEXAMPLE9876ef ",
"OwnerId": "123456789111",
"CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-abcdEXAMPLE9876ef",
"AvailabilityZoneId": "use1-az2",
"InstanceType": "c4.large",
"InstancePlatform": "Linux/UNIX",
"AvailabilityZone": "us-east-1a",
"Tenancy": "default",
"TotalInstanceCount": 1,
"AvailableInstanceCount": 1,
"EbsOptimized": true,
"EphemeralStorage": false,
"State": "cancelled",
"StartDate": "2024-10-23T15:01:03+00:00",
"EndDateType": "unlimited",
"InstanceMatchCriteria": "open",
"CreateDate": "2024-10-23T15:01:02+00:00",
"Tags": [],
"CapacityAllocations": []
}
]
}
```
**示例 2:描述一个或多个容量预留**
以下 `describe-capacity-reservations` 示例显示有关指定容量预留的详细信息。
```
aws ec2 describe-capacity-reservations \
--capacity-reservation-ids cr-1234abcd56EXAMPLE
```
输出:
```
{
"CapacityReservations": [
{
"CapacityReservationId": "cr-abcdEXAMPLE9876ef ",
"OwnerId": "123456789111",
"CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-abcdEXAMPLE9876ef",
"AvailabilityZoneId": "use1-az2",
"InstanceType": "c4.large",
"InstancePlatform": "Linux/UNIX",
"AvailabilityZone": "us-east-1a",
"Tenancy": "default",
"TotalInstanceCount": 1,
"AvailableInstanceCount": 1,
"EbsOptimized": true,
"EphemeralStorage": false,
"State": "active",
"StartDate": "2024-10-23T15:01:03+00:00",
"EndDateType": "unlimited",
"InstanceMatchCriteria": "open",
"CreateDate": "2024-10-23T15:01:02+00:00",
"Tags": [],
"CapacityAllocations": []
}
]
}
```
有关更多信息,请参阅《适用于 Linux 实例的 Amazon Elastic Compute Cloud 用户指南》**中的[查看容量预留](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html#capacity-reservations-view)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeCapacityReservations](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-capacity-reservations.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述该区域的一个或多个容量预留**
```
Get-EC2CapacityReservation -Region eu-west-1
```
**输出**:
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeCapacityReservations](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述该区域的一个或多个容量预留**
```
Get-EC2CapacityReservation -Region eu-west-1
```
**输出**:
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeCapacityReservations](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeCustomerGateways` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeCustomerGateways`。
------
#### [ CLI ]
**AWS CLI**
**描述客户网关**
此示例描述客户网关。
命令:
```
aws ec2 describe-customer-gateways
```
输出:
```
{
"CustomerGateways": [
{
"CustomerGatewayId": "cgw-b4dc3961",
"IpAddress": "203.0.113.12",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65000"
},
{
"CustomerGatewayId": "cgw-0e11f167",
"IpAddress": "12.1.2.3",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65534"
}
]
}
```
**描述特定的客户网关**
此示例描述指定的客户网关。
命令:
```
aws ec2 describe-customer-gateways --customer-gateway-ids cgw-0e11f167
```
输出:
```
{
"CustomerGateways": [
{
"CustomerGatewayId": "cgw-0e11f167",
"IpAddress": "12.1.2.3",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65534"
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeCustomerGateways](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-customer-gateways.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定的客户网关。**
```
Get-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**输出**:
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
**示例 2:此示例描述状态为待定或可用的所有客户网关。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "pending", "available" )
Get-EC2CustomerGateway -Filter $filter
```
**示例 3:此示例描述所有客户网关。**
```
Get-EC2CustomerGateway
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeCustomerGateways](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定的客户网关。**
```
Get-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**输出**:
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
**示例 2:此示例描述状态为待定或可用的所有客户网关。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "pending", "available" )
Get-EC2CustomerGateway -Filter $filter
```
**示例 3:此示例描述所有客户网关。**
```
Get-EC2CustomerGateway
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeCustomerGateways](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeDhcpOptions` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeDhcpOptions`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:描述 DHCP 选项**
以下 `describe-dhcp-options` 示例检索有关 DHCP 选项的详细信息。
```
aws ec2 describe-dhcp-options
```
输出:
```
{
"DhcpOptions": [
{
"DhcpConfigurations": [
{
"Key": "domain-name",
"Values": [
{
"Value": "us-east-2.compute.internal"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "AmazonProvidedDNS"
}
]
}
],
"DhcpOptionsId": "dopt-19edf471",
"OwnerId": "111122223333"
},
{
"DhcpConfigurations": [
{
"Key": "domain-name",
"Values": [
{
"Value": "us-east-2.compute.internal"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "AmazonProvidedDNS"
}
]
}
],
"DhcpOptionsId": "dopt-fEXAMPLE",
"OwnerId": "111122223333"
}
]
}
```
有关更多信息,请参阅《AWS VPC 用户指南》**中的[使用 DHCP 选项集](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html#DHCPOptionSet)。
**示例 2:描述 DHCP 选项并筛选输出**
以下 `describe-dhcp-options` 示例描述了 DHCP 选项,并使用筛选条件仅返回域名服务器具有 `example.com` 的 DHCP 选项。该示例使用 `--query` 参数在输出中仅显示配置信息和 ID。
```
aws ec2 describe-dhcp-options \
--filters Name=key,Values=domain-name-servers Name=value,Values=example.com \
--query "DhcpOptions[*].[DhcpConfigurations,DhcpOptionsId]"
```
输出:
```
[
[
[
{
"Key": "domain-name",
"Values": [
{
"Value": "example.com"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "172.16.16.16"
}
]
}
],
"dopt-001122334455667ab"
]
]
```
有关更多信息,请参阅《AWS VPC 用户指南》**中的[使用 DHCP 选项集](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html#DHCPOptionSet)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-dhcp-options.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例列出 DHCP 选项集。**
```
Get-EC2DhcpOption
```
**输出**:
```
DhcpConfigurations DhcpOptionsId Tag
------------------ ------------- ---
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
{domain-name-servers} dopt-3a4b5c6d {}
```
**示例 2:此示例获取指定 DHCP 选项集的配置详细信息。**
```
(Get-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d).DhcpConfigurations
```
**输出**:
```
Key Values
--- ------
domain-name {abc.local}
domain-name-servers {10.0.0.101, 10.0.0.102}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例列出 DHCP 选项集。**
```
Get-EC2DhcpOption
```
**输出**:
```
DhcpConfigurations DhcpOptionsId Tag
------------------ ------------- ---
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
{domain-name-servers} dopt-3a4b5c6d {}
```
**示例 2:此示例获取指定 DHCP 选项集的配置详细信息。**
```
(Get-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d).DhcpConfigurations
```
**输出**:
```
Key Values
--- ------
domain-name {abc.local}
domain-name-servers {10.0.0.101, 10.0.0.102}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeFlowLogs` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeFlowLogs`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:描述所有流日志**
以下 `describe-flow-logs` 示例显示了所有流日志的详细信息。
```
aws ec2 describe-flow-logs
```
输出:
```
{
"FlowLogs": [
{
"CreationTime": "2018-02-21T13:22:12.644Z",
"DeliverLogsPermissionArn": "arn:aws:iam::123456789012:role/flow-logs-role",
"DeliverLogsStatus": "SUCCESS",
"FlowLogId": "fl-aabbccdd112233445",
"MaxAggregationInterval": 600,
"FlowLogStatus": "ACTIVE",
"LogGroupName": "FlowLogGroup",
"ResourceId": "subnet-12345678901234567",
"TrafficType": "ALL",
"LogDestinationType": "cloud-watch-logs",
"LogFormat": "${version} ${account-id} ${interface-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${packets} ${bytes} ${start} ${end} ${action} ${log-status}"
},
{
"CreationTime": "2020-02-04T15:22:29.986Z",
"DeliverLogsStatus": "SUCCESS",
"FlowLogId": "fl-01234567890123456",
"MaxAggregationInterval": 60,
"FlowLogStatus": "ACTIVE",
"ResourceId": "vpc-00112233445566778",
"TrafficType": "ACCEPT",
"LogDestinationType": "s3",
"LogDestination": "arn:aws:s3:::my-flow-log-bucket/custom",
"LogFormat": "${version} ${vpc-id} ${subnet-id} ${instance-id} ${interface-id} ${account-id} ${type} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${pkt-srcaddr} ${pkt-dstaddr} ${protocol} ${bytes} ${packets} ${start} ${end} ${action} ${tcp-flags} ${log-status}"
}
]
}
```
**示例 2:描述流日志的子集**
以下`describe-flow-logs`示例使用筛选器仅显示 Amazon CloudWatch Logs 中指定日志组中的流日志的详细信息。
```
aws ec2 describe-flow-logs \
--filter "Name=log-group-name,Values=MyFlowLogs"
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeFlowLogs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-flow-logs.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述日志目标类型为“s3”的一个或多个流日志**
```
Get-EC2FlowLog -Filter @{Name="log-destination-type";Values="s3"}
```
**输出**:
```
CreationTime : 2/25/2019 9:07:36 PM
DeliverLogsErrorMessage :
DeliverLogsPermissionArn :
DeliverLogsStatus : SUCCESS
FlowLogId : fl-01b2e3d45f67f8901
FlowLogStatus : ACTIVE
LogDestination : arn:aws:s3:::amzn-s3-demo-bucket-dd-tata
LogDestinationType : s3
LogGroupName :
ResourceId : eni-01d2dda3456b7e890
TrafficType : ALL
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeFlowLogs](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述日志目标类型为“s3”的一个或多个流日志**
```
Get-EC2FlowLog -Filter @{Name="log-destination-type";Values="s3"}
```
**输出**:
```
CreationTime : 2/25/2019 9:07:36 PM
DeliverLogsErrorMessage :
DeliverLogsPermissionArn :
DeliverLogsStatus : SUCCESS
FlowLogId : fl-01b2e3d45f67f8901
FlowLogStatus : ACTIVE
LogDestination : arn:aws:s3:::amzn-s3-demo-bucket-dd-tata
LogDestinationType : s3
LogGroupName :
ResourceId : eni-01d2dda3456b7e890
TrafficType : ALL
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeHostReservationOfferings` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeHostReservationOfferings`。
------
#### [ CLI ]
**AWS CLI**
**描述专属主机预留产品**
此示例描述了可供购买的 M4 实例系列的专属主机预留。
命令:
```
aws ec2 describe-host-reservation-offerings --filter Name=instance-family,Values=m4
```
输出:
```
{
"OfferingSet": [
{
"HourlyPrice": "1.499",
"OfferingId": "hro-03f707bf363b6b324",
"InstanceFamily": "m4",
"PaymentOption": "NoUpfront",
"UpfrontPrice": "0.000",
"Duration": 31536000
},
{
"HourlyPrice": "1.045",
"OfferingId": "hro-0ef9181cabdef7a02",
"InstanceFamily": "m4",
"PaymentOption": "NoUpfront",
"UpfrontPrice": "0.000",
"Duration": 94608000
},
{
"HourlyPrice": "0.714",
"OfferingId": "hro-04567a15500b92a51",
"InstanceFamily": "m4",
"PaymentOption": "PartialUpfront",
"UpfrontPrice": "6254.000",
"Duration": 31536000
},
{
"HourlyPrice": "0.484",
"OfferingId": "hro-0d5d7a9d23ed7fbfe",
"InstanceFamily": "m4",
"PaymentOption": "PartialUpfront",
"UpfrontPrice": "12720.000",
"Duration": 94608000
},
{
"HourlyPrice": "0.000",
"OfferingId": "hro-05da4108ca998c2e5",
"InstanceFamily": "m4",
"PaymentOption": "AllUpfront",
"UpfrontPrice": "23913.000",
"Duration": 94608000
},
{
"HourlyPrice": "0.000",
"OfferingId": "hro-0a9f9be3b95a3dc8f",
"InstanceFamily": "m4",
"PaymentOption": "AllUpfront",
"UpfrontPrice": "12257.000",
"Duration": 31536000
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeHostReservationOfferings](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-host-reservation-offerings.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述了可为给定过滤器 “实例系列” 购买的专用主机预留 PaymentOption ,其中 “” NoUpfront**
```
Get-EC2HostReservationOffering -Filter @{Name="instance-family";Values="m4"} | Where-Object PaymentOption -eq NoUpfront
```
**输出**:
```
CurrencyCode :
Duration : 94608000
HourlyPrice : 1.307
InstanceFamily : m4
OfferingId : hro-0c1f234567890d9ab
PaymentOption : NoUpfront
UpfrontPrice : 0.000
CurrencyCode :
Duration : 31536000
HourlyPrice : 1.830
InstanceFamily : m4
OfferingId : hro-04ad12aaaf34b5a67
PaymentOption : NoUpfront
UpfrontPrice : 0.000
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeHostReservationOfferings](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述了可为给定过滤器 “实例系列” 购买的专用主机预留 PaymentOption ,其中 “” NoUpfront**
```
Get-EC2HostReservationOffering -Filter @{Name="instance-family";Values="m4"} | Where-Object PaymentOption -eq NoUpfront
```
**输出**:
```
CurrencyCode :
Duration : 94608000
HourlyPrice : 1.307
InstanceFamily : m4
OfferingId : hro-0c1f234567890d9ab
PaymentOption : NoUpfront
UpfrontPrice : 0.000
CurrencyCode :
Duration : 31536000
HourlyPrice : 1.830
InstanceFamily : m4
OfferingId : hro-04ad12aaaf34b5a67
PaymentOption : NoUpfront
UpfrontPrice : 0.000
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeHostReservationOfferings](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeHosts` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeHosts`。
------
#### [ CLI ]
**AWS CLI**
**查看有关专属主机的详细信息**
以下`describe-hosts`示例显示了您 AWS 账户中`available`专用主机的详细信息。
```
aws ec2 describe-hosts --filter "Name=state,Values=available"
```
输出:
```
{
"Hosts": [
{
"HostId": "h-07879acf49EXAMPLE",
"Tags": [
{
"Value": "production",
"Key": "purpose"
}
],
"HostProperties": {
"Cores": 48,
"TotalVCpus": 96,
"InstanceType": "m5.large",
"Sockets": 2
},
"Instances": [],
"State": "available",
"AvailabilityZone": "eu-west-1a",
"AvailableCapacity": {
"AvailableInstanceCapacity": [
{
"AvailableCapacity": 48,
"InstanceType": "m5.large",
"TotalCapacity": 48
}
],
"AvailableVCpus": 96
},
"HostRecovery": "on",
"AllocationTime": "2019-08-19T08:57:44.000Z",
"AutoPlacement": "off"
}
]
}
```
有关更多信息,请参阅《适用于 Linux 实例的 Amazon Elastic Compute Cloud 用户指南》**中的[查看专属主机](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-managing)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeHosts](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-hosts.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例返回 EC2 主机详细信息**
```
Get-EC2Host
```
**输出**:
```
AllocationTime : 3/23/2019 4:55:22 PM
AutoPlacement : off
AvailabilityZone : eu-west-1b
AvailableCapacity : Amazon.EC2.Model.AvailableCapacity
ClientToken :
HostId : h-01e23f4cd567890f1
HostProperties : Amazon.EC2.Model.HostProperties
HostReservationId :
Instances : {}
ReleaseTime : 1/1/0001 12:00:00 AM
State : available
Tags : {}
```
**示例 2:此示例查询主机 h-01e23f4cd AvailableInstanceCapacity 567899f1 的主机**
```
Get-EC2Host -HostId h-01e23f4cd567899f1 | Select-Object -ExpandProperty AvailableCapacity | Select-Object -expand AvailableInstanceCapacity
```
**输出**:
```
AvailableCapacity InstanceType TotalCapacity
----------------- ------------ -------------
11 m4.xlarge 11
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeHosts](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例返回 EC2 主机详细信息**
```
Get-EC2Host
```
**输出**:
```
AllocationTime : 3/23/2019 4:55:22 PM
AutoPlacement : off
AvailabilityZone : eu-west-1b
AvailableCapacity : Amazon.EC2.Model.AvailableCapacity
ClientToken :
HostId : h-01e23f4cd567890f1
HostProperties : Amazon.EC2.Model.HostProperties
HostReservationId :
Instances : {}
ReleaseTime : 1/1/0001 12:00:00 AM
State : available
Tags : {}
```
**示例 2:此示例查询主机 h-01e23f4cd AvailableInstanceCapacity 567899f1 的主机**
```
Get-EC2Host -HostId h-01e23f4cd567899f1 | Select-Object -ExpandProperty AvailableCapacity | Select-Object -expand AvailableInstanceCapacity
```
**输出**:
```
AvailableCapacity InstanceType TotalCapacity
----------------- ------------ -------------
11 m4.xlarge 11
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeHosts](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `DescribeIamInstanceProfileAssociations`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DescribeIamInstanceProfileAssociations`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [构建和管理弹性服务](ec2_example_cross_ResilientService_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Get the instance profile association data for an instance.
///
/// The Id of the instance.
/// Instance profile associations data.
public async Task GetInstanceProfile(string instanceId)
{
try
{
var response = await _amazonEc2.DescribeIamInstanceProfileAssociationsAsync(
new DescribeIamInstanceProfileAssociationsRequest()
{
Filters = new List()
{
new("instance-id", new List() { instanceId })
},
});
return response.IamInstanceProfileAssociations[0];
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidInstanceID.NotFound")
{
_logger.LogError(ec2Exception, $"Instance {instanceId} not found");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(ex, $"An error occurred while creating the template.: {ex.Message}");
throw;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[DescribeIamInstanceProfileAssociations](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeIamInstanceProfileAssociations)*中的。
------
#### [ CLI ]
**AWS CLI**
**描述 IAM 实例配置文件关联**
本示例描述了所有 IAM 实例配置文件关联。
命令:
```
aws ec2 describe-iam-instance-profile-associations
```
输出:
```
{
"IamInstanceProfileAssociations": [
{
"InstanceId": "i-09eb09efa73ec1dee",
"State": "associated",
"AssociationId": "iip-assoc-0db249b1f25fa24b8",
"IamInstanceProfile": {
"Id": "AIPAJVQN4F5WVLGCJDRGM",
"Arn": "arn:aws:iam::123456789012:instance-profile/admin-role"
}
},
{
"InstanceId": "i-0402909a2f4dffd14",
"State": "associating",
"AssociationId": "iip-assoc-0d1ec06278d29f44a",
"IamInstanceProfile": {
"Id": "AGJAJVQN4F5WVLGCJABCM",
"Arn": "arn:aws:iam::123456789012:instance-profile/user1-role"
}
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeIamInstanceProfileAssociations](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-iam-instance-profile-associations.html)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cross-services/wkflw-resilient-service#code-examples)中查找完整示例,了解如何进行设置和运行。
```
const ec2Client = new EC2Client({});
const { IamInstanceProfileAssociations } = await ec2Client.send(
new DescribeIamInstanceProfileAssociationsCommand({
Filters: [
{ Name: "instance-id", Values: [state.targetInstance.InstanceId] },
],
}),
);
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[DescribeIamInstanceProfileAssociations](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeIamInstanceProfileAssociationsCommand)*中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def get_instance_profile(self, instance_id: str) -> Dict[str, Any]:
"""
Gets data about the profile associated with an instance.
:param instance_id: The ID of the instance to look up.
:return: The profile data.
"""
try:
response = self.ec2_client.describe_iam_instance_profile_associations(
Filters=[{"Name": "instance-id", "Values": [instance_id]}]
)
if not response["IamInstanceProfileAssociations"]:
log.info(f"No instance profile found for instance {instance_id}.")
profile_data = response["IamInstanceProfileAssociations"][0]
log.info(f"Retrieved instance profile for instance {instance_id}.")
return profile_data
except ClientError as err:
log.error(
f"Failed to retrieve instance profile for instance {instance_id}."
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
log.error(f"The instance ID '{instance_id}' does not exist.")
log.error(f"Full error:\n\t{err}")
```
+ 有关 API 的详细信息,请参阅适用[DescribeIamInstanceProfileAssociations](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeIamInstanceProfileAssociations)于 *Python 的AWS SDK (Boto3) API 参考*。
------
# 将 `DescribeIdFormat` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeIdFormat`。
------
#### [ CLI ]
**AWS CLI**
**示例 1:描述资源的 ID 格式**
以下 `describe-id-format` 示例描述了安全组的 ID 格式。
```
aws ec2 describe-id-format \
--resource security-group
```
在以下示例输出中,`Deadline` 值表示此资源类型从短 ID 格式永久切换到长 ID 格式的截止时间已于 2018 年 8 月 15 日 00:00 UTC 到期。
```
{
"Statuses": [
{
"Deadline": "2018-08-15T00:00:00.000Z",
"Resource": "security-group",
"UseLongIds": true
}
]
}
```
**示例 2:描述所有资源的 ID 格式**
以下 `describe-id-format` 示例描述了所有资源类型的 ID 格式。所有曾支持短 ID 格式的资源类型均已切换为使用长 ID 格式。
```
aws ec2 describe-id-format
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeIdFormat](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-id-format.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定资源类型的 ID 格式。**
```
Get-EC2IdFormat -Resource instance
```
**输出**:
```
Resource UseLongIds
-------- ----------
instance False
```
**示例 2:此示例描述了所有支持更长时间的资源类型的 ID 格式 IDs。**
```
Get-EC2IdFormat
```
**输出**:
```
Resource UseLongIds
-------- ----------
reservation False
instance False
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeIdFormat](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定资源类型的 ID 格式。**
```
Get-EC2IdFormat -Resource instance
```
**输出**:
```
Resource UseLongIds
-------- ----------
instance False
```
**示例 2:此示例描述了所有支持更长时间的资源类型的 ID 格式 IDs。**
```
Get-EC2IdFormat
```
**输出**:
```
Resource UseLongIds
-------- ----------
reservation False
instance False
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeIdFormat](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeIdentityIdFormat` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeIdentityIdFormat`。
------
#### [ CLI ]
**AWS CLI**
**描述 IAM 角色的 ID 格式**
以下`describe-identity-id-format`示例描述了您的 AWS 账户中的 IAM 角色`EC2Role`创建的实例所接收的 ID 格式。
```
aws ec2 describe-identity-id-format \
--principal-arn arn:aws:iam::123456789012:role/my-iam-role \
--resource instance
```
以下输出表明此角色创建的实例 IDs 以长 ID 格式接收。
```
{
"Statuses": [
{
"Deadline": "2016-12-15T00:00:00Z",
"Resource": "instance",
"UseLongIds": true
}
]
}
```
**描述 IAM 用户的 ID 格式**
以下`describe-identity-id-format`示例描述了 IAM 用户`AdminUser`在您的 AWS 账户中创建的快照所接收的 ID 格式。
```
aws ec2 describe-identity-id-format \
--principal-arn arn:aws:iam::123456789012:user/AdminUser \
--resource snapshot
```
输出表明此用户创建的快照 IDs 以长 ID 格式接收。
```
{
"Statuses": [
{
"Deadline": "2016-12-15T00:00:00Z",
"Resource": "snapshot",
"UseLongIds": true
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeIdentityIdFormat](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-identity-id-format.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例返回给定角色的资源“image”的 ID 格式**
```
Get-EC2IdentityIdFormat -PrincipalArn arn:aws:iam::123456789511:role/JDBC -Resource image
```
**输出**:
```
Deadline Resource UseLongIds
-------- -------- ----------
8/2/2018 11:30:00 PM image True
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeIdentityIdFormat](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例返回给定角色的资源“image”的 ID 格式**
```
Get-EC2IdentityIdFormat -PrincipalArn arn:aws:iam::123456789511:role/JDBC -Resource image
```
**输出**:
```
Deadline Resource UseLongIds
-------- -------- ----------
8/2/2018 11:30:00 PM image True
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeIdentityIdFormat](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeImageAttribute` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeImageAttribute`。
------
#### [ CLI ]
**AWS CLI**
**描述 AMI 的启动权限**
此示例描述了指定 AMI 的启动权限。
命令:
```
aws ec2 describe-image-attribute --image-id ami-5731123e --attribute launchPermission
```
输出:
```
{
"LaunchPermissions": [
{
"UserId": "123456789012"
}
],
"ImageId": "ami-5731123e",
}
```
**描述 AMI 的产品代码**
此示例描述了指定 AMI 的产品代码。请注意,此 AMI 没有产品代码。
命令:
```
aws ec2 describe-image-attribute --image-id ami-5731123e --attribute productCodes
```
输出:
```
{
"ProductCodes": [],
"ImageId": "ami-5731123e",
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeImageAttribute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-image-attribute.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例获取指定 AMI 的描述。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute description
```
**输出**:
```
BlockDeviceMappings : {}
Description : My image description
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**示例 2:此示例描述指定 AMI 的启动权限。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute launchPermission
```
**输出**:
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {all}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**示例 3:此示例测试是否启用增强联网。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute sriovNetSupport
```
**输出**:
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport : simple
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeImageAttribute](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例获取指定 AMI 的描述。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute description
```
**输出**:
```
BlockDeviceMappings : {}
Description : My image description
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**示例 2:此示例描述指定 AMI 的启动权限。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute launchPermission
```
**输出**:
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {all}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**示例 3:此示例测试是否启用增强联网。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute sriovNetSupport
```
**输出**:
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport : simple
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeImageAttribute](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `DescribeImages`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DescribeImages`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
+ [创建具有私有子网和 NAT 网关的 VPC](ec2_example_vpc_GettingStartedPrivate_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# function ec2_describe_images
#
# This function describes one or more Amazon Elastic Compute Cloud (Amazon EC2) images.
#
# Parameters:
# -i image_ids - A space-separated list of image IDs (optional).
# -h - Display help.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_describe_images() {
local image_ids response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_describe_images"
echo "Describes one or more Amazon Elastic Compute Cloud (Amazon EC2) images."
echo " -i image_ids - A space-separated list of image IDs (optional)."
echo " -h - Display help."
echo ""
}
# Retrieve the calling parameters.
while getopts "i:h" option; do
case "${option}" in
i) image_ids="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
local aws_cli_args=()
if [[ -n "$image_ids" ]]; then
# shellcheck disable=SC2206
aws_cli_args+=("--image-ids" $image_ids)
fi
response=$(aws ec2 describe-images \
"${aws_cli_args[@]}" \
--query 'Images[*].[Description,Architecture,ImageId]' \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports describe-images operation failed.$response"
return 1
}
echo "$response"
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeImages](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeImages)*中的。
------
#### [ CLI ]
**AWS CLI**
**示例 1:描述 AMI**
以下 `describe-images` 示例描述了指定区域中的指定 AMI。
```
aws ec2 describe-images \
--region us-east-1 \
--image-ids ami-1234567890EXAMPLE
```
输出:
```
{
"Images": [
{
"VirtualizationType": "hvm",
"Description": "Provided by Red Hat, Inc.",
"PlatformDetails": "Red Hat Enterprise Linux",
"EnaSupport": true,
"Hypervisor": "xen",
"State": "available",
"SriovNetSupport": "simple",
"ImageId": "ami-1234567890EXAMPLE",
"UsageOperation": "RunInstances:0010",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sda1",
"Ebs": {
"SnapshotId": "snap-111222333444aaabb",
"DeleteOnTermination": true,
"VolumeType": "gp2",
"VolumeSize": 10,
"Encrypted": false
}
}
],
"Architecture": "x86_64",
"ImageLocation": "123456789012/RHEL-8.0.0_HVM-20190618-x86_64-1-Hourly2-GP2",
"RootDeviceType": "ebs",
"OwnerId": "123456789012",
"RootDeviceName": "/dev/sda1",
"CreationDate": "2019-05-10T13:17:12.000Z",
"Public": true,
"ImageType": "machine",
"Name": "RHEL-8.0.0_HVM-20190618-x86_64-1-Hourly2-GP2"
}
]
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[亚马逊机器映像(AMI)](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html)。
**示例 2: AMIs 根据过滤器进行描述**
以下`describe-images`示例描述了由亚马逊 AMIs 提供的、由亚马逊 EBS 提供支持的 Windows。
```
aws ec2 describe-images \
--owners amazon \
--filters "Name=platform,Values=windows" "Name=root-device-type,Values=ebs"
```
有关 `describe-images` 的输出示例,请参阅示例 1。
有关使用筛选器的其他示例,请参阅《Amazon EC2 用户指南》**中的[列出和筛选资源](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html#Filtering_Resources_CLI)。
**示例 3: AMIs 根据标签进行描述**
以下`describe-images`示例描述了所有带有 AMIs 该标签的内容`Type=Custom`。该示例使用`--query`参数仅显示 AMI IDs。
```
aws ec2 describe-images \
--filters "Name=tag:Type,Values=Custom" \
--query 'Images[*].[ImageId]' \
--output text
```
输出:
```
ami-1234567890EXAMPLE
ami-0abcdef1234567890
```
有关使用标签筛选器的更多示例,请参阅《Amazon EC2 用户指南》**中的[使用标签](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#Using_Tags_CLI)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeImages](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-images.html)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { EC2Client, paginateDescribeImages } from "@aws-sdk/client-ec2";
/**
* Describes the specified images (AMIs, AKIs, and ARIs) available to you or all of the images available to you.
* @param {{ architecture: string, pageSize: number }} options
*/
export const main = async ({ architecture, pageSize }) => {
pageSize = Number.parseInt(pageSize);
const client = new EC2Client({});
// The paginate function is a wrapper around the base command.
const paginator = paginateDescribeImages(
// Without limiting the page size, this call can take a long time. pageSize is just sugar for
// the MaxResults property in the base command.
{ client, pageSize },
{
// There are almost 70,000 images available. Be specific with your filtering
// to increase efficiency.
// See https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-ec2/interfaces/describeimagescommandinput.html#filters
Filters: [{ Name: "architecture", Values: [architecture] }],
},
);
/**
* @type {import('@aws-sdk/client-ec2').Image[]}
*/
const images = [];
let recordsScanned = 0;
try {
for await (const page of paginator) {
recordsScanned += pageSize;
if (page.Images.length) {
images.push(...page.Images);
break;
}
console.log(
`No matching image found yet. Searched ${recordsScanned} records.`,
);
}
if (images.length) {
console.log(
`Found ${images.length} images:\n\n${images.map((image) => image.Name).join("\n")}\n`,
);
} else {
console.log(
`No matching images found. Searched ${recordsScanned} records.\n`,
);
}
return images;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}`);
return [];
}
throw caught;
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[DescribeImages](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeImagesCommand)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定的 AMI。**
```
Get-EC2Image -ImageId ami-12345678
```
**输出**:
```
Architecture : x86_64
BlockDeviceMappings : {/dev/xvda}
CreationDate : 2014-10-20T00:56:28.000Z
Description : My image
Hypervisor : xen
ImageId : ami-12345678
ImageLocation : 123456789012/my-image
ImageOwnerAlias :
ImageType : machine
KernelId :
Name : my-image
OwnerId : 123456789012
Platform :
ProductCodes : {}
Public : False
RamdiskId :
RootDeviceName : /dev/xvda
RootDeviceType : ebs
SriovNetSupport : simple
State : available
StateReason :
Tags : {Name}
VirtualizationType : hvm
```
**示例 2:此示例描述 AMIs 了您拥有的。**
```
Get-EC2Image -owner self
```
**示例 3:此示例描述了运行微软 Windows Server 的公众 AMIs 。**
```
Get-EC2Image -Filter @{ Name="platform"; Values="windows" }
```
**示例 4:此示例描述了 “us-west-2” 区域的所有公众 AMIs 。**
```
Get-EC2Image -Region us-west-2
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeImages](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定的 AMI。**
```
Get-EC2Image -ImageId ami-12345678
```
**输出**:
```
Architecture : x86_64
BlockDeviceMappings : {/dev/xvda}
CreationDate : 2014-10-20T00:56:28.000Z
Description : My image
Hypervisor : xen
ImageId : ami-12345678
ImageLocation : 123456789012/my-image
ImageOwnerAlias :
ImageType : machine
KernelId :
Name : my-image
OwnerId : 123456789012
Platform :
ProductCodes : {}
Public : False
RamdiskId :
RootDeviceName : /dev/xvda
RootDeviceType : ebs
SriovNetSupport : simple
State : available
StateReason :
Tags : {Name}
VirtualizationType : hvm
```
**示例 2:此示例描述 AMIs 了您拥有的。**
```
Get-EC2Image -owner self
```
**示例 3:此示例描述了运行微软 Windows Server 的公众 AMIs 。**
```
Get-EC2Image -Filter @{ Name="platform"; Values="windows" }
```
**示例 4:此示例描述了 “us-west-2” 区域的所有公众 AMIs 。**
```
Get-EC2Image -Region us-west-2
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeImages](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def get_images(self, image_ids: List[str]) -> List[Dict[str, Any]]:
"""
Gets information about Amazon Machine Images (AMIs) from a list of AMI IDs.
:param image_ids: The list of AMI IDs to look up.
:return: A list of dictionaries representing the requested AMIs.
"""
try:
response = self.ec2_client.describe_images(ImageIds=image_ids)
images = response["Images"]
except ClientError as err:
logger.error(f"Failed to stop AMI(s): {','.join(map(str, image_ids))}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidAMIID.NotFound":
logger.error("One or more of the AMI IDs does not exist.")
raise
return images
```
+ 有关 API 的详细信息,请参阅适用[DescribeImages](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeImages)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
pub async fn list_images(&self, ids: Vec) -> Result, EC2Error> {
let image_ids = ids.into_iter().filter_map(|p| p.value).collect();
let output = self
.client
.describe_images()
.set_image_ids(Some(image_ids))
.send()
.await?;
let images = output.images.unwrap_or_default();
if images.is_empty() {
Err(EC2Error::new("No images for selected AMIs"))
} else {
Ok(images)
}
}
```
将 list\$1images 函数与 SSM 结合使用,以根据环境进行限制。有关 SSM 的更多详细信息,请参阅 https://docs.aws.amazon.com/systems-manager/ latest/userguide/example \$1ss GetParameters m\$1 \$1section.html。
```
async fn find_image(&mut self) -> Result {
let params: Vec = self
.ssm
.list_path("/aws/service/ami-amazon-linux-latest")
.await
.map_err(|e| e.add_message("Could not find parameters for available images"))?
.into_iter()
.filter(|param| param.name().is_some_and(|name| name.contains("amzn2")))
.collect();
let amzn2_images: Vec = self
.ec2
.list_images(params)
.await
.map_err(|e| e.add_message("Could not find images"))?
.into_iter()
.map(ScenarioImage::from)
.collect();
println!("We will now create an instance from an Amazon Linux 2 AMI");
let ami = self.util.select_scenario_image(amzn2_images)?;
Ok(ami)
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeImages](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_images)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
oo_result = lo_ec2->describeimages( it_imageids = it_image_ids ). " oo_result is returned for testing purposes. "
DATA(lt_images) = oo_result->get_images( ).
MESSAGE 'Retrieved information about Amazon Machine Images (AMIs).' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DescribeImages](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import AWSEC2
/// Return an array of `EC2ClientTypes.Image` objects describing all of
/// the images in the specified array.
///
/// - Parameter idList: A list of image ID strings indicating the images
/// to return details about.
///
/// - Returns: An array of the images.
func describeImages(_ idList: [String]) async -> [EC2ClientTypes.Image] {
do {
let output = try await ec2Client.describeImages(
input: DescribeImagesInput(
imageIds: idList
)
)
guard let images = output.images else {
print("*** No images found.")
return []
}
for image in images {
guard let id = image.imageId else {
continue
}
print(" \(id): \(image.description ?? "")")
}
return images
} catch {
print("*** Error getting image descriptions: \(error.localizedDescription)")
return []
}
}
```
+ 如需了解 API 的详细信息,请参阅适用[DescribeImages](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeimages(input:))于 S *wift 的AWS SDK API 参考*。
------
# 将 `DescribeImportImageTasks` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeImportImageTasks`。
------
#### [ CLI ]
**AWS CLI**
**监控导入映像任务**
以下 `describe-import-image-tasks` 示例检查指定的导入映像任务的状态。
```
aws ec2 describe-import-image-tasks \
--import-task-ids import-ami-1234567890abcdef0
```
正在进行的导入映像任务的输出。
```
{
"ImportImageTasks": [
{
"ImportTaskId": "import-ami-1234567890abcdef0",
"Progress": "28",
"SnapshotDetails": [
{
"DiskImageSize": 705638400.0,
"Format": "ova",
"Status": "completed",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.ova"
}
}
],
"Status": "active",
"StatusMessage": "converting"
}
]
}
```
已完成的导入映像任务的输出。生成的 AMI 的 ID 由 `ImageId` 提供。
```
{
"ImportImageTasks": [
{
"ImportTaskId": "import-ami-1234567890abcdef0",
"ImageId": "ami-1234567890abcdef0",
"SnapshotDetails": [
{
"DiskImageSize": 705638400.0,
"Format": "ova",
"SnapshotId": "snap-1234567890abcdef0"
"Status": "completed",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.ova"
}
}
],
"Status": "completed"
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeImportImageTasks](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-import-image-tasks.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定的映像导入任务。**
```
Get-EC2ImportImageTask -ImportTaskId import-ami-hgfedcba
```
**输出**:
```
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
**示例 2:此示例描述所有映像导入任务。**
```
Get-EC2ImportImageTask
```
**输出**:
```
Architecture :
Description : Windows Image 1
Hypervisor :
ImageId :
ImportTaskId : import-ami-abcdefgh
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {}
Status : deleted
StatusMessage : User initiated task cancelation
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeImportImageTasks](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定的映像导入任务。**
```
Get-EC2ImportImageTask -ImportTaskId import-ami-hgfedcba
```
**输出**:
```
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
**示例 2:此示例描述所有映像导入任务。**
```
Get-EC2ImportImageTask
```
**输出**:
```
Architecture :
Description : Windows Image 1
Hypervisor :
ImageId :
ImportTaskId : import-ami-abcdefgh
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {}
Status : deleted
StatusMessage : User initiated task cancelation
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeImportImageTasks](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeImportSnapshotTasks` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeImportSnapshotTasks`。
------
#### [ CLI ]
**AWS CLI**
**监控导入快照任务**
以下 `describe-import-snapshot-tasks` 示例检查指定的导入快照任务的状态。
```
aws ec2 describe-import-snapshot-tasks \
--import-task-ids import-snap-1234567890abcdef0
```
正在进行的导入快照任务的输出。
```
{
"ImportSnapshotTasks": [
{
"Description": "My server VMDK",
"ImportTaskId": "import-snap-1234567890abcdef0",
"SnapshotTaskDetail": {
"Description": "My server VMDK",
"DiskImageSize": "705638400.0",
"Format": "VMDK",
"Progress": "42",
"Status": "active",
"StatusMessage": "downloading/converting",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.vmdk"
}
}
}
]
}
```
已完成的导入快照任务的输出。生成的快照的 ID 由 `SnapshotId` 提供。
```
{
"ImportSnapshotTasks": [
{
"Description": "My server VMDK",
"ImportTaskId": "import-snap-1234567890abcdef0",
"SnapshotTaskDetail": {
"Description": "My server VMDK",
"DiskImageSize": "705638400.0",
"Format": "VMDK",
"SnapshotId": "snap-1234567890abcdef0"
"Status": "completed",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.vmdk"
}
}
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeImportSnapshotTasks](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-import-snapshot-tasks.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定的快照导入任务。**
```
Get-EC2ImportSnapshotTask -ImportTaskId import-snap-abcdefgh
```
**输出**:
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
```
**示例 2:此示例描述所有快照导入任务。**
```
Get-EC2ImportSnapshotTask
```
**输出**:
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
Disk Image Import 2 import-snap-hgfedcba Amazon.EC2.Model.SnapshotTaskDetail
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeImportSnapshotTasks](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定的快照导入任务。**
```
Get-EC2ImportSnapshotTask -ImportTaskId import-snap-abcdefgh
```
**输出**:
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
```
**示例 2:此示例描述所有快照导入任务。**
```
Get-EC2ImportSnapshotTask
```
**输出**:
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
Disk Image Import 2 import-snap-hgfedcba Amazon.EC2.Model.SnapshotTaskDetail
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeImportSnapshotTasks](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# 将 `DescribeInstanceAttribute` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeInstanceAttribute`。
------
#### [ CLI ]
**AWS CLI**
**描述实例类型**
此示例描述了指定实例的实例类型。
命令:
```
aws ec2 describe-instance-attribute --instance-id i-1234567890abcdef0 --attribute instanceType
```
输出:
```
{
"InstanceId": "i-1234567890abcdef0"
"InstanceType": {
"Value": "t1.micro"
}
}
```
**描述 disableApiTermination 属性**
此示例描述了指定实例的 `disableApiTermination` 属性。
命令:
```
aws ec2 describe-instance-attribute --instance-id i-1234567890abcdef0 --attribute disableApiTermination
```
输出:
```
{
"InstanceId": "i-1234567890abcdef0"
"DisableApiTermination": {
"Value": "false"
}
}
```
**描述实例的块设备映射**
此示例描述了指定实例的 `blockDeviceMapping` 属性。
命令:
```
aws ec2 describe-instance-attribute --instance-id i-1234567890abcdef0 --attribute blockDeviceMapping
```
输出:
```
{
"InstanceId": "i-1234567890abcdef0"
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sda1",
"Ebs": {
"Status": "attached",
"DeleteOnTermination": true,
"VolumeId": "vol-049df61146c4d7901",
"AttachTime": "2013-05-17T22:42:34.000Z"
}
},
{
"DeviceName": "/dev/sdf",
"Ebs": {
"Status": "attached",
"DeleteOnTermination": false,
"VolumeId": "vol-049df61146c4d7901",
"AttachTime": "2013-09-10T23:07:00.000Z"
}
}
],
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeInstanceAttribute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instance-attribute.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定实例的实例类型。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceType
```
**输出**:
```
InstanceType : t2.micro
```
**示例 2:此示例描述是否为指定实例启用增强联网。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute sriovNetSupport
```
**输出**:
```
SriovNetSupport : simple
```
**示例 3:此示例描述指定实例的安全组。**
```
(Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute groupSet).Groups
```
**输出**:
```
GroupId
-------
sg-12345678
sg-45678901
```
**示例 4:此示例描述是否为指定的实例启用 EBS 优化。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute ebsOptimized
```
**输出**:
```
EbsOptimized : False
```
**示例 5:此示例描述了指定实例disableApiTermination的 “” 属性。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute disableApiTermination
```
**输出**:
```
DisableApiTermination : False
```
**示例 6:此示例描述了指定实例instanceInitiatedShutdown的 “行为” 属性。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceInitiatedShutdownBehavior
```
**输出**:
```
InstanceInitiatedShutdownBehavior : stop
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeInstanceAttribute](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定实例的实例类型。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceType
```
**输出**:
```
InstanceType : t2.micro
```
**示例 2:此示例描述是否为指定实例启用增强联网。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute sriovNetSupport
```
**输出**:
```
SriovNetSupport : simple
```
**示例 3:此示例描述指定实例的安全组。**
```
(Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute groupSet).Groups
```
**输出**:
```
GroupId
-------
sg-12345678
sg-45678901
```
**示例 4:此示例描述是否为指定的实例启用 EBS 优化。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute ebsOptimized
```
**输出**:
```
EbsOptimized : False
```
**示例 5:此示例描述了指定实例disableApiTermination的 “” 属性。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute disableApiTermination
```
**输出**:
```
DisableApiTermination : False
```
**示例 6:此示例描述了指定实例instanceInitiatedShutdown的 “行为” 属性。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceInitiatedShutdownBehavior
```
**输出**:
```
InstanceInitiatedShutdownBehavior : stop
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeInstanceAttribute](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `DescribeInstanceStatus`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DescribeInstanceStatus`。
------
#### [ CLI ]
**AWS CLI**
**描述实例的状态**
以下 `describe-instance-status` 示例描述了指定实例的当前状态。
```
aws ec2 describe-instance-status \
--instance-ids i-1234567890abcdef0
```
输出:
```
{
"InstanceStatuses": [
{
"InstanceId": "i-1234567890abcdef0",
"InstanceState": {
"Code": 16,
"Name": "running"
},
"AvailabilityZone": "us-east-1d",
"SystemStatus": {
"Status": "ok",
"Details": [
{
"Status": "passed",
"Name": "reachability"
}
]
},
"InstanceStatus": {
"Status": "ok",
"Details": [
{
"Status": "passed",
"Name": "reachability"
}
]
}
}
]
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[监控实例状态](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instances-status-check.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeInstanceStatus](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instance-status.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定实例的状态。**
```
Get-EC2InstanceStatus -InstanceId i-12345678
```
**输出**:
```
AvailabilityZone : us-west-2a
Events : {}
InstanceId : i-12345678
InstanceState : Amazon.EC2.Model.InstanceState
Status : Amazon.EC2.Model.InstanceStatusSummary
SystemStatus : Amazon.EC2.Model.InstanceStatusSummary
```
```
$status = Get-EC2InstanceStatus -InstanceId i-12345678
$status.InstanceState
```
**输出**:
```
Code Name
---- ----
16 running
```
```
$status.Status
```
**输出**:
```
Details Status
------- ------
{reachability} ok
```
```
$status.SystemStatus
```
**输出**:
```
Details Status
------- ------
{reachability} ok
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeInstanceStatus](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定实例的状态。**
```
Get-EC2InstanceStatus -InstanceId i-12345678
```
**输出**:
```
AvailabilityZone : us-west-2a
Events : {}
InstanceId : i-12345678
InstanceState : Amazon.EC2.Model.InstanceState
Status : Amazon.EC2.Model.InstanceStatusSummary
SystemStatus : Amazon.EC2.Model.InstanceStatusSummary
```
```
$status = Get-EC2InstanceStatus -InstanceId i-12345678
$status.InstanceState
```
**输出**:
```
Code Name
---- ----
16 running
```
```
$status.Status
```
**输出**:
```
Details Status
------- ------
{reachability} ok
```
```
$status.SystemStatus
```
**输出**:
```
Details Status
------- ------
{reachability} ok
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeInstanceStatus](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
async fn show_all_events(client: &Client) -> Result<(), Error> {
let resp = client.describe_regions().send().await.unwrap();
for region in resp.regions.unwrap_or_default() {
let reg: &'static str = Box::leak(Box::from(region.region_name().unwrap()));
let region_provider = RegionProviderChain::default_provider().or_else(reg);
let config = aws_config::from_env().region(region_provider).load().await;
let new_client = Client::new(&config);
let resp = new_client.describe_instance_status().send().await;
println!("Instances in region {}:", reg);
println!();
for status in resp.unwrap().instance_statuses() {
println!(
" Events scheduled for instance ID: {}",
status.instance_id().unwrap_or_default()
);
for event in status.events() {
println!(" Event ID: {}", event.instance_event_id().unwrap());
println!(" Description: {}", event.description().unwrap());
println!(" Event code: {}", event.code().unwrap().as_ref());
println!();
}
}
}
Ok(())
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeInstanceStatus](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instance_status)于 *Rust 的AWS SDK API 参考*。
------
# `DescribeInstanceTypes`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DescribeInstanceTypes`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Describe the instance types available.
///
/// A list of instance type information.
public async Task> DescribeInstanceTypes(ArchitectureValues architecture)
{
try
{
var request = new DescribeInstanceTypesRequest();
var filters = new List
{
new Filter("processor-info.supported-architecture",
new List { architecture.ToString() })
};
filters.Add(new Filter("instance-type", new() { "*.micro", "*.small" }));
request.Filters = filters;
var instanceTypes = new List();
var paginator = _amazonEC2.Paginators.DescribeInstanceTypes(request);
await foreach (var instanceType in paginator.InstanceTypes)
{
instanceTypes.Add(instanceType);
}
return instanceTypes;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidParameterValue")
{
_logger.LogError(
$"Parameters are invalid. Ensure architecture and size strings conform to DescribeInstanceTypes API reference.");
}
throw;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't delete the security group because: {ex.Message}");
throw;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[DescribeInstanceTypes](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeInstanceTypes)*中的。
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# ec2_describe_instance_types
#
# This function describes EC2 instance types filtered by processor architecture
# and optionally by instance type. It takes the following arguments:
#
# -a, --architecture ARCHITECTURE Specify the processor architecture (e.g., x86_64)
# -t, --type INSTANCE_TYPE Comma-separated list of instance types (e.g., t2.micro)
# -h, --help Show the usage help
#
# The function prints the instance type and supported architecture for each
# matching instance type.
###############################################################################
function ec2_describe_instance_types() {
local architecture=""
local instance_types=""
# bashsupport disable=BP5008
function usage() {
echo "Usage: ec2_describe_instance_types [-a|--architecture ARCHITECTURE] [-t|--type INSTANCE_TYPE] [-h|--help]"
echo " -a, --architecture ARCHITECTURE Specify the processor architecture (e.g., x86_64)"
echo " -t, --type INSTANCE_TYPE Comma-separated list of instance types (e.g., t2.micro)"
echo " -h, --help Show this help message"
}
while [[ $# -gt 0 ]]; do
case "$1" in
-a | --architecture)
architecture="$2"
shift 2
;;
-t | --type)
instance_types="$2"
shift 2
;;
-h | --help)
usage
return 0
;;
*)
echo "Unknown argument: $1"
return 1
;;
esac
done
if [[ -z "$architecture" ]]; then
errecho "Error: Architecture not specified."
usage
return 1
fi
if [[ -z "$instance_types" ]]; then
errecho "Error: Instance type not specified."
usage
return 1
fi
local tmp_json_file="temp_ec2.json"
echo -n '[
{
"Name": "processor-info.supported-architecture",
"Values": [' >"$tmp_json_file"
local items
IFS=',' read -ra items <<<"$architecture"
local array_size
array_size=${#items[@]}
for i in $(seq 0 $((array_size - 1))); do
echo -n '"'"${items[$i]}"'"' >>"$tmp_json_file"
if [[ $i -lt $((array_size - 1)) ]]; then
echo -n ',' >>"$tmp_json_file"
fi
done
echo -n ']},
{
"Name": "instance-type",
"Values": [' >>"$tmp_json_file"
IFS=',' read -ra items <<<"$instance_types"
local array_size
array_size=${#items[@]}
for i in $(seq 0 $((array_size - 1))); do
echo -n '"'"${items[$i]}"'"' >>"$tmp_json_file"
if [[ $i -lt $((array_size - 1)) ]]; then
echo -n ',' >>"$tmp_json_file"
fi
done
echo -n ']}]' >>"$tmp_json_file"
local response
response=$(aws ec2 describe-instance-types --filters file://"$tmp_json_file" \
--query 'InstanceTypes[*].[InstanceType]' --output text)
local error_code=$?
rm "$tmp_json_file"
if [[ $error_code -ne 0 ]]; then
aws_cli_error_log $error_code
echo "ERROR: AWS reports describe-instance-types operation failed."
return 1
fi
echo "$response"
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeInstanceTypes](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeInstanceTypes)*中的。
------
#### [ CLI ]
**AWS CLI**
**示例 1:描述实例类型**
以下 `describe-instance-types` 示例显示指定实例类型的详细信息。
```
aws ec2 describe-instance-types \
--instance-types t2.micro
```
输出:
```
{
"InstanceTypes": [
{
"InstanceType": "t2.micro",
"CurrentGeneration": true,
"FreeTierEligible": true,
"SupportedUsageClasses": [
"on-demand",
"spot"
],
"SupportedRootDeviceTypes": [
"ebs"
],
"BareMetal": false,
"Hypervisor": "xen",
"ProcessorInfo": {
"SupportedArchitectures": [
"i386",
"x86_64"
],
"SustainedClockSpeedInGhz": 2.5
},
"VCpuInfo": {
"DefaultVCpus": 1,
"DefaultCores": 1,
"DefaultThreadsPerCore": 1,
"ValidCores": [
1
],
"ValidThreadsPerCore": [
1
]
},
"MemoryInfo": {
"SizeInMiB": 1024
},
"InstanceStorageSupported": false,
"EbsInfo": {
"EbsOptimizedSupport": "unsupported",
"EncryptionSupport": "supported"
},
"NetworkInfo": {
"NetworkPerformance": "Low to Moderate",
"MaximumNetworkInterfaces": 2,
"Ipv4AddressesPerInterface": 2,
"Ipv6AddressesPerInterface": 2,
"Ipv6Supported": true,
"EnaSupport": "unsupported"
},
"PlacementGroupInfo": {
"SupportedStrategies": [
"partition",
"spread"
]
},
"HibernationSupported": false,
"BurstablePerformanceSupported": true,
"DedicatedHostsSupported": false,
"AutoRecoverySupported": true
}
]
}
```
有关更多信息,请参阅《适用于 Linux 实例的 Amazon Elastic Compute Cloud 用户指南》**中的[实例类型](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)。
**示例 2:筛选可用的实例类型**
可以指定筛选器,将结果范围限定为具有特定特征的实例类型。以下 `describe-instance-types` 示例列出支持休眠的实例类型。
```
aws ec2 describe-instance-types \
--filters Name=hibernation-supported,Values=true --query 'InstanceTypes[*].InstanceType'
```
输出:
```
[
"m5.8xlarge",
"r3.large",
"c3.8xlarge",
"r5.large",
"m4.4xlarge",
"c4.large",
"m5.xlarge",
"m4.xlarge",
"c3.large",
"c4.8xlarge",
"c4.4xlarge",
"c5.xlarge",
"c5.12xlarge",
"r5.4xlarge",
"c5.4xlarge"
]
```
有关更多信息,请参阅《适用于 Linux 实例的 Amazon Elastic Compute Cloud 用户指南》**中的[实例类型](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeInstanceTypes](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instance-types.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Asynchronously retrieves the instance types available in the current AWS region.
*
* This method uses the AWS SDK's asynchronous API to fetch the available instance types
* and then processes the response. It logs the memory information, network information,
* and instance type for each instance type returned. Additionally, it returns a
* {@link CompletableFuture} that resolves to the instance type string for the "t2.2xlarge"
* instance type, if it is found in the response. If the "t2.2xlarge" instance type is not
* found, an empty string is returned.
*
*
* @return a {@link CompletableFuture} that resolves to the instance type string for the
* "t2.2xlarge" instance type, or an empty string if the instance type is not found
*/
public CompletableFuture getInstanceTypesAsync() {
DescribeInstanceTypesRequest typesRequest = DescribeInstanceTypesRequest.builder()
.maxResults(10)
.build();
CompletableFuture response = getAsyncClient().describeInstanceTypes(typesRequest);
response.whenComplete((resp, ex) -> {
if (resp != null) {
List instanceTypes = resp.instanceTypes();
for (InstanceTypeInfo type : instanceTypes) {
logger.info("The memory information of this type is " + type.memoryInfo().sizeInMiB());
logger.info("Network information is " + type.networkInfo().toString());
logger.info("Instance type is " + type.instanceType().toString());
}
} else {
throw (RuntimeException) ex;
}
});
return response.thenApply(resp -> {
for (InstanceTypeInfo type : resp.instanceTypes()) {
String instanceType = type.instanceType().toString();
if (instanceType.equals("t2.2xlarge")) {
return instanceType;
}
}
return "";
});
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[DescribeInstanceTypes](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstanceTypes)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { EC2Client, paginateDescribeInstanceTypes } from "@aws-sdk/client-ec2";
/**
* Describes the specified instance types. By default, all instance types for the
* current Region are described. Alternatively, you can filter the results.
* @param {{ pageSize: string, supportedArch: string[], freeTier: boolean }} options
*/
export const main = async ({ pageSize, supportedArch, freeTier }) => {
pageSize = Number.parseInt(pageSize);
const client = new EC2Client({});
// The paginate function is a wrapper around the underlying command.
const paginator = paginateDescribeInstanceTypes(
// Without limiting the page size, this call can take a long time. pageSize is just sugar for
// the MaxResults property in the underlying command.
{ client, pageSize },
{
Filters: [
{
Name: "processor-info.supported-architecture",
Values: supportedArch,
},
{ Name: "free-tier-eligible", Values: [freeTier ? "true" : "false"] },
],
},
);
try {
/**
* @type {import('@aws-sdk/client-ec2').InstanceTypeInfo[]}
*/
const instanceTypes = [];
for await (const page of paginator) {
if (page.InstanceTypes.length) {
instanceTypes.push(...page.InstanceTypes);
// When we have at least 1 result, we can stop.
if (instanceTypes.length >= 1) {
break;
}
}
}
console.log(
`Memory size in MiB for matching instance types:\n\n${instanceTypes.map((it) => `${it.InstanceType}: ${it.MemoryInfo.SizeInMiB} MiB`).join("\n")}`,
);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}`);
return [];
}
throw caught;
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[DescribeInstanceTypes](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstanceTypesCommand)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
// Get a list of instance types.
suspend fun getInstanceTypesSc(): String {
var instanceType = ""
val filterObs = ArrayList()
val filter =
Filter {
name = "processor-info.supported-architecture"
values = listOf("arm64")
}
filterObs.add(filter)
val typesRequest =
DescribeInstanceTypesRequest {
filters = filterObs
maxResults = 10
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstanceTypes(typesRequest)
response.instanceTypes?.forEach { type ->
println("The memory information of this type is ${type.memoryInfo?.sizeInMib}")
println("Maximum number of network cards is ${type.networkInfo?.maximumNetworkCards}")
instanceType = type.instanceType.toString()
}
return instanceType
}
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeInstanceTypes](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def get_instance_types(
self, architecture: str = "x86_64", sizes: List[str] = ["*.micro", "*.small"]
) -> List[Dict[str, Any]]:
"""
Gets instance types that support the specified architecture and size.
See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypes.html
for a list of allowable parameters.
:param architecture: The architecture supported by instance types. Default: 'x86_64'.
:param sizes: The size of instance types. Default: '*.micro', '*.small',
:return: A list of dictionaries representing instance types that support the specified architecture and size.
"""
try:
inst_types = []
paginator = self.ec2_client.get_paginator("describe_instance_types")
for page in paginator.paginate(
Filters=[
{
"Name": "processor-info.supported-architecture",
"Values": [architecture],
},
{"Name": "instance-type", "Values": sizes},
]
):
inst_types += page["InstanceTypes"]
except ClientError as err:
logger.error(
f"Failed to get instance types: {architecture}, {','.join(map(str, sizes))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidParameterValue":
logger.error(
"Parameters are invalid. "
"Ensure architecture and size strings conform to DescribeInstanceTypes API reference."
)
raise
else:
return inst_types
```
+ 有关 API 的详细信息,请参阅适用[DescribeInstanceTypes](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstanceTypes)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/// List instance types that match an image's architecture and are free tier eligible.
pub async fn list_instance_types(&self, image: &Image) -> Result, EC2Error> {
let architecture = format!(
"{}",
image.architecture().ok_or_else(|| EC2Error::new(format!(
"Image {:?} does not have a listed architecture",
image.image_id()
)))?
);
let free_tier_eligible_filter = Filter::builder()
.name("free-tier-eligible")
.values("false")
.build();
let supported_architecture_filter = Filter::builder()
.name("processor-info.supported-architecture")
.values(architecture)
.build();
let response = self
.client
.describe_instance_types()
.filters(free_tier_eligible_filter)
.filters(supported_architecture_filter)
.send()
.await?;
Ok(response
.instance_types
.unwrap_or_default()
.into_iter()
.filter_map(|iti| iti.instance_type)
.collect())
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeInstanceTypes](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instance_types)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
" Create filters for architecture and instance type patterns
" iv_architecture = 'x86_64'
DATA lt_filters TYPE /aws1/cl_ec2filter=>tt_filterlist.
APPEND NEW /aws1/cl_ec2filter(
iv_name = 'processor-info.supported-architecture'
it_values = VALUE /aws1/cl_ec2valuestringlist_w=>tt_valuestringlist(
( NEW /aws1/cl_ec2valuestringlist_w( iv_architecture ) )
)
) TO lt_filters.
" Filter for instance type patterns like '*.micro', '*.small'
APPEND NEW /aws1/cl_ec2filter(
iv_name = 'instance-type'
it_values = VALUE /aws1/cl_ec2valuestringlist_w=>tt_valuestringlist(
( NEW /aws1/cl_ec2valuestringlist_w( '*.micro' ) )
( NEW /aws1/cl_ec2valuestringlist_w( '*.small' ) )
)
) TO lt_filters.
TRY.
oo_result = lo_ec2->describeinstancetypes( it_filters = lt_filters ). " oo_result is returned for testing purposes. "
DATA(lt_instance_types) = oo_result->get_instancetypes( ).
MESSAGE 'Retrieved information about EC2 instance types.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DescribeInstanceTypes](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import AWSEC2
/// Return a list of instance types matching the specified architecture
/// and instance sizes.
///
/// - Parameters:
/// - architecture: The architecture of the instance types to return, as
/// a member of `EC2ClientTypes.ArchitectureValues`.
/// - sizes: An array of one or more strings identifying sizes of
/// instance type to accept.
///
/// - Returns: An array of `EC2ClientTypes.InstanceTypeInfo` records
/// describing the instance types matching the given requirements.
func getMatchingInstanceTypes(architecture: EC2ClientTypes.ArchitectureValues = EC2ClientTypes.ArchitectureValues.x8664,
sizes: [String] = ["*.micro", "*.small"]) async
-> [EC2ClientTypes.InstanceTypeInfo] {
var instanceTypes: [EC2ClientTypes.InstanceTypeInfo] = []
let archFilter = EC2ClientTypes.Filter(
name: "processor-info.supported-architecture",
values: [architecture.rawValue]
)
let sizeFilter = EC2ClientTypes.Filter(
name: "instance-type",
values: sizes
)
do {
let pages = ec2Client.describeInstanceTypesPaginated(
input: DescribeInstanceTypesInput(
filters: [archFilter, sizeFilter]
)
)
for try await page in pages {
guard let types = page.instanceTypes else {
return []
}
instanceTypes += types
}
} catch {
print("*** Error getting image types: \(error.localizedDescription)")
return []
}
return instanceTypes
}
```
+ 有关 API 的详细信息,请参阅适用于 S *wift 的AWS SDK API 参考[DescribeInstanceTypes](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeinstancetypes(input:))*中。
------
# `DescribeInstances`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DescribeInstances`。
操作示例是大型程序的代码摘录,必须在上下文中运行。您可以在以下代码示例中查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
+ [构建和管理弹性服务](ec2_example_cross_ResilientService_section.md)
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Get information about EC2 instances with a particular state.
///
/// The name of the tag to filter on.
/// The value of the tag to look for.
/// True if successful.
public async Task GetInstancesWithState(string state)
{
try
{
// Filters the results of the instance list.
var filters = new List
{
new Filter
{
Name = $"instance-state-name",
Values = new List { state, },
},
};
var request = new DescribeInstancesRequest { Filters = filters, };
Console.WriteLine($"\nShowing instances with state {state}");
var paginator = _amazonEC2.Paginators.DescribeInstances(request);
await foreach (var response in paginator.Responses)
{
foreach (var reservation in response.Reservations)
{
foreach (var instance in reservation.Instances)
{
Console.Write($"Instance ID: {instance.InstanceId} ");
Console.WriteLine($"\tCurrent State: {instance.State.Name}");
}
}
}
return true;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidParameterValue")
{
_logger.LogError(
$"Invalid parameter value for filtering instances.");
}
return false;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't list instances because: {ex.Message}");
return false;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[DescribeInstances](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeInstances)*中的。
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# function ec2_describe_instances
#
# This function describes one or more Amazon Elastic Compute Cloud (Amazon EC2) instances.
#
# Parameters:
# -i instance_id - The ID of the instance to describe (optional).
# -q query - The query to filter the response (optional).
# -h - Display help.
#
# Returns:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_describe_instances() {
local instance_id query response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_describe_instances"
echo "Describes one or more Amazon Elastic Compute Cloud (Amazon EC2) instances."
echo " -i instance_id - The ID of the instance to describe (optional)."
echo " -q query - The query to filter the response (optional)."
echo " -h - Display help."
echo ""
}
# Retrieve the calling parameters.
while getopts "i:q:h" option; do
case "${option}" in
i) instance_id="${OPTARG}" ;;
q) query="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
local aws_cli_args=()
if [[ -n "$instance_id" ]]; then
# shellcheck disable=SC2206
aws_cli_args+=("--instance-ids" $instance_id)
fi
local query_arg=""
if [[ -n "$query" ]]; then
query_arg="--query '$query'"
else
query_arg="--query Reservations[*].Instances[*].[InstanceId,ImageId,InstanceType,KeyName,VpcId,PublicIpAddress,State.Name]"
fi
# shellcheck disable=SC2086
response=$(aws ec2 describe-instances \
"${aws_cli_args[@]}" \
$query_arg \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports describe-instances operation failed.$response"
return 1
}
echo "$response"
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeInstances](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeInstances)*中的。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! Describe all Amazon Elastic Compute Cloud (Amazon EC2) instances associated with an account.
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::describeInstances(
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeInstancesRequest request;
bool header = false;
bool done = false;
while (!done) {
Aws::EC2::Model::DescribeInstancesOutcome outcome = ec2Client.DescribeInstances(request);
if (outcome.IsSuccess()) {
if (!header) {
std::cout << std::left <<
std::setw(48) << "Name" <<
std::setw(20) << "ID" <<
std::setw(25) << "Ami" <<
std::setw(15) << "Type" <<
std::setw(15) << "State" <<
std::setw(15) << "Monitoring" << std::endl;
header = true;
}
const std::vector &reservations =
outcome.GetResult().GetReservations();
for (const auto &reservation: reservations) {
const std::vector &instances =
reservation.GetInstances();
for (const auto &instance: instances) {
Aws::String instanceStateString =
Aws::EC2::Model::InstanceStateNameMapper::GetNameForInstanceStateName(
instance.GetState().GetName());
Aws::String typeString =
Aws::EC2::Model::InstanceTypeMapper::GetNameForInstanceType(
instance.GetInstanceType());
Aws::String monitorString =
Aws::EC2::Model::MonitoringStateMapper::GetNameForMonitoringState(
instance.GetMonitoring().GetState());
Aws::String name = "Unknown";
const std::vector &tags = instance.GetTags();
auto nameIter = std::find_if(tags.cbegin(), tags.cend(),
[](const Aws::EC2::Model::Tag &tag) {
return tag.GetKey() == "Name";
});
if (nameIter != tags.cend()) {
name = nameIter->GetValue();
}
std::cout <<
std::setw(48) << name <<
std::setw(20) << instance.GetInstanceId() <<
std::setw(25) << instance.GetImageId() <<
std::setw(15) << typeString <<
std::setw(15) << instanceStateString <<
std::setw(15) << monitorString << std::endl;
}
}
if (!outcome.GetResult().GetNextToken().empty()) {
request.SetNextToken(outcome.GetResult().GetNextToken());
} else {
done = true;
}
} else {
std::cerr << "Failed to describe EC2 instances:" <<
outcome.GetError().GetMessage() << std::endl;
return false;
}
}
return true;
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[DescribeInstances](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeInstances)*中的。
------
#### [ CLI ]
**AWS CLI**
**示例 1:描述实例**
以下 `describe-instances` 示例描述了指定的实例。
```
aws ec2 describe-instances \
--instance-ids i-1234567890abcdef0
```
输出:
```
{
"Reservations": [
{
"Groups": [],
"Instances": [
{
"AmiLaunchIndex": 0,
"ImageId": "ami-0abcdef1234567890",
"InstanceId": "i-1234567890abcdef0",
"InstanceType": "t3.nano",
"KeyName": "my-key-pair",
"LaunchTime": "2022-11-15T10:48:59+00:00",
"Monitoring": {
"State": "disabled"
},
"Placement": {
"AvailabilityZone": "us-east-2a",
"GroupName": "",
"Tenancy": "default"
},
"PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal",
"PrivateIpAddress": "10-0-0-157",
"ProductCodes": [],
"PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com",
"PublicIpAddress": "34.253.223.13",
"State": {
"Code": 16,
"Name": "running"
},
"StateTransitionReason": "",
"SubnetId": "subnet-04a636d18e83cfacb",
"VpcId": "vpc-1234567890abcdef0",
"Architecture": "x86_64",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/xvda",
"Ebs": {
"AttachTime": "2022-11-15T10:49:00+00:00",
"DeleteOnTermination": true,
"Status": "attached",
"VolumeId": "vol-02e6ccdca7de29cf2"
}
}
],
"ClientToken": "1234abcd-1234-abcd-1234-d46a8903e9bc",
"EbsOptimized": true,
"EnaSupport": true,
"Hypervisor": "xen",
"IamInstanceProfile": {
"Arn": "arn:aws:iam::111111111111:instance-profile/AmazonSSMRoleForInstancesQuickSetup",
"Id": "111111111111111111111"
},
"NetworkInterfaces": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com",
"PublicIp": "34.253.223.13"
},
"Attachment": {
"AttachTime": "2022-11-15T10:48:59+00:00",
"AttachmentId": "eni-attach-1234567890abcdefg",
"DeleteOnTermination": true,
"DeviceIndex": 0,
"Status": "attached",
"NetworkCardIndex": 0
},
"Description": "",
"Groups": [
{
"GroupName": "launch-wizard-146",
"GroupId": "sg-1234567890abcdefg"
}
],
"Ipv6Addresses": [],
"MacAddress": "00:11:22:33:44:55",
"NetworkInterfaceId": "eni-1234567890abcdefg",
"OwnerId": "104024344472",
"PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal",
"PrivateIpAddress": "10-0-0-157",
"PrivateIpAddresses": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com",
"PublicIp": "34.253.223.13"
},
"Primary": true,
"PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal",
"PrivateIpAddress": "10-0-0-157"
}
],
"SourceDestCheck": true,
"Status": "in-use",
"SubnetId": "subnet-1234567890abcdefg",
"VpcId": "vpc-1234567890abcdefg",
"InterfaceType": "interface"
}
],
"RootDeviceName": "/dev/xvda",
"RootDeviceType": "ebs",
"SecurityGroups": [
{
"GroupName": "launch-wizard-146",
"GroupId": "sg-1234567890abcdefg"
}
],
"SourceDestCheck": true,
"Tags": [
{
"Key": "Name",
"Value": "my-instance"
}
],
"VirtualizationType": "hvm",
"CpuOptions": {
"CoreCount": 1,
"ThreadsPerCore": 2
},
"CapacityReservationSpecification": {
"CapacityReservationPreference": "open"
},
"HibernationOptions": {
"Configured": false
},
"MetadataOptions": {
"State": "applied",
"HttpTokens": "optional",
"HttpPutResponseHopLimit": 1,
"HttpEndpoint": "enabled",
"HttpProtocolIpv6": "disabled",
"InstanceMetadataTags": "enabled"
},
"EnclaveOptions": {
"Enabled": false
},
"PlatformDetails": "Linux/UNIX",
"UsageOperation": "RunInstances",
"UsageOperationUpdateTime": "2022-11-15T10:48:59+00:00",
"PrivateDnsNameOptions": {
"HostnameType": "ip-name",
"EnableResourceNameDnsARecord": true,
"EnableResourceNameDnsAAAARecord": false
},
"MaintenanceOptions": {
"AutoRecovery": "default"
}
}
],
"OwnerId": "111111111111",
"ReservationId": "r-1234567890abcdefg"
}
]
}
```
**示例 2:筛选具有指定类型的实例**
以下 `describe-instances` 示例使用筛选器,将结果范围限定为指定类型的实例。
```
aws ec2 describe-instances \
--filters Name=instance-type,Values=m5.large
```
有关示例输出,请参阅示例 1。
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[使用 CLI 列出和筛选](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html#Filtering_Resources_CLI)。
**示例 3:筛选具有指定类型和可用区的实例**
以下 `describe-instances` 示例使用多个筛选器,将结果范围限定为同样位于指定可用区且具有指定类型的实例。
```
aws ec2 describe-instances \
--filters Name=instance-type,Values=t2.micro,t3.micro Name=availability-zone,Values=us-east-2c
```
有关示例输出,请参阅示例 1。
**示例 4:使用 JSON 文件筛选具有指定类型和可用区的实例**
以下 `describe-instances` 示例使用 JSON 输入文件执行与上一个示例相同的筛选。当筛选器变得更加复杂时,可以更容易地在 JSON 文件中加以指定。
```
aws ec2 describe-instances \
--filters file://filters.json
```
`filters.json` 的内容:
```
[
{
"Name": "instance-type",
"Values": ["t2.micro", "t3.micro"]
},
{
"Name": "availability-zone",
"Values": ["us-east-2c"]
}
]
```
有关示例输出,请参阅示例 1。
**示例 5:筛选具有指定 Owner 标签的实例**
以下 `describe-instances` 示例使用标签筛选器,将结果范围限定为具有指定标签键(Owner)标签的实例,无论标签值如何。
```
aws ec2 describe-instances \
--filters "Name=tag-key,Values=Owner"
```
有关示例输出,请参阅示例 1。
**示例 6:筛选具有指定 my-team 标签值的实例**
以下 `describe-instances` 示例使用标签筛选器,将结果范围限定为具有指定标签值(my-team)标签的实例,无论标签键如何。
```
aws ec2 describe-instances \
--filters "Name=tag-value,Values=my-team"
```
有关示例输出,请参阅示例 1。
**示例 7:筛选具有指定 Owner 标签和 my-team 值的实例**
以下 `describe-instances` 示例使用标签筛选器,将结果范围限定为具有指定标签值(Owner=my-team)的实例。
```
aws ec2 describe-instances \
--filters "Name=tag:Owner,Values=my-team"
```
有关示例输出,请参阅示例 1。
**示例 8:仅显示所有实例 IDs 的实例和子网**
以下`describe-instances`示例使用`--query`参数以 JSON 格式仅显示所有实例 IDs 的实例和子网。
Linux 和 macOS:
```
aws ec2 describe-instances \
--query 'Reservations[*].Instances[*].{Instance:InstanceId,Subnet:SubnetId}' \
--output json
```
Windows:
```
aws ec2 describe-instances ^
--query "Reservations[*].Instances[*].{Instance:InstanceId,Subnet:SubnetId}" ^
--output json
```
输出:
```
[
{
"Instance": "i-057750d42936e468a",
"Subnet": "subnet-069beee9b12030077"
},
{
"Instance": "i-001efd250faaa6ffa",
"Subnet": "subnet-0b715c6b7db68927a"
},
{
"Instance": "i-027552a73f021f3bd",
"Subnet": "subnet-0250c25a1f4e15235"
}
...
]
```
**示例 9:筛选指定类型的实例并仅显示其实例 IDs**
以下`describe-instances`示例使用筛选器将结果范围限定为指定类型的实例,并使用`--query`参数仅显示实例 IDs。
```
aws ec2 describe-instances \
--filters "Name=instance-type,Values=t2.micro" \
--query "Reservations[*].Instances[*].[InstanceId]" \
--output text
```
输出:
```
i-031c0dc19de2fb70c
i-00d8bff789a736b75
i-0b715c6b7db68927a
i-0626d4edd54f1286d
i-00b8ae04f9f99908e
i-0fc71c25d2374130c
```
**示例 10:筛选指定类型的实例并仅显示其实例 IDs、可用区和指定的标签值**
以下 `describe-instances` 示例以表格格式显示实例的实例 ID、可用区和 `Name` 标签值,这些实例有一个名为 `tag-key` 的标签。
Linux 和 macOS:
```
aws ec2 describe-instances \
--filters Name=tag-key,Values=Name \
--query 'Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key==`Name`]|[0].Value}' \
--output table
```
Windows:
```
aws ec2 describe-instances ^
--filters Name=tag-key,Values=Name ^
--query "Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key=='Name']|[0].Value}" ^
--output table
```
输出:
```
-------------------------------------------------------------
| DescribeInstances |
+--------------+-----------------------+--------------------+
| AZ | Instance | Name |
+--------------+-----------------------+--------------------+
| us-east-2b | i-057750d42936e468a | my-prod-server |
| us-east-2a | i-001efd250faaa6ffa | test-server-1 |
| us-east-2a | i-027552a73f021f3bd | test-server-2 |
+--------------+-----------------------+--------------------+
```
**示例 11:描述分区置放群组中的实例**
以下 `describe-instances` 示例描述了指定的实例。输出包括实例的置放信息,其中包含实例的置放群组名称和分区编号。
```
aws ec2 describe-instances \
--instance-ids i-0123a456700123456 \
--query "Reservations[*].Instances[*].Placement"
```
输出:
```
[
[
{
"AvailabilityZone": "us-east-1c",
"GroupName": "HDFS-Group-A",
"PartitionNumber": 3,
"Tenancy": "default"
}
]
]
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[描述置放群组中的实例](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html#describe-instance-placement)。
**示例 12:筛选具有指定置放群组和分区编号的实例**
以下 `describe-instances` 示例将结果筛选为仅具有指定置放群组和分区编号的实例。
```
aws ec2 describe-instances \
--filters "Name=placement-group-name,Values=HDFS-Group-A" "Name=placement-partition-number,Values=7"
```
以下仅显示输出中的相关信息。
```
"Instances": [
{
"InstanceId": "i-0123a456700123456",
"InstanceType": "r4.large",
"Placement": {
"AvailabilityZone": "us-east-1c",
"GroupName": "HDFS-Group-A",
"PartitionNumber": 7,
"Tenancy": "default"
}
},
{
"InstanceId": "i-9876a543210987654",
"InstanceType": "r4.large",
"Placement": {
"AvailabilityZone": "us-east-1c",
"GroupName": "HDFS-Group-A",
"PartitionNumber": 7,
"Tenancy": "default"
}
],
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[描述置放群组中的实例](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html#describe-instance-placement)。
**示例 13:筛选配置为允许从实例元数据访问标签的实例**
以下 `describe-instances` 示例将结果筛选为,仅显示配置为允许从实例元数据访问实例标签的实例。
```
aws ec2 describe-instances \
--filters "Name=metadata-options.instance-metadata-tags,Values=enabled" \
--query "Reservations[*].Instances[*].InstanceId" \
--output text
```
预期的输出如下所示。
```
i-1234567890abcdefg
i-abcdefg1234567890
i-11111111aaaaaaaaa
i-aaaaaaaa111111111
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[使用实例元数据中的实例标签](https://docs.aws.amazon.com/en_us/AWSEC2/latest/UserGuide/Using_Tags.html#view-access-to-tags-in-IMDS)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeInstances](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instances.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Asynchronously describes the state of an EC2 instance.
* The paginator helps you iterate over multiple pages of results.
*
* @param newInstanceId the ID of the EC2 instance to describe
* @return a {@link CompletableFuture} that, when completed, contains a string describing the state of the EC2 instance
*/
public CompletableFuture describeEC2InstancesAsync(String newInstanceId) {
DescribeInstancesRequest request = DescribeInstancesRequest.builder()
.instanceIds(newInstanceId)
.build();
DescribeInstancesPublisher paginator = getAsyncClient().describeInstancesPaginator(request);
AtomicReference publicIpAddressRef = new AtomicReference<>();
return paginator.subscribe(response -> {
response.reservations().stream()
.flatMap(reservation -> reservation.instances().stream())
.filter(instance -> instance.instanceId().equals(newInstanceId))
.findFirst()
.ifPresent(instance -> publicIpAddressRef.set(instance.publicIpAddress()));
}).thenApply(v -> {
String publicIpAddress = publicIpAddressRef.get();
if (publicIpAddress == null) {
throw new RuntimeException("Instance with ID " + newInstanceId + " not found.");
}
return publicIpAddress;
}).exceptionally(ex -> {
logger.info("Failed to describe instances: " + ex.getMessage());
throw new RuntimeException("Failed to describe instances", ex);
});
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[DescribeInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstances)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { EC2Client, paginateDescribeInstances } from "@aws-sdk/client-ec2";
/**
* List all of your EC2 instances running with the provided architecture that
* were launched in the past month.
* @param {{ pageSize: string, architectures: string[] }} options
*/
export const main = async ({ pageSize, architectures }) => {
pageSize = Number.parseInt(pageSize);
const client = new EC2Client({});
const d = new Date();
const year = d.getFullYear();
const month = `0${d.getMonth() + 1}`.slice(-2);
const launchTimePattern = `${year}-${month}-*`;
const paginator = paginateDescribeInstances(
{
client,
pageSize,
},
{
Filters: [
{ Name: "architecture", Values: architectures },
{ Name: "instance-state-name", Values: ["running"] },
{
Name: "launch-time",
Values: [launchTimePattern],
},
],
},
);
try {
/**
* @type {import('@aws-sdk/client-ec2').Instance[]}
*/
const instanceList = [];
for await (const page of paginator) {
const { Reservations } = page;
for (const reservation of Reservations) {
instanceList.push(...reservation.Instances);
}
}
console.log(
`Running instances launched this month:\n\n${instanceList.map((instance) => instance.InstanceId).join("\n")}`,
);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}.`);
} else {
throw caught;
}
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[DescribeInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstancesCommand)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
suspend fun describeEC2Instances() {
val request =
DescribeInstancesRequest {
maxResults = 6
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstances(request)
response.reservations?.forEach { reservation ->
reservation.instances?.forEach { instance ->
println("Instance Id is ${instance.instanceId}")
println("Image id is ${instance.imageId}")
println("Instance type is ${instance.instanceType}")
println("Instance state name is ${instance.state?.name}")
println("monitoring information is ${instance.monitoring?.state}")
}
}
}
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定的实例。**
```
(Get-EC2Instance -InstanceId i-12345678).Instances
```
**输出**:
```
AmiLaunchIndex : 0
Architecture : x86_64
BlockDeviceMappings : {/dev/sda1}
ClientToken : TleEy1448154045270
EbsOptimized : False
Hypervisor : xen
IamInstanceProfile : Amazon.EC2.Model.IamInstanceProfile
ImageId : ami-12345678
InstanceId : i-12345678
InstanceLifecycle :
InstanceType : t2.micro
KernelId :
KeyName : my-key-pair
LaunchTime : 12/4/2015 4:44:40 PM
Monitoring : Amazon.EC2.Model.Monitoring
NetworkInterfaces : {ip-10-0-2-172.us-west-2.compute.internal}
Placement : Amazon.EC2.Model.Placement
Platform : Windows
PrivateDnsName : ip-10-0-2-172.us-west-2.compute.internal
PrivateIpAddress : 10.0.2.172
ProductCodes : {}
PublicDnsName :
PublicIpAddress :
RamdiskId :
RootDeviceName : /dev/sda1
RootDeviceType : ebs
SecurityGroups : {default}
SourceDestCheck : True
SpotInstanceRequestId :
SriovNetSupport :
State : Amazon.EC2.Model.InstanceState
StateReason :
StateTransitionReason :
SubnetId : subnet-12345678
Tags : {Name}
VirtualizationType : hvm
VpcId : vpc-12345678
```
**示例 2:此示例描述您在当前区域中的所有实例,按预留分组。要查看实例详细信息,请在每个预留对象中展开实例集合。**
```
Get-EC2Instance
```
**输出**:
```
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 226008221399
ReservationId : r-c5df370c
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 854251627541
ReservationId : r-63e65bab
...
```
**示例 3:此示例阐述使用筛选条件来查询 VPC 的特定子网中的 EC2 实例。**
```
(Get-EC2Instance -Filter @{Name="vpc-id";Values="vpc-1a2bc34d"},@{Name="subnet-id";Values="subnet-1a2b3c4d"}).Instances
```
**输出**:
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-01af...82cf180e19 t2.medium Windows 10.0.0.98 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0374...7e9d5b0c45 t2.xlarge Windows 10.0.0.53 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**示例 4:此示例阐述使用具有多个值的筛选条件来同时查询正在运行和已停止的 EC2 实例**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
(Get-EC2Instance @InstanceParams).Instances
```
**输出**:
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**示例 5:此示例阐述使用具有多个值的筛选条件来同时查询正在运行和已停止的 EC2 实例,以及使用 Select-Object cmdlet 来选择要输出的特定值。**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
$SelectParams = @{
Property = @(
"InstanceID", "InstanceType", "Platform", "PrivateIpAddress",
@{Name="Name";Expression={$_.Tags[$_.Tags.Key.IndexOf("Name")].Value}},
@{Name="State";Expression={$_.State.Name}}
)
}
$result = Get-EC2Instance @InstanceParams
$result.Instances | Select-Object @SelectParams | Format-Table -AutoSize
```
**输出**:
```
InstanceId InstanceType Platform PrivateIpAddress Name State
---------- ------------ -------- ---------------- ---- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ec2-name-01 running
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ec2-name-02 stopped
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ec2-name-03 running
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ec2-name-04 stopped
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ec2-name-05 running
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ec2-name-06 stopped
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeInstances](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定的实例。**
```
(Get-EC2Instance -InstanceId i-12345678).Instances
```
**输出**:
```
AmiLaunchIndex : 0
Architecture : x86_64
BlockDeviceMappings : {/dev/sda1}
ClientToken : TleEy1448154045270
EbsOptimized : False
Hypervisor : xen
IamInstanceProfile : Amazon.EC2.Model.IamInstanceProfile
ImageId : ami-12345678
InstanceId : i-12345678
InstanceLifecycle :
InstanceType : t2.micro
KernelId :
KeyName : my-key-pair
LaunchTime : 12/4/2015 4:44:40 PM
Monitoring : Amazon.EC2.Model.Monitoring
NetworkInterfaces : {ip-10-0-2-172.us-west-2.compute.internal}
Placement : Amazon.EC2.Model.Placement
Platform : Windows
PrivateDnsName : ip-10-0-2-172.us-west-2.compute.internal
PrivateIpAddress : 10.0.2.172
ProductCodes : {}
PublicDnsName :
PublicIpAddress :
RamdiskId :
RootDeviceName : /dev/sda1
RootDeviceType : ebs
SecurityGroups : {default}
SourceDestCheck : True
SpotInstanceRequestId :
SriovNetSupport :
State : Amazon.EC2.Model.InstanceState
StateReason :
StateTransitionReason :
SubnetId : subnet-12345678
Tags : {Name}
VirtualizationType : hvm
VpcId : vpc-12345678
```
**示例 2:此示例描述您在当前区域中的所有实例,按预留分组。要查看实例详细信息,请在每个预留对象中展开实例集合。**
```
Get-EC2Instance
```
**输出**:
```
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 226008221399
ReservationId : r-c5df370c
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 854251627541
ReservationId : r-63e65bab
...
```
**示例 3:此示例阐述使用筛选条件来查询 VPC 的特定子网中的 EC2 实例。**
```
(Get-EC2Instance -Filter @{Name="vpc-id";Values="vpc-1a2bc34d"},@{Name="subnet-id";Values="subnet-1a2b3c4d"}).Instances
```
**输出**:
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-01af...82cf180e19 t2.medium Windows 10.0.0.98 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0374...7e9d5b0c45 t2.xlarge Windows 10.0.0.53 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**示例 4:此示例阐述使用具有多个值的筛选条件来同时查询正在运行和已停止的 EC2 实例**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
(Get-EC2Instance @InstanceParams).Instances
```
**输出**:
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**示例 5:此示例阐述使用具有多个值的筛选条件来同时查询正在运行和已停止的 EC2 实例,以及使用 Select-Object cmdlet 来选择要输出的特定值。**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
$SelectParams = @{
Property = @(
"InstanceID", "InstanceType", "Platform", "PrivateIpAddress",
@{Name="Name";Expression={$_.Tags[$_.Tags.Key.IndexOf("Name")].Value}},
@{Name="State";Expression={$_.State.Name}}
)
}
$result = Get-EC2Instance @InstanceParams
$result.Instances | Select-Object @SelectParams | Format-Table -AutoSize
```
**输出**:
```
InstanceId InstanceType Platform PrivateIpAddress Name State
---------- ------------ -------- ---------------- ---- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ec2-name-01 running
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ec2-name-02 stopped
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ec2-name-03 running
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ec2-name-04 stopped
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ec2-name-05 running
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ec2-name-06 stopped
```
**示例 6:此示例验证使用 DryRun 参数获取 EC2 实例的权限,而无需实际获取它们。注:这在操作成功时会引发异常,这是预期行为。**
```
Get-EC2Tag -DryRun $true
```
**输出**:
```
Get-EC2Instance: Request would have succeeded, but DryRun flag is set.
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeInstances](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def display(self, state_filter: Optional[str] = "running") -> None:
"""
Displays information about instances, filtering by the specified state.
:param state_filter: The instance state to include in the output. Only instances in this state
will be displayed. Default is 'running'. Example states: 'running', 'stopped'.
"""
if not self.instances:
logger.info("No instances to display.")
return
instance_ids = [instance["InstanceId"] for instance in self.instances]
paginator = self.ec2_client.get_paginator("describe_instances")
page_iterator = paginator.paginate(InstanceIds=instance_ids)
try:
for page in page_iterator:
for reservation in page["Reservations"]:
for instance in reservation["Instances"]:
instance_state = instance["State"]["Name"]
# Apply the state filter (default is 'running')
if state_filter and instance_state != state_filter:
continue # Skip this instance if it doesn't match the filter
# Create a formatted string with instance details
instance_info = (
f"• ID: {instance['InstanceId']}\n"
f"• Image ID: {instance['ImageId']}\n"
f"• Instance type: {instance['InstanceType']}\n"
f"• Key name: {instance['KeyName']}\n"
f"• VPC ID: {instance['VpcId']}\n"
f"• Public IP: {instance.get('PublicIpAddress', 'N/A')}\n"
f"• State: {instance_state}"
)
print(instance_info)
except ClientError as err:
logger.error(
f"Failed to display instance(s). : {' '.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
logger.error(
"One or more instance IDs do not exist. "
"Please verify the instance IDs and try again."
)
raise
```
+ 有关 API 的详细信息,请参阅适用[DescribeInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstances)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Ruby ]
**适用于 Ruby 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
require 'aws-sdk-ec2'
# @param ec2_resource [Aws::EC2::Resource] An initialized EC2 resource object.
# @example
# list_instance_ids_states(Aws::EC2::Resource.new(region: 'us-west-2'))
def list_instance_ids_states(ec2_resource)
response = ec2_resource.instances
if response.count.zero?
puts 'No instances found.'
else
puts 'Instances -- ID, state:'
response.each do |instance|
puts "#{instance.id}, #{instance.state.name}"
end
end
rescue StandardError => e
puts "Error getting information about instances: #{e.message}"
end
# Example usage:
def run_me
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-get-all-instance-info.rb REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-get-all-instance-info.rb us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
elsif ARGV.count.zero?
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
region = ARGV[0]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
list_instance_ids_states(ec2_resource)
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 有关 API 的详细信息,请参阅 *适用于 Ruby 的 AWS SDK API 参考[DescribeInstances](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/DescribeInstances)*中的。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
检索 EC2 实例的详细信息。
```
pub async fn describe_instance(&self, instance_id: &str) -> Result {
let response = self
.client
.describe_instances()
.instance_ids(instance_id)
.send()
.await?;
let instance = response
.reservations()
.first()
.ok_or_else(|| EC2Error::new(format!("No instance reservations for {instance_id}")))?
.instances()
.first()
.ok_or_else(|| {
EC2Error::new(format!("No instances in reservation for {instance_id}"))
})?;
Ok(instance.clone())
}
```
创建 EC2 实例后,检索并存储其详细信息。
```
/// Create an EC2 instance with the given ID on a given type, using a
/// generated KeyPair and applying a list of security groups.
pub async fn create(
&mut self,
ec2: &EC2,
image_id: &str,
instance_type: InstanceType,
key_pair: &KeyPairInfo,
security_groups: Vec<&SecurityGroup>,
) -> Result<(), EC2Error> {
let instance_id = ec2
.create_instance(image_id, instance_type, key_pair, security_groups)
.await?;
let instance = ec2.describe_instance(&instance_id).await?;
self.instance = Some(instance);
Ok(())
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instances)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
oo_result = lo_ec2->describeinstances( ). " oo_result is returned for testing purposes. "
" Retrieving details of EC2 instances. "
DATA: lv_istance_id TYPE /aws1/ec2string,
lv_status TYPE /aws1/ec2instancestatename,
lv_instance_type TYPE /aws1/ec2instancetype,
lv_image_id TYPE /aws1/ec2string.
LOOP AT oo_result->get_reservations( ) INTO DATA(lo_reservation).
LOOP AT lo_reservation->get_instances( ) INTO DATA(lo_instance).
lv_istance_id = lo_instance->get_instanceid( ).
lv_status = lo_instance->get_state( )->get_name( ).
lv_instance_type = lo_instance->get_instancetype( ).
lv_image_id = lo_instance->get_imageid( ).
ENDLOOP.
ENDLOOP.
MESSAGE 'Retrieved information about EC2 instances.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DescribeInstances](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# 将 `DescribeInternetGateways` 与 CLI 配合使用
以下代码示例演示如何使用 `DescribeInternetGateways`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [开始使用 Amazon VPC](ec2_example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**描述互联网网关**
以下 `describe-internet-gateways` 示例描述了指定的互联网网关。
```
aws ec2 describe-internet-gateways \
--internet-gateway-ids igw-0d0fb496b3EXAMPLE
```
输出:
```
{
"InternetGateways": [
{
"Attachments": [
{
"State": "available",
"VpcId": "vpc-0a60eb65b4EXAMPLE"
}
],
"InternetGatewayId": "igw-0d0fb496b3EXAMPLE",
"OwnerId": "123456789012",
"Tags": [
{
"Key": "Name",
"Value": "my-igw"
}
]
}
]
}
```
有关更多信息,请参阅《*Amazon VPC 用户指南*》中的[互联网网关](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeInternetGateways](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-internet-gateways.html)*中的。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定的互联网网关。**
```
Get-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**输出**:
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
```
**示例 2:此示例描述所有互联网网关。**
```
Get-EC2InternetGateway
```
**输出**:
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
{} igw-2a3b4c5d {}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeInternetGateways](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定的互联网网关。**
```
Get-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**输出**:
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
```
**示例 2:此示例描述所有互联网网关。**
```
Get-EC2InternetGateway
```
**输出**:
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
{} igw-2a3b4c5d {}
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeInternetGateways](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
# `DescribeKeyPairs`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DescribeKeyPairs`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ec2_example_ec2_Scenario_GetStartedInstances_section.md)
------
#### [ .NET ]
**适用于 .NET 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
///
/// Get information about an Amazon EC2 key pair.
///
/// The name of the key pair.
/// A list of key pair information.
public async Task> DescribeKeyPairs(string keyPairName)
{
try
{
var request = new DescribeKeyPairsRequest();
if (!string.IsNullOrEmpty(keyPairName))
{
request = new DescribeKeyPairsRequest
{
KeyNames = new List { keyPairName }
};
}
var response = await _amazonEC2.DescribeKeyPairsAsync(request);
return response.KeyPairs.ToList();
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidKeyPair.NotFound")
{
_logger.LogError(
$"A key pair called {keyPairName} does not exist.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while describing the key pair.: {ex.Message}");
throw;
}
}
```
+ 有关 API 的详细信息,请参阅 *适用于 .NET 的 AWS SDK API 参考[DescribeKeyPairs](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeKeyPairs)*中的。
------
#### [ Bash ]
**AWS CLI 使用 Bash 脚本**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
###############################################################################
# function ec2_describe_key_pairs
#
# This function describes one or more Amazon Elastic Compute Cloud (Amazon EC2) key pairs.
#
# Parameters:
# -h - Display help.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_describe_key_pairs() {
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_describe_key_pairs"
echo "Describes one or more Amazon Elastic Compute Cloud (Amazon EC2) key pairs."
echo " -h - Display help."
echo ""
}
# Retrieve the calling parameters.
while getopts "h" option; do
case "${option}" in
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
local response
response=$(aws ec2 describe-key-pairs \
--query 'KeyPairs[*].[KeyName, KeyFingerprint]' \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports describe-key-pairs operation failed.$response"
return 1
}
echo "$response"
return 0
}
```
本示例中使用的实用程序函数。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeKeyPairs](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeKeyPairs)*中的。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
//! Describe all Amazon Elastic Compute Cloud (Amazon EC2) instance key pairs.
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::describeKeyPairs(
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeKeyPairsRequest request;
Aws::EC2::Model::DescribeKeyPairsOutcome outcome = ec2Client.DescribeKeyPairs(request);
if (outcome.IsSuccess()) {
std::cout << std::left <<
std::setw(32) << "Name" <<
std::setw(64) << "Fingerprint" << std::endl;
const std::vector &key_pairs =
outcome.GetResult().GetKeyPairs();
for (const auto &key_pair: key_pairs) {
std::cout << std::left <<
std::setw(32) << key_pair.GetKeyName() <<
std::setw(64) << key_pair.GetKeyFingerprint() << std::endl;
}
} else {
std::cerr << "Failed to describe key pairs:" <<
outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ 有关 API 的详细信息,请参阅 *适用于 C\$1\$1 的 AWS SDK API 参考[DescribeKeyPairs](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeKeyPairs)*中的。
------
#### [ CLI ]
**AWS CLI**
**显示密钥对**
以下 `describe-key-pairs` 示例显示有关指定密钥对的信息。
```
aws ec2 describe-key-pairs \
--key-names my-key-pair
```
输出:
```
{
"KeyPairs": [
{
"KeyPairId": "key-0b94643da6EXAMPLE",
"KeyFingerprint": "1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f",
"KeyName": "my-key-pair",
"KeyType": "rsa",
"Tags": [],
"CreateTime": "2022-05-27T21:51:16.000Z"
}
]
}
```
有关更多信息,请参阅《Amazon EC2 用户指南》**中的[描述公有密钥](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/describe-keys.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeKeyPairs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-key-pairs.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Asynchronously describes the key pairs associated with the current AWS account.
*
* @return a {@link CompletableFuture} containing the {@link DescribeKeyPairsResponse} object, which provides
* information about the key pairs.
*/
public CompletableFuture describeKeysAsync() {
CompletableFuture responseFuture = getAsyncClient().describeKeyPairs();
responseFuture.whenComplete((response, exception) -> {
if (exception != null) {
throw new RuntimeException("Failed to describe key pairs: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[DescribeKeyPairs](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeKeyPairs)*中的。
------
#### [ JavaScript ]
**适用于 JavaScript (v3) 的软件开发工具包**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import { DescribeKeyPairsCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* List all key pairs in the current AWS account.
* @param {{ dryRun: boolean }}
*/
export const main = async ({ dryRun }) => {
const client = new EC2Client({});
const command = new DescribeKeyPairsCommand({ DryRun: dryRun });
try {
const { KeyPairs } = await client.send(command);
const keyPairList = KeyPairs.map(
(kp) => ` • ${kp.KeyPairId}: ${kp.KeyName}`,
).join("\n");
console.log("The following key pairs were found in your account:");
console.log(keyPairList);
} catch (caught) {
if (caught instanceof Error && caught.name === "DryRunOperation") {
console.log(`${caught.message}`);
} else {
throw caught;
}
}
};
```
+ 有关 API 的详细信息,请参阅 *适用于 JavaScript 的 AWS SDK API 参考[DescribeKeyPairs](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeKeyPairsCommand)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
suspend fun describeEC2Keys() {
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeKeyPairs(DescribeKeyPairsRequest {})
response.keyPairs?.forEach { keyPair ->
println("Found key pair with name ${keyPair.keyName} and fingerprint ${ keyPair.keyFingerprint}")
}
}
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeKeyPairs](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ PowerShell ]
**适用于 PowerShell V4 的工具**
**示例 1:此示例描述指定的密钥对。**
```
Get-EC2KeyPair -KeyName my-key-pair
```
**输出**:
```
KeyFingerprint KeyName
-------------- -------
1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f my-key-pair
```
**示例 2:此示例描述所有密钥对。**
```
Get-EC2KeyPair
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 4) [DescribeKeyPairs](https://docs.aws.amazon.com/powershell/v4/reference)中的。
**适用于 PowerShell V5 的工具**
**示例 1:此示例描述指定的密钥对。**
```
Get-EC2KeyPair -KeyName my-key-pair
```
**输出**:
```
KeyFingerprint KeyName
-------------- -------
1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f my-key-pair
```
**示例 2:此示例描述所有密钥对。**
```
Get-EC2KeyPair
```
+ 有关 API 的详细信息,请参阅 *AWS Tools for PowerShell Cmdlet 参考 (V* 5) [DescribeKeyPairs](https://docs.aws.amazon.com/powershell/v5/reference)中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def list(self, limit: Optional[int] = None) -> None:
"""
Displays a list of key pairs for the current account.
WARNING: Results are not paginated.
:param limit: The maximum number of key pairs to list. If not specified,
all key pairs will be listed.
:raises ClientError: If there is an error in listing the key pairs.
"""
try:
response = self.ec2_client.describe_key_pairs()
key_pairs = response.get("KeyPairs", [])
if limit:
key_pairs = key_pairs[:limit]
for key_pair in key_pairs:
logger.info(
f"Found {key_pair['KeyType']} key '{key_pair['KeyName']}' with fingerprint:"
)
logger.info(f"\t{key_pair['KeyFingerprint']}")
except ClientError as err:
logger.error(f"Failed to list key pairs: {str(err)}")
raise
```
+ 有关 API 的详细信息,请参阅适用[DescribeKeyPairs](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeKeyPairs)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
pub async fn list_key_pair(&self) -> Result, EC2Error> {
let output = self.client.describe_key_pairs().send().await?;
Ok(output.key_pairs.unwrap_or_default())
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeKeyPairs](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_key_pairs)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
oo_result = lo_ec2->describekeypairs( ). " oo_result is returned for testing purposes. "
DATA(lt_key_pairs) = oo_result->get_keypairs( ).
MESSAGE 'Retrieved information about key pairs.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DescribeKeyPairs](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
#### [ Swift ]
**适用于 Swift 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import AWSEC2
/// Describe the key pairs associated with the user by outputting each key
/// pair's name and fingerprint.
func describeKeyPairs() async {
do {
let output = try await ec2Client.describeKeyPairs(
input: DescribeKeyPairsInput()
)
guard let keyPairs = output.keyPairs else {
print("*** No key pairs list available.")
return
}
for keyPair in keyPairs {
print(keyPair.keyName ?? "", ":", keyPair.keyFingerprint ?? "