本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。 # `CreateVpcEndpoint` 搭配 AWS SDK 或 CLI 使用 下列程式碼範例示範如何使用 `CreateVpcEndpoint`。 動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作: + [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md) ------ #### [ CLI ] **AWS CLI** **範例 1:建立閘道端點** 下列 `create-vpc-endpoint` 範例會在 `us-east-1` 區域中的 VPC `vpc-1a2b3c4d` 和 Amazon S3 之間建立閘道 VPC 端點,並將路由表 `rtb-11aa22bb` 與端點相關聯。 ``` aws ec2 create-vpc-endpoint \ --vpc-id vpc-1a2b3c4d \ --service-name com.amazonaws.us-east-1.s3 \ --route-table-ids rtb-11aa22bb ``` 輸出: ``` { "VpcEndpoint": { "PolicyDocument": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"\*\",\"Action\":\"\*\",\"Resource\":\"\*\"}]}", "VpcId": "vpc-1a2b3c4d", "State": "available", "ServiceName": "com.amazonaws.us-east-1.s3", "RouteTableIds": [ "rtb-11aa22bb" ], "VpcEndpointId": "vpc-1a2b3c4d", "CreationTimestamp": "2015-05-15T09:40:50Z" } } ``` 如需詳細資訊,請參閱《AWS PrivateLink 使用者指南》**中的[建立閘道端點](https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html#create-gateway-endpoint-s3)。 **範例 2:建立介面端點** 下列 `create-vpc-endpoint` 範例會在 `us-east-1` 區域中的 VPC `vpc-1a2b3c4d` 和 Amazon S3 之間,建立介面 VPC 端點。命令會在子網路 `subnet-1a2b3c4d` 中建立端點,將其與安全群組 `sg-1a2b3c4d` 相關聯,並新增具有索引鍵 "Service" 和值 "S3" 的標籤。 ``` aws ec2 create-vpc-endpoint \ --vpc-id vpc-1a2b3c4d \ --vpc-endpoint-type Interface \ --service-name com.amazonaws.us-east-1.s3 \ --subnet-ids subnet-7b16de0c \ --security-group-id sg-1a2b3c4d \ --tag-specifications ResourceType=vpc-endpoint,Tags=[{Key=service,Value=S3}] ``` 輸出: ``` { "VpcEndpoint": { "VpcEndpointId": "vpce-1a2b3c4d5e6f1a2b3", "VpcEndpointType": "Interface", "VpcId": "vpc-1a2b3c4d", "ServiceName": "com.amazonaws.us-east-1.s3", "State": "pending", "RouteTableIds": [], "SubnetIds": [ "subnet-1a2b3c4d" ], "Groups": [ { "GroupId": "sg-1a2b3c4d", "GroupName": "default" } ], "PrivateDnsEnabled": false, "RequesterManaged": false, "NetworkInterfaceIds": [ "eni-0b16f0581c8ac6877" ], "DnsEntries": [ { "DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg.s3.us-east-1.vpce.amazonaws.com", "HostedZoneId": "Z7HUB22UULQXV" }, { "DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg-us-east-1c.s3.us-east-1.vpce.amazonaws.com", "HostedZoneId": "Z7HUB22UULQXV" } ], "CreationTimestamp": "2021-03-05T14:46:16.030000+00:00", "Tags": [ { "Key": "service", "Value": "S3" } ], "OwnerId": "123456789012" } } ``` 如需詳細資訊,請參閱《*AWS PrivateLink 使用者指南*》中的[建立介面 VPC 端點](https://docs.aws.amazon.com/vpc/latest/privatelink/create-interface-endpoint.html)。 **步驟 3:建立 Gateway Load Balancer 端點** 下列 `create-vpc-endpoint` 範例會在 VPC `vpc-111122223333aabbc` 和使用 Gateway Load Balancer 設定的服務之間,建立 Gateway Load Balancer 端點。 ``` aws ec2 create-vpc-endpoint \ --service-name com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123 \ --vpc-endpoint-type GatewayLoadBalancer \ --vpc-id vpc-111122223333aabbc \ --subnet-ids subnet-0011aabbcc2233445 ``` 輸出: ``` { "VpcEndpoint": { "VpcEndpointId": "vpce-aabbaabbaabbaabba", "VpcEndpointType": "GatewayLoadBalancer", "VpcId": "vpc-111122223333aabbc", "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123", "State": "pending", "SubnetIds": [ "subnet-0011aabbcc2233445" ], "RequesterManaged": false, "NetworkInterfaceIds": [ "eni-01010120203030405" ], "CreationTimestamp": "2020-11-11T08:06:03.522Z", "OwnerId": "123456789012" } } ``` 如需詳細資訊,請參閱《AWS PrivateLink 使用者指南》**中的 [Gateway Load Balancer 端點](https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-load-balancer-endpoints.html)。 **範例 4:建立資源端點** 以下 `create-vpc-endpoint` 範例會建立資源端點。 ``` aws ec2 create-vpc-endpoint \ --vpc-endpoint-type Resource \ --vpc-id vpc-111122223333aabbc \ --subnet-ids subnet-0011aabbcc2233445 \ --resource-configuration-arn arn:aws:vpc-lattice-us-east-1:123456789012:resourceconfiguration/rcfg-0123abcde98765432 ``` 輸出: ``` { "VpcEndpoint": { "VpcEndpointId": "vpce-00939a7ed9EXAMPLE", "VpcEndpointType": "Resource", "VpcId": "vpc-111122223333aabbc", "State": "Pending", "SubnetIds": [ "subnet-0011aabbcc2233445" ], "Groups": [ { "GroupId": "sg-03e2f15fbfc09b000", "GroupName": "default" } ], "IpAddressType": "IPV4", "PrivateDnsEnabled": false, "CreationTimestamp": "2025-02-06T23:38:49.525000+00:00", "Tags": [], "OwnerId": "123456789012", "ResourceConfigurationArn": "arn:aws:vpc-lattice:us-east-1:123456789012:resourceconfiguration/rcfg-0123abcde98765432" } } ``` 如需詳細資訊,請參閱《AWS PrivateLink 使用者指南》**中的[資源端點](https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-resources.html)。 **範例 5:建立服務網路端點** 下列 `create-vpc-endpoint` 範例會建立服務網路端點。 ``` aws ec2 create-vpc-endpoint \ --vpc-endpoint-type ServiceNetwork \ --vpc-id vpc-111122223333aabbc \ --subnet-ids subnet-0011aabbcc2233445 \ --service-network-arn arn:aws:vpc-lattice:us-east-1:123456789012:servicenetwork/sn-0101abcd5432abcd0 \ --security-group-ids sg-0123456789012abcd ``` 輸出: ``` { "VpcEndpoint": { "VpcEndpointId": "vpce-0f00567fa8EXAMPLE", "VpcEndpointType": "ServiceNetwork", "VpcId": "vpc-111122223333aabbc", "State": "Pending", "SubnetIds": [ "subnet-0011aabbcc2233445" ], "Groups": [ { "GroupId": "sg-0123456789012abcd", "GroupName": "my-security-group" } ], "IpAddressType": "IPV4", "PrivateDnsEnabled": false, "CreationTimestamp": "2025-02-06T23:44:20.449000+00:00", "Tags": [], "OwnerId": "123456789012", "ServiceNetworkArn": "arn:aws:vpc-lattice:us-east-1:123456789012:servicenetwork/sn-0101abcd5432abcd0" } } ``` 如需詳細資訊,請參閱《AWS PrivateLink 使用者指南》**中的[服務網路端點](https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-service-networks.html)。 + 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateVpcEndpoint](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpc-endpoint.html)。 ------ #### [ PHP ] **適用於 PHP 的 SDK** GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples)中設定和執行。 ``` /** * @param string $serviceName * @param string $vpcId * @param array $routeTableIds * @return array */ public function createVpcEndpoint(string $serviceName, string $vpcId, array $routeTableIds): array { try { $result = $this->ec2Client->createVpcEndpoint([ 'ServiceName' => $serviceName, 'VpcId' => $vpcId, 'RouteTableIds' => $routeTableIds, ]); return $result["VpcEndpoint"]; } catch(Ec2Exception $caught){ echo "There was a problem creating the VPC Endpoint: {$caught->getAwsErrorMessage()}\n"; throw $caught; } } ``` + 如需 API 詳細資訊,請參閱《適用於 PHP 的 AWS SDK API 參考》**中的 [CreateVpcEndpoint](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/CreateVpcEndpoint)。 ------ #### [ PowerShell ] **Tools for PowerShell V4** **範例 1:此範例會在 VPC vpc-0fc1ff23f45b678eb 中為服務 com.amazonaws.eu-west-1.s3 建立新的 VPC 端點** ``` New-EC2VpcEndpoint -ServiceName com.amazonaws.eu-west-1.s3 -VpcId vpc-0fc1ff23f45b678eb ``` **輸出:** ``` ClientToken VpcEndpoint ----------- ----------- Amazon.EC2.Model.VpcEndpoint ``` + 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateVpcEndpoint](https://docs.aws.amazon.com/powershell/v4/reference)。 **Tools for PowerShell V5** **範例 1:此範例會在 VPC vpc-0fc1ff23f45b678eb 中為服務 com.amazonaws.eu-west-1.s3 建立新的 VPC 端點** ``` New-EC2VpcEndpoint -ServiceName com.amazonaws.eu-west-1.s3 -VpcId vpc-0fc1ff23f45b678eb ``` **輸出:** ``` ClientToken VpcEndpoint ----------- ----------- Amazon.EC2.Model.VpcEndpoint ``` + 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateVpcEndpoint](https://docs.aws.amazon.com/powershell/v5/reference)。 ------ #### [ Python ] **適用於 Python 的 SDK (Boto3)** GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。 ``` class VpcWrapper: """Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions.""" def __init__(self, ec2_client: boto3.client): """ Initializes the VpcWrapper with an EC2 client. :param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level access to AWS EC2 services. """ self.ec2_client = ec2_client @classmethod def from_client(cls) -> "VpcWrapper": """ Creates a VpcWrapper instance with a default EC2 client. :return: An instance of VpcWrapper initialized with the default EC2 client. """ ec2_client = boto3.client("ec2") return cls(ec2_client) def create_vpc_endpoint( self, vpc_id: str, service_name: str, route_table_ids: list[str] ) -> Dict[str, Any]: """ Creates a new VPC endpoint for the specified service and associates it with the specified route tables. :param vpc_id: The ID of the VPC to create the endpoint in. :param service_name: The name of the service to create the endpoint for. :param route_table_ids: A list of IDs of the route tables to associate with the endpoint. :return: A dictionary representing the newly created VPC endpoint. """ try: response = self.ec2_client.create_vpc_endpoint( VpcId=vpc_id, ServiceName=service_name, RouteTableIds=route_table_ids, ) return response["VpcEndpoint"] except ClientError as err: logger.error( "Couldn't create VPC endpoint for service %s. Here's why: %s: %s", service_name, err.response["Error"]["Code"], err.response["Error"]["Message"], ) raise ``` + 如需 API 詳細資訊,請參閱《AWS SDK for Python (Boto3) API 參考》**中的 [CreateVpcEndpoint](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateVpcEndpoint)。 ------ #### [ SAP ABAP ] **適用於 SAP ABAP 的開發套件** GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。 ``` " iv_vpc_id = 'vpc-abc123' " iv_service_name = 'com.amazonaws.region.service' TRY. oo_result = lo_ec2->createvpcendpoint( " oo_result is returned for testing purposes. " iv_vpcid = iv_vpc_id iv_servicename = iv_service_name it_routetableids = it_route_table_ids ). DATA(lv_vpc_endpoint_id) = oo_result->get_vpcendpoint( )->get_vpcendpointid( ). MESSAGE 'Created VPC endpoint.' TYPE 'I'. CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception). DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|. MESSAGE lv_error TYPE 'E'. ENDTRY. ``` + 如需 API 詳細資訊,請參閱《適用於 *AWS SAP ABAP 的 SDK API 參考*》中的 [CreateVpcEndpoint](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。 ------ 如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。