responseFuture = getAsyncClient().runInstances(runRequest);
return responseFuture.thenCompose(response -> {
String instanceIdVal = response.instances().get(0).instanceId();
System.out.println("Going to start an EC2 instance and use a waiter to wait for it to be in running state");
return getAsyncClient().waiter()
.waitUntilInstanceExists(r -> r.instanceIds(instanceIdVal))
.thenCompose(waitResponse -> getAsyncClient().waiter()
.waitUntilInstanceRunning(r -> r.instanceIds(instanceIdVal))
.thenApply(runningResponse -> instanceIdVal));
}).exceptionally(throwable -> {
// Handle any exceptions that occurred during the async call
throw new RuntimeException("Failed to run EC2 instance: " + throwable.getMessage(), throwable);
});
}
/**
* Asynchronously retrieves the instance types available in the current AWS region.
*
* This method uses the AWS SDK's asynchronous API to fetch the available instance types
* and then processes the response. It logs the memory information, network information,
* and instance type for each instance type returned. Additionally, it returns a
* {@link CompletableFuture} that resolves to the instance type string for the "t2.2xlarge"
* instance type, if it is found in the response. If the "t2.2xlarge" instance type is not
* found, an empty string is returned.
*
*
* @return a {@link CompletableFuture} that resolves to the instance type string for the
* "t2.2xlarge" instance type, or an empty string if the instance type is not found
*/
public CompletableFuture getInstanceTypesAsync() {
DescribeInstanceTypesRequest typesRequest = DescribeInstanceTypesRequest.builder()
.maxResults(10)
.build();
CompletableFuture response = getAsyncClient().describeInstanceTypes(typesRequest);
response.whenComplete((resp, ex) -> {
if (resp != null) {
List instanceTypes = resp.instanceTypes();
for (InstanceTypeInfo type : instanceTypes) {
logger.info("The memory information of this type is " + type.memoryInfo().sizeInMiB());
logger.info("Network information is " + type.networkInfo().toString());
logger.info("Instance type is " + type.instanceType().toString());
}
} else {
throw (RuntimeException) ex;
}
});
return response.thenApply(resp -> {
for (InstanceTypeInfo type : resp.instanceTypes()) {
String instanceType = type.instanceType().toString();
if (instanceType.equals("t2.2xlarge")) {
return instanceType;
}
}
return "";
});
}
/**
* Asynchronously describes an AWS EC2 image with the specified image ID.
*
* @param imageId the ID of the image to be described
* @return a {@link CompletableFuture} that, when completed, contains the ID of the described image
* @throws RuntimeException if no images are found with the provided image ID, or if an error occurs during the AWS API call
*/
public CompletableFuture describeImageAsync(String imageId) {
DescribeImagesRequest imagesRequest = DescribeImagesRequest.builder()
.imageIds(imageId)
.build();
AtomicReference imageIdRef = new AtomicReference<>();
DescribeImagesPublisher paginator = getAsyncClient().describeImagesPaginator(imagesRequest);
return paginator.subscribe(response -> {
response.images().stream()
.filter(image -> image.imageId().equals(imageId))
.findFirst()
.ifPresent(image -> {
logger.info("The description of the image is " + image.description());
logger.info("The name of the image is " + image.name());
imageIdRef.set(image.imageId());
});
}).thenApply(v -> {
String id = imageIdRef.get();
if (id == null) {
throw new RuntimeException("No images found with the provided image ID.");
}
return id;
}).exceptionally(ex -> {
logger.info("Failed to describe image: " + ex.getMessage());
throw new RuntimeException("Failed to describe image", ex);
});
}
/**
* Retrieves the parameter values asynchronously using the AWS Systems Manager (SSM) API.
*
* @return a {@link CompletableFuture} that holds the response from the SSM API call to get parameters by path
*/
public CompletableFuture getParaValuesAsync() {
SsmAsyncClient ssmClient = SsmAsyncClient.builder()
.region(Region.US_EAST_1)
.build();
GetParametersByPathRequest parameterRequest = GetParametersByPathRequest.builder()
.path("/aws/service/ami-amazon-linux-latest")
.build();
// Create a CompletableFuture to hold the final result.
CompletableFuture responseFuture = new CompletableFuture<>();
ssmClient.getParametersByPath(parameterRequest)
.whenComplete((response, exception) -> {
if (exception != null) {
responseFuture.completeExceptionally(new RuntimeException("Failed to get parameters by path", exception));
} else {
responseFuture.complete(response);
}
});
return responseFuture;
}
/**
* Asynchronously describes the security groups for the specified group ID.
*
* @param groupName the name of the security group to describe
* @return a {@link CompletableFuture} that represents the asynchronous operation
* of describing the security groups. The future will complete with a
* {@link DescribeSecurityGroupsResponse} object that contains the
* security group information.
*/
public CompletableFuture describeSecurityGroupArnByNameAsync(String groupName) {
DescribeSecurityGroupsRequest request = DescribeSecurityGroupsRequest.builder()
.groupNames(groupName)
.build();
DescribeSecurityGroupsPublisher paginator = getAsyncClient().describeSecurityGroupsPaginator(request);
AtomicReference groupIdRef = new AtomicReference<>();
return paginator.subscribe(response -> {
response.securityGroups().stream()
.filter(securityGroup -> securityGroup.groupName().equals(groupName))
.findFirst()
.ifPresent(securityGroup -> groupIdRef.set(securityGroup.groupId()));
}).thenApply(v -> {
String groupId = groupIdRef.get();
if (groupId == null) {
throw new RuntimeException("No security group found with the name: " + groupName);
}
return groupId;
}).exceptionally(ex -> {
logger.info("Failed to describe security group: " + ex.getMessage());
throw new RuntimeException("Failed to describe security group", ex);
});
}
/**
* Creates a new security group asynchronously with the specified group name, description, and VPC ID. It also
* authorizes inbound traffic on ports 80 and 22 from the specified IP address.
*
* @param groupName the name of the security group to create
* @param groupDesc the description of the security group
* @param vpcId the ID of the VPC in which to create the security group
* @param myIpAddress the IP address from which to allow inbound traffic (e.g., "192.168.1.1/0" to allow traffic from
* any IP address in the 192.168.1.0/24 subnet)
* @return a CompletableFuture that, when completed, returns the ID of the created security group
* @throws RuntimeException if there was a failure creating the security group or authorizing the inbound traffic
*/
public CompletableFuture createSecurityGroupAsync(String groupName, String groupDesc, String vpcId, String myIpAddress) {
CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder()
.groupName(groupName)
.description(groupDesc)
.vpcId(vpcId)
.build();
return getAsyncClient().createSecurityGroup(createRequest)
.thenCompose(createResponse -> {
String groupId = createResponse.groupId();
IpRange ipRange = IpRange.builder()
.cidrIp(myIpAddress + "/32")
.build();
IpPermission ipPerm = IpPermission.builder()
.ipProtocol("tcp")
.toPort(80)
.fromPort(80)
.ipRanges(ipRange)
.build();
IpPermission ipPerm2 = IpPermission.builder()
.ipProtocol("tcp")
.toPort(22)
.fromPort(22)
.ipRanges(ipRange)
.build();
AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder()
.groupName(groupName)
.ipPermissions(ipPerm, ipPerm2)
.build();
return getAsyncClient().authorizeSecurityGroupIngress(authRequest)
.thenApply(authResponse -> groupId);
})
.whenComplete((result, exception) -> {
if (exception != null) {
if (exception instanceof CompletionException && exception.getCause() instanceof Ec2Exception) {
throw (Ec2Exception) exception.getCause();
} else {
throw new RuntimeException("Failed to create security group: " + exception.getMessage(), exception);
}
}
});
}
/**
* Asynchronously describes the key pairs associated with the current AWS account.
*
* @return a {@link CompletableFuture} containing the {@link DescribeKeyPairsResponse} object, which provides
* information about the key pairs.
*/
public CompletableFuture describeKeysAsync() {
CompletableFuture responseFuture = getAsyncClient().describeKeyPairs();
responseFuture.whenComplete((response, exception) -> {
if (exception != null) {
throw new RuntimeException("Failed to describe key pairs: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
/**
* Creates a new key pair asynchronously.
*
* @param keyName the name of the key pair to create
* @param fileName the name of the file to write the key material to
* @return a {@link CompletableFuture} that represents the asynchronous operation
* of creating the key pair and writing the key material to a file
*/
public CompletableFuture createKeyPairAsync(String keyName, String fileName) {
CreateKeyPairRequest request = CreateKeyPairRequest.builder()
.keyName(keyName)
.build();
CompletableFuture responseFuture = getAsyncClient().createKeyPair(request);
responseFuture.whenComplete((response, exception) -> {
if (response != null) {
try {
BufferedWriter writer = new BufferedWriter(new FileWriter(fileName));
writer.write(response.keyMaterial());
writer.close();
} catch (IOException e) {
throw new RuntimeException("Failed to write key material to file: " + e.getMessage(), e);
}
} else {
throw new RuntimeException("Failed to create key pair: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
/**
* Describes the first default VPC asynchronously and using a paginator.
*
* @return a {@link CompletableFuture} that, when completed, contains the first default VPC found.\
*/
public CompletableFuture describeFirstEC2VpcAsync() {
Filter myFilter = Filter.builder()
.name("is-default")
.values("true")
.build();
DescribeVpcsRequest request = DescribeVpcsRequest.builder()
.filters(myFilter)
.build();
DescribeVpcsPublisher paginator = getAsyncClient().describeVpcsPaginator(request);
AtomicReference vpcRef = new AtomicReference<>();
return paginator.subscribe(response -> {
response.vpcs().stream()
.findFirst()
.ifPresent(vpcRef::set);
}).thenApply(v -> {
Vpc vpc = vpcRef.get();
if (vpc == null) {
throw new RuntimeException("Default VPC not found");
}
return vpc;
}).exceptionally(ex -> {
logger.info("Failed to describe VPCs: " + ex.getMessage());
throw new RuntimeException("Failed to describe VPCs", ex);
});
}
/**
* Stops the EC2 instance with the specified ID asynchronously and waits for the instance to stop.
*
* @param instanceId the ID of the EC2 instance to stop
* @return a {@link CompletableFuture} that completes when the instance has been stopped, or exceptionally if an error occurs
*/
public CompletableFuture stopInstanceAsync(String instanceId) {
StopInstancesRequest stopRequest = StopInstancesRequest.builder()
.instanceIds(instanceId)
.build();
DescribeInstancesRequest describeRequest = DescribeInstancesRequest.builder()
.instanceIds(instanceId)
.build();
Ec2AsyncWaiter ec2Waiter = Ec2AsyncWaiter.builder()
.client(getAsyncClient())
.build();
CompletableFuture resultFuture = new CompletableFuture<>();
logger.info("Stopping instance " + instanceId + " and waiting for it to stop.");
getAsyncClient().stopInstances(stopRequest)
.thenCompose(response -> {
if (response.stoppingInstances().isEmpty()) {
return CompletableFuture.failedFuture(new RuntimeException("No instances were stopped. Please check the instance ID: " + instanceId));
}
return ec2Waiter.waitUntilInstanceStopped(describeRequest);
})
.thenAccept(waiterResponse -> {
logger.info("Successfully stopped instance " + instanceId);
resultFuture.complete(null);
})
.exceptionally(throwable -> {
logger.error("Failed to stop instance " + instanceId + ": " + throwable.getMessage(), throwable);
resultFuture.completeExceptionally(new RuntimeException("Failed to stop instance: " + throwable.getMessage(), throwable));
return null;
});
return resultFuture;
}
/**
* Starts an Amazon EC2 instance asynchronously and waits until it is in the "running" state.
*
* @param instanceId the ID of the instance to start
* @return a {@link CompletableFuture} that completes when the instance has been started and is in the "running" state, or exceptionally if an error occurs
*/
public CompletableFuture startInstanceAsync(String instanceId) {
StartInstancesRequest startRequest = StartInstancesRequest.builder()
.instanceIds(instanceId)
.build();
Ec2AsyncWaiter ec2Waiter = Ec2AsyncWaiter.builder()
.client(getAsyncClient())
.build();
DescribeInstancesRequest describeRequest = DescribeInstancesRequest.builder()
.instanceIds(instanceId)
.build();
logger.info("Starting instance " + instanceId + " and waiting for it to run.");
CompletableFuture resultFuture = new CompletableFuture<>();
return getAsyncClient().startInstances(startRequest)
.thenCompose(response ->
ec2Waiter.waitUntilInstanceRunning(describeRequest)
)
.thenAccept(waiterResponse -> {
logger.info("Successfully started instance " + instanceId);
resultFuture.complete(null);
})
.exceptionally(throwable -> {
resultFuture.completeExceptionally(new RuntimeException("Failed to start instance: " + throwable.getMessage(), throwable));
return null;
});
}
}
```
+ 如需 API 詳細資訊,請參閱《*AWS SDK for Java 2.x API 參考*》中的下列主題。
+ [AllocateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AllocateAddress)
+ [AssociateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AssociateAddress)
+ [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AuthorizeSecurityGroupIngress)
+ [CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateKeyPair)
+ [CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateSecurityGroup)
+ [DeleteKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteKeyPair)
+ [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteSecurityGroup)
+ [DescribeImages](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeImages)
+ [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstanceTypes)
+ [DescribeInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstances)
+ [DescribeKeyPairs](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeKeyPairs)
+ [DescribeSecurityGroups](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeSecurityGroups)
+ [DisassociateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DisassociateAddress)
+ [ReleaseAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/ReleaseAddress)
+ [RunInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/RunInstances)
+ [StartInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/StartInstances)
+ [StopInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/StopInstances)
+ [TerminateInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/TerminateInstances)
+ [UnmonitorInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/UnmonitorInstances)
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
此檔案包含與 EC2 搭配使用的常見動作清單。這些步驟是以情境架構建構而成,可簡化互動式範例的執行。如需完整上下文,請造訪 GitHub 儲存庫。
```
import { tmpdir } from "node:os";
import { writeFile, mkdtemp, rm } from "node:fs/promises";
import { join } from "node:path";
import { get } from "node:http";
import {
AllocateAddressCommand,
AssociateAddressCommand,
AuthorizeSecurityGroupIngressCommand,
CreateKeyPairCommand,
CreateSecurityGroupCommand,
DeleteKeyPairCommand,
DeleteSecurityGroupCommand,
DisassociateAddressCommand,
paginateDescribeImages,
paginateDescribeInstances,
paginateDescribeInstanceTypes,
ReleaseAddressCommand,
RunInstancesCommand,
StartInstancesCommand,
StopInstancesCommand,
TerminateInstancesCommand,
waitUntilInstanceStatusOk,
waitUntilInstanceStopped,
waitUntilInstanceTerminated,
} from "@aws-sdk/client-ec2";
import {
ScenarioAction,
ScenarioInput,
ScenarioOutput,
} from "@aws-doc-sdk-examples/lib/scenario/index.js";
import { paginateGetParametersByPath, SSMClient } from "@aws-sdk/client-ssm";
/**
* @typedef {{
* ec2Client: import('@aws-sdk/client-ec2').EC2Client,
* errors: Error[],
* keyPairId?: string,
* tmpDirectory?: string,
* securityGroupId?: string,
* ipAddress?: string,
* images?: import('@aws-sdk/client-ec2').Image[],
* image?: import('@aws-sdk/client-ec2').Image,
* instanceTypes?: import('@aws-sdk/client-ec2').InstanceTypeInfo[],
* instanceId?: string,
* instanceIpAddress?: string,
* allocationId?: string,
* allocatedIpAddress?: string,
* associationId?: string,
* }} State
*/
/**
* A skip function provided to the `skipWhen` of a Step when you want
* to ignore that step if any errors have occurred.
* @param {State} state
*/
const skipWhenErrors = (state) => state.errors.length > 0;
const MAX_WAITER_TIME_IN_SECONDS = 60 * 8;
export const confirm = new ScenarioInput("confirmContinue", "Continue?", {
type: "confirm",
skipWhen: skipWhenErrors,
});
export const exitOnNoConfirm = new ScenarioAction(
"exitOnConfirmContinueFalse",
(/** @type { { earlyExit: boolean } & Record} */ state) => {
if (!state[confirm.name]) {
state.earlyExit = true;
}
},
{
skipWhen: skipWhenErrors,
},
);
export const greeting = new ScenarioOutput(
"greeting",
`
Welcome to the Amazon EC2 basic usage scenario.
Before you launch an instances, you'll need to provide a few things:
- A key pair - This is for SSH access to your EC2 instance. You only need to provide the name.
- A security group - This is used for configuring access to your instance. Again, only the name is needed.
- An IP address - Your public IP address will be fetched.
- An Amazon Machine Image (AMI)
- A compatible instance type`,
{ header: true, preformatted: true, skipWhen: skipWhenErrors },
);
export const provideKeyPairName = new ScenarioInput(
"keyPairName",
"Provide a name for a new key pair.",
{ type: "input", default: "ec2-example-key-pair", skipWhen: skipWhenErrors },
);
export const createKeyPair = new ScenarioAction(
"createKeyPair",
async (/** @type {State} */ state) => {
try {
// Create a key pair in Amazon EC2.
const { KeyMaterial, KeyPairId } = await state.ec2Client.send(
// A unique name for the key pair. Up to 255 ASCII characters.
new CreateKeyPairCommand({ KeyName: state[provideKeyPairName.name] }),
);
state.keyPairId = KeyPairId;
// Save the private key in a temporary location.
state.tmpDirectory = await mkdtemp(join(tmpdir(), "ec2-scenario-tmp"));
await writeFile(
`${state.tmpDirectory}/${state[provideKeyPairName.name]}.pem`,
KeyMaterial,
{
mode: 0o400,
},
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidKeyPair.Duplicate"
) {
caught.message = `${caught.message}. Try another key name.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logKeyPair = new ScenarioOutput(
"logKeyPair",
(/** @type {State} */ state) =>
`Created the key pair ${state[provideKeyPairName.name]}.`,
{ skipWhen: skipWhenErrors },
);
export const confirmDeleteKeyPair = new ScenarioInput(
"confirmDeleteKeyPair",
"Do you want to delete the key pair?",
{
type: "confirm",
// Don't do anything when a key pair was never created.
skipWhen: (/** @type {State} */ state) => !state.keyPairId,
},
);
export const maybeDeleteKeyPair = new ScenarioAction(
"deleteKeyPair",
async (/** @type {State} */ state) => {
try {
// Delete a key pair by name from EC2
await state.ec2Client.send(
new DeleteKeyPairCommand({ KeyName: state[provideKeyPairName.name] }),
);
} catch (caught) {
if (
caught instanceof Error &&
// Occurs when a required parameter (e.g. KeyName) is undefined.
caught.name === "MissingParameter"
) {
caught.message = `${caught.message}. Did you provide the required value?`;
}
state.errors.push(caught);
}
},
{
// Don't do anything when there's no key pair to delete or the user chooses
// to keep it.
skipWhen: (/** @type {State} */ state) =>
!state.keyPairId || !state[confirmDeleteKeyPair.name],
},
);
export const provideSecurityGroupName = new ScenarioInput(
"securityGroupName",
"Provide a name for a new security group.",
{ type: "input", default: "ec2-scenario-sg", skipWhen: skipWhenErrors },
);
export const createSecurityGroup = new ScenarioAction(
"createSecurityGroup",
async (/** @type {State} */ state) => {
try {
// Create a new security group that will be used to configure ingress/egress for
// an EC2 instance.
const { GroupId } = await state.ec2Client.send(
new CreateSecurityGroupCommand({
GroupName: state[provideSecurityGroupName.name],
Description: "A security group for the Amazon EC2 example.",
}),
);
state.securityGroupId = GroupId;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidGroup.Duplicate") {
caught.message = `${caught.message}. Please provide a different name for your security group.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logSecurityGroup = new ScenarioOutput(
"logSecurityGroup",
(/** @type {State} */ state) =>
`Created the security group ${state.securityGroupId}.`,
{ skipWhen: skipWhenErrors },
);
export const confirmDeleteSecurityGroup = new ScenarioInput(
"confirmDeleteSecurityGroup",
"Do you want to delete the security group?",
{
type: "confirm",
// Don't do anything when a security group was never created.
skipWhen: (/** @type {State} */ state) => !state.securityGroupId,
},
);
export const maybeDeleteSecurityGroup = new ScenarioAction(
"deleteSecurityGroup",
async (/** @type {State} */ state) => {
try {
// Delete the security group if the 'skipWhen' condition below is not met.
await state.ec2Client.send(
new DeleteSecurityGroupCommand({
GroupId: state.securityGroupId,
}),
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidGroupId.Malformed"
) {
caught.message = `${caught.message}. Please provide a valid GroupId.`;
}
state.errors.push(caught);
}
},
{
// Don't do anything when there's no security group to delete
// or the user chooses to keep it.
skipWhen: (/** @type {State} */ state) =>
!state.securityGroupId || !state[confirmDeleteSecurityGroup.name],
},
);
export const authorizeSecurityGroupIngress = new ScenarioAction(
"authorizeSecurity",
async (/** @type {State} */ state) => {
try {
// Get the public IP address of the machine running this example.
const ipAddress = await new Promise((res, rej) => {
get("http://checkip.amazonaws.com", (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => res(data.trim()));
}).on("error", (err) => {
rej(err);
});
});
state.ipAddress = ipAddress;
// Allow ingress from the IP address above to the security group.
// This will allow you to SSH into the EC2 instance.
const command = new AuthorizeSecurityGroupIngressCommand({
GroupId: state.securityGroupId,
IpPermissions: [
{
IpProtocol: "tcp",
FromPort: 22,
ToPort: 22,
IpRanges: [{ CidrIp: `${ipAddress}/32` }],
},
],
});
await state.ec2Client.send(command);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidGroupId.Malformed"
) {
caught.message = `${caught.message}. Please provide a valid GroupId.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logSecurityGroupIngress = new ScenarioOutput(
"logSecurityGroupIngress",
(/** @type {State} */ state) =>
`Allowed SSH access from your public IP: ${state.ipAddress}.`,
{ skipWhen: skipWhenErrors },
);
export const getImages = new ScenarioAction(
"images",
async (/** @type {State} */ state) => {
const AMIs = [];
// Some AWS services publish information about common artifacts as AWS Systems Manager (SSM)
// public parameters. For example, the Amazon Elastic Compute Cloud (Amazon EC2)
// service publishes information about Amazon Machine Images (AMIs) as public parameters.
// Create the paginator for getting images. Actions that return multiple pages of
// results have paginators to simplify those calls.
const getParametersByPathPaginator = paginateGetParametersByPath(
{
// Not storing this client in state since it's only used once.
client: new SSMClient({}),
},
{
// The path to the public list of the latest amazon-linux instances.
Path: "/aws/service/ami-amazon-linux-latest",
},
);
try {
for await (const page of getParametersByPathPaginator) {
for (const param of page.Parameters) {
// Filter by Amazon Linux 2
if (param.Name.includes("amzn2")) {
AMIs.push(param.Value);
}
}
}
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidFilterValue") {
caught.message = `${caught.message} Please provide a valid filter value for paginateGetParametersByPath.`;
}
state.errors.push(caught);
return;
}
const imageDetails = [];
const describeImagesPaginator = paginateDescribeImages(
{ client: state.ec2Client },
// The images found from the call to SSM.
{ ImageIds: AMIs },
);
try {
// Get more details for the images found above.
for await (const page of describeImagesPaginator) {
imageDetails.push(...(page.Images || []));
}
// Store the image details for later use.
state.images = imageDetails;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidAMIID.NotFound") {
caught.message = `${caught.message}. Please provide a valid image id.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const provideImage = new ScenarioInput(
"image",
"Select one of the following images.",
{
type: "select",
choices: (/** @type { State } */ state) =>
state.images.map((image) => ({
name: `${image.Description}`,
value: image,
})),
default: (/** @type { State } */ state) => state.images[0],
skipWhen: skipWhenErrors,
},
);
export const getCompatibleInstanceTypes = new ScenarioAction(
"getCompatibleInstanceTypes",
async (/** @type {State} */ state) => {
// Get more details about instance types that match the architecture of
// the provided image.
const paginator = paginateDescribeInstanceTypes(
{ client: state.ec2Client, pageSize: 25 },
{
Filters: [
{
Name: "processor-info.supported-architecture",
// The value selected from provideImage()
Values: [state.image.Architecture],
},
// Filter for smaller, less expensive, types.
{ Name: "instance-type", Values: ["*.micro", "*.small"] },
],
},
);
const instanceTypes = [];
try {
for await (const page of paginator) {
if (page.InstanceTypes.length) {
instanceTypes.push(...(page.InstanceTypes || []));
}
}
if (!instanceTypes.length) {
state.errors.push(
"No instance types matched the instance type filters.",
);
}
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
caught.message = `${caught.message}. Please check the provided values and try again.`;
}
state.errors.push(caught);
}
state.instanceTypes = instanceTypes;
},
{ skipWhen: skipWhenErrors },
);
export const provideInstanceType = new ScenarioInput(
"instanceType",
"Select an instance type.",
{
choices: (/** @type {State} */ state) =>
state.instanceTypes.map((instanceType) => ({
name: `${instanceType.InstanceType} - Memory:${instanceType.MemoryInfo.SizeInMiB}`,
value: instanceType.InstanceType,
})),
type: "select",
default: (/** @type {State} */ state) =>
state.instanceTypes[0].InstanceType,
skipWhen: skipWhenErrors,
},
);
export const runInstance = new ScenarioAction(
"runInstance",
async (/** @type { State } */ state) => {
const { Instances } = await state.ec2Client.send(
new RunInstancesCommand({
KeyName: state[provideKeyPairName.name],
SecurityGroupIds: [state.securityGroupId],
ImageId: state.image.ImageId,
InstanceType: state[provideInstanceType.name],
// Availability Zones have capacity limitations that may impact your ability to launch instances.
// The `RunInstances` operation will only succeed if it can allocate at least the `MinCount` of instances.
// However, EC2 will attempt to launch up to the `MaxCount` of instances, even if the full request cannot be satisfied.
// If you need a specific number of instances, use `MinCount` and `MaxCount` set to the same value.
// If you want to launch up to a certain number of instances, use `MaxCount` and let EC2 provision as many as possible.
// If you require a minimum number of instances, but do not want to exceed a maximum, use both `MinCount` and `MaxCount`.
MinCount: 1,
MaxCount: 1,
}),
);
state.instanceId = Instances[0].InstanceId;
try {
// Poll `DescribeInstanceStatus` until status is "ok".
await waitUntilInstanceStatusOk(
{
client: state.ec2Client,
maxWaitTime: MAX_WAITER_TIME_IN_SECONDS,
},
{ InstanceIds: [Instances[0].InstanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logRunInstance = new ScenarioOutput(
"logRunInstance",
"The next step is to run your EC2 instance for the first time. This can take a few minutes.",
{ header: true, skipWhen: skipWhenErrors },
);
export const describeInstance = new ScenarioAction(
"describeInstance",
async (/** @type { State } */ state) => {
/** @type { import("@aws-sdk/client-ec2").Instance[] } */
const instances = [];
try {
const paginator = paginateDescribeInstances(
{
client: state.ec2Client,
},
{
// Only get our created instance.
InstanceIds: [state.instanceId],
},
);
for await (const page of paginator) {
for (const reservation of page.Reservations) {
instances.push(...reservation.Instances);
}
}
if (instances.length !== 1) {
throw new Error(`Instance ${state.instanceId} not found.`);
}
// The only info we need is the IP address for SSH purposes.
state.instanceIpAddress = instances[0].PublicIpAddress;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
caught.message = `${caught.message}. Please check provided values and try again.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logSSHConnectionInfo = new ScenarioOutput(
"logSSHConnectionInfo",
(/** @type { State } */ state) =>
`You can now SSH into your instance using the following command:
ssh -i ${state.tmpDirectory}/${state[provideKeyPairName.name]}.pem ec2-user@${state.instanceIpAddress}`,
{ preformatted: true, skipWhen: skipWhenErrors },
);
export const logStopInstance = new ScenarioOutput(
"logStopInstance",
"Stopping your EC2 instance.",
{ skipWhen: skipWhenErrors },
);
export const stopInstance = new ScenarioAction(
"stopInstance",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new StopInstancesCommand({
InstanceIds: [state.instanceId],
}),
);
await waitUntilInstanceStopped(
{
client: state.ec2Client,
maxWaitTime: MAX_WAITER_TIME_IN_SECONDS,
},
{ InstanceIds: [state.instanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
// Don't try to stop an instance that doesn't exist.
{ skipWhen: (/** @type { State } */ state) => !state.instanceId },
);
export const logIpAddressBehavior = new ScenarioOutput(
"logIpAddressBehavior",
[
"When you run an instance, by default it's assigned an IP address.",
"That IP address is not static. It will change every time the instance is restarted.",
"The next step is to stop and restart your instance to demonstrate this behavior.",
].join(" "),
{ header: true, skipWhen: skipWhenErrors },
);
export const logStartInstance = new ScenarioOutput(
"logStartInstance",
(/** @type { State } */ state) => `Starting instance ${state.instanceId}`,
{ skipWhen: skipWhenErrors },
);
export const startInstance = new ScenarioAction(
"startInstance",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new StartInstancesCommand({
InstanceIds: [state.instanceId],
}),
);
await waitUntilInstanceStatusOk(
{
client: state.ec2Client,
maxWaitTime: MAX_WAITER_TIME_IN_SECONDS,
},
{ InstanceIds: [state.instanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logIpAllocation = new ScenarioOutput(
"logIpAllocation",
[
"It is possible to have a static IP address.",
"To demonstrate this, an IP will be allocated and associated to your EC2 instance.",
].join(" "),
{ header: true, skipWhen: skipWhenErrors },
);
export const allocateIp = new ScenarioAction(
"allocateIp",
async (/** @type { State } */ state) => {
try {
// An Elastic IP address is allocated to your AWS account, and is yours until you release it.
const { AllocationId, PublicIp } = await state.ec2Client.send(
new AllocateAddressCommand({}),
);
state.allocationId = AllocationId;
state.allocatedIpAddress = PublicIp;
} catch (caught) {
if (caught instanceof Error && caught.name === "MissingParameter") {
caught.message = `${caught.message}. Did you provide these values?`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const associateIp = new ScenarioAction(
"associateIp",
async (/** @type { State } */ state) => {
try {
// Associate an allocated IP address to an EC2 instance. An IP address can be allocated
// with the AllocateAddress action.
const { AssociationId } = await state.ec2Client.send(
new AssociateAddressCommand({
AllocationId: state.allocationId,
InstanceId: state.instanceId,
}),
);
state.associationId = AssociationId;
// Update the IP address that is being tracked to match
// the one just associated.
state.instanceIpAddress = state.allocatedIpAddress;
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
caught.message = `${caught.message}. Did you provide the ID of a valid Elastic IP address AllocationId?`;
}
state.errors.push(caught);
}
},
{ skipWhen: skipWhenErrors },
);
export const logStaticIpProof = new ScenarioOutput(
"logStaticIpProof",
"The IP address should remain the same even after stopping and starting the instance.",
{ header: true, skipWhen: skipWhenErrors },
);
export const logCleanUp = new ScenarioOutput(
"logCleanUp",
"That's it! You can choose to clean up the resources now, or clean them up on your own later.",
{ header: true, skipWhen: skipWhenErrors },
);
export const confirmDisassociateAddress = new ScenarioInput(
"confirmDisassociateAddress",
"Do you want to disassociate and release the static IP address created earlier?",
{
type: "confirm",
skipWhen: (/** @type { State } */ state) => !state.associationId,
},
);
export const maybeDisassociateAddress = new ScenarioAction(
"maybeDisassociateAddress",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new DisassociateAddressCommand({
AssociationId: state.associationId,
}),
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAssociationID.NotFound"
) {
caught.message = `${caught.message}. Please provide a valid association ID.`;
}
state.errors.push(caught);
}
},
{
skipWhen: (/** @type { State } */ state) =>
!state[confirmDisassociateAddress.name] || !state.associationId,
},
);
export const maybeReleaseAddress = new ScenarioAction(
"maybeReleaseAddress",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new ReleaseAddressCommand({
AllocationId: state.allocationId,
}),
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
caught.message = `${caught.message}. Please provide a valid AllocationID.`;
}
state.errors.push(caught);
}
},
{
skipWhen: (/** @type { State } */ state) =>
!state[confirmDisassociateAddress.name] || !state.allocationId,
},
);
export const confirmTerminateInstance = new ScenarioInput(
"confirmTerminateInstance",
"Do you want to terminate the instance?",
// Don't do anything when an instance was never run.
{
skipWhen: (/** @type { State } */ state) => !state.instanceId,
type: "confirm",
},
);
export const maybeTerminateInstance = new ScenarioAction(
"terminateInstance",
async (/** @type { State } */ state) => {
try {
await state.ec2Client.send(
new TerminateInstancesCommand({
InstanceIds: [state.instanceId],
}),
);
await waitUntilInstanceTerminated(
{ client: state.ec2Client },
{ InstanceIds: [state.instanceId] },
);
} catch (caught) {
if (caught instanceof Error && caught.name === "TimeoutError") {
caught.message = `${caught.message}. Try increasing the maxWaitTime in the waiter.`;
}
state.errors.push(caught);
}
},
{
// Don't do anything when there's no instance to terminate or the
// use chooses not to terminate.
skipWhen: (/** @type { State } */ state) =>
!state.instanceId || !state[confirmTerminateInstance.name],
},
);
export const deleteTemporaryDirectory = new ScenarioAction(
"deleteTemporaryDirectory",
async (/** @type { State } */ state) => {
try {
await rm(state.tmpDirectory, { recursive: true });
} catch (caught) {
state.errors.push(caught);
}
},
);
export const logErrors = new ScenarioOutput(
"logErrors",
(/** @type {State}*/ state) => {
const errorList = state.errors
.map((err) => ` - ${err.name}: ${err.message}`)
.join("\n");
return `Scenario errors found:\n${errorList}`;
},
{
preformatted: true,
header: true,
// Don't log errors when there aren't any!
skipWhen: (/** @type {State} */ state) => state.errors.length === 0,
},
);
```
+ 如需 API 詳細資訊,請參閱《*適用於 JavaScript 的 AWS SDK API 參考*》中的下列主題。
+ [AllocateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AllocateAddressCommand)
+ [AssociateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AssociateAddressCommand)
+ [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AuthorizeSecurityGroupIngressCommand)
+ [CreateKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateKeyPairCommand)
+ [CreateSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateSecurityGroupCommand)
+ [DeleteKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteKeyPairCommand)
+ [DeleteSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteSecurityGroupCommand)
+ [DescribeImages](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeImagesCommand)
+ [DescribeInstanceTypes](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstanceTypesCommand)
+ [DescribeInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstancesCommand)
+ [DescribeKeyPairs](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeKeyPairsCommand)
+ [DescribeSecurityGroups](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeSecurityGroupsCommand)
+ [DisassociateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DisassociateAddressCommand)
+ [ReleaseAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/ReleaseAddressCommand)
+ [RunInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/RunInstancesCommand)
+ [StartInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/StartInstancesCommand)
+ [StopInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/StopInstancesCommand)
+ [TerminateInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/TerminateInstancesCommand)
+ [UnmonitorInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/UnmonitorInstancesCommand)
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
/**
Before running this Kotlin code example, set up your development environment,
including your credentials.
For more information, see the following documentation topic:
https://docs.aws.amazon.com/sdk-for-kotlin/latest/developer-guide/setup.html
This Kotlin example performs the following tasks:
1. Creates an RSA key pair and saves the private key data as a .pem file.
2. Lists key pairs.
3. Creates a security group for the default VPC.
4. Displays security group information.
5. Gets a list of Amazon Linux 2 AMIs and selects one.
6. Gets more information about the image.
7. Gets a list of instance types that are compatible with the selected AMI’s architecture.
8. Creates an instance with the key pair, security group, AMI, and an instance type.
9. Displays information about the instance.
10. Stops the instance and waits for it to stop.
11. Starts the instance and waits for it to start.
12. Allocates an Elastic IP address and associates it with the instance.
13. Displays SSH connection info for the instance.
14. Disassociates and deletes the Elastic IP address.
15. Terminates the instance.
16. Deletes the security group.
17. Deletes the key pair.
*/
val DASHES = String(CharArray(80)).replace("\u0000", "-")
suspend fun main(args: Array) {
val usage = """
Usage:
Where:
keyName - A key pair name (for example, TestKeyPair).
fileName - A file name where the key information is written to.
groupName - The name of the security group.
groupDesc - The description of the security group.
vpcId - A VPC ID. You can get this value from the AWS Management Console.
myIpAddress - The IP address of your development machine.
"""
if (args.size != 6) {
println(usage)
exitProcess(0)
}
val keyName = args[0]
val fileName = args[1]
val groupName = args[2]
val groupDesc = args[3]
val vpcId = args[4]
val myIpAddress = args[5]
var newInstanceId: String? = ""
println(DASHES)
println("Welcome to the Amazon EC2 example scenario.")
println(DASHES)
println(DASHES)
println("1. Create an RSA key pair and save the private key material as a .pem file.")
createKeyPairSc(keyName, fileName)
println(DASHES)
println(DASHES)
println("2. List key pairs.")
describeEC2KeysSc()
println(DASHES)
println(DASHES)
println("3. Create a security group.")
val groupId = createEC2SecurityGroupSc(groupName, groupDesc, vpcId, myIpAddress)
println(DASHES)
println(DASHES)
println("4. Display security group info for the newly created security group.")
describeSecurityGroupsSc(groupId.toString())
println(DASHES)
println(DASHES)
println("5. Get a list of Amazon Linux 2 AMIs and select one with amzn2 in the name.")
val instanceId = getParaValuesSc()
if (instanceId == "") {
println("The instance Id value isn't valid.")
exitProcess(0)
}
println("The instance Id is $instanceId.")
println(DASHES)
println(DASHES)
println("6. Get more information about an amzn2 image and return the AMI value.")
val amiValue = instanceId?.let { describeImageSc(it) }
if (instanceId == "") {
println("The instance Id value is invalid.")
exitProcess(0)
}
println("The AMI value is $amiValue.")
println(DASHES)
println(DASHES)
println("7. Get a list of instance types.")
val instanceType = getInstanceTypesSc()
println(DASHES)
println(DASHES)
println("8. Create an instance.")
if (amiValue != null) {
newInstanceId = runInstanceSc(instanceType, keyName, groupName, amiValue)
println("The instance Id is $newInstanceId")
}
println(DASHES)
println(DASHES)
println("9. Display information about the running instance. ")
var ipAddress = describeEC2InstancesSc(newInstanceId)
println("You can SSH to the instance using this command:")
println("ssh -i " + fileName + "ec2-user@" + ipAddress)
println(DASHES)
println(DASHES)
println("10. Stop the instance.")
if (newInstanceId != null) {
stopInstanceSc(newInstanceId)
}
println(DASHES)
println(DASHES)
println("11. Start the instance.")
if (newInstanceId != null) {
startInstanceSc(newInstanceId)
}
ipAddress = describeEC2InstancesSc(newInstanceId)
println("You can SSH to the instance using this command:")
println("ssh -i " + fileName + "ec2-user@" + ipAddress)
println(DASHES)
println(DASHES)
println("12. Allocate an Elastic IP address and associate it with the instance.")
val allocationId = allocateAddressSc()
println("The allocation Id value is $allocationId")
val associationId = associateAddressSc(newInstanceId, allocationId)
println("The associate Id value is $associationId")
println(DASHES)
println(DASHES)
println("13. Describe the instance again.")
ipAddress = describeEC2InstancesSc(newInstanceId)
println("You can SSH to the instance using this command:")
println("ssh -i " + fileName + "ec2-user@" + ipAddress)
println(DASHES)
println(DASHES)
println("14. Disassociate and release the Elastic IP address.")
disassociateAddressSc(associationId)
releaseEC2AddressSc(allocationId)
println(DASHES)
println(DASHES)
println("15. Terminate the instance and use a waiter.")
if (newInstanceId != null) {
terminateEC2Sc(newInstanceId)
}
println(DASHES)
println(DASHES)
println("16. Delete the security group.")
if (groupId != null) {
deleteEC2SecGroupSc(groupId)
}
println(DASHES)
println(DASHES)
println("17. Delete the key pair.")
deleteKeysSc(keyName)
println(DASHES)
println(DASHES)
println("You successfully completed the Amazon EC2 scenario.")
println(DASHES)
}
suspend fun deleteKeysSc(keyPair: String) {
val request =
DeleteKeyPairRequest {
keyName = keyPair
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteKeyPair(request)
println("Successfully deleted key pair named $keyPair")
}
}
suspend fun deleteEC2SecGroupSc(groupIdVal: String) {
val request =
DeleteSecurityGroupRequest {
groupId = groupIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteSecurityGroup(request)
println("Successfully deleted security group with Id $groupIdVal")
}
}
suspend fun terminateEC2Sc(instanceIdVal: String) {
val ti =
TerminateInstancesRequest {
instanceIds = listOf(instanceIdVal)
}
println("Wait for the instance to terminate. This will take a few minutes.")
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.terminateInstances(ti)
ec2.waitUntilInstanceTerminated {
// suspend call
instanceIds = listOf(instanceIdVal)
}
println("$instanceIdVal is terminated!")
}
}
suspend fun releaseEC2AddressSc(allocId: String?) {
val request =
ReleaseAddressRequest {
allocationId = allocId
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.releaseAddress(request)
println("Successfully released Elastic IP address $allocId")
}
}
suspend fun disassociateAddressSc(associationIdVal: String?) {
val addressRequest =
DisassociateAddressRequest {
associationId = associationIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.disassociateAddress(addressRequest)
println("You successfully disassociated the address!")
}
}
suspend fun associateAddressSc(
instanceIdVal: String?,
allocationIdVal: String?,
): String? {
val associateRequest =
AssociateAddressRequest {
instanceId = instanceIdVal
allocationId = allocationIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val associateResponse = ec2.associateAddress(associateRequest)
return associateResponse.associationId
}
}
suspend fun allocateAddressSc(): String? {
val allocateRequest =
AllocateAddressRequest {
domain = DomainType.Vpc
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val allocateResponse = ec2.allocateAddress(allocateRequest)
return allocateResponse.allocationId
}
}
suspend fun startInstanceSc(instanceId: String) {
val request =
StartInstancesRequest {
instanceIds = listOf(instanceId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.startInstances(request)
println("Waiting until instance $instanceId starts. This will take a few minutes.")
ec2.waitUntilInstanceRunning {
// suspend call
instanceIds = listOf(instanceId)
}
println("Successfully started instance $instanceId")
}
}
suspend fun stopInstanceSc(instanceId: String) {
val request =
StopInstancesRequest {
instanceIds = listOf(instanceId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.stopInstances(request)
println("Waiting until instance $instanceId stops. This will take a few minutes.")
ec2.waitUntilInstanceStopped {
// suspend call
instanceIds = listOf(instanceId)
}
println("Successfully stopped instance $instanceId")
}
}
suspend fun describeEC2InstancesSc(newInstanceId: String?): String {
var pubAddress = ""
var isRunning = false
val request =
DescribeInstancesRequest {
instanceIds = listOf(newInstanceId.toString())
}
while (!isRunning) {
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstances(request)
val state =
response.reservations
?.get(0)
?.instances
?.get(0)
?.state
?.name
?. value
if (state != null) {
if (state.compareTo("running") == 0) {
println("Image id is ${response.reservations!!.get(0).instances?.get(0)?.imageId}")
println("Instance type is ${response.reservations!!.get(0).instances?.get(0)?.instanceType}")
println("Instance state is ${response.reservations!!.get(0).instances?.get(0)?.state}")
pubAddress =
response.reservations!!
.get(0)
.instances
?.get(0)
?.publicIpAddress
.toString()
println("Instance address is $pubAddress")
isRunning = true
}
}
}
}
return pubAddress
}
suspend fun runInstanceSc(
instanceTypeVal: String,
keyNameVal: String,
groupNameVal: String,
amiIdVal: String,
): String {
val runRequest =
RunInstancesRequest {
instanceType = InstanceType.fromValue(instanceTypeVal)
keyName = keyNameVal
securityGroups = listOf(groupNameVal)
maxCount = 1
minCount = 1
imageId = amiIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.runInstances(runRequest)
val instanceId = response.instances?.get(0)?.instanceId
println("Successfully started EC2 Instance $instanceId based on AMI $amiIdVal")
return instanceId.toString()
}
}
// Get a list of instance types.
suspend fun getInstanceTypesSc(): String {
var instanceType = ""
val filterObs = ArrayList()
val filter =
Filter {
name = "processor-info.supported-architecture"
values = listOf("arm64")
}
filterObs.add(filter)
val typesRequest =
DescribeInstanceTypesRequest {
filters = filterObs
maxResults = 10
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstanceTypes(typesRequest)
response.instanceTypes?.forEach { type ->
println("The memory information of this type is ${type.memoryInfo?.sizeInMib}")
println("Maximum number of network cards is ${type.networkInfo?.maximumNetworkCards}")
instanceType = type.instanceType.toString()
}
return instanceType
}
}
// Display the Description field that corresponds to the instance Id value.
suspend fun describeImageSc(instanceId: String): String? {
val imagesRequest =
DescribeImagesRequest {
imageIds = listOf(instanceId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeImages(imagesRequest)
println("The description of the first image is ${response.images?.get(0)?.description}")
println("The name of the first image is ${response.images?.get(0)?.name}")
// Return the image Id value.
return response.images?.get(0)?.imageId
}
}
// Get the Id value of an instance with amzn2 in the name.
suspend fun getParaValuesSc(): String? {
val parameterRequest =
GetParametersByPathRequest {
path = "/aws/service/ami-amazon-linux-latest"
}
SsmClient.fromEnvironment { region = "us-west-2" }.use { ssmClient ->
val response = ssmClient.getParametersByPath(parameterRequest)
response.parameters?.forEach { para ->
println("The name of the para is: ${para.name}")
println("The type of the para is: ${para.type}")
println("")
if (para.name?.let { filterName(it) } == true) {
return para.value
}
}
}
return ""
}
fun filterName(name: String): Boolean {
val parts = name.split("/").toTypedArray()
val myValue = parts[4]
return myValue.contains("amzn2")
}
suspend fun describeSecurityGroupsSc(groupId: String) {
val request =
DescribeSecurityGroupsRequest {
groupIds = listOf(groupId)
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeSecurityGroups(request)
for (group in response.securityGroups!!) {
println("Found Security Group with id " + group.groupId.toString() + " and group VPC " + group.vpcId)
}
}
}
suspend fun createEC2SecurityGroupSc(
groupNameVal: String?,
groupDescVal: String?,
vpcIdVal: String?,
myIpAddress: String?,
): String? {
val request =
CreateSecurityGroupRequest {
groupName = groupNameVal
description = groupDescVal
vpcId = vpcIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val resp = ec2.createSecurityGroup(request)
val ipRange =
IpRange {
cidrIp = "$myIpAddress/0"
}
val ipPerm =
IpPermission {
ipProtocol = "tcp"
toPort = 80
fromPort = 80
ipRanges = listOf(ipRange)
}
val ipPerm2 =
IpPermission {
ipProtocol = "tcp"
toPort = 22
fromPort = 22
ipRanges = listOf(ipRange)
}
val authRequest =
AuthorizeSecurityGroupIngressRequest {
groupName = groupNameVal
ipPermissions = listOf(ipPerm, ipPerm2)
}
ec2.authorizeSecurityGroupIngress(authRequest)
println("Successfully added ingress policy to Security Group $groupNameVal")
return resp.groupId
}
}
suspend fun describeEC2KeysSc() {
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeKeyPairs(DescribeKeyPairsRequest {})
response.keyPairs?.forEach { keyPair ->
println("Found key pair with name ${keyPair.keyName} and fingerprint ${ keyPair.keyFingerprint}")
}
}
}
suspend fun createKeyPairSc(
keyNameVal: String,
fileNameVal: String,
) {
val request =
CreateKeyPairRequest {
keyName = keyNameVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.createKeyPair(request)
val content = response.keyMaterial
if (content != null) {
File(fileNameVal).writeText(content)
}
println("Successfully created key pair named $keyNameVal")
}
}
```
+ 如需 API 詳細資訊,請參閱《*AWS SDK for Kotlin API 參考*》中的下列主題。
+ [AllocateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [AssociateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [CreateKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [CreateSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DeleteKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DeleteSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeImages](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeInstanceTypes](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeKeyPairs](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeSecurityGroups](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DisassociateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [ReleaseAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [RunInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [StartInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [StopInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [TerminateInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [UnmonitorInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
在命令提示中執行互動式案例。
```
class EC2InstanceScenario:
"""
A scenario that demonstrates how to use Boto3 to manage Amazon EC2 resources.
Covers creating a key pair, security group, launching an instance, associating
an Elastic IP, and cleaning up resources.
"""
def __init__(
self,
inst_wrapper: EC2InstanceWrapper,
key_wrapper: KeyPairWrapper,
sg_wrapper: SecurityGroupWrapper,
eip_wrapper: ElasticIpWrapper,
ssm_client: boto3.client,
remote_exec: bool = False,
):
"""
Initializes the EC2InstanceScenario with the necessary AWS service wrappers.
:param inst_wrapper: Wrapper for EC2 instance operations.
:param key_wrapper: Wrapper for key pair operations.
:param sg_wrapper: Wrapper for security group operations.
:param eip_wrapper: Wrapper for Elastic IP operations.
:param ssm_client: Boto3 client for accessing SSM to retrieve AMIs.
:param remote_exec: Flag to indicate if the scenario is running in a remote execution
environment. Defaults to False. If True, the script won't prompt
for user interaction.
"""
self.inst_wrapper = inst_wrapper
self.key_wrapper = key_wrapper
self.sg_wrapper = sg_wrapper
self.eip_wrapper = eip_wrapper
self.ssm_client = ssm_client
self.remote_exec = remote_exec
def create_and_list_key_pairs(self) -> None:
"""
Creates an RSA key pair for SSH access to the EC2 instance and lists available key pairs.
"""
console.print("**Step 1: Create a Secure Key Pair**", style="bold cyan")
console.print(
"Let's create a secure RSA key pair for connecting to your EC2 instance."
)
key_name = f"MyUniqueKeyPair-{uuid.uuid4().hex[:8]}"
console.print(f"- **Key Pair Name**: {key_name}")
# Create the key pair and simulate the process with a progress bar.
with alive_bar(1, title="Creating Key Pair") as bar:
self.key_wrapper.create(key_name)
time.sleep(0.4) # Simulate the delay in key creation
bar()
console.print(f"- **Private Key Saved to**: {self.key_wrapper.key_file_path}\n")
# List key pairs (simulated) and show a progress bar.
list_keys = True
if list_keys:
console.print("- Listing your key pairs...")
start_time = time.time()
with alive_bar(100, title="Listing Key Pairs") as bar:
while time.time() - start_time < 2:
time.sleep(0.2)
bar(10)
self.key_wrapper.list(5)
if time.time() - start_time > 2:
console.print(
"Taking longer than expected! Please wait...",
style="bold yellow",
)
def create_security_group(self) -> None:
"""
Creates a security group that controls access to the EC2 instance and adds a rule
to allow SSH access from the user's current public IP address.
"""
console.print("**Step 2: Create a Security Group**", style="bold cyan")
console.print(
"Security groups manage access to your instance. Let's create one."
)
sg_name = f"MySecurityGroup-{uuid.uuid4().hex[:8]}"
console.print(f"- **Security Group Name**: {sg_name}")
# Create the security group and simulate the process with a progress bar.
with alive_bar(1, title="Creating Security Group") as bar:
self.sg_wrapper.create(
sg_name, "Security group for example: get started with instances."
)
time.sleep(0.5)
bar()
console.print(f"- **Security Group ID**: {self.sg_wrapper.security_group}\n")
# Get the current public IP to set up SSH access.
ip_response = urllib.request.urlopen("http://checkip.amazonaws.com")
current_ip_address = ip_response.read().decode("utf-8").strip()
console.print(
"Let's add a rule to allow SSH only from your current IP address."
)
console.print(f"- **Your Public IP Address**: {current_ip_address}")
console.print("- Automatically adding SSH rule...")
# Update security group rules to allow SSH and simulate with a progress bar.
with alive_bar(1, title="Updating Security Group Rules") as bar:
response = self.sg_wrapper.authorize_ingress(current_ip_address)
time.sleep(0.4)
if response and response.get("Return"):
console.print("- **Security Group Rules Updated**.")
else:
console.print(
"- **Error**: Couldn't update security group rules.",
style="bold red",
)
bar()
self.sg_wrapper.describe(self.sg_wrapper.security_group)
def create_instance(self) -> None:
"""
Launches an EC2 instance using an Amazon Linux 2 AMI and the created key pair
and security group. Displays instance details and SSH connection information.
"""
# Retrieve Amazon Linux 2 AMIs from SSM.
ami_paginator = self.ssm_client.get_paginator("get_parameters_by_path")
ami_options = []
for page in ami_paginator.paginate(Path="/aws/service/ami-amazon-linux-latest"):
ami_options += page["Parameters"]
amzn2_images = self.inst_wrapper.get_images(
[opt["Value"] for opt in ami_options if "amzn2" in opt["Name"]]
)
console.print("\n**Step 3: Launch Your Instance**", style="bold cyan")
console.print(
"Let's create an instance from an Amazon Linux 2 AMI. Here are some options:"
)
image_choice = 0
console.print(f"- Selected AMI: {amzn2_images[image_choice]['ImageId']}\n")
# Display instance types compatible with the selected AMI
inst_types = self.inst_wrapper.get_instance_types(
amzn2_images[image_choice]["Architecture"]
)
inst_type_choice = 0
console.print(
f"- Selected instance type: {inst_types[inst_type_choice]['InstanceType']}\n"
)
console.print("Creating your instance and waiting for it to start...")
with alive_bar(1, title="Creating Instance") as bar:
self.inst_wrapper.create(
amzn2_images[image_choice]["ImageId"],
inst_types[inst_type_choice]["InstanceType"],
self.key_wrapper.key_pair["KeyName"],
[self.sg_wrapper.security_group],
)
time.sleep(21)
bar()
console.print(f"**Success! Your instance is ready:**\n", style="bold green")
self.inst_wrapper.display()
console.print(
"You can use SSH to connect to your instance. "
"If the connection attempt times out, you might have to manually update "
"the SSH ingress rule for your IP address in the AWS Management Console."
)
self._display_ssh_info()
def _display_ssh_info(self) -> None:
"""
Displays SSH connection information for the user to connect to the EC2 instance.
Handles the case where the instance does or does not have an associated public IP address.
"""
if (
not self.eip_wrapper.elastic_ips
or not self.eip_wrapper.elastic_ips[0].allocation_id
):
if self.inst_wrapper.instances:
instance = self.inst_wrapper.instances[0]
instance_id = instance["InstanceId"]
waiter = self.inst_wrapper.ec2_client.get_waiter("instance_running")
console.print(
"Waiting for the instance to be in a running state with a public IP...",
style="bold cyan",
)
with alive_bar(1, title="Waiting for Instance to Start") as bar:
waiter.wait(InstanceIds=[instance_id])
time.sleep(20)
bar()
instance = self.inst_wrapper.ec2_client.describe_instances(
InstanceIds=[instance_id]
)["Reservations"][0]["Instances"][0]
public_ip = instance.get("PublicIpAddress")
if public_ip:
console.print(
"\nTo connect via SSH, open another command prompt and run the following command:",
style="bold cyan",
)
console.print(
f"\tssh -i {self.key_wrapper.key_file_path} ec2-user@{public_ip}"
)
else:
console.print(
"Instance does not have a public IP address assigned.",
style="bold red",
)
else:
console.print(
"No instance available to retrieve public IP address.",
style="bold red",
)
else:
elastic_ip = self.eip_wrapper.elastic_ips[0]
elastic_ip_address = elastic_ip.public_ip
console.print(
f"\tssh -i {self.key_wrapper.key_file_path} ec2-user@{elastic_ip_address}"
)
if not self.remote_exec:
console.print("\nOpen a new terminal tab to try the above SSH command.")
input("Press Enter to continue...")
def associate_elastic_ip(self) -> None:
"""
Allocates an Elastic IP address and associates it with the EC2 instance.
Displays the Elastic IP address and SSH connection information.
"""
console.print("\n**Step 4: Allocate an Elastic IP Address**", style="bold cyan")
console.print(
"You can allocate an Elastic IP address and associate it with your instance\n"
"to keep a consistent IP address even when your instance restarts."
)
with alive_bar(1, title="Allocating Elastic IP") as bar:
elastic_ip = self.eip_wrapper.allocate()
time.sleep(0.5)
bar()
console.print(
f"- **Allocated Static Elastic IP Address**: {elastic_ip.public_ip}."
)
with alive_bar(1, title="Associating Elastic IP") as bar:
self.eip_wrapper.associate(
elastic_ip.allocation_id, self.inst_wrapper.instances[0]["InstanceId"]
)
time.sleep(2)
bar()
console.print(f"- **Associated Elastic IP with Your Instance**.")
console.print(
"You can now use SSH to connect to your instance by using the Elastic IP."
)
self._display_ssh_info()
def stop_and_start_instance(self) -> None:
"""
Stops and restarts the EC2 instance. Displays instance state and explains
changes that occur when the instance is restarted, such as the potential change
in the public IP address unless an Elastic IP is associated.
"""
console.print("\n**Step 5: Stop and Start Your Instance**", style="bold cyan")
console.print("Let's stop and start your instance to see what changes.")
console.print("- **Stopping your instance and waiting until it's stopped...**")
with alive_bar(1, title="Stopping Instance") as bar:
self.inst_wrapper.stop()
time.sleep(360)
bar()
console.print("- **Your instance is stopped. Restarting...**")
with alive_bar(1, title="Starting Instance") as bar:
self.inst_wrapper.start()
time.sleep(20)
bar()
console.print("**Your instance is running.**", style="bold green")
self.inst_wrapper.display()
elastic_ip = (
self.eip_wrapper.elastic_ips[0] if self.eip_wrapper.elastic_ips else None
)
if elastic_ip is None or elastic_ip.allocation_id is None:
console.print(
"- **Note**: Every time your instance is restarted, its public IP address changes."
)
else:
console.print(
f"Because you have associated an Elastic IP with your instance, you can \n"
f"connect by using a consistent IP address after the instance restarts: {elastic_ip.public_ip}"
)
self._display_ssh_info()
def cleanup(self) -> None:
"""
Cleans up all the resources created during the scenario, including disassociating
and releasing the Elastic IP, terminating the instance, deleting the security
group, and deleting the key pair.
"""
console.print("\n**Step 6: Clean Up Resources**", style="bold cyan")
console.print("Cleaning up resources:")
for elastic_ip in self.eip_wrapper.elastic_ips:
console.print(f"- **Elastic IP**: {elastic_ip.public_ip}")
with alive_bar(1, title="Disassociating Elastic IP") as bar:
self.eip_wrapper.disassociate(elastic_ip.allocation_id)
time.sleep(2)
bar()
console.print("\t- **Disassociated Elastic IP from the Instance**")
with alive_bar(1, title="Releasing Elastic IP") as bar:
self.eip_wrapper.release(elastic_ip.allocation_id)
time.sleep(1)
bar()
console.print("\t- **Released Elastic IP**")
console.print(f"- **Instance**: {self.inst_wrapper.instances[0]['InstanceId']}")
with alive_bar(1, title="Terminating Instance") as bar:
self.inst_wrapper.terminate()
time.sleep(380)
bar()
console.print("\t- **Terminated Instance**")
console.print(f"- **Security Group**: {self.sg_wrapper.security_group}")
with alive_bar(1, title="Deleting Security Group") as bar:
self.sg_wrapper.delete(self.sg_wrapper.security_group)
time.sleep(1)
bar()
console.print("\t- **Deleted Security Group**")
console.print(f"- **Key Pair**: {self.key_wrapper.key_pair['KeyName']}")
with alive_bar(1, title="Deleting Key Pair") as bar:
self.key_wrapper.delete(self.key_wrapper.key_pair["KeyName"])
time.sleep(0.4)
bar()
console.print("\t- **Deleted Key Pair**")
def run_scenario(self) -> None:
"""
Executes the entire EC2 instance scenario: creates key pairs, security groups,
launches an instance, associates an Elastic IP, and cleans up all resources.
"""
logging.basicConfig(level=logging.INFO, format="%(levelname)s: %(message)s")
console.print("-" * 88)
console.print(
"Welcome to the Amazon Elastic Compute Cloud (Amazon EC2) get started with instances demo.",
style="bold magenta",
)
console.print("-" * 88)
self.create_and_list_key_pairs()
self.create_security_group()
self.create_instance()
self.stop_and_start_instance()
self.associate_elastic_ip()
self.stop_and_start_instance()
self.cleanup()
console.print("\nThanks for watching!", style="bold green")
console.print("-" * 88)
if __name__ == "__main__":
try:
scenario = EC2InstanceScenario(
EC2InstanceWrapper.from_client(),
KeyPairWrapper.from_client(),
SecurityGroupWrapper.from_client(),
ElasticIpWrapper.from_client(),
boto3.client("ssm"),
)
scenario.run_scenario()
except Exception:
logging.exception("Something went wrong with the demo.")
```
定義包裝金鑰對動作的類別。
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def create(self, key_name: str) -> dict:
"""
Creates a key pair that can be used to securely connect to an EC2 instance.
The returned key pair contains private key information that cannot be retrieved
again. The private key data is stored as a .pem file.
:param key_name: The name of the key pair to create.
:return: A dictionary representing the Boto3 KeyPair object that represents the newly created key pair.
:raises ClientError: If there is an error in creating the key pair, for example, if a key pair with the same name already exists.
"""
try:
response = self.ec2_client.create_key_pair(KeyName=key_name)
self.key_pair = response
self.key_file_path = os.path.join(
self.key_file_dir.name, f"{self.key_pair['KeyName']}.pem"
)
with open(self.key_file_path, "w") as key_file:
key_file.write(self.key_pair["KeyMaterial"])
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidKeyPair.Duplicate":
logger.error(
f"A key pair called {key_name} already exists. "
"Please choose a different name for your key pair "
"or delete the existing key pair before creating."
)
raise
else:
return self.key_pair
def list(self, limit: Optional[int] = None) -> None:
"""
Displays a list of key pairs for the current account.
WARNING: Results are not paginated.
:param limit: The maximum number of key pairs to list. If not specified,
all key pairs will be listed.
:raises ClientError: If there is an error in listing the key pairs.
"""
try:
response = self.ec2_client.describe_key_pairs()
key_pairs = response.get("KeyPairs", [])
if limit:
key_pairs = key_pairs[:limit]
for key_pair in key_pairs:
logger.info(
f"Found {key_pair['KeyType']} key '{key_pair['KeyName']}' with fingerprint:"
)
logger.info(f"\t{key_pair['KeyFingerprint']}")
except ClientError as err:
logger.error(f"Failed to list key pairs: {str(err)}")
raise
def delete(self, key_name: str) -> bool:
"""
Deletes a key pair by its name.
:param key_name: The name of the key pair to delete.
:return: A boolean indicating whether the deletion was successful.
:raises ClientError: If there is an error in deleting the key pair, for example,
if the key pair does not exist.
"""
try:
self.ec2_client.delete_key_pair(KeyName=key_name)
logger.info(f"Successfully deleted key pair: {key_name}")
self.key_pair = None
return True
except self.ec2_client.exceptions.ClientError as err:
logger.error(f"Deletion failed for key pair: {key_name}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidKeyPair.NotFound":
logger.error(
f"The key pair '{key_name}' does not exist and cannot be deleted. "
"Please verify the key pair name and try again."
)
raise
```
定義包裝安全群組動作的類別。
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(self, group_name: str, group_description: str) -> str:
"""
Creates a security group in the default virtual private cloud (VPC) of the current account.
:param group_name: The name of the security group to create.
:param group_description: The description of the security group to create.
:return: The ID of the newly created security group.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
try:
response = self.ec2_client.create_security_group(
GroupName=group_name, Description=group_description
)
self.security_group = response["GroupId"]
except ClientError as err:
if err.response["Error"]["Code"] == "ResourceAlreadyExists":
logger.error(
f"Security group '{group_name}' already exists. Please choose a different name."
)
raise
else:
return self.security_group
def authorize_ingress(self, ssh_ingress_ip: str) -> Optional[Dict[str, Any]]:
"""
Adds a rule to the security group to allow access to SSH.
:param ssh_ingress_ip: The IP address that is granted inbound access to connect
to port 22 over TCP, used for SSH.
:return: The response to the authorization request. The 'Return' field of the
response indicates whether the request succeeded or failed, or None if no security group is set.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
if self.security_group is None:
logger.info("No security group to update.")
return None
try:
ip_permissions = [
{
# SSH ingress open to only the specified IP address.
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"IpRanges": [{"CidrIp": f"{ssh_ingress_ip}/32"}],
}
]
response = self.ec2_client.authorize_security_group_ingress(
GroupId=self.security_group, IpPermissions=ip_permissions
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidPermission.Duplicate":
logger.error(
f"The SSH ingress rule for IP {ssh_ingress_ip} already exists"
f"in security group '{self.security_group}'."
)
raise
else:
return response
def describe(self, security_group_id: Optional[str] = None) -> bool:
"""
Displays information about the specified security group or all security groups if no ID is provided.
:param security_group_id: The ID of the security group to describe.
If None, an open search is performed to describe all security groups.
:returns: True if the description is successful.
:raises ClientError: If there is an error describing the security group(s), such as an invalid security group ID.
"""
try:
paginator = self.ec2_client.get_paginator("describe_security_groups")
if security_group_id is None:
# If no ID is provided, return all security groups.
page_iterator = paginator.paginate()
else:
page_iterator = paginator.paginate(GroupIds=[security_group_id])
for page in page_iterator:
for security_group in page["SecurityGroups"]:
print(f"Security group: {security_group['GroupName']}")
print(f"\tID: {security_group['GroupId']}")
print(f"\tVPC: {security_group['VpcId']}")
if security_group["IpPermissions"]:
print("Inbound permissions:")
pp(security_group["IpPermissions"])
return True
except ClientError as err:
logger.error("Failed to describe security group(s).")
if err.response["Error"]["Code"] == "InvalidGroup.NotFound":
logger.error(
f"Security group {security_group_id} does not exist "
f"because the specified security group ID was not found."
)
raise
def delete(self, security_group_id: str) -> bool:
"""
Deletes the specified security group.
:param security_group_id: The ID of the security group to delete. Required.
:returns: True if the deletion is successful.
:raises ClientError: If the security group cannot be deleted due to an AWS service error.
"""
try:
self.ec2_client.delete_security_group(GroupId=security_group_id)
logger.info(f"Successfully deleted security group '{security_group_id}'")
return True
except ClientError as err:
logger.error(f"Deletion failed for security group '{security_group_id}'")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidGroup.NotFound":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it does not exist."
)
elif error_code == "DependencyViolation":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it is still in use."
" Verify that it is:"
"\n\t- Detached from resources"
"\n\t- Removed from references in other groups"
"\n\t- Removed from VPC's as a default group"
)
raise
```
定義包裝執行個體動作的類別。
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(
self,
image_id: str,
instance_type: str,
key_pair_name: str,
security_group_ids: Optional[List[str]] = None,
) -> List[Dict[str, Any]]:
"""
Creates a new EC2 instance in the default VPC of the current account.
The instance starts immediately after it is created.
:param image_id: The ID of the Amazon Machine Image (AMI) to use for the instance.
:param instance_type: The type of instance to create, such as 't2.micro'.
:param key_pair_name: The name of the key pair to use for SSH access.
:param security_group_ids: A list of security group IDs to associate with the instance.
If not specified, the default security group of the VPC is used.
:return: A list of dictionaries representing Boto3 Instance objects representing the newly created instances.
"""
try:
instance_params = {
"ImageId": image_id,
"InstanceType": instance_type,
"KeyName": key_pair_name,
}
if security_group_ids is not None:
instance_params["SecurityGroupIds"] = security_group_ids
response = self.ec2_client.run_instances(
**instance_params, MinCount=1, MaxCount=1
)
instance = response["Instances"][0]
self.instances.append(instance)
waiter = self.ec2_client.get_waiter("instance_running")
waiter.wait(InstanceIds=[instance["InstanceId"]])
except ClientError as err:
params_str = "\n\t".join(
f"{key}: {value}" for key, value in instance_params.items()
)
logger.error(
f"Failed to complete instance creation request.\nRequest details:{params_str}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InstanceLimitExceeded":
logger.error(
(
f"Insufficient capacity for instance type '{instance_type}'. "
"Terminate unused instances or contact AWS Support for a limit increase."
)
)
if error_code == "InsufficientInstanceCapacity":
logger.error(
(
f"Insufficient capacity for instance type '{instance_type}'. "
"Select a different instance type or launch in a different availability zone."
)
)
raise
return self.instances
def display(self, state_filter: Optional[str] = "running") -> None:
"""
Displays information about instances, filtering by the specified state.
:param state_filter: The instance state to include in the output. Only instances in this state
will be displayed. Default is 'running'. Example states: 'running', 'stopped'.
"""
if not self.instances:
logger.info("No instances to display.")
return
instance_ids = [instance["InstanceId"] for instance in self.instances]
paginator = self.ec2_client.get_paginator("describe_instances")
page_iterator = paginator.paginate(InstanceIds=instance_ids)
try:
for page in page_iterator:
for reservation in page["Reservations"]:
for instance in reservation["Instances"]:
instance_state = instance["State"]["Name"]
# Apply the state filter (default is 'running')
if state_filter and instance_state != state_filter:
continue # Skip this instance if it doesn't match the filter
# Create a formatted string with instance details
instance_info = (
f"• ID: {instance['InstanceId']}\n"
f"• Image ID: {instance['ImageId']}\n"
f"• Instance type: {instance['InstanceType']}\n"
f"• Key name: {instance['KeyName']}\n"
f"• VPC ID: {instance['VpcId']}\n"
f"• Public IP: {instance.get('PublicIpAddress', 'N/A')}\n"
f"• State: {instance_state}"
)
print(instance_info)
except ClientError as err:
logger.error(
f"Failed to display instance(s). : {' '.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
logger.error(
"One or more instance IDs do not exist. "
"Please verify the instance IDs and try again."
)
raise
def terminate(self) -> None:
"""
Terminates instances and waits for them to reach the terminated state.
"""
if not self.instances:
logger.info("No instances to terminate.")
return
instance_ids = [instance["InstanceId"] for instance in self.instances]
try:
self.ec2_client.terminate_instances(InstanceIds=instance_ids)
waiter = self.ec2_client.get_waiter("instance_terminated")
waiter.wait(InstanceIds=instance_ids)
self.instances.clear()
for instance_id in instance_ids:
print(f"• Instance ID: {instance_id}\n" f"• Action: Terminated")
except ClientError as err:
logger.error(
f"Failed instance termination details:\n\t{str(self.instances)}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
logger.error(
"One or more instance IDs do not exist. "
"Please verify the instance IDs and try again."
)
raise
def start(self) -> Optional[Dict[str, Any]]:
"""
Starts instances and waits for them to be in a running state.
:return: The response to the start request.
"""
if not self.instances:
logger.info("No instances to start.")
return None
instance_ids = [instance["InstanceId"] for instance in self.instances]
try:
start_response = self.ec2_client.start_instances(InstanceIds=instance_ids)
waiter = self.ec2_client.get_waiter("instance_running")
waiter.wait(InstanceIds=instance_ids)
return start_response
except ClientError as err:
logger.error(
f"Failed to start instance(s): {','.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "IncorrectInstanceState":
logger.error(
"Couldn't start instance(s) because they are in an incorrect state. "
"Ensure the instances are in a stopped state before starting them."
)
raise
def stop(self) -> Optional[Dict[str, Any]]:
"""
Stops instances and waits for them to be in a stopped state.
:return: The response to the stop request, or None if there are no instances to stop.
"""
if not self.instances:
logger.info("No instances to stop.")
return None
instance_ids = [instance["InstanceId"] for instance in self.instances]
try:
# Attempt to stop the instances
stop_response = self.ec2_client.stop_instances(InstanceIds=instance_ids)
waiter = self.ec2_client.get_waiter("instance_stopped")
waiter.wait(InstanceIds=instance_ids)
except ClientError as err:
logger.error(
f"Failed to stop instance(s): {','.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "IncorrectInstanceState":
logger.error(
"Couldn't stop instance(s) because they are in an incorrect state. "
"Ensure the instances are in a running state before stopping them."
)
raise
return stop_response
def get_images(self, image_ids: List[str]) -> List[Dict[str, Any]]:
"""
Gets information about Amazon Machine Images (AMIs) from a list of AMI IDs.
:param image_ids: The list of AMI IDs to look up.
:return: A list of dictionaries representing the requested AMIs.
"""
try:
response = self.ec2_client.describe_images(ImageIds=image_ids)
images = response["Images"]
except ClientError as err:
logger.error(f"Failed to stop AMI(s): {','.join(map(str, image_ids))}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidAMIID.NotFound":
logger.error("One or more of the AMI IDs does not exist.")
raise
return images
def get_instance_types(
self, architecture: str = "x86_64", sizes: List[str] = ["*.micro", "*.small"]
) -> List[Dict[str, Any]]:
"""
Gets instance types that support the specified architecture and size.
See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypes.html
for a list of allowable parameters.
:param architecture: The architecture supported by instance types. Default: 'x86_64'.
:param sizes: The size of instance types. Default: '*.micro', '*.small',
:return: A list of dictionaries representing instance types that support the specified architecture and size.
"""
try:
inst_types = []
paginator = self.ec2_client.get_paginator("describe_instance_types")
for page in paginator.paginate(
Filters=[
{
"Name": "processor-info.supported-architecture",
"Values": [architecture],
},
{"Name": "instance-type", "Values": sizes},
]
):
inst_types += page["InstanceTypes"]
except ClientError as err:
logger.error(
f"Failed to get instance types: {architecture}, {','.join(map(str, sizes))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidParameterValue":
logger.error(
"Parameters are invalid. "
"Ensure architecture and size strings conform to DescribeInstanceTypes API reference."
)
raise
else:
return inst_types
```
定義包裝彈性 IP 動作的類別。
```
class ElasticIpWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Elastic IP address actions using the client interface."""
class ElasticIp:
"""Represents an Elastic IP and its associated instance."""
def __init__(
self, allocation_id: str, public_ip: str, instance_id: Optional[str] = None
) -> None:
"""
Initializes the ElasticIp object.
:param allocation_id: The allocation ID of the Elastic IP.
:param public_ip: The public IP address of the Elastic IP.
:param instance_id: The ID of the associated EC2 instance, if any.
"""
self.allocation_id = allocation_id
self.public_ip = public_ip
self.instance_id = instance_id
def __init__(self, ec2_client: Any) -> None:
"""
Initializes the ElasticIpWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
self.elastic_ips: List[ElasticIpWrapper.ElasticIp] = []
@classmethod
def from_client(cls) -> "ElasticIpWrapper":
"""
Creates an ElasticIpWrapper instance with a default EC2 client.
:return: An instance of ElasticIpWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def allocate(self) -> "ElasticIpWrapper.ElasticIp":
"""
Allocates an Elastic IP address that can be associated with an Amazon EC2
instance. By using an Elastic IP address, you can keep the public IP address
constant even when you restart the associated instance.
:return: The ElasticIp object for the newly created Elastic IP address.
:raises ClientError: If the allocation fails, such as reaching the maximum limit of Elastic IPs.
"""
try:
response = self.ec2_client.allocate_address(Domain="vpc")
elastic_ip = self.ElasticIp(
allocation_id=response["AllocationId"], public_ip=response["PublicIp"]
)
self.elastic_ips.append(elastic_ip)
except ClientError as err:
if err.response["Error"]["Code"] == "AddressLimitExceeded":
logger.error(
"Max IP's reached. Release unused addresses or contact AWS Support for an increase."
)
raise err
return elastic_ip
def associate(
self, allocation_id: str, instance_id: str
) -> Union[Dict[str, Any], None]:
"""
Associates an Elastic IP address with an instance. When this association is
created, the Elastic IP's public IP address is immediately used as the public
IP address of the associated instance.
:param allocation_id: The allocation ID of the Elastic IP.
:param instance_id: The ID of the Amazon EC2 instance.
:return: A response that contains the ID of the association, or None if no Elastic IP is found.
:raises ClientError: If the association fails, such as when the instance ID is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None:
logger.info(f"No Elastic IP found with allocation ID {allocation_id}.")
return None
try:
response = self.ec2_client.associate_address(
AllocationId=allocation_id, InstanceId=instance_id
)
elastic_ip.instance_id = (
instance_id # Track the instance associated with this Elastic IP.
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidInstanceID.NotFound":
logger.error(
f"Failed to associate Elastic IP {allocation_id} with {instance_id} "
"because the specified instance ID does not exist or has not propagated fully. "
"Verify the instance ID and try again, or wait a few moments before attempting to "
"associate the Elastic IP address."
)
raise
return response
def disassociate(self, allocation_id: str) -> None:
"""
Removes an association between an Elastic IP address and an instance. When the
association is removed, the instance is assigned a new public IP address.
:param allocation_id: The allocation ID of the Elastic IP to disassociate.
:raises ClientError: If the disassociation fails, such as when the association ID is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None or elastic_ip.instance_id is None:
logger.info(
f"No association found for Elastic IP with allocation ID {allocation_id}."
)
return
try:
# Retrieve the association ID before disassociating
response = self.ec2_client.describe_addresses(AllocationIds=[allocation_id])
association_id = response["Addresses"][0].get("AssociationId")
if association_id:
self.ec2_client.disassociate_address(AssociationId=association_id)
elastic_ip.instance_id = None # Remove the instance association
else:
logger.info(
f"No Association ID found for Elastic IP with allocation ID {allocation_id}."
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidAssociationID.NotFound":
logger.error(
f"Failed to disassociate Elastic IP {allocation_id} "
"because the specified association ID for the Elastic IP address was not found. "
"Verify the association ID and ensure the Elastic IP is currently associated with a "
"resource before attempting to disassociate it."
)
raise
def release(self, allocation_id: str) -> None:
"""
Releases an Elastic IP address. After the Elastic IP address is released,
it can no longer be used.
:param allocation_id: The allocation ID of the Elastic IP to release.
:raises ClientError: If the release fails, such as when the Elastic IP address is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None:
logger.info(f"No Elastic IP found with allocation ID {allocation_id}.")
return
try:
self.ec2_client.release_address(AllocationId=allocation_id)
self.elastic_ips.remove(elastic_ip) # Remove the Elastic IP from the list
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidAddress.NotFound":
logger.error(
f"Failed to release Elastic IP address {allocation_id} "
"because it could not be found. Verify the Elastic IP address "
"and ensure it is allocated to your account in the correct region "
"before attempting to release it."
)
raise
@staticmethod
def get_elastic_ip_by_allocation(
elastic_ips: List["ElasticIpWrapper.ElasticIp"], allocation_id: str
) -> Optional["ElasticIpWrapper.ElasticIp"]:
"""
Retrieves an Elastic IP object by its allocation ID from a given list of Elastic IPs.
:param elastic_ips: A list of ElasticIp objects.
:param allocation_id: The allocation ID of the Elastic IP to retrieve.
:return: The ElasticIp object associated with the allocation ID, or None if not found.
"""
return next(
(ip for ip in elastic_ips if ip.allocation_id == allocation_id), None
)
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的AWS SDK API 參考》**中的下列主題。
+ [AllocateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AllocateAddress)
+ [AssociateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AssociateAddress)
+ [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AuthorizeSecurityGroupIngress)
+ [CreateKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateKeyPair)
+ [CreateSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateSecurityGroup)
+ [DeleteKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteKeyPair)
+ [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteSecurityGroup)
+ [DescribeImages](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeImages)
+ [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstanceTypes)
+ [DescribeInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstances)
+ [DescribeKeyPairs](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeKeyPairs)
+ [DescribeSecurityGroups](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeSecurityGroups)
+ [DisassociateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DisassociateAddress)
+ [ReleaseAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/ReleaseAddress)
+ [RunInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/RunInstances)
+ [StartInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/StartInstances)
+ [StopInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/StopInstances)
+ [TerminateInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/TerminateInstances)
+ [UnmonitorInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/UnmonitorInstances)
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
EC2InstanceScenario 實作包含執行整個範例的邏輯。
```
//! Scenario that uses the AWS SDK for Rust (the SDK) with Amazon Elastic Compute Cloud
//! (Amazon EC2) to do the following:
//!
//! * Create a key pair that is used to secure SSH communication between your computer and
//! an EC2 instance.
//! * Create a security group that acts as a virtual firewall for your EC2 instances to
//! control incoming and outgoing traffic.
//! * Find an Amazon Machine Image (AMI) and a compatible instance type.
//! * Create an instance that is created from the instance type and AMI you select, and
//! is configured to use the security group and key pair created in this example.
//! * Stop and restart the instance.
//! * Create an Elastic IP address and associate it as a consistent IP address for your instance.
//! * Connect to your instance with SSH, using both its public IP address and your Elastic IP
//! address.
//! * Clean up all of the resources created by this example.
use std::net::Ipv4Addr;
use crate::{
ec2::{EC2Error, EC2},
getting_started::{key_pair::KeyPairManager, util::Util},
ssm::SSM,
};
use aws_sdk_ssm::types::Parameter;
use super::{
elastic_ip::ElasticIpManager, instance::InstanceManager, security_group::SecurityGroupManager,
util::ScenarioImage,
};
pub struct Ec2InstanceScenario {
ec2: EC2,
ssm: SSM,
util: Util,
key_pair_manager: KeyPairManager,
security_group_manager: SecurityGroupManager,
instance_manager: InstanceManager,
elastic_ip_manager: ElasticIpManager,
}
impl Ec2InstanceScenario {
pub fn new(ec2: EC2, ssm: SSM, util: Util) -> Self {
Ec2InstanceScenario {
ec2,
ssm,
util,
key_pair_manager: Default::default(),
security_group_manager: Default::default(),
instance_manager: Default::default(),
elastic_ip_manager: Default::default(),
}
}
pub async fn run(&mut self) -> Result<(), EC2Error> {
self.create_and_list_key_pairs().await?;
self.create_security_group().await?;
self.create_instance().await?;
self.stop_and_start_instance().await?;
self.associate_elastic_ip().await?;
self.stop_and_start_instance().await?;
Ok(())
}
/// 1. Creates an RSA key pair and saves its private key data as a .pem file in secure
/// temporary storage. The private key data is deleted after the example completes.
/// 2. Optionally, lists the first five key pairs for the current account.
pub async fn create_and_list_key_pairs(&mut self) -> Result<(), EC2Error> {
println!( "Let's create an RSA key pair that you can be use to securely connect to your EC2 instance.");
let key_name = self.util.prompt_key_name()?;
self.key_pair_manager
.create(&self.ec2, &self.util, key_name)
.await?;
println!(
"Created a key pair {} and saved the private key to {:?}.",
self.key_pair_manager
.key_pair()
.key_name()
.ok_or_else(|| EC2Error::new("No key name after creating key"))?,
self.key_pair_manager
.key_file_path()
.ok_or_else(|| EC2Error::new("No key file after creating key"))?
);
if self.util.should_list_key_pairs()? {
for pair in self.key_pair_manager.list(&self.ec2).await? {
println!(
"Found {:?} key {} with fingerprint:\t{:?}",
pair.key_type(),
pair.key_name().unwrap_or("Unknown"),
pair.key_fingerprint()
);
}
}
Ok(())
}
/// 1. Creates a security group for the default VPC.
/// 2. Adds an inbound rule to allow SSH. The SSH rule allows only
/// inbound traffic from the current computer’s public IPv4 address.
/// 3. Displays information about the security group.
///
/// This function uses to get the current public IP
/// address of the computer that is running the example. This method works in most
/// cases. However, depending on how your computer connects to the internet, you
/// might have to manually add your public IP address to the security group by using
/// the AWS Management Console.
pub async fn create_security_group(&mut self) -> Result<(), EC2Error> {
println!("Let's create a security group to manage access to your instance.");
let group_name = self.util.prompt_security_group_name()?;
self.security_group_manager
.create(
&self.ec2,
&group_name,
"Security group for example: get started with instances.",
)
.await?;
println!(
"Created security group {} in your default VPC {}.",
self.security_group_manager.group_name(),
self.security_group_manager
.vpc_id()
.unwrap_or("(unknown vpc)")
);
let check_ip = self.util.do_get("https://checkip.amazonaws.com").await?;
let current_ip_address: Ipv4Addr = check_ip.trim().parse().map_err(|e| {
EC2Error::new(format!(
"Failed to convert response {} to IP Address: {e:?}",
check_ip
))
})?;
println!("Your public IP address seems to be {current_ip_address}");
if self.util.should_add_to_security_group() {
match self
.security_group_manager
.authorize_ingress(&self.ec2, current_ip_address)
.await
{
Ok(_) => println!("Security group rules updated"),
Err(err) => eprintln!("Couldn't update security group rules: {err:?}"),
}
}
println!("{}", self.security_group_manager);
Ok(())
}
/// 1. Gets a list of Amazon Linux 2 AMIs from AWS Systems Manager. Specifying the
/// '/aws/service/ami-amazon-linux-latest' path returns only the latest AMIs.
/// 2. Gets and displays information about the available AMIs and lets you select one.
/// 3. Gets a list of instance types that are compatible with the selected AMI and
/// lets you select one.
/// 4. Creates an instance with the previously created key pair and security group,
/// and the selected AMI and instance type.
/// 5. Waits for the instance to be running and then displays its information.
pub async fn create_instance(&mut self) -> Result<(), EC2Error> {
let ami = self.find_image().await?;
let instance_types = self
.ec2
.list_instance_types(&ami.0)
.await
.map_err(|e| e.add_message("Could not find instance types"))?;
println!(
"There are several instance types that support the {} architecture of the image.",
ami.0
.architecture
.as_ref()
.ok_or_else(|| EC2Error::new(format!("Missing architecture in {:?}", ami.0)))?
);
let instance_type = self.util.select_instance_type(instance_types)?;
println!("Creating your instance and waiting for it to start...");
self.instance_manager
.create(
&self.ec2,
ami.0
.image_id()
.ok_or_else(|| EC2Error::new("Could not find image ID"))?,
instance_type,
self.key_pair_manager.key_pair(),
self.security_group_manager
.security_group()
.map(|sg| vec![sg])
.ok_or_else(|| EC2Error::new("Could not find security group"))?,
)
.await
.map_err(|e| e.add_message("Scenario failed to create instance"))?;
while let Err(err) = self
.ec2
.wait_for_instance_ready(self.instance_manager.instance_id(), None)
.await
{
println!("{err}");
if !self.util.should_continue_waiting() {
return Err(err);
}
}
println!("Your instance is ready:\n{}", self.instance_manager);
self.display_ssh_info();
Ok(())
}
async fn find_image(&mut self) -> Result {
let params: Vec = self
.ssm
.list_path("/aws/service/ami-amazon-linux-latest")
.await
.map_err(|e| e.add_message("Could not find parameters for available images"))?
.into_iter()
.filter(|param| param.name().is_some_and(|name| name.contains("amzn2")))
.collect();
let amzn2_images: Vec = self
.ec2
.list_images(params)
.await
.map_err(|e| e.add_message("Could not find images"))?
.into_iter()
.map(ScenarioImage::from)
.collect();
println!("We will now create an instance from an Amazon Linux 2 AMI");
let ami = self.util.select_scenario_image(amzn2_images)?;
Ok(ami)
}
// 1. Stops the instance and waits for it to stop.
// 2. Starts the instance and waits for it to start.
// 3. Displays information about the instance.
// 4. Displays an SSH connection string. When an Elastic IP address is associated
// with the instance, the IP address stays consistent when the instance stops
// and starts.
pub async fn stop_and_start_instance(&self) -> Result<(), EC2Error> {
println!("Let's stop and start your instance to see what changes.");
println!("Stopping your instance and waiting until it's stopped...");
self.instance_manager.stop(&self.ec2).await?;
println!("Your instance is stopped. Restarting...");
self.instance_manager.start(&self.ec2).await?;
println!("Your instance is running.");
println!("{}", self.instance_manager);
if self.elastic_ip_manager.public_ip() == "0.0.0.0" {
println!("Every time your instance is restarted, its public IP address changes.");
} else {
println!(
"Because you have associated an Elastic IP with your instance, you can connect by using a consistent IP address after the instance restarts."
);
}
self.display_ssh_info();
Ok(())
}
/// 1. Allocates an Elastic IP address and associates it with the instance.
/// 2. Displays an SSH connection string that uses the Elastic IP address.
async fn associate_elastic_ip(&mut self) -> Result<(), EC2Error> {
self.elastic_ip_manager.allocate(&self.ec2).await?;
println!(
"Allocated static Elastic IP address: {}",
self.elastic_ip_manager.public_ip()
);
self.elastic_ip_manager
.associate(&self.ec2, self.instance_manager.instance_id())
.await?;
println!("Associated your Elastic IP with your instance.");
println!("You can now use SSH to connect to your instance by using the Elastic IP.");
self.display_ssh_info();
Ok(())
}
/// Displays an SSH connection string that can be used to connect to a running
/// instance.
fn display_ssh_info(&self) {
let ip_addr = if self.elastic_ip_manager.has_allocation() {
self.elastic_ip_manager.public_ip()
} else {
self.instance_manager.instance_ip()
};
let key_file_path = self.key_pair_manager.key_file_path().unwrap();
println!("To connect, open another command prompt and run the following command:");
println!("\nssh -i {} ec2-user@{ip_addr}\n", key_file_path.display());
let _ = self.util.enter_to_continue();
}
/// 1. Disassociate and delete the previously created Elastic IP.
/// 2. Terminate the previously created instance.
/// 3. Delete the previously created security group.
/// 4. Delete the previously created key pair.
pub async fn clean_up(self) {
println!("Let's clean everything up. This example created these resources:");
println!(
"\tKey pair: {}",
self.key_pair_manager
.key_pair()
.key_name()
.unwrap_or("(unknown key pair)")
);
println!(
"\tSecurity group: {}",
self.security_group_manager.group_name()
);
println!(
"\tInstance: {}",
self.instance_manager.instance_display_name()
);
if self.util.should_clean_resources() {
if let Err(err) = self.elastic_ip_manager.remove(&self.ec2).await {
eprintln!("{err}")
}
if let Err(err) = self.instance_manager.delete(&self.ec2).await {
eprintln!("{err}")
}
if let Err(err) = self.security_group_manager.delete(&self.ec2).await {
eprintln!("{err}");
}
if let Err(err) = self.key_pair_manager.delete(&self.ec2, &self.util).await {
eprintln!("{err}");
}
} else {
println!("Ok, not cleaning up any resources!");
}
}
}
pub async fn run(mut scenario: Ec2InstanceScenario) {
println!("--------------------------------------------------------------------------------");
println!(
"Welcome to the Amazon Elastic Compute Cloud (Amazon EC2) get started with instances demo."
);
println!("--------------------------------------------------------------------------------");
if let Err(err) = scenario.run().await {
eprintln!("There was an error running the scenario: {err}")
}
println!("--------------------------------------------------------------------------------");
scenario.clean_up().await;
println!("Thanks for running!");
println!("--------------------------------------------------------------------------------");
}
```
EC2Impl 結構用作測試的自動模擬點,其函式會包裝 EC2 SDK 呼叫。
```
use std::{net::Ipv4Addr, time::Duration};
use aws_sdk_ec2::{
client::Waiters,
error::ProvideErrorMetadata,
operation::{
allocate_address::AllocateAddressOutput, associate_address::AssociateAddressOutput,
},
types::{
DomainType, Filter, Image, Instance, InstanceType, IpPermission, IpRange, KeyPairInfo,
SecurityGroup, Tag,
},
Client as EC2Client,
};
use aws_sdk_ssm::types::Parameter;
use aws_smithy_runtime_api::client::waiters::error::WaiterError;
#[cfg(test)]
use mockall::automock;
#[cfg(not(test))]
pub use EC2Impl as EC2;
#[cfg(test)]
pub use MockEC2Impl as EC2;
#[derive(Clone)]
pub struct EC2Impl {
pub client: EC2Client,
}
#[cfg_attr(test, automock)]
impl EC2Impl {
pub fn new(client: EC2Client) -> Self {
EC2Impl { client }
}
pub async fn create_key_pair(&self, name: String) -> Result<(KeyPairInfo, String), EC2Error> {
tracing::info!("Creating key pair {name}");
let output = self.client.create_key_pair().key_name(name).send().await?;
let info = KeyPairInfo::builder()
.set_key_name(output.key_name)
.set_key_fingerprint(output.key_fingerprint)
.set_key_pair_id(output.key_pair_id)
.build();
let material = output
.key_material
.ok_or_else(|| EC2Error::new("Create Key Pair has no key material"))?;
Ok((info, material))
}
pub async fn list_key_pair(&self) -> Result, EC2Error> {
let output = self.client.describe_key_pairs().send().await?;
Ok(output.key_pairs.unwrap_or_default())
}
pub async fn delete_key_pair(&self, key_name: &str) -> Result<(), EC2Error> {
let key_name: String = key_name.into();
tracing::info!("Deleting key pair {key_name}");
self.client
.delete_key_pair()
.key_name(key_name)
.send()
.await?;
Ok(())
}
pub async fn create_security_group(
&self,
name: &str,
description: &str,
) -> Result {
tracing::info!("Creating security group {name}");
let create_output = self
.client
.create_security_group()
.group_name(name)
.description(description)
.send()
.await
.map_err(EC2Error::from)?;
let group_id = create_output
.group_id
.ok_or_else(|| EC2Error::new("Missing security group id after creation"))?;
let group = self
.describe_security_group(&group_id)
.await?
.ok_or_else(|| {
EC2Error::new(format!("Could not find security group with id {group_id}"))
})?;
tracing::info!("Created security group {name} as {group_id}");
Ok(group)
}
/// Find a single security group, by ID. Returns Err if multiple groups are found.
pub async fn describe_security_group(
&self,
group_id: &str,
) -> Result, EC2Error> {
let group_id: String = group_id.into();
let describe_output = self
.client
.describe_security_groups()
.group_ids(&group_id)
.send()
.await?;
let mut groups = describe_output.security_groups.unwrap_or_default();
match groups.len() {
0 => Ok(None),
1 => Ok(Some(groups.remove(0))),
_ => Err(EC2Error::new(format!(
"Expected single group for {group_id}"
))),
}
}
/// Add an ingress rule to a security group explicitly allowing IPv4 address
/// as {ip}/32 over TCP port 22.
pub async fn authorize_security_group_ssh_ingress(
&self,
group_id: &str,
ingress_ips: Vec,
) -> Result<(), EC2Error> {
tracing::info!("Authorizing ingress for security group {group_id}");
self.client
.authorize_security_group_ingress()
.group_id(group_id)
.set_ip_permissions(Some(
ingress_ips
.into_iter()
.map(|ip| {
IpPermission::builder()
.ip_protocol("tcp")
.from_port(22)
.to_port(22)
.ip_ranges(IpRange::builder().cidr_ip(format!("{ip}/32")).build())
.build()
})
.collect(),
))
.send()
.await?;
Ok(())
}
pub async fn delete_security_group(&self, group_id: &str) -> Result<(), EC2Error> {
tracing::info!("Deleting security group {group_id}");
self.client
.delete_security_group()
.group_id(group_id)
.send()
.await?;
Ok(())
}
pub async fn list_images(&self, ids: Vec) -> Result, EC2Error> {
let image_ids = ids.into_iter().filter_map(|p| p.value).collect();
let output = self
.client
.describe_images()
.set_image_ids(Some(image_ids))
.send()
.await?;
let images = output.images.unwrap_or_default();
if images.is_empty() {
Err(EC2Error::new("No images for selected AMIs"))
} else {
Ok(images)
}
}
/// List instance types that match an image's architecture and are free tier eligible.
pub async fn list_instance_types(&self, image: &Image) -> Result, EC2Error> {
let architecture = format!(
"{}",
image.architecture().ok_or_else(|| EC2Error::new(format!(
"Image {:?} does not have a listed architecture",
image.image_id()
)))?
);
let free_tier_eligible_filter = Filter::builder()
.name("free-tier-eligible")
.values("false")
.build();
let supported_architecture_filter = Filter::builder()
.name("processor-info.supported-architecture")
.values(architecture)
.build();
let response = self
.client
.describe_instance_types()
.filters(free_tier_eligible_filter)
.filters(supported_architecture_filter)
.send()
.await?;
Ok(response
.instance_types
.unwrap_or_default()
.into_iter()
.filter_map(|iti| iti.instance_type)
.collect())
}
pub async fn create_instance<'a>(
&self,
image_id: &'a str,
instance_type: InstanceType,
key_pair: &'a KeyPairInfo,
security_groups: Vec<&'a SecurityGroup>,
) -> Result {
let run_instances = self
.client
.run_instances()
.image_id(image_id)
.instance_type(instance_type)
.key_name(
key_pair
.key_name()
.ok_or_else(|| EC2Error::new("Missing key name when launching instance"))?,
)
.set_security_group_ids(Some(
security_groups
.iter()
.filter_map(|sg| sg.group_id.clone())
.collect(),
))
.min_count(1)
.max_count(1)
.send()
.await?;
if run_instances.instances().is_empty() {
return Err(EC2Error::new("Failed to create instance"));
}
let instance_id = run_instances.instances()[0].instance_id().unwrap();
let response = self
.client
.create_tags()
.resources(instance_id)
.tags(
Tag::builder()
.key("Name")
.value("From SDK Examples")
.build(),
)
.send()
.await;
match response {
Ok(_) => tracing::info!("Created {instance_id} and applied tags."),
Err(err) => {
tracing::info!("Error applying tags to {instance_id}: {err:?}");
return Err(err.into());
}
}
tracing::info!("Instance is created.");
Ok(instance_id.to_string())
}
/// Wait for an instance to be ready and status ok (default wait 60 seconds)
pub async fn wait_for_instance_ready(
&self,
instance_id: &str,
duration: Option,
) -> Result<(), EC2Error> {
self.client
.wait_until_instance_status_ok()
.instance_ids(instance_id)
.wait(duration.unwrap_or(Duration::from_secs(60)))
.await
.map_err(|err| match err {
WaiterError::ExceededMaxWait(exceeded) => EC2Error(format!(
"Exceeded max time ({}s) waiting for instance to start.",
exceeded.max_wait().as_secs()
)),
_ => EC2Error::from(err),
})?;
Ok(())
}
pub async fn describe_instance(&self, instance_id: &str) -> Result {
let response = self
.client
.describe_instances()
.instance_ids(instance_id)
.send()
.await?;
let instance = response
.reservations()
.first()
.ok_or_else(|| EC2Error::new(format!("No instance reservations for {instance_id}")))?
.instances()
.first()
.ok_or_else(|| {
EC2Error::new(format!("No instances in reservation for {instance_id}"))
})?;
Ok(instance.clone())
}
pub async fn start_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Starting instance {instance_id}");
self.client
.start_instances()
.instance_ids(instance_id)
.send()
.await?;
tracing::info!("Started instance.");
Ok(())
}
pub async fn stop_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Stopping instance {instance_id}");
self.client
.stop_instances()
.instance_ids(instance_id)
.send()
.await?;
self.wait_for_instance_stopped(instance_id, None).await?;
tracing::info!("Stopped instance.");
Ok(())
}
pub async fn reboot_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Rebooting instance {instance_id}");
self.client
.reboot_instances()
.instance_ids(instance_id)
.send()
.await?;
Ok(())
}
pub async fn wait_for_instance_stopped(
&self,
instance_id: &str,
duration: Option,
) -> Result<(), EC2Error> {
self.client
.wait_until_instance_stopped()
.instance_ids(instance_id)
.wait(duration.unwrap_or(Duration::from_secs(60)))
.await
.map_err(|err| match err {
WaiterError::ExceededMaxWait(exceeded) => EC2Error(format!(
"Exceeded max time ({}s) waiting for instance to stop.",
exceeded.max_wait().as_secs(),
)),
_ => EC2Error::from(err),
})?;
Ok(())
}
pub async fn delete_instance(&self, instance_id: &str) -> Result<(), EC2Error> {
tracing::info!("Deleting instance with id {instance_id}");
self.stop_instance(instance_id).await?;
self.client
.terminate_instances()
.instance_ids(instance_id)
.send()
.await?;
self.wait_for_instance_terminated(instance_id).await?;
tracing::info!("Terminated instance with id {instance_id}");
Ok(())
}
async fn wait_for_instance_terminated(&self, instance_id: &str) -> Result<(), EC2Error> {
self.client
.wait_until_instance_terminated()
.instance_ids(instance_id)
.wait(Duration::from_secs(60))
.await
.map_err(|err| match err {
WaiterError::ExceededMaxWait(exceeded) => EC2Error(format!(
"Exceeded max time ({}s) waiting for instance to terminate.",
exceeded.max_wait().as_secs(),
)),
_ => EC2Error::from(err),
})?;
Ok(())
}
pub async fn allocate_ip_address(&self) -> Result {
self.client
.allocate_address()
.domain(DomainType::Vpc)
.send()
.await
.map_err(EC2Error::from)
}
pub async fn deallocate_ip_address(&self, allocation_id: &str) -> Result<(), EC2Error> {
self.client
.release_address()
.allocation_id(allocation_id)
.send()
.await?;
Ok(())
}
pub async fn associate_ip_address(
&self,
allocation_id: &str,
instance_id: &str,
) -> Result {
let response = self
.client
.associate_address()
.allocation_id(allocation_id)
.instance_id(instance_id)
.send()
.await?;
Ok(response)
}
pub async fn disassociate_ip_address(&self, association_id: &str) -> Result<(), EC2Error> {
self.client
.disassociate_address()
.association_id(association_id)
.send()
.await?;
Ok(())
}
}
#[derive(Debug)]
pub struct EC2Error(String);
impl EC2Error {
pub fn new(value: impl Into) -> Self {
EC2Error(value.into())
}
pub fn add_message(self, message: impl Into) -> Self {
EC2Error(format!("{}: {}", message.into(), self.0))
}
}
impl From for EC2Error {
fn from(value: T) -> Self {
EC2Error(format!(
"{}: {}",
value
.code()
.map(String::from)
.unwrap_or("unknown code".into()),
value
.message()
.map(String::from)
.unwrap_or("missing reason".into()),
))
}
}
impl std::error::Error for EC2Error {}
impl std::fmt::Display for EC2Error {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{}", self.0)
}
}
```
SSM 結構用作測試的自動模擬點,其函式會包裝 SSM SDK 呼叫。
```
use aws_sdk_ssm::{types::Parameter, Client};
use aws_smithy_async::future::pagination_stream::TryFlatMap;
use crate::ec2::EC2Error;
#[cfg(test)]
use mockall::automock;
#[cfg(not(test))]
pub use SSMImpl as SSM;
#[cfg(test)]
pub use MockSSMImpl as SSM;
pub struct SSMImpl {
inner: Client,
}
#[cfg_attr(test, automock)]
impl SSMImpl {
pub fn new(inner: Client) -> Self {
SSMImpl { inner }
}
pub async fn list_path(&self, path: &str) -> Result, EC2Error> {
let maybe_params: Vec> = TryFlatMap::new(
self.inner
.get_parameters_by_path()
.path(path)
.into_paginator()
.send(),
)
.flat_map(|item| item.parameters.unwrap_or_default())
.collect()
.await;
// Fail on the first error
let params = maybe_params
.into_iter()
.collect::, _>>()?;
Ok(params)
}
}
```
此案例使用數個 "Manager" 樣式的結構,處理在整個案例中建立和刪除的資源存取。
```
use aws_sdk_ec2::operation::{
allocate_address::AllocateAddressOutput, associate_address::AssociateAddressOutput,
};
use crate::ec2::{EC2Error, EC2};
/// ElasticIpManager tracks the lifecycle of a public IP address, including its
/// allocation from the global pool and association with a specific instance.
#[derive(Debug, Default)]
pub struct ElasticIpManager {
elastic_ip: Option,
association: Option,
}
impl ElasticIpManager {
pub fn has_allocation(&self) -> bool {
self.elastic_ip.is_some()
}
pub fn public_ip(&self) -> &str {
if let Some(allocation) = &self.elastic_ip {
if let Some(addr) = allocation.public_ip() {
return addr;
}
}
"0.0.0.0"
}
pub async fn allocate(&mut self, ec2: &EC2) -> Result<(), EC2Error> {
let allocation = ec2.allocate_ip_address().await?;
self.elastic_ip = Some(allocation);
Ok(())
}
pub async fn associate(&mut self, ec2: &EC2, instance_id: &str) -> Result<(), EC2Error> {
if let Some(allocation) = &self.elastic_ip {
if let Some(allocation_id) = allocation.allocation_id() {
let association = ec2.associate_ip_address(allocation_id, instance_id).await?;
self.association = Some(association);
return Ok(());
}
}
Err(EC2Error::new("No ip address allocation to associate"))
}
pub async fn remove(mut self, ec2: &EC2) -> Result<(), EC2Error> {
if let Some(association) = &self.association {
if let Some(association_id) = association.association_id() {
ec2.disassociate_ip_address(association_id).await?;
}
}
self.association = None;
if let Some(allocation) = &self.elastic_ip {
if let Some(allocation_id) = allocation.allocation_id() {
ec2.deallocate_ip_address(allocation_id).await?;
}
}
self.elastic_ip = None;
Ok(())
}
}
use std::fmt::Display;
use aws_sdk_ec2::types::{Instance, InstanceType, KeyPairInfo, SecurityGroup};
use crate::ec2::{EC2Error, EC2};
/// InstanceManager wraps the lifecycle of an EC2 Instance.
#[derive(Debug, Default)]
pub struct InstanceManager {
instance: Option,
}
impl InstanceManager {
pub fn instance_id(&self) -> &str {
if let Some(instance) = &self.instance {
if let Some(id) = instance.instance_id() {
return id;
}
}
"Unknown"
}
pub fn instance_name(&self) -> &str {
if let Some(instance) = &self.instance {
if let Some(tag) = instance.tags().iter().find(|e| e.key() == Some("Name")) {
if let Some(value) = tag.value() {
return value;
}
}
}
"Unknown"
}
pub fn instance_ip(&self) -> &str {
if let Some(instance) = &self.instance {
if let Some(public_ip_address) = instance.public_ip_address() {
return public_ip_address;
}
}
"0.0.0.0"
}
pub fn instance_display_name(&self) -> String {
format!("{} ({})", self.instance_name(), self.instance_id())
}
/// Create an EC2 instance with the given ID on a given type, using a
/// generated KeyPair and applying a list of security groups.
pub async fn create(
&mut self,
ec2: &EC2,
image_id: &str,
instance_type: InstanceType,
key_pair: &KeyPairInfo,
security_groups: Vec<&SecurityGroup>,
) -> Result<(), EC2Error> {
let instance_id = ec2
.create_instance(image_id, instance_type, key_pair, security_groups)
.await?;
let instance = ec2.describe_instance(&instance_id).await?;
self.instance = Some(instance);
Ok(())
}
/// Start the managed EC2 instance, if present.
pub async fn start(&self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.start_instance(self.instance_id()).await?;
}
Ok(())
}
/// Stop the managed EC2 instance, if present.
pub async fn stop(&self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.stop_instance(self.instance_id()).await?;
}
Ok(())
}
pub async fn reboot(&self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.reboot_instance(self.instance_id()).await?;
ec2.wait_for_instance_stopped(self.instance_id(), None)
.await?;
ec2.wait_for_instance_ready(self.instance_id(), None)
.await?;
}
Ok(())
}
/// Terminate and delete the managed EC2 instance, if present.
pub async fn delete(self, ec2: &EC2) -> Result<(), EC2Error> {
if self.instance.is_some() {
ec2.delete_instance(self.instance_id()).await?;
}
Ok(())
}
}
impl Display for InstanceManager {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
if let Some(instance) = &self.instance {
writeln!(f, "\tID: {}", instance.instance_id().unwrap_or("(Unknown)"))?;
writeln!(
f,
"\tImage ID: {}",
instance.image_id().unwrap_or("(Unknown)")
)?;
writeln!(
f,
"\tInstance type: {}",
instance
.instance_type()
.map(|it| format!("{it}"))
.unwrap_or("(Unknown)".to_string())
)?;
writeln!(
f,
"\tKey name: {}",
instance.key_name().unwrap_or("(Unknown)")
)?;
writeln!(f, "\tVPC ID: {}", instance.vpc_id().unwrap_or("(Unknown)"))?;
writeln!(
f,
"\tPublic IP: {}",
instance.public_ip_address().unwrap_or("(Unknown)")
)?;
let instance_state = instance
.state
.as_ref()
.map(|is| {
is.name()
.map(|isn| format!("{isn}"))
.unwrap_or("(Unknown)".to_string())
})
.unwrap_or("(Unknown)".to_string());
writeln!(f, "\tState: {instance_state}")?;
} else {
writeln!(f, "\tNo loaded instance")?;
}
Ok(())
}
}
use std::{env, path::PathBuf};
use aws_sdk_ec2::types::KeyPairInfo;
use crate::ec2::{EC2Error, EC2};
use super::util::Util;
/// KeyPairManager tracks a KeyPairInfo and the path the private key has been
/// written to, if it's been created.
#[derive(Debug)]
pub struct KeyPairManager {
key_pair: KeyPairInfo,
key_file_path: Option,
key_file_dir: PathBuf,
}
impl KeyPairManager {
pub fn new() -> Self {
Self::default()
}
pub fn key_pair(&self) -> &KeyPairInfo {
&self.key_pair
}
pub fn key_file_path(&self) -> Option<&PathBuf> {
self.key_file_path.as_ref()
}
pub fn key_file_dir(&self) -> &PathBuf {
&self.key_file_dir
}
/// Creates a key pair that can be used to securely connect to an EC2 instance.
/// The returned key pair contains private key information that cannot be retrieved
/// again. The private key data is stored as a .pem file.
///
/// :param key_name: The name of the key pair to create.
pub async fn create(
&mut self,
ec2: &EC2,
util: &Util,
key_name: String,
) -> Result {
let (key_pair, material) = ec2.create_key_pair(key_name.clone()).await.map_err(|e| {
self.key_pair = KeyPairInfo::builder().key_name(key_name.clone()).build();
e.add_message(format!("Couldn't create key {key_name}"))
})?;
let path = self.key_file_dir.join(format!("{key_name}.pem"));
// Save the key_pair information immediately, so it can get cleaned up if write_secure fails.
self.key_file_path = Some(path.clone());
self.key_pair = key_pair.clone();
util.write_secure(&key_name, &path, material)?;
Ok(key_pair)
}
pub async fn delete(self, ec2: &EC2, util: &Util) -> Result<(), EC2Error> {
if let Some(key_name) = self.key_pair.key_name() {
ec2.delete_key_pair(key_name).await?;
if let Some(key_path) = self.key_file_path() {
if let Err(err) = util.remove(key_path) {
eprintln!("Failed to remove {key_path:?} ({err:?})");
}
}
}
Ok(())
}
pub async fn list(&self, ec2: &EC2) -> Result, EC2Error> {
ec2.list_key_pair().await
}
}
impl Default for KeyPairManager {
fn default() -> Self {
KeyPairManager {
key_pair: KeyPairInfo::builder().build(),
key_file_path: Default::default(),
key_file_dir: env::temp_dir(),
}
}
}
use std::net::Ipv4Addr;
use aws_sdk_ec2::types::SecurityGroup;
use crate::ec2::{EC2Error, EC2};
/// SecurityGroupManager tracks the lifecycle of a SecurityGroup for an instance,
/// including adding a rule to allow SSH from a public IP address.
#[derive(Debug, Default)]
pub struct SecurityGroupManager {
group_name: String,
group_description: String,
security_group: Option,
}
impl SecurityGroupManager {
pub async fn create(
&mut self,
ec2: &EC2,
group_name: &str,
group_description: &str,
) -> Result<(), EC2Error> {
self.group_name = group_name.into();
self.group_description = group_description.into();
self.security_group = Some(
ec2.create_security_group(group_name, group_description)
.await
.map_err(|e| e.add_message("Couldn't create security group"))?,
);
Ok(())
}
pub async fn authorize_ingress(&self, ec2: &EC2, ip_address: Ipv4Addr) -> Result<(), EC2Error> {
if let Some(sg) = &self.security_group {
ec2.authorize_security_group_ssh_ingress(
sg.group_id()
.ok_or_else(|| EC2Error::new("Missing security group ID"))?,
vec![ip_address],
)
.await?;
};
Ok(())
}
pub async fn delete(self, ec2: &EC2) -> Result<(), EC2Error> {
if let Some(sg) = &self.security_group {
ec2.delete_security_group(
sg.group_id()
.ok_or_else(|| EC2Error::new("Missing security group ID"))?,
)
.await?;
};
Ok(())
}
pub fn group_name(&self) -> &str {
&self.group_name
}
pub fn vpc_id(&self) -> Option<&str> {
self.security_group.as_ref().and_then(|sg| sg.vpc_id())
}
pub fn security_group(&self) -> Option<&SecurityGroup> {
self.security_group.as_ref()
}
}
impl std::fmt::Display for SecurityGroupManager {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match &self.security_group {
Some(sg) => {
writeln!(
f,
"Security group: {}",
sg.group_name().unwrap_or("(unknown group)")
)?;
writeln!(f, "\tID: {}", sg.group_id().unwrap_or("(unknown group id)"))?;
writeln!(f, "\tVPC: {}", sg.vpc_id().unwrap_or("(unknown group vpc)"))?;
if !sg.ip_permissions().is_empty() {
writeln!(f, "\tInbound Permissions:")?;
for permission in sg.ip_permissions() {
writeln!(f, "\t\t{permission:?}")?;
}
}
Ok(())
}
None => writeln!(f, "No security group loaded."),
}
}
}
```
案例的主要進入點。
```
use ec2_code_examples::{
ec2::EC2,
getting_started::{
scenario::{run, Ec2InstanceScenario},
util::UtilImpl,
},
ssm::SSM,
};
#[tokio::main]
async fn main() {
tracing_subscriber::fmt::init();
let sdk_config = aws_config::load_from_env().await;
let ec2 = EC2::new(aws_sdk_ec2::Client::new(&sdk_config));
let ssm = SSM::new(aws_sdk_ssm::Client::new(&sdk_config));
let util = UtilImpl {};
let scenario = Ec2InstanceScenario::new(ec2, ssm, util);
run(scenario).await;
}
```
+ 如需 API 詳細資訊,請參閱 *AWS SDK for Rust API reference* 中的下列主題。
+ [AllocateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.allocate_address)
+ [AssociateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.associate_address)
+ [AuthorizeSecurityGroupIngress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.authorize_security_group_ingress)
+ [CreateKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_key_pair)
+ [CreateSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_security_group)
+ [DeleteKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_key_pair)
+ [DeleteSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_security_group)
+ [DescribeImages](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_images)
+ [DescribeInstanceTypes](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instance_types)
+ [DescribeInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instances)
+ [DescribeKeyPairs](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_key_pairs)
+ [DescribeSecurityGroups](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_security_groups)
+ [DisassociateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.disassociate_address)
+ [ReleaseAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.release_address)
+ [RunInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.run_instances)
+ [StartInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.start_instances)
+ [StopInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.stop_instances)
+ [TerminateInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.terminate_instances)
+ [UnmonitorInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.unmonitor_instances)
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
`Package.swift` 檔。
```
// swift-tools-version: 5.9
//
// The swift-tools-version declares the minimum version of Swift required to
// build this package.
import PackageDescription
let package = Package(
name: "ec2-scenario",
// Let Xcode know the minimum Apple platforms supported.
platforms: [
.macOS(.v13),
.iOS(.v15)
],
dependencies: [
// Dependencies declare other packages that this package depends on.
.package(
url: "https://github.com/awslabs/aws-sdk-swift",
from: "1.4.0"),
.package(
url: "https://github.com/apple/swift-argument-parser.git",
branch: "main"
)
],
targets: [
// Targets are the basic building blocks of a package, defining a module or a test suite.
// Targets can depend on other targets in this package and products
// from dependencies.
.executableTarget(
name: "ec2-scenario",
dependencies: [
.product(name: "AWSEC2", package: "aws-sdk-swift"),
.product(name: "AWSSSM", package: "aws-sdk-swift"),
.product(name: "ArgumentParser", package: "swift-argument-parser")
],
path: "Sources")
]
)
```
`entry.swift` 檔。
```
// An example that shows how to use the AWS SDK for Swift to perform a variety
// of operations using Amazon Elastic Compute Cloud (EC2).
//
import ArgumentParser
import Foundation
import AWSEC2
// Allow waiters to be used.
import class SmithyWaitersAPI.Waiter
import struct SmithyWaitersAPI.WaiterOptions
import AWSSSM
struct ExampleCommand: ParsableCommand {
@Option(help: "The AWS Region to run AWS API calls in.")
var awsRegion = "us-east-1"
@Option(
help: ArgumentHelp("The level of logging for the Swift SDK to perform."),
completion: .list([
"critical",
"debug",
"error",
"info",
"notice",
"trace",
"warning"
])
)
var logLevel: String = "error"
static var configuration = CommandConfiguration(
commandName: "ec2-scenario",
abstract: """
Performs various operations to demonstrate the use of Amazon EC2 using the
AWS SDK for Swift.
""",
discussion: """
"""
)
/// Called by ``main()`` to run the bulk of the example.
func runAsync() async throws {
let ssmConfig = try await SSMClient.SSMClientConfiguration(region: awsRegion)
let ssmClient = SSMClient(config: ssmConfig)
let ec2Config = try await EC2Client.EC2ClientConfiguration(region: awsRegion)
let ec2Client = EC2Client(config: ec2Config)
let example = Example(ec2Client: ec2Client, ssmClient: ssmClient)
await example.run()
}
}
class Example {
let ec2Client: EC2Client
let ssmClient: SSMClient
// Storage for AWS EC2 properties.
var keyName: String? = nil
var securityGroupId: String? = nil
var instanceId: String? = nil
var allocationId: String? = nil
var associationId: String? = nil
init(ec2Client: EC2Client, ssmClient: SSMClient) {
self.ec2Client = ec2Client
self.ssmClient = ssmClient
}
/// The example's main body.
func run() async {
//=====================================================================
// 1. Create an RSA key pair, saving the private key as a `.pem` file.
// Create a `defer` block that will delete the private key when the
// program exits.
//=====================================================================
print("Creating an RSA key pair...")
keyName = self.tempName(prefix: "ExampleKeyName")
let keyUrl = await self.createKeyPair(name: keyName!)
guard let keyUrl else {
print("*** Failed to create the key pair!")
return
}
print("Created the private key at: \(keyUrl.absoluteString)")
// Schedule deleting the private key file to occur automatically when
// the program exits, no matter how it exits.
defer {
do {
try FileManager.default.removeItem(at: keyUrl)
} catch {
print("*** Failed to delete the private key at \(keyUrl.absoluteString)")
}
}
//=====================================================================
// 2. List the key pairs by calling `DescribeKeyPairs`.
//=====================================================================
print("Describing available key pairs...")
await self.describeKeyPairs()
//=====================================================================
// 3. Create a security group for the default VPC, and add an inbound
// rule to allow SSH from the current computer's public IPv4
// address.
//=====================================================================
print("Creating the security group...")
let secGroupName = self.tempName(prefix: "ExampleSecurityGroup")
let ipAddress = self.getMyIPAddress()
guard let ipAddress else {
print("*** Unable to get the device's IP address.")
return
}
print("IP address is: \(ipAddress)")
securityGroupId = await self.createSecurityGroup(
name: secGroupName,
description: "An example security group created using the AWS SDK for Swift"
)
if securityGroupId == nil {
await cleanUp()
return
}
print("Created security group: \(securityGroupId ?? "")")
if !(await self.authorizeSecurityGroupIngress(groupId: securityGroupId!, ipAddress: ipAddress)) {
await cleanUp()
return
}
//=====================================================================
// 4. Display security group information for the new security group
// using DescribeSecurityGroups.
//=====================================================================
if !(await self.describeSecurityGroups(groupId: securityGroupId!)) {
await cleanUp()
return
}
//=====================================================================
// 5. Get a list of Amazon Linux 2023 AMIs and pick one (SSM is the
// best practice), using path and then filter the list after the
// fact to include "al2023" in the Name field
// (ssm.GetParametersByPath). Paginate to get all images.
//=====================================================================
print("Searching available images for Amazon Linux 2023 images...")
let options = await self.findAMIsMatchingFilter("al2023")
//=====================================================================
// 6. The information in the AMI options isn't great, so make a list
// of the image IDs (the "Value" field in the AMI options) and get
// more information about them from EC2. Display the Description
// field and select one of them (DescribeImages with ImageIds
// filter).
//=====================================================================
print("Images matching Amazon Linux 2023:")
var imageIds: [String] = []
for option in options {
guard let id = option.value else {
continue
}
imageIds.append(id)
}
let images = await self.describeImages(imageIds)
// This is where you would normally let the user choose which AMI to
// use. However, for this example, we're just going to use the first
// one, whatever it is.
let chosenImage = images[0]
//=====================================================================
// 7. Get a list of instance types that are compatible with the
// selected AMI's architecture (such as "x86_64") and are either
// small or micro. Select one (DescribeInstanceTypes).
//=====================================================================
print("Getting the instance types compatible with the selected image...")
guard let arch = chosenImage.architecture else {
print("*** The selected image doesn't have a valid architecture.")
await cleanUp()
return
}
let imageTypes = await self.getMatchingInstanceTypes(architecture: arch)
for type in imageTypes {
guard let instanceType = type.instanceType else {
continue
}
print(" \(instanceType.rawValue)")
}
// This example selects the first returned instance type. A real-world
// application would probably ask the user to select one here.
let chosenInstanceType = imageTypes[0]
//=====================================================================
// 8. Create an instance with the key pair, security group, AMI, and
// instance type (RunInstances).
//=====================================================================
print("Creating an instance...")
guard let imageId = chosenImage.imageId else {
print("*** Cannot start image without a valid image ID.")
await cleanUp()
return
}
guard let instanceType = chosenInstanceType.instanceType else {
print("*** Unable to start image without a valid image type.")
await cleanUp()
return
}
let instance = await self.runInstance(
imageId: imageId,
instanceType: instanceType,
keyPairName: keyName!,
securityGroups: [securityGroupId!]
)
guard let instance else {
await cleanUp()
return
}
instanceId = instance.instanceId
if instanceId == nil {
print("*** Instance is missing an ID. Canceling.")
await cleanUp()
return
}
//=====================================================================
// 9. Wait for the instance to be ready and then display its
// information (DescribeInstances).
//=====================================================================
print("Waiting a few seconds to let the instance come up...")
do {
try await Task.sleep(for: .seconds(20))
} catch {
print("*** Error pausing the task.")
}
print("Success! Your new instance is ready:")
//=====================================================================
// 10. Display SSH connection info for the instance.
//=====================================================================
var runningInstance = await self.describeInstance(instanceId: instanceId!)
if (runningInstance != nil) && (runningInstance!.publicIpAddress != nil) {
print("\nYou can SSH to this instance using the following command:")
print("ssh -i \(keyUrl.path) ec2-user@\(runningInstance!.publicIpAddress!)")
}
//=====================================================================
// 11. Stop the instance and wait for it to stop (StopInstances).
//=====================================================================
print("Stopping the instance...")
if !(await self.stopInstance(instanceId: instanceId!, waitUntilStopped: true)) {
await cleanUp()
return
}
//=====================================================================
// 12. Start the instance and wait for it to start (StartInstances).
//=====================================================================
print("Starting the instance again...")
if !(await self.startInstance(instanceId: instanceId!, waitUntilStarted: true)) {
await cleanUp()
return
}
//=====================================================================
// 13. Display SSH connection info for the instance. Note that it's
// changed.
//=====================================================================
runningInstance = await self.describeInstance(instanceId: instanceId!)
if (runningInstance != nil) && (runningInstance!.publicIpAddress != nil) {
print("\nYou can SSH to this instance using the following command.")
print("This is probably different from when the instance was running before.")
print("ssh -i \(keyUrl.path) ec2-user@\(runningInstance!.publicIpAddress!)")
}
//=====================================================================
// 14. Allocate an elastic IP and associate it with the instance
// (AllocateAddress and AssociateAddress).
//=====================================================================
allocationId = await self.allocateAddress()
if allocationId == nil {
await cleanUp()
return
}
associationId = await self.associateAddress(instanceId: instanceId!, allocationId: allocationId)
if associationId == nil {
await cleanUp()
return
}
//=====================================================================
// 15. Display SSH connection info for the connection. Note that the
// public IP is now the Elastic IP, which stays constant.
//=====================================================================
runningInstance = await self.describeInstance(instanceId: instanceId!)
if (runningInstance != nil) && (runningInstance!.publicIpAddress != nil) {
print("\nYou can SSH to this instance using the following command.")
print("This has changed again, and is now the Elastic IP.")
print("ssh -i \(keyUrl.path) ec2-user@\(runningInstance!.publicIpAddress!)")
}
//=====================================================================
// Handle all cleanup tasks
//=====================================================================
await cleanUp()
}
/// Clean up by discarding and closing down all allocated EC2 items:
///
/// * Elastic IP allocation and association
/// * Terminate the instance
/// * Delete the security group
/// * Delete the key pair
func cleanUp() async {
//=====================================================================
// 16. Disassociate and delete the Elastic IP (DisassociateAddress and
// ReleaseAddress).
//=====================================================================
if associationId != nil {
await self.disassociateAddress(associationId: associationId!)
}
if allocationId != nil {
await self.releaseAddress(allocationId: allocationId!)
}
//=====================================================================
// 17. Terminate the instance and wait for it to terminate
// (TerminateInstances).
//=====================================================================
if instanceId != nil {
print("Terminating the instance...")
_ = await self.terminateInstance(instanceId: instanceId!, waitUntilTerminated: true)
}
//=====================================================================
// 18. Delete the security group (DeleteSecurityGroup).
//=====================================================================
if securityGroupId != nil {
print("Deleting the security group...")
_ = await self.deleteSecurityGroup(groupId: securityGroupId!)
}
//=====================================================================
// 19. Delete the key pair (DeleteKeyPair).
//=====================================================================
if keyName != nil {
print("Deleting the key pair...")
_ = await self.deleteKeyPair(keyPair: keyName!)
}
}
/// Create a new RSA key pair and save the private key to a randomly-named
/// file in the temporary directory.
///
/// - Parameter name: The name of the key pair to create.
///
/// - Returns: The URL of the newly created `.pem` file or `nil` if unable
/// to create the key pair.
func createKeyPair(name: String) async -> URL? {
do {
let output = try await ec2Client.createKeyPair(
input: CreateKeyPairInput(
keyName: name
)
)
guard let keyMaterial = output.keyMaterial else {
return nil
}
// Build the URL of the temporary private key file.
let fileURL = URL.temporaryDirectory
.appendingPathComponent(name)
.appendingPathExtension("pem")
do {
try keyMaterial.write(to: fileURL, atomically: true, encoding: String.Encoding.utf8)
return fileURL
} catch {
print("*** Failed to write the private key.")
return nil
}
} catch {
print("*** Unable to create the key pair.")
return nil
}
}
/// Describe the key pairs associated with the user by outputting each key
/// pair's name and fingerprint.
func describeKeyPairs() async {
do {
let output = try await ec2Client.describeKeyPairs(
input: DescribeKeyPairsInput()
)
guard let keyPairs = output.keyPairs else {
print("*** No key pairs list available.")
return
}
for keyPair in keyPairs {
print(keyPair.keyName ?? "", ":", keyPair.keyFingerprint ?? "")
}
} catch {
print("*** Error: Unable to obtain a key pair list.")
}
}
/// Delete an EC2 key pair.
///
/// - Parameter keyPair: The name of the key pair to delete.
///
/// - Returns: `true` if the key pair is deleted successfully; otherwise
/// `false`.
func deleteKeyPair(keyPair: String) async -> Bool {
do {
_ = try await ec2Client.deleteKeyPair(
input: DeleteKeyPairInput(
keyName: keyPair
)
)
return true
} catch {
print("*** Error deleting the key pair: \(error.localizedDescription)")
return false
}
}
/// Return a list of AMI names that contain the specified string.
///
/// - Parameter filter: A string that must be contained in all returned
/// AMI names.
///
/// - Returns: An array of the parameters matching the specified substring.
func findAMIsMatchingFilter(_ filter: String) async -> [SSMClientTypes.Parameter] {
var parameterList: [SSMClientTypes.Parameter] = []
var matchingAMIs: [SSMClientTypes.Parameter] = []
do {
let pages = ssmClient.getParametersByPathPaginated(
input: GetParametersByPathInput(
path: "/aws/service/ami-amazon-linux-latest"
)
)
for try await page in pages {
guard let parameters = page.parameters else {
return matchingAMIs
}
for parameter in parameters {
parameterList.append(parameter)
}
}
print("Found \(parameterList.count) images total:")
for parameter in parameterList {
guard let name = parameter.name else {
continue
}
print(" \(name)")
if name.contains(filter) {
matchingAMIs.append(parameter)
}
}
} catch {
return matchingAMIs
}
return matchingAMIs
}
/// Return a list of instance types matching the specified architecture
/// and instance sizes.
///
/// - Parameters:
/// - architecture: The architecture of the instance types to return, as
/// a member of `EC2ClientTypes.ArchitectureValues`.
/// - sizes: An array of one or more strings identifying sizes of
/// instance type to accept.
///
/// - Returns: An array of `EC2ClientTypes.InstanceTypeInfo` records
/// describing the instance types matching the given requirements.
func getMatchingInstanceTypes(architecture: EC2ClientTypes.ArchitectureValues = EC2ClientTypes.ArchitectureValues.x8664,
sizes: [String] = ["*.micro", "*.small"]) async
-> [EC2ClientTypes.InstanceTypeInfo] {
var instanceTypes: [EC2ClientTypes.InstanceTypeInfo] = []
let archFilter = EC2ClientTypes.Filter(
name: "processor-info.supported-architecture",
values: [architecture.rawValue]
)
let sizeFilter = EC2ClientTypes.Filter(
name: "instance-type",
values: sizes
)
do {
let pages = ec2Client.describeInstanceTypesPaginated(
input: DescribeInstanceTypesInput(
filters: [archFilter, sizeFilter]
)
)
for try await page in pages {
guard let types = page.instanceTypes else {
return []
}
instanceTypes += types
}
} catch {
print("*** Error getting image types: \(error.localizedDescription)")
return []
}
return instanceTypes
}
/// Get the latest information about the specified instance and output it
/// to the screen, returning the instance details to the caller.
///
/// - Parameters:
/// - instanceId: The ID of the instance to provide details about.
/// - stateFilter: The state to require the instance to be in.
///
/// - Returns: The instance's details as an `EC2ClientTypes.Instance` object.
func describeInstance(instanceId: String,
stateFilter: EC2ClientTypes.InstanceStateName? = EC2ClientTypes.InstanceStateName.running) async
-> EC2ClientTypes.Instance? {
do {
let pages = ec2Client.describeInstancesPaginated(
input: DescribeInstancesInput(
instanceIds: [instanceId]
)
)
for try await page in pages {
guard let reservations = page.reservations else {
continue
}
for reservation in reservations {
guard let instances = reservation.instances else {
continue
}
for instance in instances {
guard let state = instance.state else {
print("*** Instance is missing its state...")
continue
}
let instanceState = state.name
if stateFilter != nil && (instanceState != stateFilter) {
continue
}
let instanceTypeName: String
if instance.instanceType == nil {
instanceTypeName = ""
} else {
instanceTypeName = instance.instanceType?.rawValue ?? ""
}
let instanceStateName: String
if instanceState == nil {
instanceStateName = ""
} else {
instanceStateName = instanceState?.rawValue ?? ""
}
print("""
Instance: \(instance.instanceId ?? "")
• Image ID: \(instance.imageId ?? "")
• Instance type: \(instanceTypeName)
• Key name: \(instance.keyName ?? "")
• VPC ID: \(instance.vpcId ?? "")
• Public IP: \(instance.publicIpAddress ?? "N/A")
• State: \(instanceStateName)
""")
return instance
}
}
}
} catch {
print("*** Error retrieving instance information to display: \(error.localizedDescription)")
return nil
}
return nil
}
/// Stop the specified instance.
///
/// - Parameters:
/// - instanceId: The ID of the instance to stop.
/// - waitUntilStopped: If `true`, execution waits until the instance
/// has stopped. Otherwise, execution continues and the instance stops
/// asynchronously.
///
/// - Returns: `true` if the image is successfully stopped (or is left to
/// stop asynchronously). `false` if the instance doesn't stop.
func stopInstance(instanceId: String, waitUntilStopped: Bool = false) async -> Bool {
let instanceList = [instanceId]
do {
_ = try await ec2Client.stopInstances(
input: StopInstancesInput(
instanceIds: instanceList
)
)
if waitUntilStopped {
print("Waiting for the instance to stop. Please be patient!")
let waitOptions = WaiterOptions(maxWaitTime: 600)
let output = try await ec2Client.waitUntilInstanceStopped(
options: waitOptions,
input: DescribeInstancesInput(
instanceIds: instanceList
)
)
switch output.result {
case .success:
return true
case .failure:
return false
}
} else {
return true
}
} catch {
print("*** Unable to stop the instance: \(error.localizedDescription)")
return false
}
}
/// Start the specified instance.
///
/// - Parameters:
/// - instanceId: The ID of the instance to start.
/// - waitUntilStarted: If `true`, execution waits until the instance
/// has started. Otherwise, execution continues and the instance starts
/// asynchronously.
///
/// - Returns: `true` if the image is successfully started (or is left to
/// start asynchronously). `false` if the instance doesn't start.
func startInstance(instanceId: String, waitUntilStarted: Bool = false) async -> Bool {
let instanceList = [instanceId]
do {
_ = try await ec2Client.startInstances(
input: StartInstancesInput(
instanceIds: instanceList
)
)
if waitUntilStarted {
print("Waiting for the instance to start...")
let waitOptions = WaiterOptions(maxWaitTime: 60.0)
let output = try await ec2Client.waitUntilInstanceRunning(
options: waitOptions,
input: DescribeInstancesInput(
instanceIds: instanceList
)
)
switch output.result {
case .success:
return true
case .failure:
return false
}
} else {
return true
}
} catch {
print("*** Unable to start the instance: \(error.localizedDescription)")
return false
}
}
/// Terminate the specified instance.
///
/// - Parameters:
/// - instanceId: The instance to terminate.
/// - waitUntilTerminated: Whether or not to wait until the instance is
/// terminated before returning.
///
/// - Returns: `true` if terminated successfully. `false` if not or if an
/// error occurs.
func terminateInstance(instanceId: String, waitUntilTerminated: Bool = false) async -> Bool {
let instanceList = [instanceId]
do {
_ = try await ec2Client.terminateInstances(
input: TerminateInstancesInput(
instanceIds: instanceList
)
)
if waitUntilTerminated {
print("Waiting for the instance to terminate...")
let waitOptions = WaiterOptions(maxWaitTime: 600.0)
let output = try await ec2Client.waitUntilInstanceTerminated(
options: waitOptions,
input: DescribeInstancesInput(
instanceIds: instanceList
)
)
switch output.result {
case .success:
return true
case .failure:
return false
}
} else {
return true
}
} catch {
print("*** Unable to terminate the instance: \(error.localizedDescription)")
return false
}
}
/// Return an array of `EC2ClientTypes.Image` objects describing all of
/// the images in the specified array.
///
/// - Parameter idList: A list of image ID strings indicating the images
/// to return details about.
///
/// - Returns: An array of the images.
func describeImages(_ idList: [String]) async -> [EC2ClientTypes.Image] {
do {
let output = try await ec2Client.describeImages(
input: DescribeImagesInput(
imageIds: idList
)
)
guard let images = output.images else {
print("*** No images found.")
return []
}
for image in images {
guard let id = image.imageId else {
continue
}
print(" \(id): \(image.description ?? "")")
}
return images
} catch {
print("*** Error getting image descriptions: \(error.localizedDescription)")
return []
}
}
/// Create and return a new EC2 instance.
///
/// - Parameters:
/// - imageId: The image ID of the AMI to use when creating the instance.
/// - instanceType: The type of instance to create.
/// - keyPairName: The RSA key pair's name to use to secure the instance.
/// - securityGroups: The security group or groups to add the instance
/// to.
///
/// - Returns: The EC2 instance as an `EC2ClientTypes.Instance` object.
func runInstance(imageId: String, instanceType: EC2ClientTypes.InstanceType,
keyPairName: String, securityGroups: [String]?) async -> EC2ClientTypes.Instance? {
do {
let output = try await ec2Client.runInstances(
input: RunInstancesInput(
imageId: imageId,
instanceType: instanceType,
keyName: keyPairName,
maxCount: 1,
minCount: 1,
securityGroupIds: securityGroups
)
)
guard let instances = output.instances else {
print("*** Unable to create the instance.")
return nil
}
return instances[0]
} catch {
print("*** Error creating the instance: \(error.localizedDescription)")
return nil
}
}
/// Return the device's external IP address.
///
/// - Returns: A string containing the device's IP address.
func getMyIPAddress() -> String? {
guard let url = URL(string: "http://checkip.amazonaws.com") else {
print("Couldn't create the URL")
return nil
}
do {
print("Getting the IP address...")
return try String(contentsOf: url, encoding: String.Encoding.utf8).trim()
} catch {
print("*** Unable to get your public IP address.")
return nil
}
}
/// Create a new security group.
///
/// - Parameters:
/// - groupName: The name of the group to create.
/// - groupDescription: A description of the new security group.
///
/// - Returns: The ID string of the new security group.
func createSecurityGroup(name groupName: String, description groupDescription: String) async -> String? {
do {
let output = try await ec2Client.createSecurityGroup(
input: CreateSecurityGroupInput(
description: groupDescription,
groupName: groupName
)
)
return output.groupId
} catch {
print("*** Error creating the security group: \(error.localizedDescription)")
return nil
}
}
/// Authorize ingress of connections for the security group.
///
/// - Parameters:
/// - groupId: The group ID of the security group to authorize access for.
/// - ipAddress: The IP address of the device to grant access to.
///
/// - Returns: `true` if access is successfully granted; otherwise `false`.
func authorizeSecurityGroupIngress(groupId: String, ipAddress: String) async -> Bool {
let ipRange = EC2ClientTypes.IpRange(cidrIp: "\(ipAddress)/0")
let httpPermission = EC2ClientTypes.IpPermission(
fromPort: 80,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 80
)
let sshPermission = EC2ClientTypes.IpPermission(
fromPort: 22,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 22
)
do {
_ = try await ec2Client.authorizeSecurityGroupIngress(
input: AuthorizeSecurityGroupIngressInput(
groupId: groupId,
ipPermissions: [httpPermission, sshPermission]
)
)
return true
} catch {
print("*** Error authorizing ingress for the security group: \(error.localizedDescription)")
return false
}
}
func describeSecurityGroups(groupId: String) async -> Bool {
do {
let output = try await ec2Client.describeSecurityGroups(
input: DescribeSecurityGroupsInput(
groupIds: [groupId]
)
)
guard let securityGroups = output.securityGroups else {
print("No security groups found.")
return true
}
for group in securityGroups {
print("Group \(group.groupId ?? "") found with VPC \(group.vpcId ?? "")")
}
return true
} catch {
print("*** Error getting security group details: \(error.localizedDescription)")
return false
}
}
/// Delete a security group.
///
/// - Parameter groupId: The ID of the security group to delete.
///
/// - Returns: `true` on successful deletion; `false` on error.
func deleteSecurityGroup(groupId: String) async -> Bool {
do {
_ = try await ec2Client.deleteSecurityGroup(
input: DeleteSecurityGroupInput(
groupId: groupId
)
)
return true
} catch {
print("*** Error deleting the security group: \(error.localizedDescription)")
return false
}
}
/// Allocate an Elastic IP address.
///
/// - Returns: A string containing the ID of the Elastic IP.
func allocateAddress() async -> String? {
do {
let output = try await ec2Client.allocateAddress(
input: AllocateAddressInput(
domain: EC2ClientTypes.DomainType.vpc
)
)
guard let allocationId = output.allocationId else {
return nil
}
return allocationId
} catch {
print("*** Unable to allocate the IP address: \(error.localizedDescription)")
return nil
}
}
/// Associate the specified allocated Elastic IP to a given instance.
///
/// - Parameters:
/// - instanceId: The instance to associate the Elastic IP with.
/// - allocationId: The ID of the allocated Elastic IP to associate with
/// the instance.
///
/// - Returns: The association ID of the association.
func associateAddress(instanceId: String?, allocationId: String?) async -> String? {
do {
let output = try await ec2Client.associateAddress(
input: AssociateAddressInput(
allocationId: allocationId,
instanceId: instanceId
)
)
return output.associationId
} catch {
print("*** Unable to associate the IP address: \(error.localizedDescription)")
return nil
}
}
/// Disassociate an Elastic IP.
///
/// - Parameter associationId: The ID of the association to end.
func disassociateAddress(associationId: String?) async {
do {
_ = try await ec2Client.disassociateAddress(
input: DisassociateAddressInput(
associationId: associationId
)
)
} catch {
print("*** Unable to disassociate the IP address: \(error.localizedDescription)")
}
}
/// Release an allocated Elastic IP.
///
/// - Parameter allocationId: The allocation ID of the Elastic IP to
/// release.
func releaseAddress(allocationId: String?) async {
do {
_ = try await ec2Client.releaseAddress(
input: ReleaseAddressInput(
allocationId: allocationId
)
)
} catch {
print("*** Unable to release the IP address: \(error.localizedDescription)")
}
}
/// Generate and return a unique file name that begins with the specified
/// string.
///
/// - Parameters:
/// - prefix: Text to use at the beginning of the returned name.
///
/// - Returns: A string containing a unique filename that begins with the
/// specified `prefix`.
///
/// The returned name uses a random number between 1 million and 1 billion to
/// provide reasonable certainty of uniqueness for the purposes of this
/// example.
func tempName(prefix: String) -> String {
return "\(prefix)-\(Int.random(in: 1000000..<1000000000))"
}
}
/// The program's asynchronous entry point.
@main
struct Main {
static func main() async {
let args = Array(CommandLine.arguments.dropFirst())
do {
let command = try ExampleCommand.parse(args)
try await command.runAsync()
} catch {
ExampleCommand.exit(withError: error)
}
}
}
```
+ 如需 API 詳細資訊,請參閱*適用於 Swift 的AWS SDK API 參考*中的下列主題。
+ [AllocateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/allocateaddress(input:))
+ [AssociateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/associateaddress(input:))
+ [AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/authorizesecuritygroupingress(input:))
+ [CreateKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createkeypair(input:))
+ [CreateSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createsecuritygroup(input:))
+ [DeleteKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletekeypair(input:))
+ [DeleteSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletesecuritygroup(input:))
+ [DescribeImages](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeimages(input:))
+ [DescribeInstanceTypes](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeinstancetypes(input:))
+ [DescribeInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeinstances(input:))
+ [DescribeKeyPairs](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describekeypairs(input:))
+ [DescribeSecurityGroups](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describesecuritygroups(input:))
+ [DisassociateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/disassociateaddress(input:))
+ [ReleaseAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/releaseaddress(input:))
+ [RunInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/runinstances(input:))
+ [StartInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/startinstances(input:))
+ [StopInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/stopinstances(input:))
+ [TerminateInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/terminateinstances(input:))
+ [UnmonitorInstances](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/unmonitorinstances(input:))
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 使用 AWS SDKs的 Amazon EC2 動作
下列程式碼範例示範如何使用 AWS SDKs 執行個別 Amazon EC2 動作。每個範例均包含 GitHub 的連結,您可以在連結中找到設定和執行程式碼的相關說明。
這些摘錄會呼叫 Amazon EC2 API,是必須在內容中執行之大型程式的程式碼摘錄。您可以在 [使用 AWS SDKs Amazon EC2 案例](service_code_examples_scenarios.md) 中查看內容中的動作。
下列範例僅包含最常使用的動作。如需完整清單,請參閱《[Amazon Elastic Compute Cloud API 參考](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Welcome.html)》。
**Topics**
+ [`AcceptVpcPeeringConnection`](example_ec2_AcceptVpcPeeringConnection_section.md)
+ [`AllocateAddress`](example_ec2_AllocateAddress_section.md)
+ [`AllocateHosts`](example_ec2_AllocateHosts_section.md)
+ [`AssignPrivateIpAddresses`](example_ec2_AssignPrivateIpAddresses_section.md)
+ [`AssociateAddress`](example_ec2_AssociateAddress_section.md)
+ [`AssociateDhcpOptions`](example_ec2_AssociateDhcpOptions_section.md)
+ [`AssociateRouteTable`](example_ec2_AssociateRouteTable_section.md)
+ [`AttachInternetGateway`](example_ec2_AttachInternetGateway_section.md)
+ [`AttachNetworkInterface`](example_ec2_AttachNetworkInterface_section.md)
+ [`AttachVolume`](example_ec2_AttachVolume_section.md)
+ [`AttachVpnGateway`](example_ec2_AttachVpnGateway_section.md)
+ [`AuthorizeSecurityGroupEgress`](example_ec2_AuthorizeSecurityGroupEgress_section.md)
+ [`AuthorizeSecurityGroupIngress`](example_ec2_AuthorizeSecurityGroupIngress_section.md)
+ [`CancelCapacityReservation`](example_ec2_CancelCapacityReservation_section.md)
+ [`CancelImportTask`](example_ec2_CancelImportTask_section.md)
+ [`CancelSpotFleetRequests`](example_ec2_CancelSpotFleetRequests_section.md)
+ [`CancelSpotInstanceRequests`](example_ec2_CancelSpotInstanceRequests_section.md)
+ [`ConfirmProductInstance`](example_ec2_ConfirmProductInstance_section.md)
+ [`CopyImage`](example_ec2_CopyImage_section.md)
+ [`CopySnapshot`](example_ec2_CopySnapshot_section.md)
+ [`CreateCapacityReservation`](example_ec2_CreateCapacityReservation_section.md)
+ [`CreateCustomerGateway`](example_ec2_CreateCustomerGateway_section.md)
+ [`CreateDhcpOptions`](example_ec2_CreateDhcpOptions_section.md)
+ [`CreateFlowLogs`](example_ec2_CreateFlowLogs_section.md)
+ [`CreateImage`](example_ec2_CreateImage_section.md)
+ [`CreateInstanceExportTask`](example_ec2_CreateInstanceExportTask_section.md)
+ [`CreateInternetGateway`](example_ec2_CreateInternetGateway_section.md)
+ [`CreateKeyPair`](example_ec2_CreateKeyPair_section.md)
+ [`CreateLaunchTemplate`](example_ec2_CreateLaunchTemplate_section.md)
+ [`CreateNetworkAcl`](example_ec2_CreateNetworkAcl_section.md)
+ [`CreateNetworkAclEntry`](example_ec2_CreateNetworkAclEntry_section.md)
+ [`CreateNetworkInterface`](example_ec2_CreateNetworkInterface_section.md)
+ [`CreatePlacementGroup`](example_ec2_CreatePlacementGroup_section.md)
+ [`CreateRoute`](example_ec2_CreateRoute_section.md)
+ [`CreateRouteTable`](example_ec2_CreateRouteTable_section.md)
+ [`CreateSecurityGroup`](example_ec2_CreateSecurityGroup_section.md)
+ [`CreateSnapshot`](example_ec2_CreateSnapshot_section.md)
+ [`CreateSpotDatafeedSubscription`](example_ec2_CreateSpotDatafeedSubscription_section.md)
+ [`CreateSubnet`](example_ec2_CreateSubnet_section.md)
+ [`CreateTags`](example_ec2_CreateTags_section.md)
+ [`CreateVolume`](example_ec2_CreateVolume_section.md)
+ [`CreateVpc`](example_ec2_CreateVpc_section.md)
+ [`CreateVpcEndpoint`](example_ec2_CreateVpcEndpoint_section.md)
+ [`CreateVpnConnection`](example_ec2_CreateVpnConnection_section.md)
+ [`CreateVpnConnectionRoute`](example_ec2_CreateVpnConnectionRoute_section.md)
+ [`CreateVpnGateway`](example_ec2_CreateVpnGateway_section.md)
+ [`DeleteCustomerGateway`](example_ec2_DeleteCustomerGateway_section.md)
+ [`DeleteDhcpOptions`](example_ec2_DeleteDhcpOptions_section.md)
+ [`DeleteFlowLogs`](example_ec2_DeleteFlowLogs_section.md)
+ [`DeleteInternetGateway`](example_ec2_DeleteInternetGateway_section.md)
+ [`DeleteKeyPair`](example_ec2_DeleteKeyPair_section.md)
+ [`DeleteLaunchTemplate`](example_ec2_DeleteLaunchTemplate_section.md)
+ [`DeleteNetworkAcl`](example_ec2_DeleteNetworkAcl_section.md)
+ [`DeleteNetworkAclEntry`](example_ec2_DeleteNetworkAclEntry_section.md)
+ [`DeleteNetworkInterface`](example_ec2_DeleteNetworkInterface_section.md)
+ [`DeletePlacementGroup`](example_ec2_DeletePlacementGroup_section.md)
+ [`DeleteRoute`](example_ec2_DeleteRoute_section.md)
+ [`DeleteRouteTable`](example_ec2_DeleteRouteTable_section.md)
+ [`DeleteSecurityGroup`](example_ec2_DeleteSecurityGroup_section.md)
+ [`DeleteSnapshot`](example_ec2_DeleteSnapshot_section.md)
+ [`DeleteSpotDatafeedSubscription`](example_ec2_DeleteSpotDatafeedSubscription_section.md)
+ [`DeleteSubnet`](example_ec2_DeleteSubnet_section.md)
+ [`DeleteTags`](example_ec2_DeleteTags_section.md)
+ [`DeleteVolume`](example_ec2_DeleteVolume_section.md)
+ [`DeleteVpc`](example_ec2_DeleteVpc_section.md)
+ [`DeleteVpcEndpoints`](example_ec2_DeleteVpcEndpoints_section.md)
+ [`DeleteVpnConnection`](example_ec2_DeleteVpnConnection_section.md)
+ [`DeleteVpnConnectionRoute`](example_ec2_DeleteVpnConnectionRoute_section.md)
+ [`DeleteVpnGateway`](example_ec2_DeleteVpnGateway_section.md)
+ [`DeregisterImage`](example_ec2_DeregisterImage_section.md)
+ [`DescribeAccountAttributes`](example_ec2_DescribeAccountAttributes_section.md)
+ [`DescribeAddresses`](example_ec2_DescribeAddresses_section.md)
+ [`DescribeAvailabilityZones`](example_ec2_DescribeAvailabilityZones_section.md)
+ [`DescribeBundleTasks`](example_ec2_DescribeBundleTasks_section.md)
+ [`DescribeCapacityReservations`](example_ec2_DescribeCapacityReservations_section.md)
+ [`DescribeCustomerGateways`](example_ec2_DescribeCustomerGateways_section.md)
+ [`DescribeDhcpOptions`](example_ec2_DescribeDhcpOptions_section.md)
+ [`DescribeFlowLogs`](example_ec2_DescribeFlowLogs_section.md)
+ [`DescribeHostReservationOfferings`](example_ec2_DescribeHostReservationOfferings_section.md)
+ [`DescribeHosts`](example_ec2_DescribeHosts_section.md)
+ [`DescribeIamInstanceProfileAssociations`](example_ec2_DescribeIamInstanceProfileAssociations_section.md)
+ [`DescribeIdFormat`](example_ec2_DescribeIdFormat_section.md)
+ [`DescribeIdentityIdFormat`](example_ec2_DescribeIdentityIdFormat_section.md)
+ [`DescribeImageAttribute`](example_ec2_DescribeImageAttribute_section.md)
+ [`DescribeImages`](example_ec2_DescribeImages_section.md)
+ [`DescribeImportImageTasks`](example_ec2_DescribeImportImageTasks_section.md)
+ [`DescribeImportSnapshotTasks`](example_ec2_DescribeImportSnapshotTasks_section.md)
+ [`DescribeInstanceAttribute`](example_ec2_DescribeInstanceAttribute_section.md)
+ [`DescribeInstanceStatus`](example_ec2_DescribeInstanceStatus_section.md)
+ [`DescribeInstanceTypes`](example_ec2_DescribeInstanceTypes_section.md)
+ [`DescribeInstances`](example_ec2_DescribeInstances_section.md)
+ [`DescribeInternetGateways`](example_ec2_DescribeInternetGateways_section.md)
+ [`DescribeKeyPairs`](example_ec2_DescribeKeyPairs_section.md)
+ [`DescribeNetworkAcls`](example_ec2_DescribeNetworkAcls_section.md)
+ [`DescribeNetworkInterfaceAttribute`](example_ec2_DescribeNetworkInterfaceAttribute_section.md)
+ [`DescribeNetworkInterfaces`](example_ec2_DescribeNetworkInterfaces_section.md)
+ [`DescribePlacementGroups`](example_ec2_DescribePlacementGroups_section.md)
+ [`DescribePrefixLists`](example_ec2_DescribePrefixLists_section.md)
+ [`DescribeRegions`](example_ec2_DescribeRegions_section.md)
+ [`DescribeRouteTables`](example_ec2_DescribeRouteTables_section.md)
+ [`DescribeScheduledInstanceAvailability`](example_ec2_DescribeScheduledInstanceAvailability_section.md)
+ [`DescribeScheduledInstances`](example_ec2_DescribeScheduledInstances_section.md)
+ [`DescribeSecurityGroups`](example_ec2_DescribeSecurityGroups_section.md)
+ [`DescribeSnapshotAttribute`](example_ec2_DescribeSnapshotAttribute_section.md)
+ [`DescribeSnapshots`](example_ec2_DescribeSnapshots_section.md)
+ [`DescribeSpotDatafeedSubscription`](example_ec2_DescribeSpotDatafeedSubscription_section.md)
+ [`DescribeSpotFleetInstances`](example_ec2_DescribeSpotFleetInstances_section.md)
+ [`DescribeSpotFleetRequestHistory`](example_ec2_DescribeSpotFleetRequestHistory_section.md)
+ [`DescribeSpotFleetRequests`](example_ec2_DescribeSpotFleetRequests_section.md)
+ [`DescribeSpotInstanceRequests`](example_ec2_DescribeSpotInstanceRequests_section.md)
+ [`DescribeSpotPriceHistory`](example_ec2_DescribeSpotPriceHistory_section.md)
+ [`DescribeSubnets`](example_ec2_DescribeSubnets_section.md)
+ [`DescribeTags`](example_ec2_DescribeTags_section.md)
+ [`DescribeVolumeAttribute`](example_ec2_DescribeVolumeAttribute_section.md)
+ [`DescribeVolumeStatus`](example_ec2_DescribeVolumeStatus_section.md)
+ [`DescribeVolumes`](example_ec2_DescribeVolumes_section.md)
+ [`DescribeVpcAttribute`](example_ec2_DescribeVpcAttribute_section.md)
+ [`DescribeVpcClassicLink`](example_ec2_DescribeVpcClassicLink_section.md)
+ [`DescribeVpcClassicLinkDnsSupport`](example_ec2_DescribeVpcClassicLinkDnsSupport_section.md)
+ [`DescribeVpcEndpointServices`](example_ec2_DescribeVpcEndpointServices_section.md)
+ [`DescribeVpcEndpoints`](example_ec2_DescribeVpcEndpoints_section.md)
+ [`DescribeVpcs`](example_ec2_DescribeVpcs_section.md)
+ [`DescribeVpnConnections`](example_ec2_DescribeVpnConnections_section.md)
+ [`DescribeVpnGateways`](example_ec2_DescribeVpnGateways_section.md)
+ [`DetachInternetGateway`](example_ec2_DetachInternetGateway_section.md)
+ [`DetachNetworkInterface`](example_ec2_DetachNetworkInterface_section.md)
+ [`DetachVolume`](example_ec2_DetachVolume_section.md)
+ [`DetachVpnGateway`](example_ec2_DetachVpnGateway_section.md)
+ [`DisableVgwRoutePropagation`](example_ec2_DisableVgwRoutePropagation_section.md)
+ [`DisableVpcClassicLink`](example_ec2_DisableVpcClassicLink_section.md)
+ [`DisableVpcClassicLinkDnsSupport`](example_ec2_DisableVpcClassicLinkDnsSupport_section.md)
+ [`DisassociateAddress`](example_ec2_DisassociateAddress_section.md)
+ [`DisassociateRouteTable`](example_ec2_DisassociateRouteTable_section.md)
+ [`EnableVgwRoutePropagation`](example_ec2_EnableVgwRoutePropagation_section.md)
+ [`EnableVolumeIo`](example_ec2_EnableVolumeIo_section.md)
+ [`EnableVpcClassicLink`](example_ec2_EnableVpcClassicLink_section.md)
+ [`EnableVpcClassicLinkDnsSupport`](example_ec2_EnableVpcClassicLinkDnsSupport_section.md)
+ [`GetConsoleOutput`](example_ec2_GetConsoleOutput_section.md)
+ [`GetHostReservationPurchasePreview`](example_ec2_GetHostReservationPurchasePreview_section.md)
+ [`GetPasswordData`](example_ec2_GetPasswordData_section.md)
+ [`ImportImage`](example_ec2_ImportImage_section.md)
+ [`ImportKeyPair`](example_ec2_ImportKeyPair_section.md)
+ [`ImportSnapshot`](example_ec2_ImportSnapshot_section.md)
+ [`ModifyCapacityReservation`](example_ec2_ModifyCapacityReservation_section.md)
+ [`ModifyHosts`](example_ec2_ModifyHosts_section.md)
+ [`ModifyIdFormat`](example_ec2_ModifyIdFormat_section.md)
+ [`ModifyImageAttribute`](example_ec2_ModifyImageAttribute_section.md)
+ [`ModifyInstanceAttribute`](example_ec2_ModifyInstanceAttribute_section.md)
+ [`ModifyInstanceCreditSpecification`](example_ec2_ModifyInstanceCreditSpecification_section.md)
+ [`ModifyNetworkInterfaceAttribute`](example_ec2_ModifyNetworkInterfaceAttribute_section.md)
+ [`ModifyReservedInstances`](example_ec2_ModifyReservedInstances_section.md)
+ [`ModifySnapshotAttribute`](example_ec2_ModifySnapshotAttribute_section.md)
+ [`ModifySpotFleetRequest`](example_ec2_ModifySpotFleetRequest_section.md)
+ [`ModifySubnetAttribute`](example_ec2_ModifySubnetAttribute_section.md)
+ [`ModifyVolumeAttribute`](example_ec2_ModifyVolumeAttribute_section.md)
+ [`ModifyVpcAttribute`](example_ec2_ModifyVpcAttribute_section.md)
+ [`MonitorInstances`](example_ec2_MonitorInstances_section.md)
+ [`MoveAddressToVpc`](example_ec2_MoveAddressToVpc_section.md)
+ [`PurchaseHostReservation`](example_ec2_PurchaseHostReservation_section.md)
+ [`PurchaseScheduledInstances`](example_ec2_PurchaseScheduledInstances_section.md)
+ [`RebootInstances`](example_ec2_RebootInstances_section.md)
+ [`RegisterImage`](example_ec2_RegisterImage_section.md)
+ [`RejectVpcPeeringConnection`](example_ec2_RejectVpcPeeringConnection_section.md)
+ [`ReleaseAddress`](example_ec2_ReleaseAddress_section.md)
+ [`ReleaseHosts`](example_ec2_ReleaseHosts_section.md)
+ [`ReplaceIamInstanceProfileAssociation`](example_ec2_ReplaceIamInstanceProfileAssociation_section.md)
+ [`ReplaceNetworkAclAssociation`](example_ec2_ReplaceNetworkAclAssociation_section.md)
+ [`ReplaceNetworkAclEntry`](example_ec2_ReplaceNetworkAclEntry_section.md)
+ [`ReplaceRoute`](example_ec2_ReplaceRoute_section.md)
+ [`ReplaceRouteTableAssociation`](example_ec2_ReplaceRouteTableAssociation_section.md)
+ [`ReportInstanceStatus`](example_ec2_ReportInstanceStatus_section.md)
+ [`RequestSpotFleet`](example_ec2_RequestSpotFleet_section.md)
+ [`RequestSpotInstances`](example_ec2_RequestSpotInstances_section.md)
+ [`ResetImageAttribute`](example_ec2_ResetImageAttribute_section.md)
+ [`ResetInstanceAttribute`](example_ec2_ResetInstanceAttribute_section.md)
+ [`ResetNetworkInterfaceAttribute`](example_ec2_ResetNetworkInterfaceAttribute_section.md)
+ [`ResetSnapshotAttribute`](example_ec2_ResetSnapshotAttribute_section.md)
+ [`RevokeSecurityGroupEgress`](example_ec2_RevokeSecurityGroupEgress_section.md)
+ [`RevokeSecurityGroupIngress`](example_ec2_RevokeSecurityGroupIngress_section.md)
+ [`RunInstances`](example_ec2_RunInstances_section.md)
+ [`RunScheduledInstances`](example_ec2_RunScheduledInstances_section.md)
+ [`StartInstances`](example_ec2_StartInstances_section.md)
+ [`StopInstances`](example_ec2_StopInstances_section.md)
+ [`TerminateInstances`](example_ec2_TerminateInstances_section.md)
+ [`UnassignPrivateIpAddresses`](example_ec2_UnassignPrivateIpAddresses_section.md)
+ [`UnmonitorInstances`](example_ec2_UnmonitorInstances_section.md)
+ [`UpdateSecurityGroupRuleDescriptionsIngress`](example_ec2_UpdateSecurityGroupRuleDescriptionsIngress_section.md)
# 搭配使用 `AcceptVpcPeeringConnection` 與 CLI
下列程式碼範例示範如何使用 `AcceptVpcPeeringConnection`。
------
#### [ CLI ]
**AWS CLI**
**接受 VPC 對等互連**
此範例接受指定的 VPC 對等互連請求。
命令:
```
aws ec2 accept-vpc-peering-connection --vpc-peering-connection-id pcx-1a2b3c4d
```
輸出:
```
{
"VpcPeeringConnection": {
"Status": {
"Message": "Provisioning",
"Code": "provisioning"
},
"Tags": [],
"AccepterVpcInfo": {
"OwnerId": "444455556666",
"VpcId": "vpc-44455566",
"CidrBlock": "10.0.1.0/28"
},
"VpcPeeringConnectionId": "pcx-1a2b3c4d",
"RequesterVpcInfo": {
"OwnerId": "444455556666",
"VpcId": "vpc-111abc45",
"CidrBlock": "10.0.0.0/28"
}
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AcceptVpcPeeringConnection](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/accept-vpc-peering-connection.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會核准請求的 VpcPeeringConnectionId pcx-1dfad234b56ff78be**
```
Approve-EC2VpcPeeringConnection -VpcPeeringConnectionId pcx-1dfad234b56ff78be
```
**輸出:**
```
AccepterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
ExpirationTime : 1/1/0001 12:00:00 AM
RequesterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
Status : Amazon.EC2.Model.VpcPeeringConnectionStateReason
Tags : {}
VpcPeeringConnectionId : pcx-1dfad234b56ff78be
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AcceptVpcPeeringConnection](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會核准請求的 VpcPeeringConnectionId pcx-1dfad234b56ff78be**
```
Approve-EC2VpcPeeringConnection -VpcPeeringConnectionId pcx-1dfad234b56ff78be
```
**輸出:**
```
AccepterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
ExpirationTime : 1/1/0001 12:00:00 AM
RequesterVpcInfo : Amazon.EC2.Model.VpcPeeringConnectionVpcInfo
Status : Amazon.EC2.Model.VpcPeeringConnectionStateReason
Tags : {}
VpcPeeringConnectionId : pcx-1dfad234b56ff78be
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AcceptVpcPeeringConnection](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `AllocateAddress` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `AllocateAddress`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中設定和執行。
```
///
/// Allocates an Elastic IP address that can be associated with an Amazon EC2
// instance. By using an Elastic IP address, you can keep the public IP address
// constant even when you restart the associated instance.
///
/// The response object for the allocated address.
public async Task AllocateAddress()
{
var request = new AllocateAddressRequest();
try
{
var response = await _amazonEC2.AllocateAddressAsync(request);
Console.WriteLine($"Allocated IP: {response.PublicIp} with allocation ID {response.AllocationId}.");
return response;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "AddressLimitExceeded")
{
// For more information on Elastic IP address quotas, see:
// https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-limit
_logger.LogError($"Unable to allocate Elastic IP, address limit exceeded. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while allocating Elastic IP.: {ex.Message}");
throw;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [AllocateAddress](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/AllocateAddress)。
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# function ec2_allocate_address
#
# This function allocates an Elastic IP address for use with Amazon Elastic Compute Cloud (Amazon EC2) instances in a specific AWS Region.
#
# Parameters:
# -d domain - The domain for the Elastic IP address (either 'vpc' or 'standard').
#
# Returns:
# The allocated Elastic IP address, or an error message if the operation fails.
# And:
# 0 - If successful.
# 1 - If it fails.
#
###############################################################################
function ec2_allocate_address() {
local domain response
# Function to display usage information
function usage() {
echo "function ec2_allocate_address"
echo "Allocates an Elastic IP address for use with Amazon Elastic Compute Cloud (Amazon EC2) instances in a specific AWS Region."
echo " -d domain - The domain for the Elastic IP address (either 'vpc' or 'standard')."
echo ""
}
# Parse the command-line arguments
while getopts "d:h" option; do
case "${option}" in
d) domain="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
# Validate the input parameters
if [[ -z "$domain" ]]; then
errecho "ERROR: You must provide a domain with the -d parameter (either 'vpc' or 'standard')."
return 1
fi
if [[ "$domain" != "vpc" && "$domain" != "standard" ]]; then
errecho "ERROR: Invalid domain value. Must be either 'vpc' or 'standard'."
return 1
fi
# Allocate the Elastic IP address
response=$(aws ec2 allocate-address \
--domain "$domain" \
--query "[PublicIp,AllocationId]" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports allocate-address operation failed."
errecho "$response"
return 1
}
echo "$response"
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AllocateAddress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/AllocateAddress)。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! Allocate an Elastic IP address and associate it with an Amazon Elastic Compute Cloud
//! (Amazon EC2) instance.
/*!
\param instanceID: An EC2 instance ID.
\param[out] publicIPAddress: String to return the public IP address.
\param[out] allocationID: String to return the allocation ID.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::allocateAndAssociateAddress(const Aws::String &instanceId, Aws::String &publicIPAddress,
Aws::String &allocationID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::AllocateAddressRequest request;
request.SetDomain(Aws::EC2::Model::DomainType::vpc);
const Aws::EC2::Model::AllocateAddressOutcome outcome =
ec2Client.AllocateAddress(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to allocate Elastic IP address:" <<
outcome.GetError().GetMessage() << std::endl;
return false;
}
const Aws::EC2::Model::AllocateAddressResponse &response = outcome.GetResult();
allocationID = response.GetAllocationId();
publicIPAddress = response.GetPublicIp();
return true;
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [AllocateAddress](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/AllocateAddress)。
------
#### [ CLI ]
**AWS CLI**
**範例 1:從 Amazon 的地址集區配置彈性 IP 位址**
以下 `allocate-address` 範例會配置彈性 IP 位址。Amazon EC2 會從 Amazon 的地址集區中選取地址。
```
aws ec2 allocate-address
```
輸出:
```
{
"PublicIp": "70.224.234.241",
"AllocationId": "eipalloc-01435ba59eEXAMPLE",
"PublicIpv4Pool": "amazon",
"NetworkBorderGroup": "us-west-2",
"Domain": "vpc"
}
```
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的[彈性 IP 位址](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html)。
**範例 2:配置彈性 IP 位址並將其與網路邊界群組建立關聯**
下列 `allocate-address` 範例會配置彈性 IP 位址,並將其與指定的網路邊界群組建立關聯。
```
aws ec2 allocate-address \
--network-border-group us-west-2-lax-1
```
輸出:
```
{
"PublicIp": "70.224.234.241",
"AllocationId": "eipalloc-e03dd489ceEXAMPLE",
"PublicIpv4Pool": "amazon",
"NetworkBorderGroup": "us-west-2-lax-1",
"Domain": "vpc"
}
```
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的[彈性 IP 地址](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html)。
**範例 3:從您擁有的地址集區配置彈性 IP 位址**
以下 `allocate-address` 範例會從您已用於 Amazon Web Services 帳戶的地址集區配置彈性 IP 位址。Amazon EC2 會從此地址集區中選取地址。
```
aws ec2 allocate-address \
--public-ipv4-pool ipv4pool-ec2-1234567890abcdef0
```
輸出:
```
{
"AllocationId": "eipalloc-02463d08ceEXAMPLE",
"NetworkBorderGroup": "us-west-2",
"CustomerOwnedIp": "18.218.95.81",
"CustomerOwnedIpv4Pool": "ipv4pool-ec2-1234567890abcdef0",
"Domain": "vpc"
"NetworkBorderGroup": "us-west-2",
}
```
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的[彈性 IP 位址](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html)。
**範例 4:從 IPAM 集區配置彈性 IP 位址**
下列 `allocate-address` 範例從 Amazon VPC IP 位址管理器 (IPAM) 集區配置特定的 /32 彈性 IP 位址。
```
aws ec2 allocate-address \
--region us-east-1 \
--ipam-pool-id ipam-pool-1234567890abcdef0 \
--address 192.0.2.0
```
輸出:
```
{
"PublicIp": "192.0.2.0",
"AllocationId": "eipalloc-abcdef01234567890",
"PublicIpv4Pool": "ipam-pool-1234567890abcdef0",
"NetworkBorderGroup": "us-east-1",
"Domain": "vpc"
}
```
如需詳細資訊,請參閱「Amazon VPC IPAM 使用者指南」**中[的從 IPAM 集區配置循序彈性 IP 位址](https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-eip-pool.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AllocateAddress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/allocate-address.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中設定和執行。
```
/**
* Allocates an Elastic IP address asynchronously in the VPC domain.
*
* @return a {@link CompletableFuture} containing the allocation ID of the allocated Elastic IP address
*/
public CompletableFuture allocateAddressAsync() {
AllocateAddressRequest allocateRequest = AllocateAddressRequest.builder()
.domain(DomainType.VPC)
.build();
CompletableFuture responseFuture = getAsyncClient().allocateAddress(allocateRequest);
return responseFuture.thenApply(AllocateAddressResponse::allocationId).whenComplete((result, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to allocate address", ex);
}
});
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [AllocateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AllocateAddress)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { AllocateAddressCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Allocates an Elastic IP address to your AWS account.
*/
export const main = async () => {
const client = new EC2Client({});
const command = new AllocateAddressCommand({});
try {
const { AllocationId, PublicIp } = await client.send(command);
console.log("A new IP address has been allocated to your account:");
console.log(`ID: ${AllocationId} Public IP: ${PublicIp}`);
console.log(
"You can view your IP addresses in the AWS Management Console for Amazon EC2. Look under Network & Security > Elastic IPs",
);
} catch (caught) {
if (caught instanceof Error && caught.name === "MissingParameter") {
console.warn(`${caught.message}. Did you provide these values?`);
} else {
throw caught;
}
}
};
import { fileURLToPath } from "node:url";
// Call function if run directly.
if (process.argv[1] === fileURLToPath(import.meta.url)) {
main();
}
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [AllocateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AllocateAddressCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
suspend fun getAllocateAddress(instanceIdVal: String?): String? {
val allocateRequest =
AllocateAddressRequest {
domain = DomainType.Vpc
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val allocateResponse = ec2.allocateAddress(allocateRequest)
val allocationIdVal = allocateResponse.allocationId
val request =
AssociateAddressRequest {
instanceId = instanceIdVal
allocationId = allocationIdVal
}
val associateResponse = ec2.associateAddress(request)
return associateResponse.associationId
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Kotlin 的AWS SDK API 參考》**中的 [AllocateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會配置要與 VPC 中的執行個體搭配使用的彈性 IP 位址。**
```
New-EC2Address -Domain Vpc
```
**輸出:**
```
AllocationId Domain PublicIp
------------ ------ --------
eipalloc-12345678 vpc 198.51.100.2
```
**範例 2:此範例會配置彈性 IP 位址,以與 EC2-Classic 中的執行個體搭配使用。**
```
New-EC2Address
```
**輸出:**
```
AllocationId Domain PublicIp
------------ ------ --------
standard 203.0.113.17
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AllocateAddress](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會配置要與 VPC 中的執行個體搭配使用的彈性 IP 位址。**
```
New-EC2Address -Domain Vpc
```
**輸出:**
```
AllocationId Domain PublicIp
------------ ------ --------
eipalloc-12345678 vpc 198.51.100.2
```
**範例 2:此範例會配置彈性 IP 位址,以與 EC2-Classic 中的執行個體搭配使用。**
```
New-EC2Address
```
**輸出:**
```
AllocationId Domain PublicIp
------------ ------ --------
standard 203.0.113.17
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AllocateAddress](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class ElasticIpWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Elastic IP address actions using the client interface."""
class ElasticIp:
"""Represents an Elastic IP and its associated instance."""
def __init__(
self, allocation_id: str, public_ip: str, instance_id: Optional[str] = None
) -> None:
"""
Initializes the ElasticIp object.
:param allocation_id: The allocation ID of the Elastic IP.
:param public_ip: The public IP address of the Elastic IP.
:param instance_id: The ID of the associated EC2 instance, if any.
"""
self.allocation_id = allocation_id
self.public_ip = public_ip
self.instance_id = instance_id
def __init__(self, ec2_client: Any) -> None:
"""
Initializes the ElasticIpWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
self.elastic_ips: List[ElasticIpWrapper.ElasticIp] = []
@classmethod
def from_client(cls) -> "ElasticIpWrapper":
"""
Creates an ElasticIpWrapper instance with a default EC2 client.
:return: An instance of ElasticIpWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def allocate(self) -> "ElasticIpWrapper.ElasticIp":
"""
Allocates an Elastic IP address that can be associated with an Amazon EC2
instance. By using an Elastic IP address, you can keep the public IP address
constant even when you restart the associated instance.
:return: The ElasticIp object for the newly created Elastic IP address.
:raises ClientError: If the allocation fails, such as reaching the maximum limit of Elastic IPs.
"""
try:
response = self.ec2_client.allocate_address(Domain="vpc")
elastic_ip = self.ElasticIp(
allocation_id=response["AllocationId"], public_ip=response["PublicIp"]
)
self.elastic_ips.append(elastic_ip)
except ClientError as err:
if err.response["Error"]["Code"] == "AddressLimitExceeded":
logger.error(
"Max IP's reached. Release unused addresses or contact AWS Support for an increase."
)
raise err
return elastic_ip
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的 AWS SDK API 參考》**中的 [AllocateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AllocateAddress)。
------
#### [ Ruby ]
**SDK for Ruby**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中設定和執行。
```
# Creates an Elastic IP address in Amazon Virtual Private Cloud (Amazon VPC).
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @return [String] The allocation ID corresponding to the Elastic IP address.
# @example
# puts allocate_elastic_ip_address(Aws::EC2::Client.new(region: 'us-west-2'))
def allocate_elastic_ip_address(ec2_client)
response = ec2_client.allocate_address(domain: 'vpc')
response.allocation_id
rescue StandardError => e
puts "Error allocating Elastic IP address: #{e.message}"
'Error'
end
```
+ 如需 API 詳細資訊,請參閱《適用於 Ruby 的 AWS SDK API 參考》**中的 [AllocateAddress](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/AllocateAddress)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
```
pub async fn allocate_ip_address(&self) -> Result {
self.client
.allocate_address()
.domain(DomainType::Vpc)
.send()
.await
.map_err(EC2Error::from)
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [AllocateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.allocate_address)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
oo_result = lo_ec2->allocateaddress( iv_domain = 'vpc' ). " oo_result is returned for testing purposes. "
MESSAGE 'Allocated an Elastic IP address.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 SAP ABAP 的AWS SDK API 參考》**中的 [AllocateAddress](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
```
import AWSEC2
/// Allocate an Elastic IP address.
///
/// - Returns: A string containing the ID of the Elastic IP.
func allocateAddress() async -> String? {
do {
let output = try await ec2Client.allocateAddress(
input: AllocateAddressInput(
domain: EC2ClientTypes.DomainType.vpc
)
)
guard let allocationId = output.allocationId else {
return nil
}
return allocationId
} catch {
print("*** Unable to allocate the IP address: \(error.localizedDescription)")
return nil
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Swift 的AWS SDK API 參考》**中的 [AllocateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/allocateaddress(input:))。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `AllocateHosts` 與 CLI
下列程式碼範例示範如何使用 `AllocateHosts`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:配置專用主機**
下列 `allocate-hosts` 範例會在 `eu-west-1a` 可用區域中配置單一專用主機,您可以在其上啟動 `m5.large` 執行個體。根據預設,專用主機僅接受目標執行個體啟動,且不支援主機復原。
```
aws ec2 allocate-hosts \
--instance-type m5.large \
--availability-zone eu-west-1a \
--quantity 1
```
輸出:
```
{
"HostIds": [
"h-07879acf49EXAMPLE"
]
}
```
**範例 2:配置已啟用自動置放和主機復原的專用主機**
下列 `allocate-hosts` 範例會在啟用自動置放和主機復原的 `eu-west-1a` 可用區域中配置單一專用主機。
```
aws ec2 allocate-hosts \
--instance-type m5.large \
--availability-zone eu-west-1a \
--auto-placement on \
--host-recovery on \
--quantity 1
```
輸出:
```
{
"HostIds": [
"h-07879acf49EXAMPLE"
]
}
```
**範例 3:使用標籤配置專用主機**
下列 `allocate-hosts` 範例會配置單一專用主機,並使用名為 `purpose` 值為 `production` 的索引鍵來套用標籤。
```
aws ec2 allocate-hosts \
--instance-type m5.large \
--availability-zone eu-west-1a \
--quantity 1 \
--tag-specifications 'ResourceType=dedicated-host,Tags={Key=purpose,Value=production}'
```
輸出:
```
{
"HostIds": [
"h-07879acf49EXAMPLE"
]
}
```
如需詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的[配置專用主機](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-allocating.html)。
+ 如需 API 詳細資訊,請參閱《*AWS CLI 命令參考*》中的 [AllocateHosts](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/allocate-hosts.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將給定執行個體類型和可用區域的專用主機,配置給您的帳戶**
```
New-EC2Host -AutoPlacement on -AvailabilityZone eu-west-1b -InstanceType m4.xlarge -Quantity 1
```
**輸出:**
```
h-01e23f4cd567890f3
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AllocateHosts](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將給定執行個體類型和可用區域的專用主機,配置給您的帳戶**
```
New-EC2Host -AutoPlacement on -AvailabilityZone eu-west-1b -InstanceType m4.xlarge -Quantity 1
```
**輸出:**
```
h-01e23f4cd567890f3
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AllocateHosts](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `AssignPrivateIpAddresses` 與 CLI
下列程式碼範例示範如何使用 `AssignPrivateIpAddresses`。
------
#### [ CLI ]
**AWS CLI**
**將特定次要私有 IP 位址指派給網路介面**
此範例將指定的次要私有 IP 位址,指派給指定的網路介面。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 assign-private-ip-addresses --network-interface-id eni-e5aa89a3 --private-ip-addresses 10.0.0.82
```
**將 Amazon EC2 選取的次要私有 IP 位址,指派給網路介面**
此範例會指派兩個次要私有 IP 位址給指定的網路介面。Amazon EC2 會自動從與網路介面相關聯的子網路 CIDR 區塊範圍中的可用 IP 位址,指派這些 IP 位址。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 assign-private-ip-addresses --network-interface-id eni-e5aa89a3 --secondary-private-ip-address-count 2
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AssignPrivateIpAddresses](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/assign-private-ip-addresses.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將指定的次要私有 IP 位址,指派給指定的網路介面。**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -PrivateIpAddress 10.0.0.82
```
**範例 2:此範例會建立兩個次要私有 IP 位址,並將其指派給指定的網路介面。**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -SecondaryPrivateIpAddressCount 2
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AssignPrivateIpAddresses](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將指定的次要私有 IP 位址,指派給指定的網路介面。**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -PrivateIpAddress 10.0.0.82
```
**範例 2:此範例會建立兩個次要私有 IP 位址,並將其指派給指定的網路介面。**
```
Register-EC2PrivateIpAddress -NetworkInterfaceId eni-1a2b3c4d -SecondaryPrivateIpAddressCount 2
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AssignPrivateIpAddresses](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `AssociateAddress` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `AssociateAddress`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中設定和執行。
```
///
/// Associates an Elastic IP address with an instance. When this association is
/// created, the Elastic IP's public IP address is immediately used as the public
/// IP address of the associated instance.
///
/// The allocation Id of an Elastic IP address.
/// The instance Id of the EC2 instance to
/// associate the address with.
/// The association Id that represents
/// the association of the Elastic IP address with an instance.
public async Task AssociateAddress(string allocationId, string instanceId)
{
try
{
var request = new AssociateAddressRequest
{
AllocationId = allocationId,
InstanceId = instanceId
};
var response = await _amazonEC2.AssociateAddressAsync(request);
return response.AssociationId;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidInstanceId")
{
_logger.LogError(
$"InstanceId is invalid, unable to associate address. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while associating the Elastic IP.: {ex.Message}");
throw;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [AssociateAddress](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/AssociateAddress)。
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# function ec2_associate_address
#
# This function associates an Elastic IP address with an Amazon Elastic Compute Cloud (Amazon EC2) instance.
#
# Parameters:
# -a allocation_id - The allocation ID of the Elastic IP address to associate.
# -i instance_id - The ID of the EC2 instance to associate the Elastic IP address with.
#
# Returns:
# 0 - If successful.
# 1 - If it fails.
#
###############################################################################
function ec2_associate_address() {
local allocation_id instance_id response
# Function to display usage information
function usage() {
echo "function ec2_associate_address"
echo "Associates an Elastic IP address with an Amazon Elastic Compute Cloud (Amazon EC2) instance."
echo " -a allocation_id - The allocation ID of the Elastic IP address to associate."
echo " -i instance_id - The ID of the EC2 instance to associate the Elastic IP address with."
echo ""
}
# Parse the command-line arguments
while getopts "a:i:h" option; do
case "${option}" in
a) allocation_id="${OPTARG}" ;;
i) instance_id="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
# Validate the input parameters
if [[ -z "$allocation_id" ]]; then
errecho "ERROR: You must provide an allocation ID with the -a parameter."
return 1
fi
if [[ -z "$instance_id" ]]; then
errecho "ERROR: You must provide an instance ID with the -i parameter."
return 1
fi
# Associate the Elastic IP address
response=$(aws ec2 associate-address \
--allocation-id "$allocation_id" \
--instance-id "$instance_id" \
--query "AssociationId" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports associate-address operation failed."
errecho "$response"
return 1
}
echo "$response"
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AssociateAddress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/AssociateAddress)。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
Aws::EC2::EC2Client ec2Client(clientConfiguration);
//! Associate an Elastic IP address with an EC2 instance.
/*!
\param instanceId: An EC2 instance ID.
\param allocationId: An Elastic IP allocation ID.
\param[out] associationID: String to receive the association ID.
\param clientConfiguration: AWS client configuration.
\return bool: True if the address was associated with the instance; otherwise, false.
*/
bool AwsDoc::EC2::associateAddress(const Aws::String &instanceId, const Aws::String &allocationId,
Aws::String &associationID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::AssociateAddressRequest request;
request.SetInstanceId(instanceId);
request.SetAllocationId(allocationId);
Aws::EC2::Model::AssociateAddressOutcome outcome = ec2Client.AssociateAddress(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to associate address " << allocationId <<
" with instance " << instanceId << ": " <<
outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully associated address " << allocationId <<
" with instance " << instanceId << std::endl;
associationID = outcome.GetResult().GetAssociationId();
}
return outcome.IsSuccess();
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [AssociateAddress](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/AssociateAddress)。
------
#### [ CLI ]
**AWS CLI**
**範例 1:建立彈性 IP 位址與執行個體的關聯**
下列 `associate-address` 範例會為彈性 IP 位址與指定的 EC2 執行個體建立關聯。
```
aws ec2 associate-address \
--instance-id i-0b263919b6498b123 \
--allocation-id eipalloc-64d5890a
```
輸出:
```
{
"AssociationId": "eipassoc-2bebb745"
}
```
**範例 2:建立彈性 IP 位址與網路介面的關聯**
下列 `associate-address` 範例會為指定的彈性 IP 位址與指定的網路介面建立關聯。
```
aws ec2 associate-address
--allocation-id eipalloc-64d5890a \
--network-interface-id eni-1a2b3c4d
```
輸出:
```
{
"AssociationId": "eipassoc-2bebb745"
}
```
**範例 3:建立彈性 IP 位址與私有 IP 位址的關聯**
下列 `associate-address` 範例會為指定的彈性 IP 位址與指定網路介面中指定的私有 IP 位址建立關聯。
```
aws ec2 associate-address \
--allocation-id eipalloc-64d5890a \
--network-interface-id eni-1a2b3c4d \
--private-ip-address 10.0.0.85
```
輸出:
```
{
"AssociationId": "eipassoc-2bebb745"
}
```
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的[彈性 IP 位址](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AssociateAddress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/associate-address.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中設定和執行。
```
/**
* Associates an Elastic IP address with an EC2 instance asynchronously.
*
* @param instanceId the ID of the EC2 instance to associate the Elastic IP address with
* @param allocationId the allocation ID of the Elastic IP address to associate
* @return a {@link CompletableFuture} that completes with the association ID when the operation is successful,
* or throws a {@link RuntimeException} if the operation fails
*/
public CompletableFuture associateAddressAsync(String instanceId, String allocationId) {
AssociateAddressRequest associateRequest = AssociateAddressRequest.builder()
.instanceId(instanceId)
.allocationId(allocationId)
.build();
CompletableFuture responseFuture = getAsyncClient().associateAddress(associateRequest);
return responseFuture.thenApply(response -> {
if (response.associationId() != null) {
return response.associationId();
} else {
throw new RuntimeException("Association ID is null after associating address.");
}
}).whenComplete((result, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to associate address", ex);
}
});
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [AssociateAddress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AssociateAddress)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { AssociateAddressCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Associates an Elastic IP address, or carrier IP address (for instances that are in subnets in Wavelength Zones)
* with an instance or a network interface.
* @param {{ instanceId: string, allocationId: string }} options
*/
export const main = async ({ instanceId, allocationId }) => {
const client = new EC2Client({});
const command = new AssociateAddressCommand({
// You need to allocate an Elastic IP address before associating it with an instance.
// You can do that with the AllocateAddressCommand.
AllocationId: allocationId,
// You need to create an EC2 instance before an IP address can be associated with it.
// You can do that with the RunInstancesCommand.
InstanceId: instanceId,
});
try {
const { AssociationId } = await client.send(command);
console.log(
`Address with allocation ID ${allocationId} is now associated with instance ${instanceId}.`,
`The association ID is ${AssociationId}.`,
);
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
console.warn(
`${caught.message}. Did you provide the ID of a valid Elastic IP address AllocationId?`,
);
} else {
throw caught;
}
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [AssociateAddress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AssociateAddressCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
suspend fun associateAddressSc(
instanceIdVal: String?,
allocationIdVal: String?,
): String? {
val associateRequest =
AssociateAddressRequest {
instanceId = instanceIdVal
allocationId = allocationIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val associateResponse = ec2.associateAddress(associateRequest)
return associateResponse.associationId
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Kotlin 的AWS SDK API 參考》**中的 [AssociateAddress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將指定的彈性 IP 位址,與 VPC 中指定的執行個體相關聯。**
```
C:\> Register-EC2Address -InstanceId i-12345678 -AllocationId eipalloc-12345678
```
**輸出:**
```
eipassoc-12345678
```
**範例 2:此範例會將指定的彈性 IP 位址,與 EC2-Classic 中指定的執行個體相關聯。**
```
C:\> Register-EC2Address -InstanceId i-12345678 -PublicIp 203.0.113.17
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AssociateAddress](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將指定的彈性 IP 位址,與 VPC 中指定的執行個體相關聯。**
```
C:\> Register-EC2Address -InstanceId i-12345678 -AllocationId eipalloc-12345678
```
**輸出:**
```
eipassoc-12345678
```
**範例 2:此範例會將指定的彈性 IP 位址,與 EC2-Classic 中指定的執行個體相關聯。**
```
C:\> Register-EC2Address -InstanceId i-12345678 -PublicIp 203.0.113.17
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AssociateAddress](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class ElasticIpWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Elastic IP address actions using the client interface."""
class ElasticIp:
"""Represents an Elastic IP and its associated instance."""
def __init__(
self, allocation_id: str, public_ip: str, instance_id: Optional[str] = None
) -> None:
"""
Initializes the ElasticIp object.
:param allocation_id: The allocation ID of the Elastic IP.
:param public_ip: The public IP address of the Elastic IP.
:param instance_id: The ID of the associated EC2 instance, if any.
"""
self.allocation_id = allocation_id
self.public_ip = public_ip
self.instance_id = instance_id
def __init__(self, ec2_client: Any) -> None:
"""
Initializes the ElasticIpWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
self.elastic_ips: List[ElasticIpWrapper.ElasticIp] = []
@classmethod
def from_client(cls) -> "ElasticIpWrapper":
"""
Creates an ElasticIpWrapper instance with a default EC2 client.
:return: An instance of ElasticIpWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def associate(
self, allocation_id: str, instance_id: str
) -> Union[Dict[str, Any], None]:
"""
Associates an Elastic IP address with an instance. When this association is
created, the Elastic IP's public IP address is immediately used as the public
IP address of the associated instance.
:param allocation_id: The allocation ID of the Elastic IP.
:param instance_id: The ID of the Amazon EC2 instance.
:return: A response that contains the ID of the association, or None if no Elastic IP is found.
:raises ClientError: If the association fails, such as when the instance ID is not found.
"""
elastic_ip = self.get_elastic_ip_by_allocation(self.elastic_ips, allocation_id)
if elastic_ip is None:
logger.info(f"No Elastic IP found with allocation ID {allocation_id}.")
return None
try:
response = self.ec2_client.associate_address(
AllocationId=allocation_id, InstanceId=instance_id
)
elastic_ip.instance_id = (
instance_id # Track the instance associated with this Elastic IP.
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidInstanceID.NotFound":
logger.error(
f"Failed to associate Elastic IP {allocation_id} with {instance_id} "
"because the specified instance ID does not exist or has not propagated fully. "
"Verify the instance ID and try again, or wait a few moments before attempting to "
"associate the Elastic IP address."
)
raise
return response
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的AWS SDK API 參考》**中的 [AssociateAddress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AssociateAddress)。
------
#### [ Ruby ]
**SDK for Ruby**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中設定和執行。
```
# Associates an Elastic IP address with an Amazon Elastic Compute Cloud
# (Amazon EC2) instance.
#
# Prerequisites:
#
# - The allocation ID corresponding to the Elastic IP address.
# - The Amazon EC2 instance.
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @param allocation_id [String] The ID of the allocation corresponding to
# the Elastic IP address.
# @param instance_id [String] The ID of the instance.
# @return [String] The assocation ID corresponding to the association of the
# Elastic IP address to the instance.
# @example
# puts allocate_elastic_ip_address(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'eipalloc-04452e528a66279EX',
# 'i-033c48ef067af3dEX')
def associate_elastic_ip_address_with_instance(
ec2_client,
allocation_id,
instance_id
)
response = ec2_client.associate_address(
allocation_id: allocation_id,
instance_id: instance_id
)
response.association_id
rescue StandardError => e
puts "Error associating Elastic IP address with instance: #{e.message}"
'Error'
end
```
+ 如需 API 詳細資訊,請參閱《適用於 Ruby 的 AWS SDK API 參考》**中的 [AssociateAddress](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/AssociateAddress)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
```
pub async fn associate_ip_address(
&self,
allocation_id: &str,
instance_id: &str,
) -> Result {
let response = self
.client
.associate_address()
.allocation_id(allocation_id)
.instance_id(instance_id)
.send()
.await?;
Ok(response)
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [AssociateAddress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.associate_address)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
oo_result = lo_ec2->associateaddress( " oo_result is returned for testing purposes. "
iv_allocationid = iv_allocation_id
iv_instanceid = iv_instance_id ).
MESSAGE 'Associated an Elastic IP address with an EC2 instance.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 SAP ABAP 的AWS SDK API 參考》**中的 [AssociateAddress](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
```
import AWSEC2
/// Associate the specified allocated Elastic IP to a given instance.
///
/// - Parameters:
/// - instanceId: The instance to associate the Elastic IP with.
/// - allocationId: The ID of the allocated Elastic IP to associate with
/// the instance.
///
/// - Returns: The association ID of the association.
func associateAddress(instanceId: String?, allocationId: String?) async -> String? {
do {
let output = try await ec2Client.associateAddress(
input: AssociateAddressInput(
allocationId: allocationId,
instanceId: instanceId
)
)
return output.associationId
} catch {
print("*** Unable to associate the IP address: \(error.localizedDescription)")
return nil
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Swift 的AWS SDK API 參考》**中的 [AssociateAddress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/associateaddress(input:))。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `AssociateDhcpOptions` 與 CLI
下列程式碼範例示範如何使用 `AssociateDhcpOptions`。
------
#### [ CLI ]
**AWS CLI**
**為 DHCP 選項集與 VPC 建立關聯**
此範例會為指定的 DHCP 選項集與指定的 VPC 建立關聯。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 associate-dhcp-options --dhcp-options-id dopt-d9070ebb --vpc-id vpc-a01106c2
```
**為預設的 DHCP 選項集與 VPC 建立關聯**
此範例會為預設的 DHCP 選項集與指定的 VPC 建立關聯。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 associate-dhcp-options --dhcp-options-id default --vpc-id vpc-a01106c2
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AssociateDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/associate-dhcp-options.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將指定的 DHCP 選項集,與指定的 VPC 相關聯。**
```
Register-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d -VpcId vpc-12345678
```
**範例 2:此範例會將預設 DHCP 選項集,與指定的 VPC 相關聯。**
```
Register-EC2DhcpOption -DhcpOptionsId default -VpcId vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AssociateDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將指定的 DHCP 選項集,與指定的 VPC 相關聯。**
```
Register-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d -VpcId vpc-12345678
```
**範例 2:此範例會將預設 DHCP 選項集,與指定的 VPC 相關聯。**
```
Register-EC2DhcpOption -DhcpOptionsId default -VpcId vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AssociateDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `AssociateRouteTable` 與 CLI
下列程式碼範例示範如何使用 `AssociateRouteTable`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**為路由表與子網路建立關聯**
此範例會為指定的路由表與指定的子網路建立關聯。
命令:
```
aws ec2 associate-route-table --route-table-id rtb-22574640 --subnet-id subnet-9d4a7b6c
```
輸出:
```
{
"AssociationId": "rtbassoc-781d0d1a"
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AssociateRouteTable](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/associate-route-table.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將指定的路由表,與指定的子網路相關聯。**
```
Register-EC2RouteTable -RouteTableId rtb-1a2b3c4d -SubnetId subnet-1a2b3c4d
```
**輸出:**
```
rtbassoc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AssociateRouteTable](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將指定的路由表,與指定的子網路相關聯。**
```
Register-EC2RouteTable -RouteTableId rtb-1a2b3c4d -SubnetId subnet-1a2b3c4d
```
**輸出:**
```
rtbassoc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AssociateRouteTable](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `AttachInternetGateway` 與 CLI
下列程式碼範例示範如何使用 `AttachInternetGateway`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**將網際網路閘道連接至 VPC**
下列 `attach-internet-gateway` 範例會將指定的網際網路閘道,連接至特定的 VPC。
```
aws ec2 attach-internet-gateway \
--internet-gateway-id igw-0d0fb496b3EXAMPLE \
--vpc-id vpc-0a60eb65b4EXAMPLE
```
此命令不會產生輸出。
如需詳細資訊,請參閱《Amazon VPC 使用者指南》**中的[網際網路閘道](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html)。
+ 如需 API 詳細資訊,請參閱《*AWS CLI 命令參考*》中的 [AttachInternetGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-internet-gateway.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將指定的網際網路閘道,連接到指定的 VPC。**
```
Add-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d -VpcId vpc-12345678
```
**範例 2:此範例會建立 VPC 和網際網路閘道,然後將網際網路閘道連接至 VPC。**
```
$vpc = New-EC2Vpc -CidrBlock 10.0.0.0/16
New-EC2InternetGateway | Add-EC2InternetGateway -VpcId $vpc.VpcId
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AttachInternetGateway](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將指定的網際網路閘道,連接到指定的 VPC。**
```
Add-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d -VpcId vpc-12345678
```
**範例 2:此範例會建立 VPC 和網際網路閘道,然後將網際網路閘道連接至 VPC。**
```
$vpc = New-EC2Vpc -CidrBlock 10.0.0.0/16
New-EC2InternetGateway | Add-EC2InternetGateway -VpcId $vpc.VpcId
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AttachInternetGateway](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `AttachNetworkInterface` 與 CLI
下列程式碼範例示範如何使用 `AttachNetworkInterface`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:將網路介面連接到執行個體**
下列 `attach-network-interface` 範例會將指定的網路介面,連接至指定的執行個體。
```
aws ec2 attach-network-interface \
--network-interface-id eni-0dc56a8d4640ad10a \
--instance-id i-1234567890abcdef0 \
--device-index 1
```
輸出:
```
{
"AttachmentId": "eni-attach-01a8fc87363f07cf9"
}
```
如需詳細,請參閱*《Amazon EC2 使用者指南》*中的[彈性網絡介面](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html)。
**範例 2:將網路介面連接至具有多張網路卡的執行個體**
下列 `attach-network-interface` 範例會將指定的網路介面,連接到指定的執行個體和網路卡。
```
aws ec2 attach-network-interface \
--network-interface-id eni-07483b1897541ad83 \
--instance-id i-01234567890abcdef \
--network-card-index 1 \
--device-index 1
```
輸出:
```
{
"AttachmentId": "eni-attach-0fbd7ee87a88cd06c"
}
```
如需詳細,請參閱*《Amazon EC2 使用者指南》*中的[彈性網絡介面](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html)。
+ 如需 API 詳細資訊,請參閱《*AWS CLI 命令參考*》中的 [AttachNetworkInterface](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-network-interface.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將指定的網路介面連接到指定的執行個體。**
```
Add-EC2NetworkInterface -NetworkInterfaceId eni-12345678 -InstanceId i-1a2b3c4d -DeviceIndex 1
```
**輸出:**
```
eni-attach-1a2b3c4d
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AttachNetworkInterface](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將指定的網路介面連接到指定的執行個體。**
```
Add-EC2NetworkInterface -NetworkInterfaceId eni-12345678 -InstanceId i-1a2b3c4d -DeviceIndex 1
```
**輸出:**
```
eni-attach-1a2b3c4d
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AttachNetworkInterface](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `AttachVolume` 與 CLI
下列程式碼範例示範如何使用 `AttachVolume`。
------
#### [ CLI ]
**AWS CLI**
**將磁碟區連接至執行個體**
此範例命令會將磁碟區 (`vol-1234567890abcdef0`) 連接至執行個體 (`i-01474ef662b89480`) 做為 `/dev/sdf`。
命令:
```
aws ec2 attach-volume --volume-id vol-1234567890abcdef0 --instance-id i-01474ef662b89480 --device /dev/sdf
```
輸出:
```
{
"AttachTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"InstanceId": "i-01474ef662b89480",
"VolumeId": "vol-1234567890abcdef0",
"State": "attaching",
"Device": "/dev/sdf"
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AttachVolume](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-volume.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將指定的磁碟區連接至指定的執行個體,並使用指定的裝置名稱將其公開。**
```
Add-EC2Volume -VolumeId vol-12345678 -InstanceId i-1a2b3c4d -Device /dev/sdh
```
**輸出:**
```
AttachTime : 12/22/2015 1:53:58 AM
DeleteOnTermination : False
Device : /dev/sdh
InstanceId : i-1a2b3c4d
State : attaching
VolumeId : vol-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AttachVolume](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將指定的磁碟區連接至指定的執行個體,並使用指定的裝置名稱將其公開。**
```
Add-EC2Volume -VolumeId vol-12345678 -InstanceId i-1a2b3c4d -Device /dev/sdh
```
**輸出:**
```
AttachTime : 12/22/2015 1:53:58 AM
DeleteOnTermination : False
Device : /dev/sdh
InstanceId : i-1a2b3c4d
State : attaching
VolumeId : vol-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AttachVolume](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `AttachVpnGateway` 與 CLI
下列程式碼範例示範如何使用 `AttachVpnGateway`。
------
#### [ CLI ]
**AWS CLI**
**將虛擬私有閘道連接到 VPC**
下列 `attach-vpn-gateway` 範例會將指定的虛擬私有閘道連接至指定的 VPC。
```
aws ec2 attach-vpn-gateway \
--vpn-gateway-id vgw-9a4cacf3 \
--vpc-id vpc-a01106c2
```
輸出:
```
{
"VpcAttachment": {
"State": "attaching",
"VpcId": "vpc-a01106c2"
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AttachVpnGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/attach-vpn-gateway.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將指定的虛擬私有閘道,連接至指定的 VPC。**
```
Add-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d -VpcId vpc-12345678
```
**輸出:**
```
State VpcId
----- -----
attaching vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AttachVpnGateway](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將指定的虛擬私有閘道,連接至指定的 VPC。**
```
Add-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d -VpcId vpc-12345678
```
**輸出:**
```
State VpcId
----- -----
attaching vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AttachVpnGateway](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `AuthorizeSecurityGroupEgress` 與 CLI
下列程式碼範例示範如何使用 `AuthorizeSecurityGroupEgress`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:新增允許輸出流量至特定位址範圍的規則**
下列 `authorize-security-group-egress` 範例新增規則,授予 TCP 連接埠 80 上指定之位址範圍的存取權。
```
aws ec2 authorize-security-group-egress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges=[{CidrIp=10.0.0.0/16}]'
```
輸出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0b15794cdb17bf29c",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": true,
"IpProtocol": "tcp",
"FromPort": 80,
"ToPort": 80,
"CidrIpv4": "10.0.0.0/16"
}
]
}
```
**範例 2:新增允許輸出流量至特定安全群組的規則**
下列 `authorize-security-group-egress` 範例新增規則,授予 TCP 連接埠 80 上指定之安全群組的存取權。
```
aws ec2 authorize-security-group-egress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=80,ToPort=80,UserIdGroupPairs=[{GroupId=sg-0aad1c26bbeec5c22}]'
```
輸出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0b5dd815afcea9cc3",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": true,
"IpProtocol": "tcp",
"FromPort": 80,
"ToPort": 80,
"ReferencedGroupInfo": {
"GroupId": "sg-0aad1c26bbeec5c22",
"UserId": "123456789012"
}
}
]
}
```
如需詳細資訊,請參閱《Amazon VPC 使用者指南》**中的[安全群組](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AuthorizeSecurityGroupEgress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/authorize-security-group-egress.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例定義 EC2-VPC 指定安全群組的傳出規則。此規則會授予 TCP 連接埠 80 上指定 IP 位址範圍的存取權。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
$ip = @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; IpRanges="203.0.113.0/24" }
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**範例 2:使用 PowerShell 版本 2 時,必須使用 New-Object 建立 IpPermission 物件。**
```
$ip = New-Object Amazon.EC2.Model.IpPermission
$ip.IpProtocol = "tcp"
$ip.FromPort = 80
$ip.ToPort = 80
$ip.IpRanges.Add("203.0.113.0/24")
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**範例 3:此範例會授予 TCP 連接埠 80 上指定之來源安全群組的存取權。**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; UserIdGroupPairs=$ug } )
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AuthorizeSecurityGroupEgress](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例定義 EC2-VPC 指定安全群組的傳出規則。此規則會授予 TCP 連接埠 80 上指定 IP 位址範圍的存取權。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
$ip = @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; IpRanges="203.0.113.0/24" }
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**範例 2:使用 PowerShell 版本 2 時,必須使用 New-Object 建立 IpPermission 物件。**
```
$ip = New-Object Amazon.EC2.Model.IpPermission
$ip.IpProtocol = "tcp"
$ip.FromPort = 80
$ip.ToPort = 80
$ip.IpRanges.Add("203.0.113.0/24")
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
```
**範例 3:此範例會授予 TCP 連接埠 80 上指定之來源安全群組的存取權。**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; UserIdGroupPairs=$ug } )
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AuthorizeSecurityGroupEgress](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `AuthorizeSecurityGroupIngress` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `AuthorizeSecurityGroupIngress`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中設定和執行。
```
///
/// Authorize the local computer ingress to EC2 instances associated
/// with the virtual private cloud (VPC) security group.
///
/// The name of the security group.
/// A Boolean value indicating the success of the action.
public async Task AuthorizeSecurityGroupIngress(string groupName)
{
try
{
// Get the IP address for the local computer.
var ipAddress = await GetIpAddress();
Console.WriteLine($"Your IP address is: {ipAddress}");
var ipRanges =
new List { new IpRange { CidrIp = $"{ipAddress}/32" } };
var permission = new IpPermission
{
Ipv4Ranges = ipRanges,
IpProtocol = "tcp",
FromPort = 22,
ToPort = 22
};
var permissions = new List { permission };
var response = await _amazonEC2.AuthorizeSecurityGroupIngressAsync(
new AuthorizeSecurityGroupIngressRequest(groupName, permissions));
return response.HttpStatusCode == HttpStatusCode.OK;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidPermission.Duplicate")
{
_logger.LogError(
$"The ingress rule already exists. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while authorizing ingress.: {ex.Message}");
throw;
}
}
///
/// Authorize the local computer for ingress to
/// the Amazon EC2 SecurityGroup.
///
/// The IPv4 address of the computer running the scenario.
private static async Task GetIpAddress()
{
var httpClient = new HttpClient();
var ipString = await httpClient.GetStringAsync("https://checkip.amazonaws.com");
// The IP address is returned with a new line
// character on the end. Trim off the whitespace and
// return the value to the caller.
return ipString.Trim();
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/AuthorizeSecurityGroupIngress)。
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# function ec2_authorize_security_group_ingress
#
# This function authorizes an ingress rule for an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Parameters:
# -g security_group_id - The ID of the security group.
# -i ip_address - The IP address or CIDR block to authorize.
# -p protocol - The protocol to authorize (e.g., tcp, udp, icmp).
# -f from_port - The start of the port range to authorize.
# -t to_port - The end of the port range to authorize.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_authorize_security_group_ingress() {
local security_group_id ip_address protocol from_port to_port response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_authorize_security_group_ingress"
echo "Authorizes an ingress rule for an Amazon Elastic Compute Cloud (Amazon EC2) security group."
echo " -g security_group_id - The ID of the security group."
echo " -i ip_address - The IP address or CIDR block to authorize."
echo " -p protocol - The protocol to authorize (e.g., tcp, udp, icmp)."
echo " -f from_port - The start of the port range to authorize."
echo " -t to_port - The end of the port range to authorize."
echo ""
}
# Retrieve the calling parameters.
while getopts "g:i:p:f:t:h" option; do
case "${option}" in
g) security_group_id="${OPTARG}" ;;
i) ip_address="${OPTARG}" ;;
p) protocol="${OPTARG}" ;;
f) from_port="${OPTARG}" ;;
t) to_port="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$security_group_id" ]]; then
errecho "ERROR: You must provide a security group ID with the -g parameter."
usage
return 1
fi
if [[ -z "$ip_address" ]]; then
errecho "ERROR: You must provide an IP address or CIDR block with the -i parameter."
usage
return 1
fi
if [[ -z "$protocol" ]]; then
errecho "ERROR: You must provide a protocol with the -p parameter."
usage
return 1
fi
if [[ -z "$from_port" ]]; then
errecho "ERROR: You must provide a start port with the -f parameter."
usage
return 1
fi
if [[ -z "$to_port" ]]; then
errecho "ERROR: You must provide an end port with the -t parameter."
usage
return 1
fi
response=$(aws ec2 authorize-security-group-ingress \
--group-id "$security_group_id" \
--cidr "${ip_address}/32" \
--protocol "$protocol" \
--port "$from_port-$to_port" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports authorize-security-group-ingress operation failed.$response"
return 1
}
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/AuthorizeSecurityGroupIngress)。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! Authorize ingress to an Amazon Elastic Compute Cloud (Amazon EC2) group.
/*!
\param groupID: The EC2 group ID.
\param clientConfiguration: The ClientConfiguration object.
\return bool: True if the operation was successful, false otherwise.
*/
bool
AwsDoc::EC2::authorizeSecurityGroupIngress(const Aws::String &groupID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest;
authorizeSecurityGroupIngressRequest.SetGroupId(groupID);
buildSampleIngressRule(authorizeSecurityGroupIngressRequest);
Aws::EC2::Model::AuthorizeSecurityGroupIngressOutcome authorizeSecurityGroupIngressOutcome =
ec2Client.AuthorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest);
if (authorizeSecurityGroupIngressOutcome.IsSuccess()) {
std::cout << "Successfully authorized security group ingress." << std::endl;
} else {
std::cerr << "Error authorizing security group ingress: "
<< authorizeSecurityGroupIngressOutcome.GetError().GetMessage() << std::endl;
}
return authorizeSecurityGroupIngressOutcome.IsSuccess();
}
```
用於建置輸入規則的公用程式函數。
```
//! Build a sample ingress rule.
/*!
\param authorize_request: An 'AuthorizeSecurityGroupIngressRequest' instance.
\return void:
*/
void buildSampleIngressRule(
Aws::EC2::Model::AuthorizeSecurityGroupIngressRequest &authorize_request) {
Aws::String ingressIPRange = "203.0.113.0/24"; // Configure this for your allowed IP range.
Aws::EC2::Model::IpRange ip_range;
ip_range.SetCidrIp(ingressIPRange);
Aws::EC2::Model::IpPermission permission1;
permission1.SetIpProtocol("tcp");
permission1.SetToPort(80);
permission1.SetFromPort(80);
permission1.AddIpRanges(ip_range);
authorize_request.AddIpPermissions(permission1);
Aws::EC2::Model::IpPermission permission2;
permission2.SetIpProtocol("tcp");
permission2.SetToPort(22);
permission2.SetFromPort(22);
permission2.AddIpRanges(ip_range);
authorize_request.AddIpPermissions(permission2);
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/AuthorizeSecurityGroupIngress)。
------
#### [ CLI ]
**AWS CLI**
**範例 1:新增規則,以允許傳入 SSH 流量**
以下 `authorize-security-group-ingress` 範例會新增規則,以允許 TCP 連接埠 22 (SSH) 上的傳入流量。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--protocol tcp \
--port 22 \
--cidr 203.0.113.0/24
```
輸出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-01afa97ef3e1bedfc",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"CidrIpv4": "203.0.113.0/24"
}
]
}
```
**範例 2:新增規則,以允許來自其他安全群組的傳入 HTTP 流量**
下列 `authorize-security-group-ingress` 範例會新增規則,以允許 TCP 連接埠 80 上來自來源安全群組 `sg-1a2b3c4d` 的傳入存取。來源群組必須在相同 VPC 或對等 VPC 中 (需要 VPC 對等互連)。傳入流量會根據與來源安全群組相關聯之執行個體的私有 IP 位址允許 (而非公有 IP 位址或彈性 IP 位址)。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--protocol tcp \
--port 80 \
--source-group sg-1a2b3c4d
```
輸出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-01f4be99110f638a7",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 80,
"ToPort": 80,
"ReferencedGroupInfo": {
"GroupId": "sg-1a2b3c4d",
"UserId": "123456789012"
}
}
]
}
```
**範例 3:在相同的呼叫中新增多個規則**
下列 `authorize-security-group-ingress` 範例會使用 `ip-permissions` 參數來新增兩個傳入規則;一個規則可在 TCP 連接埠 3389 (RDP) 上啟用傳入存取,另一個規則可啟用 Ping/ICMP。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges=[{CidrIp=172.31.0.0/16}]' 'IpProtocol=icmp,FromPort=-1,ToPort=-1,IpRanges=[{CidrIp=172.31.0.0/16}]'
```
輸出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-00e06e5d3690f29f3",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 3389,
"ToPort": 3389,
"CidrIpv4": "172.31.0.0/16"
},
{
"SecurityGroupRuleId": "sgr-0a133dd4493944b87",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": -1,
"ToPort": -1,
"CidrIpv4": "172.31.0.0/16"
}
]
}
```
**範例 4:為 ICMP 流量新增規則**
下列 `authorize-security-group-ingress` 範例會使用 `ip-permissions` 參數來新增傳入規則,以允許來自任何地方的 ICMP 訊息 `Destination Unreachable: Fragmentation Needed and Don't Fragment was Set` (類型 3,代碼 4)。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=icmp,FromPort=3,ToPort=4,IpRanges=[{CidrIp=0.0.0.0/0}]'
```
輸出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0de3811019069b787",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "icmp",
"FromPort": 3,
"ToPort": 4,
"CidrIpv4": "0.0.0.0/0"
}
]
}
```
**範例 5:為 IPv6 流量新增規則**
下列 `authorize-security-group-ingress` 範例會使用 `ip-permissions` 參數新增傳入規則,以允許來自 IPv6 範圍 `2001:db8:1234:1a00::/64` 的 SSH 存取 (連接埠 22)。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=22,ToPort=22,Ipv6Ranges=[{CidrIpv6=2001:db8:1234:1a00::/64}]'
```
輸出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0455bc68b60805563",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"CidrIpv6": "2001:db8:1234:1a00::/64"
}
]
}
```
**範例 6:為 ICMPv6 流量新增規則**
下列 `authorize-security-group-ingress` 範例會使用 `ip-permissions` 參數來新增傳入規則,以允許來自任何地方的 ICMPv6 流量。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=icmpv6,Ipv6Ranges=[{CidrIpv6=::/0}]'
```
輸出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-04b612d9363ab6327",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "icmpv6",
"FromPort": -1,
"ToPort": -1,
"CidrIpv6": "::/0"
}
]
}
```
**範例 7:新增具有描述的規則**
下列 `authorize-security-group-ingress` 範例會使用 `ip-permissions` 參數來新增傳入規則,以允許來自指定 IPv4 地址範圍的 RDP 流量。此規則提供描述,可於稍後協助識別。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-1234567890abcdef0 \
--ip-permissions 'IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges=[{CidrIp=203.0.113.0/24,Description='RDP access from NY office'}]'
```
輸出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-0397bbcc01e974db3",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 3389,
"ToPort": 3389,
"CidrIpv4": "203.0.113.0/24",
"Description": "RDP access from NY office"
}
]
}
```
**範例 8:新增使用字首清單的傳入規則**
下列 `authorize-security-group-ingress` 範例會使用 `ip-permissions` 參數來新增傳入規則,以允許指定字首清單中 CIDR 範圍適用的所有流量。
```
aws ec2 authorize-security-group-ingress \
--group-id sg-04a351bfe432d4e71 \
--ip-permissions 'IpProtocol=all,PrefixListIds=[{PrefixListId=pl-002dc3ec097de1514}]'
```
輸出:
```
{
"Return": true,
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-09c74b32f677c6c7c",
"GroupId": "sg-1234567890abcdef0",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "-1",
"FromPort": -1,
"ToPort": -1,
"PrefixListId": "pl-0721453c7ac4ec009"
}
]
}
```
如需詳細資訊,請參閱《Amazon VPC 使用者指南》**中的[安全群組](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [AuthorizeSecurityGroupIngress](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/authorize-security-group-ingress.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中設定和執行。
```
/**
* Creates a new security group asynchronously with the specified group name, description, and VPC ID. It also
* authorizes inbound traffic on ports 80 and 22 from the specified IP address.
*
* @param groupName the name of the security group to create
* @param groupDesc the description of the security group
* @param vpcId the ID of the VPC in which to create the security group
* @param myIpAddress the IP address from which to allow inbound traffic (e.g., "192.168.1.1/0" to allow traffic from
* any IP address in the 192.168.1.0/24 subnet)
* @return a CompletableFuture that, when completed, returns the ID of the created security group
* @throws RuntimeException if there was a failure creating the security group or authorizing the inbound traffic
*/
public CompletableFuture createSecurityGroupAsync(String groupName, String groupDesc, String vpcId, String myIpAddress) {
CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder()
.groupName(groupName)
.description(groupDesc)
.vpcId(vpcId)
.build();
return getAsyncClient().createSecurityGroup(createRequest)
.thenCompose(createResponse -> {
String groupId = createResponse.groupId();
IpRange ipRange = IpRange.builder()
.cidrIp(myIpAddress + "/32")
.build();
IpPermission ipPerm = IpPermission.builder()
.ipProtocol("tcp")
.toPort(80)
.fromPort(80)
.ipRanges(ipRange)
.build();
IpPermission ipPerm2 = IpPermission.builder()
.ipProtocol("tcp")
.toPort(22)
.fromPort(22)
.ipRanges(ipRange)
.build();
AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder()
.groupName(groupName)
.ipPermissions(ipPerm, ipPerm2)
.build();
return getAsyncClient().authorizeSecurityGroupIngress(authRequest)
.thenApply(authResponse -> groupId);
})
.whenComplete((result, exception) -> {
if (exception != null) {
if (exception instanceof CompletionException && exception.getCause() instanceof Ec2Exception) {
throw (Ec2Exception) exception.getCause();
} else {
throw new RuntimeException("Failed to create security group: " + exception.getMessage(), exception);
}
}
});
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/AuthorizeSecurityGroupIngress)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import {
AuthorizeSecurityGroupIngressCommand,
EC2Client,
} from "@aws-sdk/client-ec2";
/**
* Adds the specified inbound (ingress) rules to a security group.
* @param {{ groupId: string, ipAddress: string }} options
*/
export const main = async ({ groupId, ipAddress }) => {
const client = new EC2Client({});
const command = new AuthorizeSecurityGroupIngressCommand({
// Use a group ID from the AWS console or
// the DescribeSecurityGroupsCommand.
GroupId: groupId,
IpPermissions: [
{
IpProtocol: "tcp",
FromPort: 22,
ToPort: 22,
// The IP address to authorize.
// For more information on this notation, see
// https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation
IpRanges: [{ CidrIp: `${ipAddress}/32` }],
},
],
});
try {
const { SecurityGroupRules } = await client.send(command);
console.log(JSON.stringify(SecurityGroupRules, null, 2));
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidGroupId.Malformed") {
console.warn(`${caught.message}. Please provide a valid GroupId.`);
} else {
throw caught;
}
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/AuthorizeSecurityGroupIngressCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
suspend fun createEC2SecurityGroupSc(
groupNameVal: String?,
groupDescVal: String?,
vpcIdVal: String?,
myIpAddress: String?,
): String? {
val request =
CreateSecurityGroupRequest {
groupName = groupNameVal
description = groupDescVal
vpcId = vpcIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val resp = ec2.createSecurityGroup(request)
val ipRange =
IpRange {
cidrIp = "$myIpAddress/0"
}
val ipPerm =
IpPermission {
ipProtocol = "tcp"
toPort = 80
fromPort = 80
ipRanges = listOf(ipRange)
}
val ipPerm2 =
IpPermission {
ipProtocol = "tcp"
toPort = 22
fromPort = 22
ipRanges = listOf(ipRange)
}
val authRequest =
AuthorizeSecurityGroupIngressRequest {
groupName = groupNameVal
ipPermissions = listOf(ipPerm, ipPerm2)
}
ec2.authorizeSecurityGroupIngress(authRequest)
println("Successfully added ingress policy to Security Group $groupNameVal")
return resp.groupId
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Kotlin 的 AWS SDK API 參考》**中的 [AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例定義 EC2-VPC 安全群組的傳入規則。這些規則會授予 SSH (連接埠 22) 和 RDC (連接埠 3389) 特定 IP 位址的存取權。請注意,您必須使用安全群組 ID 而非安全性群組名稱,來識別 EC2-VPC 的安全群組。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**範例 2:使用 PowerShell 版本 2 時,必須使用 New-Object 建立 IpPermission 物件。**
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**範例 3:此範例定義 EC2-Classic 安全群組的傳入規則。這些規則會授予 SSH (連接埠 22) 和 RDC (連接埠 3389) 特定 IP 位址的存取權。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**範例 4:使用 PowerShell 版本 2 時,必須使用 New-Object 建立 IpPermission 物件。**
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**範例 5:此範例會將來自指定來源安全群組 (sg-1a2b3c4d) 的 TCP 連接埠 8081 存取權,授予指定的安全群組 (sg-12345678)。**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="8081"; ToPort="8081"; UserIdGroupPairs=$ug } )
```
**範例 6:此範例會將 CIDR 5.5.5.5/32 新增至安全群組 sg-1234abcd 的傳入規則,以描述 TCP 連接埠 22 流量。**
```
$IpRange = New-Object -TypeName Amazon.EC2.Model.IpRange
$IpRange.CidrIp = "5.5.5.5/32"
$IpRange.Description = "SSH from Office"
$IpPermission = New-Object Amazon.EC2.Model.IpPermission
$IpPermission.IpProtocol = "tcp"
$IpPermission.ToPort = 22
$IpPermission.FromPort = 22
$IpPermission.Ipv4Ranges = $IpRange
Grant-EC2SecurityGroupIngress -GroupId sg-1234abcd -IpPermission $IpPermission
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例定義 EC2-VPC 安全群組的傳入規則。這些規則會授予 SSH (連接埠 22) 和 RDC (連接埠 3389) 特定 IP 位址的存取權。請注意,您必須使用安全群組 ID 而非安全性群組名稱,來識別 EC2-VPC 的安全群組。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**範例 2:使用 PowerShell 版本 2 時,必須使用 New-Object 建立 IpPermission 物件。**
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( $ip1, $ip2 )
```
**範例 3:此範例定義 EC2-Classic 安全群組的傳入規則。這些規則會授予 SSH (連接埠 22) 和 RDC (連接埠 3389) 特定 IP 位址的存取權。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
$ip1 = @{ IpProtocol="tcp"; FromPort="22"; ToPort="22"; IpRanges="203.0.113.25/32" }
$ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="203.0.113.25/32" }
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**範例 4:使用 PowerShell 版本 2 時,必須使用 New-Object 建立 IpPermission 物件。**
```
$ip1 = New-Object Amazon.EC2.Model.IpPermission
$ip1.IpProtocol = "tcp"
$ip1.FromPort = 22
$ip1.ToPort = 22
$ip1.IpRanges.Add("203.0.113.25/32")
$ip2 = new-object Amazon.EC2.Model.IpPermission
$ip2.IpProtocol = "tcp"
$ip2.FromPort = 3389
$ip2.ToPort = 3389
$ip2.IpRanges.Add("203.0.113.25/32")
Grant-EC2SecurityGroupIngress -GroupName "my-security-group" -IpPermission @( $ip1, $ip2 )
```
**範例 5:此範例會將來自指定來源安全群組 (sg-1a2b3c4d) 的 TCP 連接埠 8081 存取權,授予指定的安全群組 (sg-12345678)。**
```
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair
$ug.GroupId = "sg-1a2b3c4d"
$ug.UserId = "123456789012"
Grant-EC2SecurityGroupIngress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="8081"; ToPort="8081"; UserIdGroupPairs=$ug } )
```
**範例 6:此範例會將 CIDR 5.5.5.5/32 新增至安全群組 sg-1234abcd 的傳入規則,以描述 TCP 連接埠 22 流量。**
```
$IpRange = New-Object -TypeName Amazon.EC2.Model.IpRange
$IpRange.CidrIp = "5.5.5.5/32"
$IpRange.Description = "SSH from Office"
$IpPermission = New-Object Amazon.EC2.Model.IpPermission
$IpPermission.IpProtocol = "tcp"
$IpPermission.ToPort = 22
$IpPermission.FromPort = 22
$IpPermission.Ipv4Ranges = $IpRange
Grant-EC2SecurityGroupIngress -GroupId sg-1234abcd -IpPermission $IpPermission
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def authorize_ingress(self, ssh_ingress_ip: str) -> Optional[Dict[str, Any]]:
"""
Adds a rule to the security group to allow access to SSH.
:param ssh_ingress_ip: The IP address that is granted inbound access to connect
to port 22 over TCP, used for SSH.
:return: The response to the authorization request. The 'Return' field of the
response indicates whether the request succeeded or failed, or None if no security group is set.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
if self.security_group is None:
logger.info("No security group to update.")
return None
try:
ip_permissions = [
{
# SSH ingress open to only the specified IP address.
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"IpRanges": [{"CidrIp": f"{ssh_ingress_ip}/32"}],
}
]
response = self.ec2_client.authorize_security_group_ingress(
GroupId=self.security_group, IpPermissions=ip_permissions
)
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidPermission.Duplicate":
logger.error(
f"The SSH ingress rule for IP {ssh_ingress_ip} already exists"
f"in security group '{self.security_group}'."
)
raise
else:
return response
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的 AWS SDK API 參考》**中的 [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/AuthorizeSecurityGroupIngress)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
```
/// Add an ingress rule to a security group explicitly allowing IPv4 address
/// as {ip}/32 over TCP port 22.
pub async fn authorize_security_group_ssh_ingress(
&self,
group_id: &str,
ingress_ips: Vec,
) -> Result<(), EC2Error> {
tracing::info!("Authorizing ingress for security group {group_id}");
self.client
.authorize_security_group_ingress()
.group_id(group_id)
.set_ip_permissions(Some(
ingress_ips
.into_iter()
.map(|ip| {
IpPermission::builder()
.ip_protocol("tcp")
.from_port(22)
.to_port(22)
.ip_ranges(IpRange::builder().cidr_ip(format!("{ip}/32")).build())
.build()
})
.collect(),
))
.send()
.await?;
Ok(())
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [AuthorizeSecurityGroupIngress](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.authorize_security_group_ingress)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
" Create IP permissions for SSH access (port 22)
" iv_cidr_ip = '192.0.2.0/24'
DATA lt_ip_permissions TYPE /aws1/cl_ec2ippermission=>tt_ippermissionlist.
DATA(lo_ip_permission) = NEW /aws1/cl_ec2ippermission(
iv_ipprotocol = 'tcp'
iv_fromport = 22
iv_toport = 22
it_ipranges = VALUE /aws1/cl_ec2iprange=>tt_iprangelist(
( NEW /aws1/cl_ec2iprange( iv_cidrip = iv_cidr_ip ) )
)
).
APPEND lo_ip_permission TO lt_ip_permissions.
TRY.
oo_result = lo_ec2->authsecuritygroupingress( " oo_result is returned for testing purposes. "
iv_groupid = iv_group_id
it_ippermissions = lt_ip_permissions ).
MESSAGE 'Authorized ingress rule for security group.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 *AWS SAP ABAP 的 SDK API 參考*》中的 [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
```
import AWSEC2
/// Authorize ingress of connections for the security group.
///
/// - Parameters:
/// - groupId: The group ID of the security group to authorize access for.
/// - ipAddress: The IP address of the device to grant access to.
///
/// - Returns: `true` if access is successfully granted; otherwise `false`.
func authorizeSecurityGroupIngress(groupId: String, ipAddress: String) async -> Bool {
let ipRange = EC2ClientTypes.IpRange(cidrIp: "\(ipAddress)/0")
let httpPermission = EC2ClientTypes.IpPermission(
fromPort: 80,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 80
)
let sshPermission = EC2ClientTypes.IpPermission(
fromPort: 22,
ipProtocol: "tcp",
ipRanges: [ipRange],
toPort: 22
)
do {
_ = try await ec2Client.authorizeSecurityGroupIngress(
input: AuthorizeSecurityGroupIngressInput(
groupId: groupId,
ipPermissions: [httpPermission, sshPermission]
)
)
return true
} catch {
print("*** Error authorizing ingress for the security group: \(error.localizedDescription)")
return false
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Swift 的 AWS SDK API 參考》**中的 [AuthorizeSecurityGroupIngress](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/authorizesecuritygroupingress(input:))。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CancelCapacityReservation` 與 CLI
下列程式碼範例示範如何使用 `CancelCapacityReservation`。
------
#### [ CLI ]
**AWS CLI**
**取消容量保留**
下列 `cancel-capacity-reservation` 範例會取消指定的容量保留。
```
aws ec2 cancel-capacity-reservation \
--capacity-reservation-id cr-1234abcd56EXAMPLE
```
輸出:
```
{
"Return": true
}
```
如需詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的[容量保留機群](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-release.html)。
+ 如需 API 詳細資訊,請參閱《*AWS CLI 命令參考*》中的 [CancelCapacityReservation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-capacity-reservation.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會取消容量保留 cr-0c1f2345db6f7cdba**
```
Remove-EC2CapacityReservation -CapacityReservationId cr-0c1f2345db6f7cdba
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2CapacityReservation (CancelCapacityReservation)" on target "cr-0c1f2345db6f7cdba".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y
True
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CancelCapacityReservation](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會取消容量保留 cr-0c1f2345db6f7cdba**
```
Remove-EC2CapacityReservation -CapacityReservationId cr-0c1f2345db6f7cdba
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2CapacityReservation (CancelCapacityReservation)" on target "cr-0c1f2345db6f7cdba".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y
True
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CancelCapacityReservation](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CancelImportTask` 與 CLI
下列程式碼範例示範如何使用 `CancelImportTask`。
------
#### [ CLI ]
**AWS CLI**
**取消匯入作業**
下列 `cancel-import-task` 範例會取消指定的匯入映像任務。
```
aws ec2 cancel-import-task \
--import-task-id import-ami-1234567890abcdef0
```
輸出:
```
{
"ImportTaskId": "import-ami-1234567890abcdef0",
"PreviousState": "active",
"State": "deleting"
}
```
+ 如需 API 詳細資訊,請參閱《*AWS CLI 命令參考*》中的 [CancelImportTask](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-import-task.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會取消指定的匯入任務 (快照或映像匯入)。如有必要,可以使用 `-CancelReason` 參數提供原因。**
```
Stop-EC2ImportTask -ImportTaskId import-ami-abcdefgh
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CancelImportTask](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會取消指定的匯入任務 (快照或映像匯入)。如有必要,可以使用 `-CancelReason` 參數提供原因。**
```
Stop-EC2ImportTask -ImportTaskId import-ami-abcdefgh
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CancelImportTask](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CancelSpotFleetRequests` 與 CLI
下列程式碼範例示範如何使用 `CancelSpotFleetRequests`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:取消 Spot 機群請求,並終止相關聯的執行個體**
下列 `cancel-spot-fleet-requests` 範例會取消 Spot 機群請求,並終止相關聯的隨需執行個體和 Spot 執行個體。
```
aws ec2 cancel-spot-fleet-requests \
--spot-fleet-request-ids sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE \
--terminate-instances
```
輸出:
```
{
"SuccessfulFleetRequests": [
{
"SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE",
"CurrentSpotFleetRequestState": "cancelled_terminating",
"PreviousSpotFleetRequestState": "active"
}
],
"UnsuccessfulFleetRequests": []
}
```
**範例 2:取消 Spot 機群請求,無需終止相關聯的執行個體**
下列 `cancel-spot-fleet-requests` 範例會取消 Spot 機群請求,無需終止相關聯的隨需執行個體和 Spot 執行個體。
```
aws ec2 cancel-spot-fleet-requests \
--spot-fleet-request-ids sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE \
--no-terminate-instances
```
輸出:
```
{
"SuccessfulFleetRequests": [
{
"SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE",
"CurrentSpotFleetRequestState": "cancelled_running",
"PreviousSpotFleetRequestState": "active"
}
],
"UnsuccessfulFleetRequests": []
}
```
如需詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的[取消 Spot 機群請求](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cancel-spot-fleet.html)。
+ 如需 API 詳細資訊,請參閱《*AWS CLI 命令參考*》中的 [CancelSpotFleetRequests](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-spot-fleet-requests.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會取消指定的 Spot 機群請求,並終止相關聯的 Spot 執行個體。**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $true
```
**範例 2:此範例會取消指定的 Spot 機群請求,但不會終止相關聯的 Spot 執行個體。**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $false
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CancelSpotFleetRequests](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會取消指定的 Spot 機群請求,並終止相關聯的 Spot 執行個體。**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $true
```
**範例 2:此範例會取消指定的 Spot 機群請求,但不會終止相關聯的 Spot 執行個體。**
```
Stop-EC2SpotFleetRequest -SpotFleetRequestId sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE -TerminateInstance $false
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CancelSpotFleetRequests](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CancelSpotInstanceRequests` 與 CLI
下列程式碼範例示範如何使用 `CancelSpotInstanceRequests`。
------
#### [ CLI ]
**AWS CLI**
**取消 Spot 執行個體請求**
此範例命令會取消 Spot 執行個體請求。
命令:
```
aws ec2 cancel-spot-instance-requests --spot-instance-request-ids sir-08b93456
```
輸出:
```
{
"CancelledSpotInstanceRequests": [
{
"State": "cancelled",
"SpotInstanceRequestId": "sir-08b93456"
}
]
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CancelSpotInstanceRequests](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/cancel-spot-instance-requests.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會取消指定的 Spot 執行個體請求。**
```
Stop-EC2SpotInstanceRequest -SpotInstanceRequestId sir-12345678
```
**輸出:**
```
SpotInstanceRequestId State
--------------------- -----
sir-12345678 cancelled
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CancelSpotInstanceRequests](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會取消指定的 Spot 執行個體請求。**
```
Stop-EC2SpotInstanceRequest -SpotInstanceRequestId sir-12345678
```
**輸出:**
```
SpotInstanceRequestId State
--------------------- -----
sir-12345678 cancelled
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CancelSpotInstanceRequests](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `ConfirmProductInstance` 與 CLI
下列程式碼範例示範如何使用 `ConfirmProductInstance`。
------
#### [ CLI ]
**AWS CLI**
**確認產品執行個體**
此範例會判斷指定的產品代碼,是否與指定的執行個體相關聯。
命令:
```
aws ec2 confirm-product-instance --product-code 774F4FF8 --instance-id i-1234567890abcdef0
```
輸出:
```
{
"OwnerId": "123456789012"
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [ConfirmProductInstance](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/confirm-product-instance.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會判斷指定的產品程式碼,是否與指定的執行個體相關聯。**
```
Confirm-EC2ProductInstance -ProductCode 774F4FF8 -InstanceId i-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [ConfirmProductInstance](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會判斷指定的產品程式碼,是否與指定的執行個體相關聯。**
```
Confirm-EC2ProductInstance -ProductCode 774F4FF8 -InstanceId i-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [ConfirmProductInstance](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CopyImage` 與 CLI
下列程式碼範例示範如何使用 `CopyImage`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:將 AMI 複製到另一個區域**
下列 `copy-image` 範例命令會將指定的 AMI 從 `us-west-2` 區域複製到 `us-east-1` 區域,並新增簡短描述。
```
aws ec2 copy-image \
--region us-east-1 \
--name ami-name \
--source-region us-west-2 \
--source-image-id ami-066877671789bd71b \
--description "This is my copied image."
```
輸出:
```
{
"ImageId": "ami-0123456789abcdefg"
}
```
如需詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的[複製 AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html)。
**範例 2:將 AMI 複製到另一個區域,並加密備份快照**
下列 `copy-image` 命令會將指定的 AMI 從 `us-west-2` 區域複製到目前區域,並使用指定的 KMS 金鑰加密備份快照。
```
aws ec2 copy-image \
--source-region us-west-2 \
--name ami-name \
--source-image-id ami-066877671789bd71b \
--encrypted \
--kms-key-id alias/my-kms-key
```
輸出:
```
{
"ImageId": "ami-0123456789abcdefg"
}
```
如需詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的[複製 AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html)。
**範例 3:複製 AMI 時包含使用者定義的 AMI 標籤**
下列 `copy-image` 命令使用 `--copy-image-tags` 參數,在複製 AMI 時複製使用者定義的 AMI 標籤。
```
aws ec2 copy-image \
--region us-east-1 \
--name ami-name \
--source-region us-west-2 \
--source-image-id ami-066877671789bd71b \
--description "This is my copied image."
--copy-image-tags
```
輸出:
```
{
"ImageId": "ami-0123456789abcdefg"
}
```
如需詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的[複製 AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CopyImage](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/copy-image.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將「歐盟 (愛爾蘭)」區域中指定的 AMI,複製到「美國西部 (奧勒岡)」區域。如果未指定 -Region,則會將目前的預設區域用作目的地區域。**
```
Copy-EC2Image -SourceRegion eu-west-1 -SourceImageId ami-12345678 -Region us-west-2 -Name "Copy of ami-12345678"
```
**輸出:**
```
ami-87654321
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CopyImage](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將「歐盟 (愛爾蘭)」區域中指定的 AMI,複製到「美國西部 (奧勒岡)」區域。如果未指定 -Region,則會將目前的預設區域用作目的地區域。**
```
Copy-EC2Image -SourceRegion eu-west-1 -SourceImageId ami-12345678 -Region us-west-2 -Name "Copy of ami-12345678"
```
**輸出:**
```
ami-87654321
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CopyImage](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CopySnapshot` 與 CLI
下列程式碼範例示範如何使用 `CopySnapshot`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:將快照複製到另一個區域**
下列 `copy-snapshot` 範例命令會將指定的快照從 `us-west-2` 區域複製到 `us-east-1` 區域,並新增簡短描述。
```
aws ec2 copy-snapshot \
--region us-east-1 \
--source-region us-west-2 \
--source-snapshot-id snap-066877671789bd71b \
--description 'This is my copied snapshot.'
```
輸出:
```
{
"SnapshotId": "snap-066877671789bd71b"
}
```
**範例 2:複製未加密快照,並加密新快照**
下列 `copy-snapshot` 命令會將指定的未加密快照從 `us-west-2` 區域複製到目前區域,並使用指定的 KMS 金鑰加密新的快照。
```
aws ec2 copy-snapshot \
--source-region us-west-2 \
--source-snapshot-id snap-066877671789bd71b \
--encrypted \
--kms-key-id alias/my-kms-key
```
輸出:
```
{
"SnapshotId": "snap-066877671789bd71b"
}
```
如需詳細資訊,請參閱《Amazon EBS 使用者指南》**中的[複製 Amazon EBS 快照](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-copy-snapshot.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CopySnapshot](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/copy-snapshot.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將指定的快照從「歐盟 (愛爾蘭)」區域,複製到「美國西部 (奧勒岡)」區域。**
```
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678 -Region us-west-2
```
**範例 2:如果您設定預設區域,並省略區域參數,預設目的地區域即為預設區域。**
```
Set-DefaultAWSRegion us-west-2
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CopySnapshot](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將指定的快照從「歐盟 (愛爾蘭)」區域,複製到「美國西部 (奧勒岡)」區域。**
```
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678 -Region us-west-2
```
**範例 2:如果您設定預設區域,並省略區域參數,預設目的地區域即為預設區域。**
```
Set-DefaultAWSRegion us-west-2
Copy-EC2Snapshot -SourceRegion eu-west-1 -SourceSnapshotId snap-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CopySnapshot](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateCapacityReservation` 與 CLI
下列程式碼範例示範如何使用 `CreateCapacityReservation`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:建立容量保留**
下列 `create-capacity-reservation` 範例會在 `eu-west-1a` 可用區域中建立容量保留,您可以在其中啟動三個執行 Linux/Unix 作業系統的 `t2.medium` 執行個體。根據預設,容量保留是使用開啟的執行個體比對條件建立的,且不支援暫時性儲存,並且會維持作用中狀態,直到手動取消為止。
```
aws ec2 create-capacity-reservation \
--availability-zone eu-west-1a \
--instance-type t2.medium \
--instance-platform Linux/UNIX \
--instance-count 3
```
輸出:
```
{
"CapacityReservation": {
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"EndDateType": "unlimited",
"AvailabilityZone": "eu-west-1a",
"InstanceMatchCriteria": "open",
"EphemeralStorage": false,
"CreateDate": "2019-08-16T09:27:35.000Z",
"AvailableInstanceCount": 3,
"InstancePlatform": "Linux/UNIX",
"TotalInstanceCount": 3,
"State": "active",
"Tenancy": "default",
"EbsOptimized": false,
"InstanceType": "t2.medium"
}
}
```
**範例 2:建立會在指定日期/時間自動結束的容量保留**
下列 `create-capacity-reservation` 範例會在 `eu-west-1a` 可用區域中建立容量保留,您可以在其中啟動三個執行 Linux/Unix 作業系統的 `m5.large` 執行個體。此容量保留會在 08/31/2019 的 23:59:59 自動結束。
```
aws ec2 create-capacity-reservation \
--availability-zone eu-west-1a \
--instance-type m5.large \
--instance-platform Linux/UNIX \
--instance-count 3 \
--end-date-type limited \
--end-date 2019-08-31T23:59:59Z
```
輸出:
```
{
"CapacityReservation": {
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"EndDateType": "limited",
"AvailabilityZone": "eu-west-1a",
"EndDate": "2019-08-31T23:59:59.000Z",
"InstanceMatchCriteria": "open",
"EphemeralStorage": false,
"CreateDate": "2019-08-16T10:15:53.000Z",
"AvailableInstanceCount": 3,
"InstancePlatform": "Linux/UNIX",
"TotalInstanceCount": 3,
"State": "active",
"Tenancy": "default",
"EbsOptimized": false,
"InstanceType": "m5.large"
}
}
```
**範例 3:建立只接受目標執行個體啟動的容量保留**
下列 `create-capacity-reservation` 範例會建立只接受目標執行個體啟動的容量保留。
```
aws ec2 create-capacity-reservation \
--availability-zone eu-west-1a \
--instance-type m5.large \
--instance-platform Linux/UNIX \
--instance-count 3 \
--instance-match-criteria targeted
```
輸出:
```
{
"CapacityReservation": {
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"EndDateType": "unlimited",
"AvailabilityZone": "eu-west-1a",
"InstanceMatchCriteria": "targeted",
"EphemeralStorage": false,
"CreateDate": "2019-08-16T10:21:57.000Z",
"AvailableInstanceCount": 3,
"InstancePlatform": "Linux/UNIX",
"TotalInstanceCount": 3,
"State": "active",
"Tenancy": "default",
"EbsOptimized": false,
"InstanceType": "m5.large"
}
}
```
如需詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的[建立容量保留](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateCapacityReservation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-capacity-reservation.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會使用指定的屬性建立新的容量保留。**
```
Add-EC2CapacityReservation -InstanceType m4.xlarge -InstanceCount 2 -AvailabilityZone eu-west-1b -EbsOptimized True -InstancePlatform Windows
```
**輸出:**
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateCapacityReservation](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會使用指定的屬性建立新的容量保留。**
```
Add-EC2CapacityReservation -InstanceType m4.xlarge -InstanceCount 2 -AvailabilityZone eu-west-1b -EbsOptimized True -InstancePlatform Windows
```
**輸出:**
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateCapacityReservation](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateCustomerGateway` 與 CLI
下列程式碼範例示範如何使用 `CreateCustomerGateway`。
------
#### [ CLI ]
**AWS CLI**
**建立客戶閘道**
此範例會建立具有其外部介面之指定 IP 位址的客戶閘道。
命令:
```
aws ec2 create-customer-gateway --type ipsec.1 --public-ip 12.1.2.3 --bgp-asn 65534
```
輸出:
```
{
"CustomerGateway": {
"CustomerGatewayId": "cgw-0e11f167",
"IpAddress": "12.1.2.3",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65534"
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateCustomerGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-customer-gateway.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立指定的客戶閘道。**
```
New-EC2CustomerGateway -Type ipsec.1 -PublicIp 203.0.113.12 -BgpAsn 65534
```
**輸出:**
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateCustomerGateway](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立指定的客戶閘道。**
```
New-EC2CustomerGateway -Type ipsec.1 -PublicIp 203.0.113.12 -BgpAsn 65534
```
**輸出:**
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateCustomerGateway](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateDhcpOptions` 與 CLI
下列程式碼範例示範如何使用 `CreateDhcpOptions`。
------
#### [ CLI ]
**AWS CLI**
**建立 DHCP 選項集**
下列 `create-dhcp-options` 範例會建立一組 DHCP 選項,可用於指定網域名稱、網域名稱伺服器和 NetBIOS 節點類型。
```
aws ec2 create-dhcp-options \
--dhcp-configuration \
"Key=domain-name-servers,Values=10.2.5.1,10.2.5.2" \
"Key=domain-name,Values=example.com" \
"Key=netbios-node-type,Values=2"
```
輸出:
```
{
"DhcpOptions": {
"DhcpConfigurations": [
{
"Key": "domain-name",
"Values": [
{
"Value": "example.com"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "10.2.5.1"
},
{
"Value": "10.2.5.2"
}
]
},
{
"Key": "netbios-node-type",
"Values": [
{
"Value": "2"
}
]
}
],
"DhcpOptionsId": "dopt-06d52773eff4c55f3"
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-dhcp-options.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立指定的 DHCP 選項集。此範例使用的語法需要 PowerShell 版本 3 或更新版本。**
```
$options = @( @{Key="domain-name";Values=@("abc.local")}, @{Key="domain-name-servers";Values=@("10.0.0.101","10.0.0.102")})
New-EC2DhcpOption -DhcpConfiguration $options
```
**輸出:**
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
```
**範例 2:使用 PowerShell 版本 2 時,您必須使用 New-Object 建立每一個 DHCP 選項。**
```
$option1 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option1.Key = "domain-name"
$option1.Values = "abc.local"
$option2 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option2.Key = "domain-name-servers"
$option2.Values = @("10.0.0.101","10.0.0.102")
New-EC2DhcpOption -DhcpConfiguration @($option1, $option2)
```
**輸出:**
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立指定的 DHCP 選項集。此範例使用的語法需要 PowerShell 版本 3 或更新版本。**
```
$options = @( @{Key="domain-name";Values=@("abc.local")}, @{Key="domain-name-servers";Values=@("10.0.0.101","10.0.0.102")})
New-EC2DhcpOption -DhcpConfiguration $options
```
**輸出:**
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
```
**範例 2:使用 PowerShell 版本 2 時,您必須使用 New-Object 建立每一個 DHCP 選項。**
```
$option1 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option1.Key = "domain-name"
$option1.Values = "abc.local"
$option2 = New-Object Amazon.EC2.Model.DhcpConfiguration
$option2.Key = "domain-name-servers"
$option2.Values = @("10.0.0.101","10.0.0.102")
New-EC2DhcpOption -DhcpConfiguration @($option1, $option2)
```
**輸出:**
```
DhcpConfigurations DhcpOptionsId Tags
------------------ ------------- ----
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateFlowLogs` 與 CLI
下列程式碼範例示範如何使用 `CreateFlowLogs`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:建立流程日誌**
下列 `create-flow-logs` 範例建立的流程日誌,可擷取所指定網路介面的所有遭拒流量。流量日誌會使用指定 IAM 角色中的權限,交付至 CloudWatch Logs 中的日誌群組。
```
aws ec2 create-flow-logs \
--resource-type NetworkInterface \
--resource-ids eni-11223344556677889 \
--traffic-type REJECT \
--log-group-name my-flow-logs \
--deliver-logs-permission-arn arn:aws:iam::123456789101:role/publishFlowLogs
```
輸出:
```
{
"ClientToken": "so0eNA2uSHUNlHI0S2cJ305GuIX1CezaRdGtexample",
"FlowLogIds": [
"fl-12345678901234567"
],
"Unsuccessful": []
}
```
如需詳細資訊,請參閱「Amazon VPC 使用者指南」**中的 [VPC 流程日誌](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html)。
**範例 2:使用自訂格式建立流程日誌**
下列 `create-flow-logs` 範例建立的流程日誌,會擷取所指定 VPC 的所有流量,並將流程日誌交付給 Amazon S3 儲存貯體。`--log-format` 參數會指定流量日誌記錄的自訂格式。在 Windows 上執行此命令,將單引號 (') 改為雙引號 (")。
```
aws ec2 create-flow-logs \
--resource-type VPC \
--resource-ids vpc-00112233344556677 \
--traffic-type ALL \
--log-destination-type s3 \
--log-destination arn:aws:s3:::flow-log-bucket/my-custom-flow-logs/ \
--log-format '${version} ${vpc-id} ${subnet-id} ${instance-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${tcp-flags} ${type} ${pkt-srcaddr} ${pkt-dstaddr}'
```
如需詳細資訊,請參閱「Amazon VPC 使用者指南」**中的 [VPC 流程日誌](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html)。
**範例 3:建立具有一分鐘最大彙總間隔的流程日誌**
下列 `create-flow-logs` 範例建立的流程日誌,會擷取所指定 VPC 的所有流量,並將流程日誌交付給 Amazon S3 儲存貯體。`--max-aggregation-interval` 參數指定最大彙總間隔為 60 秒 (1 分鐘)。
```
aws ec2 create-flow-logs \
--resource-type VPC \
--resource-ids vpc-00112233344556677 \
--traffic-type ALL \
--log-destination-type s3 \
--log-destination arn:aws:s3:::flow-log-bucket/my-custom-flow-logs/ \
--max-aggregation-interval 60
```
如需詳細資訊,請參閱「Amazon VPC 使用者指南」**中的 [VPC 流程日誌](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateFlowLogs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-flow-logs.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會使用 'Admin' 角色的權限,為子網路 subnet-1d234567 建立 EC2 流程日誌,並將其傳送至名為 'subnet1-log' 的 cloud-watch-log,以用於所有 'REJECT' 流量**
```
New-EC2FlowLog -ResourceId "subnet-1d234567" -LogDestinationType cloud-watch-logs -LogGroupName subnet1-log -TrafficType "REJECT" -ResourceType Subnet -DeliverLogsPermissionArn "arn:aws:iam::98765432109:role/Admin"
```
**輸出:**
```
ClientToken FlowLogIds Unsuccessful
----------- ---------- ------------
m1VN2cxP3iB4qo//VUKl5EU6cF7gQLOxcqNefvjeTGw= {fl-012fc34eed5678c9d} {}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateFlowLogs](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會使用 'Admin' 角色的權限,為子網路 subnet-1d234567 建立 EC2 流程日誌,並將其傳送至名為 'subnet1-log' 的 cloud-watch-log,以用於所有 'REJECT' 流量**
```
New-EC2FlowLog -ResourceId "subnet-1d234567" -LogDestinationType cloud-watch-logs -LogGroupName subnet1-log -TrafficType "REJECT" -ResourceType Subnet -DeliverLogsPermissionArn "arn:aws:iam::98765432109:role/Admin"
```
**輸出:**
```
ClientToken FlowLogIds Unsuccessful
----------- ---------- ------------
m1VN2cxP3iB4qo//VUKl5EU6cF7gQLOxcqNefvjeTGw= {fl-012fc34eed5678c9d} {}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateImage` 與 CLI
下列程式碼範例示範如何使用 `CreateImage`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:從 Amazon EBS 支援的執行個體建立 AMI**
下列 `create-image` 範例會從指定的執行個體建立 AMI。
```
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--description "An AMI for my server"
```
輸出:
```
{
"ImageId": "ami-abcdef01234567890"
}
```
如需有關為 AMI 指定區塊裝置映射的詳細資訊,請參閱《*Amazon EC2 使用者指南*》的[指定 AMI 的區塊型儲存設備映射](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#create-ami-bdm)。
**範例 2:從 Amazon EBS 支援的執行個體建立 AMI,不重新啟動**
下列 `create-image` 範例會建立 AMI 並設定 --no-reboot 參數,讓執行個體不會在建立映像之前重新啟動。
```
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--no-reboot
```
輸出:
```
{
"ImageId": "ami-abcdef01234567890"
}
```
如需有關為 AMI 指定區塊裝置映射的詳細資訊,請參閱《*Amazon EC2 使用者指南*》的[指定 AMI 的區塊型儲存設備映射](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#create-ami-bdm)。
**範例 3:在建立時標記 AMI 和快照**
下列 `create-image` 範例會建立 AMI,並使用相同的標籤 `cost-center=cc123` 標記 AMI 和快照
```
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--tag-specifications "ResourceType=image,Tags=[{Key=cost-center,Value=cc123}]" "ResourceType=snapshot,Tags=[{Key=cost-center,Value=cc123}]"
```
輸出:
```
{
"ImageId": "ami-abcdef01234567890"
}
```
如需有關在建立時標記資源的詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的[在建立資源時新增標籤](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-on-create-examples)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateImage](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-image.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會從指定的執行個體建立具有指定名稱和描述的 AMI。Amazon EC2 會嘗試在建立映像之前徹底關閉執行個體,並在完成時重新啟動執行個體。**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI"
```
**範例 2:此範例會從指定的執行個體建立具有指定名稱和描述的 AMI。Amazon EC2 在未關閉和重新啟動執行個體的情況下建立映像;因此,無法保證所建立映像上的檔案系統完整性。**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -NoReboot $true
```
**範例 3:此範例會建立具有三個磁碟區的 AMI。第一個磁碟區是以 Amazon EBS 快照為基礎。第二個磁碟區是空的 100 GiB Amazon EBS 磁碟區。第三個磁碟區是執行個體儲存體磁碟區。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
$ebsBlock1 = @{SnapshotId="snap-1a2b3c4d"}
$ebsBlock2 = @{VolumeSize=100}
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -BlockDeviceMapping @( @{DeviceName="/dev/sdf";Ebs=$ebsBlock1}, @{DeviceName="/dev/sdg";Ebs=$ebsBlock2}, @{DeviceName="/dev/sdc";VirtualName="ephemeral0"})
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateImage](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會從指定的執行個體建立具有指定名稱和描述的 AMI。Amazon EC2 會嘗試在建立映像之前徹底關閉執行個體,並在完成時重新啟動執行個體。**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI"
```
**範例 2:此範例會從指定的執行個體建立具有指定名稱和描述的 AMI。Amazon EC2 在未關閉和重新啟動執行個體的情況下建立映像;因此,無法保證所建立映像上的檔案系統完整性。**
```
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -NoReboot $true
```
**範例 3:此範例會建立具有三個磁碟區的 AMI。第一個磁碟區是以 Amazon EBS 快照為基礎。第二個磁碟區是空的 100 GiB Amazon EBS 磁碟區。第三個磁碟區是執行個體儲存體磁碟區。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
$ebsBlock1 = @{SnapshotId="snap-1a2b3c4d"}
$ebsBlock2 = @{VolumeSize=100}
New-EC2Image -InstanceId i-12345678 -Name "my-web-server" -Description "My web server AMI" -BlockDeviceMapping @( @{DeviceName="/dev/sdf";Ebs=$ebsBlock1}, @{DeviceName="/dev/sdg";Ebs=$ebsBlock2}, @{DeviceName="/dev/sdc";VirtualName="ephemeral0"})
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateImage](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateInstanceExportTask` 與 CLI
下列程式碼範例示範如何使用 `CreateInstanceExportTask`。
------
#### [ CLI ]
**AWS CLI**
**匯出執行個體**
此範例命令會建立任務,將執行個體 i-1234567890abcdef0 匯出至 Amazon S3 儲存貯體 myexportbucket。
命令:
```
aws ec2 create-instance-export-task --description "RHEL5 instance" --instance-id i-1234567890abcdef0 --target-environment vmware --export-to-s3-task DiskImageFormat=vmdk,ContainerFormat=ova,S3Bucket=myexportbucket,S3Prefix=RHEL5
```
輸出:
```
{
"ExportTask": {
"State": "active",
"InstanceExportDetails": {
"InstanceId": "i-1234567890abcdef0",
"TargetEnvironment": "vmware"
},
"ExportToS3Task": {
"S3Bucket": "myexportbucket",
"S3Key": "RHEL5export-i-fh8sjjsq.ova",
"DiskImageFormat": "vmdk",
"ContainerFormat": "ova"
},
"Description": "RHEL5 instance",
"ExportTaskId": "export-i-fh8sjjsq"
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateInstanceExportTask](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-instance-export-task.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將已停止的執行個體 `i-0800b00a00EXAMPLE` 當成虛擬硬碟 (VHD),匯出至 S3 儲存貯體 `testbucket-export-instances-2019`。目標環境為 `Microsoft`,並新增區域參數,因為執行個體位於 `us-east-1`區域,而使用者的預設 AWS 區域不是 us-east-1。若要取得匯出任務的狀態,請從此命令的結果複製 `ExportTaskId` 值,然後執行 `Get-EC2ExportTask -ExportTaskId export_task_ID_from_results.`**
```
New-EC2InstanceExportTask -InstanceId i-0800b00a00EXAMPLE -ExportToS3Task_DiskImageFormat VHD -ExportToS3Task_S3Bucket "amzn-s3-demo-bucket" -TargetEnvironment Microsoft -Region us-east-1
```
**輸出:**
```
Description :
ExportTaskId : export-i-077c73108aEXAMPLE
ExportToS3Task : Amazon.EC2.Model.ExportToS3Task
InstanceExportDetails : Amazon.EC2.Model.InstanceExportDetails
State : active
StatusMessage :
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateInstanceExportTask](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將已停止的執行個體 `i-0800b00a00EXAMPLE` 當成虛擬硬碟 (VHD),匯出至 S3 儲存貯體 `testbucket-export-instances-2019`。目標環境為 `Microsoft`,並新增區域參數,因為執行個體位於 `us-east-1`區域,而使用者的預設 AWS 區域不是 us-east-1。若要取得匯出任務的狀態,請從此命令的結果複製 `ExportTaskId` 值,然後執行 `Get-EC2ExportTask -ExportTaskId export_task_ID_from_results.`**
```
New-EC2InstanceExportTask -InstanceId i-0800b00a00EXAMPLE -ExportToS3Task_DiskImageFormat VHD -ExportToS3Task_S3Bucket "amzn-s3-demo-bucket" -TargetEnvironment Microsoft -Region us-east-1
```
**輸出:**
```
Description :
ExportTaskId : export-i-077c73108aEXAMPLE
ExportToS3Task : Amazon.EC2.Model.ExportToS3Task
InstanceExportDetails : Amazon.EC2.Model.InstanceExportDetails
State : active
StatusMessage :
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateInstanceExportTask](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateInternetGateway` 與 CLI
下列程式碼範例示範如何使用 `CreateInternetGateway`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**建立網際網路閘道**
以下 `create-internet-gateway` 範例會建立具有標籤 `Name=my-igw` 的網際網路閘道。
```
aws ec2 create-internet-gateway \
--tag-specifications ResourceType=internet-gateway,Tags=[{Key=Name,Value=my-igw}]
```
輸出:
```
{
"InternetGateway": {
"Attachments": [],
"InternetGatewayId": "igw-0d0fb496b3994d755",
"OwnerId": "123456789012",
"Tags": [
{
"Key": "Name",
"Value": "my-igw"
}
]
}
}
```
如需詳細資訊,請參閱《Amazon VPC 使用者指南》**中的[網際網路閘道](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateInternetGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-internet-gateway.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立網際網路閘道。**
```
New-EC2InternetGateway
```
**輸出:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{} igw-1a2b3c4d {}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateInternetGateway](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立網際網路閘道。**
```
New-EC2InternetGateway
```
**輸出:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{} igw-1a2b3c4d {}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateInternetGateway](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `CreateKeyPair` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `CreateKeyPair`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中設定和執行。
```
///
/// Create an Amazon EC2 key pair with a specified name.
///
/// The name for the new key pair.
/// The Amazon EC2 key pair created.
public async Task CreateKeyPair(string keyPairName)
{
try
{
var request = new CreateKeyPairRequest { KeyName = keyPairName, };
var response = await _amazonEC2.CreateKeyPairAsync(request);
var kp = response.KeyPair;
// Return the key pair so it can be saved if needed.
// Wait until the key pair exists.
int retries = 5;
while (retries-- > 0)
{
Console.WriteLine($"Checking for new KeyPair {keyPairName}...");
var keyPairs = await DescribeKeyPairs(keyPairName);
if (keyPairs.Any())
{
return kp;
}
Thread.Sleep(5000);
retries--;
}
_logger.LogError($"Unable to find newly created KeyPair {keyPairName}.");
throw new DoesNotExistException("KeyPair not found");
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidKeyPair.Duplicate")
{
_logger.LogError(
$"A key pair called {keyPairName} already exists.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while creating the key pair.: {ex.Message}");
throw;
}
}
///
/// Save KeyPair information to a temporary file.
///
/// The name of the key pair.
/// The full path to the temporary file.
public string SaveKeyPair(KeyPair keyPair)
{
var tempPath = Path.GetTempPath();
var tempFileName = $"{tempPath}\\{Path.GetRandomFileName()}";
var pemFileName = Path.ChangeExtension(tempFileName, "pem");
// Save the key pair to a file in a temporary folder.
using var stream = new FileStream(pemFileName, FileMode.Create);
using var writer = new StreamWriter(stream);
writer.WriteLine(keyPair.KeyMaterial);
return pemFileName;
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [CreateKeyPair](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/CreateKeyPair)。
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# function ec2_create_keypair
#
# This function creates an Amazon Elastic Compute Cloud (Amazon EC2) ED25519 or 2048-bit RSA key pair
# and writes it to a file.
#
# Parameters:
# -n key_pair_name - A key pair name.
# -f file_path - File to store the key pair.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_create_keypair() {
local key_pair_name file_path response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_create_keypair"
echo "Creates an Amazon Elastic Compute Cloud (Amazon EC2) ED25519 or 2048-bit RSA key pair"
echo " and writes it to a file."
echo " -n key_pair_name - A key pair name."
echo " -f file_path - File to store the key pair."
echo ""
}
# Retrieve the calling parameters.
while getopts "n:f:h" option; do
case "${option}" in
n) key_pair_name="${OPTARG}" ;;
f) file_path="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$key_pair_name" ]]; then
errecho "ERROR: You must provide a key name with the -n parameter."
usage
return 1
fi
if [[ -z "$file_path" ]]; then
errecho "ERROR: You must provide a file path with the -f parameter."
usage
return 1
fi
response=$(aws ec2 create-key-pair \
--key-name "$key_pair_name" \
--query 'KeyMaterial' \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports create-access-key operation failed.$response"
return 1
}
if [[ -n "$file_path" ]]; then
echo "$response" >"$file_path"
fi
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateKeyPair](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/CreateKeyPair)。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! Create an Amazon Elastic Compute Cloud (Amazon EC2) instance key pair.
/*!
\param keyPairName: A name for a key pair.
\param keyFilePath: File path where the credentials are stored. Ignored if it is an empty string;
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::createKeyPair(const Aws::String &keyPairName, const Aws::String &keyFilePath,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::CreateKeyPairRequest request;
request.SetKeyName(keyPairName);
Aws::EC2::Model::CreateKeyPairOutcome outcome = ec2Client.CreateKeyPair(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to create key pair - " << keyPairName << ". " <<
outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully created key pair named " <<
keyPairName << std::endl;
if (!keyFilePath.empty()) {
std::ofstream keyFile(keyFilePath.c_str());
keyFile << outcome.GetResult().GetKeyMaterial();
keyFile.close();
std::cout << "Keys written to the file " <<
keyFilePath << std::endl;
}
}
return outcome.IsSuccess();
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/CreateKeyPair)。
------
#### [ CLI ]
**AWS CLI**
**建立一組金鑰對**
此範例會建立名稱為 `MyKeyPair` 的金鑰對。
命令:
```
aws ec2 create-key-pair --key-name MyKeyPair
```
輸出是 ASCII 版本的私有金鑰和金鑰指紋。您需要將金鑰儲存到檔案。
如需詳細資訊,請參閱《AWS 命令行介面使用者指南》**中的「使用金鑰對」。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateKeyPair](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-key-pair.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中設定和執行。
```
/**
* Creates a new key pair asynchronously.
*
* @param keyName the name of the key pair to create
* @param fileName the name of the file to write the key material to
* @return a {@link CompletableFuture} that represents the asynchronous operation
* of creating the key pair and writing the key material to a file
*/
public CompletableFuture createKeyPairAsync(String keyName, String fileName) {
CreateKeyPairRequest request = CreateKeyPairRequest.builder()
.keyName(keyName)
.build();
CompletableFuture responseFuture = getAsyncClient().createKeyPair(request);
responseFuture.whenComplete((response, exception) -> {
if (response != null) {
try {
BufferedWriter writer = new BufferedWriter(new FileWriter(fileName));
writer.write(response.keyMaterial());
writer.close();
} catch (IOException e) {
throw new RuntimeException("Failed to write key material to file: " + e.getMessage(), e);
}
} else {
throw new RuntimeException("Failed to create key pair: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateKeyPair)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { CreateKeyPairCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Creates an ED25519 or 2048-bit RSA key pair with the specified name and in the specified PEM or PPK format.
* Amazon EC2 stores the public key and displays the private key for you to save to a file.
* @param {{ keyName: string }} options
*/
export const main = async ({ keyName }) => {
const client = new EC2Client({});
const command = new CreateKeyPairCommand({
KeyName: keyName,
});
try {
const { KeyMaterial, KeyName } = await client.send(command);
console.log(KeyName);
console.log(KeyMaterial);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidKeyPair.Duplicate") {
console.warn(`${caught.message}. Try another key name.`);
} else {
throw caught;
}
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [CreateKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateKeyPairCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
suspend fun createEC2KeyPair(keyNameVal: String) {
val request =
CreateKeyPairRequest {
keyName = keyNameVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.createKeyPair(request)
println("The key ID is ${response.keyPairId}")
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Kotlin 的AWS SDK API 參考》**中的 [CreateKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立金鑰對,並在具有指定名稱的檔案中,擷取 PEM 編碼的 RSA 私有金鑰。當您使用 PowerShell 時,編碼必須設定為 ascii,才能產生有效的金鑰。如需詳細資訊,請參閱《 AWS 命令列界面使用者指南》中的建立、顯示和刪除 Amazon EC2 金鑰對 (https://docs.aws.amazon.com/cli/latest/userguide/cli-services-ec2-keypairs.html://)。**
```
(New-EC2KeyPair -KeyName "my-key-pair").KeyMaterial | Out-File -Encoding ascii -FilePath C:\path\my-key-pair.pem
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateKeyPair](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立金鑰對,並在具有指定名稱的檔案中,擷取 PEM 編碼的 RSA 私有金鑰。當您使用 PowerShell 時,編碼必須設定為 ascii,才能產生有效的金鑰。如需詳細資訊,請參閱《 AWS 命令列界面使用者指南》中的建立、顯示和刪除 Amazon EC2 金鑰對 (https://docs.aws.amazon.com/cli/latest/userguide/cli-services-ec2-keypairs.html://)。**
```
(New-EC2KeyPair -KeyName "my-key-pair").KeyMaterial | Out-File -Encoding ascii -FilePath C:\path\my-key-pair.pem
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateKeyPair](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def create(self, key_name: str) -> dict:
"""
Creates a key pair that can be used to securely connect to an EC2 instance.
The returned key pair contains private key information that cannot be retrieved
again. The private key data is stored as a .pem file.
:param key_name: The name of the key pair to create.
:return: A dictionary representing the Boto3 KeyPair object that represents the newly created key pair.
:raises ClientError: If there is an error in creating the key pair, for example, if a key pair with the same name already exists.
"""
try:
response = self.ec2_client.create_key_pair(KeyName=key_name)
self.key_pair = response
self.key_file_path = os.path.join(
self.key_file_dir.name, f"{self.key_pair['KeyName']}.pem"
)
with open(self.key_file_path, "w") as key_file:
key_file.write(self.key_pair["KeyMaterial"])
except ClientError as err:
if err.response["Error"]["Code"] == "InvalidKeyPair.Duplicate":
logger.error(
f"A key pair called {key_name} already exists. "
"Please choose a different name for your key pair "
"or delete the existing key pair before creating."
)
raise
else:
return self.key_pair
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的AWS SDK API 參考》**中的 [CreateKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateKeyPair)。
------
#### [ Ruby ]
**SDK for Ruby**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中設定和執行。
```
# This code example does the following:
# 1. Creates a key pair in Amazon Elastic Compute Cloud (Amazon EC2).
# 2. Displays information about available key pairs.
# 3. Deletes the key pair.
require 'aws-sdk-ec2'
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @param key_pair_name [String] The name for the key pair and private
# key file.
# @return [Boolean] true if the key pair and private key file were
# created; otherwise, false.
# @example
# exit 1 unless key_pair_created?(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'my-key-pair'
# )
def key_pair_created?(ec2_client, key_pair_name)
key_pair = ec2_client.create_key_pair(key_name: key_pair_name)
puts "Created key pair '#{key_pair.key_name}' with fingerprint " \
"'#{key_pair.key_fingerprint}' and ID '#{key_pair.key_pair_id}'."
filename = File.join(Dir.home, "#{key_pair_name}.pem")
File.open(filename, 'w') { |file| file.write(key_pair.key_material) }
puts "Private key file saved locally as '#{filename}'."
true
rescue Aws::EC2::Errors::InvalidKeyPairDuplicate
puts "Error creating key pair: a key pair named '#{key_pair_name}' " \
'already exists.'
false
rescue StandardError => e
puts "Error creating key pair or saving private key file: #{e.message}"
false
end
# Displays information about available key pairs in
# Amazon Elastic Compute Cloud (Amazon EC2).
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @example
# describe_key_pairs(Aws::EC2::Client.new(region: 'us-west-2'))
def describe_key_pairs(ec2_client)
result = ec2_client.describe_key_pairs
if result.key_pairs.count.zero?
puts 'No key pairs found.'
else
puts 'Key pair names:'
result.key_pairs.each do |key_pair|
puts key_pair.key_name
end
end
rescue StandardError => e
puts "Error getting information about key pairs: #{e.message}"
end
# Deletes a key pair in Amazon Elastic Compute Cloud (Amazon EC2).
#
# Prerequisites:
#
# - The key pair to delete.
#
# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.
# @param key_pair_name [String] The name of the key pair to delete.
# @return [Boolean] true if the key pair was deleted; otherwise, false.
# @example
# exit 1 unless key_pair_deleted?(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'my-key-pair'
# )
def key_pair_deleted?(ec2_client, key_pair_name)
ec2_client.delete_key_pair(key_name: key_pair_name)
true
rescue StandardError => e
puts "Error deleting key pair: #{e.message}"
false
end
# Example usage:
def run_me
key_pair_name = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-key-pairs.rb KEY_PAIR_NAME REGION'
puts 'Example: ruby ec2-ruby-example-key-pairs.rb my-key-pair us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
elsif ARGV.count.zero?
key_pair_name = 'my-key-pair'
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
key_pair_name = ARGV[0]
region = ARGV[1]
end
ec2_client = Aws::EC2::Client.new(region: region)
puts 'Displaying existing key pair names before creating this key pair...'
describe_key_pairs(ec2_client)
puts '-' * 10
puts 'Creating key pair...'
unless key_pair_created?(ec2_client, key_pair_name)
puts 'Stopping program.'
exit 1
end
puts '-' * 10
puts 'Displaying existing key pair names after creating this key pair...'
describe_key_pairs(ec2_client)
puts '-' * 10
puts 'Deleting key pair...'
unless key_pair_deleted?(ec2_client, key_pair_name)
puts 'Stopping program. You must delete the key pair yourself.'
exit 1
end
puts 'Key pair deleted.'
puts '-' * 10
puts 'Now that the key pair is deleted, ' \
'also deleting the related private key pair file...'
filename = File.join(Dir.home, "#{key_pair_name}.pem")
File.delete(filename)
if File.exist?(filename)
puts "Could not delete file at '#{filename}'. You must delete it yourself."
else
puts 'File deleted.'
end
puts '-' * 10
puts 'Displaying existing key pair names after deleting this key pair...'
describe_key_pairs(ec2_client)
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 如需 API 詳細資訊,請參閱《適用於 Ruby 的 AWS SDK API 參考》**中的 [CreateKeyPair](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateKeyPair)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
Rust 實作會呼叫 EC2 用戶端的 create\$1key\$1pair,並擷取傳回的資料。
```
pub async fn create_key_pair(&self, name: String) -> Result<(KeyPairInfo, String), EC2Error> {
tracing::info!("Creating key pair {name}");
let output = self.client.create_key_pair().key_name(name).send().await?;
let info = KeyPairInfo::builder()
.set_key_name(output.key_name)
.set_key_fingerprint(output.key_fingerprint)
.set_key_pair_id(output.key_pair_id)
.build();
let material = output
.key_material
.ok_or_else(|| EC2Error::new("Create Key Pair has no key material"))?;
Ok((info, material))
}
```
一種會呼叫 create\$1key impl,並安全地儲存 PEM 私有金鑰的函數。
```
/// Creates a key pair that can be used to securely connect to an EC2 instance.
/// The returned key pair contains private key information that cannot be retrieved
/// again. The private key data is stored as a .pem file.
///
/// :param key_name: The name of the key pair to create.
pub async fn create(
&mut self,
ec2: &EC2,
util: &Util,
key_name: String,
) -> Result {
let (key_pair, material) = ec2.create_key_pair(key_name.clone()).await.map_err(|e| {
self.key_pair = KeyPairInfo::builder().key_name(key_name.clone()).build();
e.add_message(format!("Couldn't create key {key_name}"))
})?;
let path = self.key_file_dir.join(format!("{key_name}.pem"));
// Save the key_pair information immediately, so it can get cleaned up if write_secure fails.
self.key_file_path = Some(path.clone());
self.key_pair = key_pair.clone();
util.write_secure(&key_name, &path, material)?;
Ok(key_pair)
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [CreateKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_key_pair)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
oo_result = lo_ec2->createkeypair( iv_keyname = iv_key_name ). " oo_result is returned for testing purposes. "
MESSAGE 'Amazon EC2 key pair created.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 SAP ABAP 的AWS SDK API 參考》**中的 [CreateKeyPair](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
```
import AWSEC2
/// Create a new RSA key pair and save the private key to a randomly-named
/// file in the temporary directory.
///
/// - Parameter name: The name of the key pair to create.
///
/// - Returns: The URL of the newly created `.pem` file or `nil` if unable
/// to create the key pair.
func createKeyPair(name: String) async -> URL? {
do {
let output = try await ec2Client.createKeyPair(
input: CreateKeyPairInput(
keyName: name
)
)
guard let keyMaterial = output.keyMaterial else {
return nil
}
// Build the URL of the temporary private key file.
let fileURL = URL.temporaryDirectory
.appendingPathComponent(name)
.appendingPathExtension("pem")
do {
try keyMaterial.write(to: fileURL, atomically: true, encoding: String.Encoding.utf8)
return fileURL
} catch {
print("*** Failed to write the private key.")
return nil
}
} catch {
print("*** Unable to create the key pair.")
return nil
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Swift 的 AWS SDK API 參考》**中的 [CreateKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createkeypair(input:))。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `CreateLaunchTemplate` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `CreateLaunchTemplate`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建置及管理彈性服務](example_cross_ResilientService_section.md)
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples)中設定和執行。
```
///
/// Creates an Amazon EC2 launch template to use with Amazon EC2 Auto Scaling.
/// The launch template specifies a Bash script in its user data field that runs after
/// the instance is started. This script installs the Python packages and starts a Python
/// web server on the instance.
///
/// The path to a Bash script file that is run.
/// The path to a permissions policy to create and attach to the profile.
/// The template object.
public async Task CreateTemplate(string startupScriptPath, string instancePolicyPath)
{
try
{
await CreateKeyPair(_keyPairName);
await CreateInstanceProfileWithName(_instancePolicyName, _instanceRoleName,
_instanceProfileName, instancePolicyPath);
var startServerText = await File.ReadAllTextAsync(startupScriptPath);
var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(startServerText);
var amiLatest = await _amazonSsm.GetParameterAsync(
new GetParameterRequest() { Name = _amiParam });
var amiId = amiLatest.Parameter.Value;
var launchTemplateResponse = await _amazonEc2.CreateLaunchTemplateAsync(
new CreateLaunchTemplateRequest()
{
LaunchTemplateName = _launchTemplateName,
LaunchTemplateData = new RequestLaunchTemplateData()
{
InstanceType = _instanceType,
ImageId = amiId,
IamInstanceProfile =
new
LaunchTemplateIamInstanceProfileSpecificationRequest()
{
Name = _instanceProfileName
},
KeyName = _keyPairName,
UserData = System.Convert.ToBase64String(plainTextBytes)
}
});
return launchTemplateResponse.LaunchTemplate;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidLaunchTemplateName.AlreadyExistsException")
{
_logger.LogError($"Could not create the template, the name {_launchTemplateName} already exists. " +
$"Please try again with a unique name.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while creating the template.: {ex.Message}");
throw;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [CreateLaunchTemplate](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/CreateLaunchTemplate)。
------
#### [ CLI ]
**AWS CLI**
**範例 1:建立啟動範本**
以下 `create-launch-template` 範例會建立啟動範本,而此範本可指定執行個體啟動所在的子網路、將公有 IP 位址和 IPv6 位址指派給執行個體,並為執行個體建立標籤。
```
aws ec2 create-launch-template \
--launch-template-name TemplateForWebServer \
--version-description WebVersion1 \
--launch-template-data '{"NetworkInterfaces":[{"AssociatePublicIpAddress":true,"DeviceIndex":0,"Ipv6AddressCount":1,"SubnetId":"subnet-7b16de0c"}],"ImageId":"ami-8c1be5f6","InstanceType":"t2.small","TagSpecifications":[{"ResourceType":"instance","Tags":[{"Key":"purpose","Value":"webserver"}]}]}'
```
輸出:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 1,
"LaunchTemplateId": "lt-01238c059e3466abc",
"LaunchTemplateName": "TemplateForWebServer",
"DefaultVersionNumber": 1,
"CreatedBy": "arn:aws:iam::123456789012:user/Bob",
"CreateTime": "2019-01-27T09:13:24.000Z"
}
}
```
如需詳細資訊,請參閱*《Amazon Elastic Compute Cloud 使用者指南》*中的「從啟動範本啟動執行個體」。如需有關引用 JSON 格式參數的詳細資訊,請參閱*《AWS 命令行介面使用者指南》*中的「引用字串」。
**範例 2:為 Amazon EC2 Auto Scaling 建立啟動範本**
以下 `create-launch-template` 範例會建立具備多個標籤和區塊型裝置映射的啟動範本,以指定執行個體啟動時的額外 EBS 磁碟區。請為 `Groups`,即對應至 Auto Scaling 群組在其中啟動執行個體的 VPC 安全群組指定數值。將 VPC 和子網路指定為 Auto Scaling 群組的屬性。
```
aws ec2 create-launch-template \
--launch-template-name TemplateForAutoScaling \
--version-description AutoScalingVersion1 \
--launch-template-data '{"NetworkInterfaces":[{"DeviceIndex":0,"AssociatePublicIpAddress":true,"Groups":["sg-7c227019,sg-903004f8"],"DeleteOnTermination":true}],"ImageId":"ami-b42209de","InstanceType":"m4.large","TagSpecifications":[{"ResourceType":"instance","Tags":[{"Key":"environment","Value":"production"},{"Key":"purpose","Value":"webserver"}]},{"ResourceType":"volume","Tags":[{"Key":"environment","Value":"production"},{"Key":"cost-center","Value":"cc123"}]}],"BlockDeviceMappings":[{"DeviceName":"/dev/sda1","Ebs":{"VolumeSize":100}}]}' --region us-east-1
```
輸出:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 1,
"LaunchTemplateId": "lt-0123c79c33a54e0abc",
"LaunchTemplateName": "TemplateForAutoScaling",
"DefaultVersionNumber": 1,
"CreatedBy": "arn:aws:iam::123456789012:user/Bob",
"CreateTime": "2019-04-30T18:16:06.000Z"
}
}
```
如需詳細資訊,請參閱*《Amazon EC2 Auto Scaling 使用者指南》*中的「建立 Auto Scaling 群組的啟動範本」。如需有關引用 JSON 格式參數的詳細資訊,請參閱*《AWS 命令行介面使用者指南》*中的「引用字串」。
**範例 3:建立指定 EBS 磁碟區加密的啟動範本**
下列 `create-launch-template` 範例會建立啟動範本,其中包含從未加密快照中建立的已加密 EBS 磁碟區。此範本也會在建立期間標記磁碟區。如果預設為停用加密,則您必須指定 `"Encrypted"` 選項,如下列範例所示。如果您使用 `"KmsKeyId"` 選項來指定客戶受管的 CMK,即使預設為啟用加密,您也必須指定 `"Encrypted"` 選項。
```
aws ec2 create-launch-template \
--launch-template-name TemplateForEncryption \
--launch-template-data file://config.json
```
`config.json` 的內容:
```
{
"BlockDeviceMappings":[
{
"DeviceName":"/dev/sda1",
"Ebs":{
"VolumeType":"gp2",
"DeleteOnTermination":true,
"SnapshotId":"snap-066877671789bd71b",
"Encrypted":true,
"KmsKeyId":"arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef"
}
}
],
"ImageId":"ami-00068cd7555f543d5",
"InstanceType":"c5.large",
"TagSpecifications":[
{
"ResourceType":"volume",
"Tags":[
{
"Key":"encrypted",
"Value":"yes"
}
]
}
]
}
```
輸出:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 1,
"LaunchTemplateId": "lt-0d5bd51bcf8530abc",
"LaunchTemplateName": "TemplateForEncryption",
"DefaultVersionNumber": 1,
"CreatedBy": "arn:aws:iam::123456789012:user/Bob",
"CreateTime": "2020-01-07T19:08:36.000Z"
}
}
```
如需詳細資訊,請參閱*《Amazon Elastic Compute Cloud 使用者指南》*中的「從快照還原 Amazon EBS 磁碟區」和「預設加密」。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateLaunchTemplate](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-launch-template.html)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cross-services/wkflw-resilient-service#code-examples)中設定和執行。
```
const ssmClient = new SSMClient({});
const { Parameter } = await ssmClient.send(
new GetParameterCommand({
Name: "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2",
}),
);
const ec2Client = new EC2Client({});
await ec2Client.send(
new CreateLaunchTemplateCommand({
LaunchTemplateName: NAMES.launchTemplateName,
LaunchTemplateData: {
InstanceType: "t3.micro",
ImageId: Parameter.Value,
IamInstanceProfile: { Name: NAMES.instanceProfileName },
UserData: readFileSync(
join(RESOURCES_PATH, "server_startup_script.sh"),
).toString("base64"),
KeyName: NAMES.keyPairName,
},
}),
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [CreateLaunchTemplate](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateLaunchTemplateCommand)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
此範例會建立一個啟動範本,其中包含可授予執行個體特定許可的執行個體設定檔,以及在執行個體啟動後在其上執行的使用者資料 Bash 指令碼。
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def create_template(
self, server_startup_script_file: str, instance_policy_file: str
) -> Dict[str, Any]:
"""
Creates an Amazon EC2 launch template to use with Amazon EC2 Auto Scaling. The
launch template specifies a Bash script in its user data field that runs after
the instance is started. This script installs Python packages and starts a
Python web server on the instance.
:param server_startup_script_file: The path to a Bash script file that is run
when an instance starts.
:param instance_policy_file: The path to a file that defines a permissions policy
to create and attach to the instance profile.
:return: Information about the newly created template.
"""
template = {}
try:
# Create key pair and instance profile
self.create_key_pair(self.key_pair_name)
self.create_instance_profile(
instance_policy_file,
self.instance_policy_name,
self.instance_role_name,
self.instance_profile_name,
)
# Read the startup script
with open(server_startup_script_file) as file:
start_server_script = file.read()
# Get the latest AMI ID
ami_latest = self.ssm_client.get_parameter(Name=self.ami_param)
ami_id = ami_latest["Parameter"]["Value"]
# Create the launch template
lt_response = self.ec2_client.create_launch_template(
LaunchTemplateName=self.launch_template_name,
LaunchTemplateData={
"InstanceType": self.inst_type,
"ImageId": ami_id,
"IamInstanceProfile": {"Name": self.instance_profile_name},
"UserData": base64.b64encode(
start_server_script.encode(encoding="utf-8")
).decode(encoding="utf-8"),
"KeyName": self.key_pair_name,
},
)
template = lt_response["LaunchTemplate"]
log.info(
f"Created launch template {self.launch_template_name} for AMI {ami_id} on {self.inst_type}."
)
except ClientError as err:
log.error(f"Failed to create launch template {self.launch_template_name}.")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidLaunchTemplateName.AlreadyExistsException":
log.info(
f"Launch template {self.launch_template_name} already exists, nothing to do."
)
log.error(f"Full error:\n\t{err}")
return template
```
+ 如需 API 詳細資訊,請參閱《*適用於 Python (Boto3) 的AWS SDK API 參考*》中的 [CreateLaunchTemplate](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateLaunchTemplate)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateNetworkAcl` 與 CLI
下列程式碼範例示範如何使用 `CreateNetworkAcl`。
------
#### [ CLI ]
**AWS CLI**
**建立網路 ACL**
此範例會建立指定之 VPC 的網路 ACL。
命令:
```
aws ec2 create-network-acl --vpc-id vpc-a01106c2
```
輸出:
```
{
"NetworkAcl": {
"Associations": [],
"NetworkAclId": "acl-5fb85d36",
"VpcId": "vpc-a01106c2",
"Tags": [],
"Entries": [
{
"CidrBlock": "0.0.0.0/0",
"RuleNumber": 32767,
"Protocol": "-1",
"Egress": true,
"RuleAction": "deny"
},
{
"CidrBlock": "0.0.0.0/0",
"RuleNumber": 32767,
"Protocol": "-1",
"Egress": false,
"RuleAction": "deny"
}
],
"IsDefault": false
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateNetworkAcl](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-network-acl.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會為指定的 VPC 建立網路 ACL。**
```
New-EC2NetworkAcl -VpcId vpc-12345678
```
**輸出:**
```
Associations : {}
Entries : {Amazon.EC2.Model.NetworkAclEntry, Amazon.EC2.Model.NetworkAclEntry}
IsDefault : False
NetworkAclId : acl-12345678
Tags : {}
VpcId : vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateNetworkAcl](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會為指定的 VPC 建立網路 ACL。**
```
New-EC2NetworkAcl -VpcId vpc-12345678
```
**輸出:**
```
Associations : {}
Entries : {Amazon.EC2.Model.NetworkAclEntry, Amazon.EC2.Model.NetworkAclEntry}
IsDefault : False
NetworkAclId : acl-12345678
Tags : {}
VpcId : vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateNetworkAcl](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateNetworkAclEntry` 與 CLI
下列程式碼範例示範如何使用 `CreateNetworkAclEntry`。
------
#### [ CLI ]
**AWS CLI**
**建立網路 ACL 輸入項**
此範例會為指定的網路 ACL 建立輸入項。此規則允許將流量從 UDP 連接埠 53 (DNS) 上的任何 IPv4 位址 (0.0.0.0/0),傳入任何相關聯的子網路。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 create-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 100 --protocol udp --port-range From=53,To=53 --cidr-block 0.0.0.0/0 --rule-action allow
```
此範例會為指定的網路 ACL 建立規則,允許從 TCP 連接埠 80 (HTTP) 上的任何 IPv6 位址 (::/0) 傳入流量。
命令:
```
aws ec2 create-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 120 --protocol tcp --port-range From=80,To=80 --ipv6-cidr-block ::/0 --rule-action allow
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateNetworkAclEntry](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-network-acl-entry.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會為指定的網路 ACL 建立項目。此規則允許來自 UDP 連接埠 53 (DNS) 上任何位置 (0.0.0.0/0) 的傳入流量,傳入任何相關聯的子網路。**
```
New-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100 -Protocol 17 -PortRange_From 53 -PortRange_To 53 -CidrBlock 0.0.0.0/0 -RuleAction allow
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateNetworkAclEntry](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會為指定的網路 ACL 建立項目。此規則允許來自 UDP 連接埠 53 (DNS) 上任何位置 (0.0.0.0/0) 的傳入流量,傳入任何相關聯的子網路。**
```
New-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100 -Protocol 17 -PortRange_From 53 -PortRange_To 53 -CidrBlock 0.0.0.0/0 -RuleAction allow
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateNetworkAclEntry](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateNetworkInterface` 與 CLI
下列程式碼範例示範如何使用 `CreateNetworkInterface`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:指定網路介面的 IPv4 位址**
下列 `create-network-interface` 範例會為具有指定之主要 IPv4 位址的指定子網路,建立網路介面。
```
aws ec2 create-network-interface \
--subnet-id subnet-00a24d0d67acf6333 \
--description "my network interface" \
--groups sg-09dfba7ed20cda78b \
--private-ip-address 10.0.8.17
```
輸出:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"Description": "my network interface",
"Groups": [
{
"GroupName": "my-security-group",
"GroupId": "sg-09dfba7ed20cda78b"
}
],
"InterfaceType": "interface",
"Ipv6Addresses": [],
"MacAddress": "06:6a:0f:9a:49:37",
"NetworkInterfaceId": "eni-0492b355f0cf3b3f8",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.17",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-17.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.17"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b"
}
}
```
**範例 2:使用 IPv4 位址和 IPv6 位址建立網路介面**
下列 `create-network-interface` 範例會使用 Amazon EC2 選取的 IPv4 位址和 IPv6 位址,為指定的子網路建立網路介面。
```
aws ec2 create-network-interface \
--subnet-id subnet-00a24d0d67acf6333 \
--description "my dual stack network interface" \
--ipv6-address-count 1 \
--groups sg-09dfba7ed20cda78b
```
輸出:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"Description": "my dual stack network interface",
"Groups": [
{
"GroupName": "my-security-group",
"GroupId": "sg-09dfba7ed20cda78b"
}
],
"InterfaceType": "interface",
"Ipv6Addresses": [
{
"Ipv6Address": "2600:1f13:cfe:3650:a1dc:237c:393a:4ba7",
"IsPrimaryIpv6": false
}
],
"MacAddress": "06:b8:68:d2:b2:2d",
"NetworkInterfaceId": "eni-05da417453f9a84bf",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.18",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.18"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b",
"Ipv6Address": "2600:1f13:cfe:3650:a1dc:237c:393a:4ba7"
}
}
```
**範例 3:使用連線追蹤組態選項建立網路介面**
下列 `create-network-interface` 範例會建立網路介面,並設定閒置連線追蹤逾時。
```
aws ec2 create-network-interface \
--subnet-id subnet-00a24d0d67acf6333 \
--groups sg-02e57dbcfe0331c1b \
--connection-tracking-specification TcpEstablishedTimeout=86400,UdpTimeout=60
```
輸出:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"ConnectionTrackingConfiguration": {
"TcpEstablishedTimeout": 86400,
"UdpTimeout": 60
},
"Description": "",
"Groups": [
{
"GroupName": "my-security-group",
"GroupId": "sg-02e57dbcfe0331c1b"
}
],
"InterfaceType": "interface",
"Ipv6Addresses": [],
"MacAddress": "06:4c:53:de:6d:91",
"NetworkInterfaceId": "eni-0c133586e08903d0b",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-94.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.94",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-94.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.94"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b"
}
}
```
**範例 4:建立 Elastic Fabric Adapter**
以下 `create-network-interface` 範例會建立 EFA。
```
aws ec2 create-network-interface \
--interface-type efa \
--subnet-id subnet-00a24d0d67acf6333 \
--description "my efa" \
--groups sg-02e57dbcfe0331c1b
```
輸出:
```
{
"NetworkInterface": {
"AvailabilityZone": "us-west-2a",
"Description": "my efa",
"Groups": [
{
"GroupName": "my-efa-sg",
"GroupId": "sg-02e57dbcfe0331c1b"
}
],
"InterfaceType": "efa",
"Ipv6Addresses": [],
"MacAddress": "06:d7:a4:f7:4d:57",
"NetworkInterfaceId": "eni-034acc2885e862b65",
"OwnerId": "123456789012",
"PrivateDnsName": "ip-10-0-8-180.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.180",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-10-0-8-180.us-west-2.compute.internal",
"PrivateIpAddress": "10.0.8.180"
}
],
"RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE",
"RequesterManaged": false,
"SourceDestCheck": true,
"Status": "pending",
"SubnetId": "subnet-00a24d0d67acf6333",
"TagSet": [],
"VpcId": "vpc-02723a0feeeb9d57b"
}
}
```
如需詳細,請參閱*《Amazon EC2 使用者指南》*中的[彈性網絡介面](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateNetworkInterface](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-network-interface.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立指定的網路介面。**
```
New-EC2NetworkInterface -SubnetId subnet-1a2b3c4d -Description "my network interface" -Group sg-12345678 -PrivateIpAddress 10.0.0.17
```
**輸出:**
```
Association :
Attachment :
AvailabilityZone : us-west-2c
Description : my network interface
Groups : {my-security-group}
MacAddress : 0a:72:bc:1a:cd:7f
NetworkInterfaceId : eni-12345678
OwnerId : 123456789012
PrivateDnsName : ip-10-0-0-17.us-west-2.compute.internal
PrivateIpAddress : 10.0.0.17
PrivateIpAddresses : {}
RequesterId :
RequesterManaged : False
SourceDestCheck : True
Status : pending
SubnetId : subnet-1a2b3c4d
TagSet : {}
VpcId : vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateNetworkInterface](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立指定的網路介面。**
```
New-EC2NetworkInterface -SubnetId subnet-1a2b3c4d -Description "my network interface" -Group sg-12345678 -PrivateIpAddress 10.0.0.17
```
**輸出:**
```
Association :
Attachment :
AvailabilityZone : us-west-2c
Description : my network interface
Groups : {my-security-group}
MacAddress : 0a:72:bc:1a:cd:7f
NetworkInterfaceId : eni-12345678
OwnerId : 123456789012
PrivateDnsName : ip-10-0-0-17.us-west-2.compute.internal
PrivateIpAddress : 10.0.0.17
PrivateIpAddresses : {}
RequesterId :
RequesterManaged : False
SourceDestCheck : True
Status : pending
SubnetId : subnet-1a2b3c4d
TagSet : {}
VpcId : vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateNetworkInterface](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreatePlacementGroup` 與 CLI
下列程式碼範例示範如何使用 `CreatePlacementGroup`。
------
#### [ CLI ]
**AWS CLI**
**建立置放群組**
此範例命令會建立具有指定名稱的置放群組。
命令:
```
aws ec2 create-placement-group --group-name my-cluster --strategy cluster
```
**建立分區放置群組**
此範例命令會建立名為 `HDFS-Group-A` 的分區放置群組,其中包含五個分區。
命令:
```
aws ec2 create-placement-group --group-name HDFS-Group-A --strategy partition --partition-count 5
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreatePlacementGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-placement-group.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立具有指定名稱的置放群組。**
```
New-EC2PlacementGroup -GroupName my-placement-group -Strategy cluster
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreatePlacementGroup](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立具有指定名稱的置放群組。**
```
New-EC2PlacementGroup -GroupName my-placement-group -Strategy cluster
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreatePlacementGroup](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateRoute` 與 CLI
下列程式碼範例示範如何使用 `CreateRoute`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
+ [開始使用 Transit Gateway](example_vpc_TransitGatewayGettingStarted_section.md)
------
#### [ CLI ]
**AWS CLI**
**建立路由**
此範例會建立指定路由表的路由。路由符合所有 IPv4 流量 (`0.0.0.0/0`),並將其路由至指定的網際網路閘道。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 create-route --route-table-id rtb-22574640 --destination-cidr-block 0.0.0.0/0 --gateway-id igw-c0a643a9
```
此範例命令會在路由表 rtb-g8ff4ea2 中建立路由。路由符合 IPv4 CIDR 區塊 10.0.0.0/16 的流量,並將其路由至 VPC 對等互連 pcx-111aaa22。此路由可讓流量導向至 VPC 對等互連中的對等 VPC。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 create-route --route-table-id rtb-g8ff4ea2 --destination-cidr-block 10.0.0.0/16 --vpc-peering-connection-id pcx-1a2b3c4d
```
此範例會在指定的路由表中建立符合所有 IPv6 流量 (`::/0`) 的路由,並將其路由至指定的輸出限定網際網路閘道。
命令:
```
aws ec2 create-route --route-table-id rtb-dce620b8 --destination-ipv6-cidr-block ::/0 --egress-only-internet-gateway-id eigw-01eadbd45ecd7943f
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-route.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會為指定的路由表建立指定的路由。路由符合所有流量,並將其傳送至指定的網際網路閘道。**
```
New-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0 -GatewayId igw-1a2b3c4d
```
**輸出:**
```
True
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateRoute](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會為指定的路由表建立指定的路由。路由符合所有流量,並將其傳送至指定的網際網路閘道。**
```
New-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0 -GatewayId igw-1a2b3c4d
```
**輸出:**
```
True
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateRoute](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `CreateRouteTable` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `CreateRouteTable`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**建立路由表**
此範例會建立指定 VPC 的路由表。
命令:
```
aws ec2 create-route-table --vpc-id vpc-a01106c2
```
輸出:
```
{
"RouteTable": {
"Associations": [],
"RouteTableId": "rtb-22574640",
"VpcId": "vpc-a01106c2",
"PropagatingVgws": [],
"Tags": [],
"Routes": [
{
"GatewayId": "local",
"DestinationCidrBlock": "10.0.0.0/16",
"State": "active"
}
]
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateRouteTable](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-route-table.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會為指定的 VPC 建立路由表。**
```
New-EC2RouteTable -VpcId vpc-12345678
```
**輸出:**
```
Associations : {}
PropagatingVgws : {}
Routes : {}
RouteTableId : rtb-1a2b3c4d
Tags : {}
VpcId : vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateRouteTable](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會為指定的 VPC 建立路由表。**
```
New-EC2RouteTable -VpcId vpc-12345678
```
**輸出:**
```
Associations : {}
PropagatingVgws : {}
Routes : {}
RouteTableId : rtb-1a2b3c4d
Tags : {}
VpcId : vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateRouteTable](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Ruby ]
**SDK for Ruby**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中設定和執行。
```
require 'aws-sdk-ec2'
# Prerequisites:
#
# - A VPC in Amazon VPC.
# - A subnet in that VPC.
# - A gateway attached to that subnet.
#
# @param ec2_resource [Aws::EC2::Resource] An initialized
# Amazon Elastic Compute Cloud (Amazon EC2) resource object.
# @param vpc_id [String] The ID of the VPC for the route table.
# @param subnet_id [String] The ID of the subnet for the route table.
# @param gateway_id [String] The ID of the gateway for the route.
# @param destination_cidr_block [String] The destination CIDR block
# for the route.
# @param tag_key [String] The key portion of the tag for the route table.
# @param tag_value [String] The value portion of the tag for the route table.
# @return [Boolean] true if the route table was created and associated;
# otherwise, false.
# @example
# exit 1 unless route_table_created_and_associated?(
# Aws::EC2::Resource.new(region: 'us-west-2'),
# 'vpc-0b6f769731EXAMPLE',
# 'subnet-03d9303b57EXAMPLE',
# 'igw-06ca90c011EXAMPLE',
# '0.0.0.0/0',
# 'my-key',
# 'my-value'
# )
def route_table_created_and_associated?(
ec2_resource,
vpc_id,
subnet_id,
gateway_id,
destination_cidr_block,
tag_key,
tag_value
)
route_table = ec2_resource.create_route_table(vpc_id: vpc_id)
puts "Created route table with ID '#{route_table.id}'."
route_table.create_tags(
tags: [
{
key: tag_key,
value: tag_value
}
]
)
puts 'Added tags to route table.'
route_table.create_route(
destination_cidr_block: destination_cidr_block,
gateway_id: gateway_id
)
puts 'Created route with destination CIDR block ' \
"'#{destination_cidr_block}' and associated with gateway " \
"with ID '#{gateway_id}'."
route_table.associate_with_subnet(subnet_id: subnet_id)
puts "Associated route table with subnet with ID '#{subnet_id}'."
true
rescue StandardError => e
puts "Error creating or associating route table: #{e.message}"
puts 'If the route table was created but not associated, you should ' \
'clean up by deleting the route table.'
false
end
# Example usage:
def run_me
vpc_id = ''
subnet_id = ''
gateway_id = ''
destination_cidr_block = ''
tag_key = ''
tag_value = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-create-route-table.rb ' \
'VPC_ID SUBNET_ID GATEWAY_ID DESTINATION_CIDR_BLOCK ' \
'TAG_KEY TAG_VALUE REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-create-route-table.rb ' \
'vpc-0b6f769731EXAMPLE subnet-03d9303b57EXAMPLE igw-06ca90c011EXAMPLE ' \
"'0.0.0.0/0' my-key my-value us-west-2"
exit 1
# If no values are specified at the command prompt, use these default values.
elsif ARGV.count.zero?
vpc_id = 'vpc-0b6f769731EXAMPLE'
subnet_id = 'subnet-03d9303b57EXAMPLE'
gateway_id = 'igw-06ca90c011EXAMPLE'
destination_cidr_block = '0.0.0.0/0'
tag_key = 'my-key'
tag_value = 'my-value'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
vpc_id = ARGV[0]
subnet_id = ARGV[1]
gateway_id = ARGV[2]
destination_cidr_block = ARGV[3]
tag_key = ARGV[4]
tag_value = ARGV[5]
region = ARGV[6]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
if route_table_created_and_associated?(
ec2_resource,
vpc_id,
subnet_id,
gateway_id,
destination_cidr_block,
tag_key,
tag_value
)
puts 'Route table created and associated.'
else
puts 'Route table not created or not associated.'
end
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 如需 API 詳細資訊,請參閱 *適用於 Ruby 的 AWS SDK API 參考*中的 [CreateRouteTable](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateRouteTable)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `CreateSecurityGroup` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `CreateSecurityGroup`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中設定和執行。
```
///
/// Create an Amazon EC2 security group with a specified name and description.
///
/// The name for the new security group.
/// A description of the new security group.
/// The group Id of the new security group.
public async Task CreateSecurityGroup(string groupName, string groupDescription)
{
try
{
var response = await _amazonEC2.CreateSecurityGroupAsync(
new CreateSecurityGroupRequest(groupName, groupDescription));
// Wait until the security group exists.
int retries = 5;
while (retries-- > 0)
{
var groups = await DescribeSecurityGroups(response.GroupId);
if (groups.Any())
{
return response.GroupId;
}
Thread.Sleep(5000);
retries--;
}
_logger.LogError($"Unable to find newly created group {groupName}.");
throw new DoesNotExistException("security group not found");
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "ResourceAlreadyExists")
{
_logger.LogError(
$"A security group with the name {groupName} already exists. {ec2Exception.Message}");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while creating the security group.: {ex.Message}");
throw;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [CreateSecurityGroup](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/CreateSecurityGroup)。
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# function ec2_create_security_group
#
# This function creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Parameters:
# -n security_group_name - The name of the security group.
# -d security_group_description - The description of the security group.
#
# Returns:
# The ID of the created security group, or an error message if the operation fails.
# And:
# 0 - If successful.
# 1 - If it fails.
#
###############################################################################
function ec2_create_security_group() {
local security_group_name security_group_description response
# Function to display usage information
function usage() {
echo "function ec2_create_security_group"
echo "Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group."
echo " -n security_group_name - The name of the security group."
echo " -d security_group_description - The description of the security group."
echo ""
}
# Parse the command-line arguments
while getopts "n:d:h" option; do
case "${option}" in
n) security_group_name="${OPTARG}" ;;
d) security_group_description="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
# Validate the input parameters
if [[ -z "$security_group_name" ]]; then
errecho "ERROR: You must provide a security group name with the -n parameter."
return 1
fi
if [[ -z "$security_group_description" ]]; then
errecho "ERROR: You must provide a security group description with the -d parameter."
return 1
fi
# Create the security group
response=$(aws ec2 create-security-group \
--group-name "$security_group_name" \
--description "$security_group_description" \
--query "GroupId" \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports create-security-group operation failed."
errecho "$response"
return 1
}
echo "$response"
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateSecurityGroup](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/CreateSecurityGroup)。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! Create a security group.
/*!
\param groupName: A security group name.
\param description: A description.
\param vpcID: A virtual private cloud (VPC) ID.
\param[out] groupIDResult: A string to receive the group ID.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::createSecurityGroup(const Aws::String &groupName,
const Aws::String &description,
const Aws::String &vpcID,
Aws::String &groupIDResult,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::CreateSecurityGroupRequest request;
request.SetGroupName(groupName);
request.SetDescription(description);
request.SetVpcId(vpcID);
const Aws::EC2::Model::CreateSecurityGroupOutcome outcome =
ec2Client.CreateSecurityGroup(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to create security group:" <<
outcome.GetError().GetMessage() << std::endl;
return false;
}
std::cout << "Successfully created security group named " << groupName <<
std::endl;
groupIDResult = outcome.GetResult().GetGroupId();
return true;
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/CreateSecurityGroup)。
------
#### [ CLI ]
**AWS CLI**
**為 EC2-Classic 建立安全群組**
此範例會建立名為 `MySecurityGroup` 的安全群組。
命令:
```
aws ec2 create-security-group --group-name MySecurityGroup --description "My security group"
```
輸出:
```
{
"GroupId": "sg-903004f8"
}
```
**為 EC2-VPC 建立安全群組**
此範例會為指定 VPC 建立名為 `MySecurityGroup` 的安全群組。
命令:
```
aws ec2 create-security-group --group-name MySecurityGroup --description "My security group" --vpc-id vpc-1a2b3c4d
```
輸出:
```
{
"GroupId": "sg-903004f8"
}
```
如需詳細資訊,請參閱《AWS 命令行介面使用者指南》**中的「使用安全群組」。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateSecurityGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-security-group.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中設定和執行。
```
/**
* Creates a new security group asynchronously with the specified group name, description, and VPC ID. It also
* authorizes inbound traffic on ports 80 and 22 from the specified IP address.
*
* @param groupName the name of the security group to create
* @param groupDesc the description of the security group
* @param vpcId the ID of the VPC in which to create the security group
* @param myIpAddress the IP address from which to allow inbound traffic (e.g., "192.168.1.1/0" to allow traffic from
* any IP address in the 192.168.1.0/24 subnet)
* @return a CompletableFuture that, when completed, returns the ID of the created security group
* @throws RuntimeException if there was a failure creating the security group or authorizing the inbound traffic
*/
public CompletableFuture createSecurityGroupAsync(String groupName, String groupDesc, String vpcId, String myIpAddress) {
CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder()
.groupName(groupName)
.description(groupDesc)
.vpcId(vpcId)
.build();
return getAsyncClient().createSecurityGroup(createRequest)
.thenCompose(createResponse -> {
String groupId = createResponse.groupId();
IpRange ipRange = IpRange.builder()
.cidrIp(myIpAddress + "/32")
.build();
IpPermission ipPerm = IpPermission.builder()
.ipProtocol("tcp")
.toPort(80)
.fromPort(80)
.ipRanges(ipRange)
.build();
IpPermission ipPerm2 = IpPermission.builder()
.ipProtocol("tcp")
.toPort(22)
.fromPort(22)
.ipRanges(ipRange)
.build();
AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder()
.groupName(groupName)
.ipPermissions(ipPerm, ipPerm2)
.build();
return getAsyncClient().authorizeSecurityGroupIngress(authRequest)
.thenApply(authResponse -> groupId);
})
.whenComplete((result, exception) -> {
if (exception != null) {
if (exception instanceof CompletionException && exception.getCause() instanceof Ec2Exception) {
throw (Ec2Exception) exception.getCause();
} else {
throw new RuntimeException("Failed to create security group: " + exception.getMessage(), exception);
}
}
});
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/CreateSecurityGroup)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { CreateSecurityGroupCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Creates a security group.
* @param {{ groupName: string, description: string }} options
*/
export const main = async ({ groupName, description }) => {
const client = new EC2Client({});
const command = new CreateSecurityGroupCommand({
// Up to 255 characters in length. Cannot start with sg-.
GroupName: groupName,
// Up to 255 characters in length.
Description: description,
});
try {
const { GroupId } = await client.send(command);
console.log(GroupId);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}.`);
} else {
throw caught;
}
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [CreateSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateSecurityGroupCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
suspend fun createEC2SecurityGroup(
groupNameVal: String?,
groupDescVal: String?,
vpcIdVal: String?,
): String? {
val request =
CreateSecurityGroupRequest {
groupName = groupNameVal
description = groupDescVal
vpcId = vpcIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val resp = ec2.createSecurityGroup(request)
val ipRange =
IpRange {
cidrIp = "0.0.0.0/0"
}
val ipPerm =
IpPermission {
ipProtocol = "tcp"
toPort = 80
fromPort = 80
ipRanges = listOf(ipRange)
}
val ipPerm2 =
IpPermission {
ipProtocol = "tcp"
toPort = 22
fromPort = 22
ipRanges = listOf(ipRange)
}
val authRequest =
AuthorizeSecurityGroupIngressRequest {
groupName = groupNameVal
ipPermissions = listOf(ipPerm, ipPerm2)
}
ec2.authorizeSecurityGroupIngress(authRequest)
println("Successfully added ingress policy to Security Group $groupNameVal")
return resp.groupId
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Kotlin 的AWS SDK API 參考》**中的 [CreateSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會指定的 VPC 建立安全群組。**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group" -VpcId vpc-12345678
```
**輸出:**
```
sg-12345678
```
**範例 2:此範例會建立 EC2-Classic 的安全群組。**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group"
```
**輸出:**
```
sg-45678901
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateSecurityGroup](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會指定的 VPC 建立安全群組。**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group" -VpcId vpc-12345678
```
**輸出:**
```
sg-12345678
```
**範例 2:此範例會建立 EC2-Classic 的安全群組。**
```
New-EC2SecurityGroup -GroupName my-security-group -Description "my security group"
```
**輸出:**
```
sg-45678901
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateSecurityGroup](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(self, group_name: str, group_description: str) -> str:
"""
Creates a security group in the default virtual private cloud (VPC) of the current account.
:param group_name: The name of the security group to create.
:param group_description: The description of the security group to create.
:return: The ID of the newly created security group.
:raise Handles AWS SDK service-level ClientError, with special handling for ResourceAlreadyExists
"""
try:
response = self.ec2_client.create_security_group(
GroupName=group_name, Description=group_description
)
self.security_group = response["GroupId"]
except ClientError as err:
if err.response["Error"]["Code"] == "ResourceAlreadyExists":
logger.error(
f"Security group '{group_name}' already exists. Please choose a different name."
)
raise
else:
return self.security_group
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的AWS SDK API 參考》**中的 [CreateSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateSecurityGroup)。
------
#### [ Ruby ]
**SDK for Ruby**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中設定和執行。
```
# This code example does the following:
# 1. Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.
# 2. Adds inbound rules to the security group.
# 3. Displays information about available security groups.
# 4. Deletes the security group.
require 'aws-sdk-ec2'
# Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Prerequisites:
#
# - A VPC in Amazon Virtual Private Cloud (Amazon VPC).
#
# @param ec2_client [Aws::EC2::Client] An initialized
# Amazon EC2 client.
# @param group_name [String] A name for the security group.
# @param description [String] A description for the security group.
# @param vpc_id [String] The ID of the VPC for the security group.
# @return [String] The ID of security group that was created.
# @example
# puts create_security_group(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'my-security-group',
# 'This is my security group.',
# 'vpc-6713dfEX'
# )
def create_security_group(ec2_client, group_name, description, vpc_id)
security_group = ec2_client.create_security_group(
group_name: group_name,
description: description,
vpc_id: vpc_id
)
puts "Created security group '#{group_name}' with ID " \
"'#{security_group.group_id}' in VPC with ID '#{vpc_id}'."
security_group.group_id
rescue StandardError => e
puts "Error creating security group: #{e.message}"
'Error'
end
# Adds an inbound rule to an Amazon Elastic Compute Cloud (Amazon EC2)
# security group.
#
# Prerequisites:
#
# - The security group.
#
# @param ec2_client [Aws::EC2::Client] An initialized Amazon EC2 client.
# @param security_group_id [String] The ID of the security group.
# @param ip_protocol [String] The network protocol for the inbound rule.
# @param from_port [String] The originating port for the inbound rule.
# @param to_port [String] The destination port for the inbound rule.
# @param cidr_ip_range [String] The CIDR IP range for the inbound rule.
# @return
# @example
# exit 1 unless security_group_ingress_authorized?(
# Aws::EC2::Client.new(region: 'us-west-2'),
# 'sg-030a858e078f1b9EX',
# 'tcp',
# '80',
# '80',
# '0.0.0.0/0'
# )
def security_group_ingress_authorized?(
ec2_client, security_group_id, ip_protocol, from_port, to_port, cidr_ip_range
)
ec2_client.authorize_security_group_ingress(
group_id: security_group_id,
ip_permissions: [
{
ip_protocol: ip_protocol,
from_port: from_port,
to_port: to_port,
ip_ranges: [
{
cidr_ip: cidr_ip_range
}
]
}
]
)
puts "Added inbound rule to security group '#{security_group_id}' for protocol " \
"'#{ip_protocol}' from port '#{from_port}' to port '#{to_port}' " \
"with CIDR IP range '#{cidr_ip_range}'."
true
rescue StandardError => e
puts "Error adding inbound rule to security group: #{e.message}"
false
end
# Refactored method to simplify complexity for describing security group permissions
def format_port_information(perm)
from_port_str = perm.from_port == '-1' || perm.from_port == -1 ? 'All' : perm.from_port.to_s
to_port_str = perm.to_port == '-1' || perm.to_port == -1 ? 'All' : perm.to_port.to_s
{ from_port: from_port_str, to_port: to_port_str }
end
# Displays information about a security group's IP permissions set in
# Amazon Elastic Compute Cloud (Amazon EC2).
def describe_security_group_permissions(perm)
ports = format_port_information(perm)
print " Protocol: #{perm.ip_protocol == '-1' ? 'All' : perm.ip_protocol}"
print ", From: #{ports[:from_port]}, To: #{ports[:to_port]}"
print ", CIDR IPv6: #{perm.ipv_6_ranges[0].cidr_ipv_6}" if perm.key?(:ipv_6_ranges) && perm.ipv_6_ranges.count.positive?
print ", CIDR IPv4: #{perm.ip_ranges[0].cidr_ip}" if perm.key?(:ip_ranges) && perm.ip_ranges.count.positive?
print "\n"
end
# Displays information about available security groups in
# Amazon Elastic Compute Cloud (Amazon EC2).
def describe_security_groups(ec2_client)
response = ec2_client.describe_security_groups
if response.security_groups.count.positive?
response.security_groups.each do |sg|
display_group_details(sg)
end
else
puts 'No security groups found.'
end
rescue StandardError => e
puts "Error getting information about security groups: #{e.message}"
end
# Helper method to display the details of security groups
def display_group_details(sg)
puts '-' * (sg.group_name.length + 13)
puts "Name: #{sg.group_name}"
puts "Description: #{sg.description}"
puts "Group ID: #{sg.group_id}"
puts "Owner ID: #{sg.owner_id}"
puts "VPC ID: #{sg.vpc_id}"
display_group_tags(sg.tags) if sg.tags.count.positive?
display_group_permissions(sg)
end
def display_group_tags(tags)
puts 'Tags:'
tags.each do |tag|
puts " Key: #{tag.key}, Value: #{tag.value}"
end
end
def display_group_permissions(sg)
if sg.ip_permissions.count.positive?
puts 'Inbound rules:'
sg.ip_permissions.each do |p|
describe_security_group_permissions(p)
end
end
return if sg.ip_permissions_egress.empty?
puts 'Outbound rules:'
sg.ip_permissions_egress.each do |p|
describe_security_group_permissions(p)
end
end
# Deletes an Amazon Elastic Compute Cloud (Amazon EC2)
# security group.
def security_group_deleted?(ec2_client, security_group_id)
ec2_client.delete_security_group(group_id: security_group_id)
puts "Deleted security group '#{security_group_id}'."
true
rescue StandardError => e
puts "Error deleting security group: #{e.message}"
false
end
# Example usage with refactored run_me to reduce complexity
def run_me
group_name, description, vpc_id, ip_protocol_http, from_port_http, to_port_http, \
cidr_ip_range_http, ip_protocol_ssh, from_port_ssh, to_port_ssh, \
cidr_ip_range_ssh, region = process_arguments
ec2_client = Aws::EC2::Client.new(region: region)
security_group_id = attempt_create_security_group(ec2_client, group_name, description, vpc_id)
security_group_exists = security_group_id != 'Error'
if security_group_exists
add_inbound_rules(ec2_client, security_group_id, ip_protocol_http, from_port_http, to_port_http, cidr_ip_range_http)
add_inbound_rules(ec2_client, security_group_id, ip_protocol_ssh, from_port_ssh, to_port_ssh, cidr_ip_range_ssh)
end
describe_security_groups(ec2_client)
attempt_delete_security_group(ec2_client, security_group_id) if security_group_exists
end
def process_arguments
if ARGV[0] == '--help' || ARGV[0] == '-h'
display_help
exit 1
elsif ARGV.count.zero?
default_values
else
ARGV
end
end
def attempt_create_security_group(ec2_client, group_name, description, vpc_id)
puts 'Attempting to create security group...'
security_group_id = create_security_group(ec2_client, group_name, description, vpc_id)
puts 'Could not create security group. Skipping this step.' if security_group_id == 'Error'
security_group_id
end
def add_inbound_rules(ec2_client, security_group_id, ip_protocol, from_port, to_port, cidr_ip_range)
puts 'Attempting to add inbound rules to security group...'
return if security_group_ingress_authorized?(ec2_client, security_group_id, ip_protocol, from_port, to_port,
cidr_ip_range)
puts 'Could not add inbound rule to security group. Skipping this step.'
end
def attempt_delete_security_group(ec2_client, security_group_id)
puts "\nAttempting to delete security group..."
return if security_group_deleted?(ec2_client, security_group_id)
puts 'Could not delete security group. You must delete it yourself.'
end
def display_help
puts 'Usage: ruby ec2-ruby-example-security-group.rb ' \
'GROUP_NAME DESCRIPTION VPC_ID IP_PROTOCOL_1 FROM_PORT_1 TO_PORT_1 ' \
'CIDR_IP_RANGE_1 IP_PROTOCOL_2 FROM_PORT_2 TO_PORT_2 ' \
'CIDR_IP_RANGE_2 REGION'
puts 'Example: ruby ec2-ruby-example-security-group.rb ' \
"my-security-group 'This is my security group.' vpc-6713dfEX " \
"tcp 80 80 '0.0.0.0/0' tcp 22 22 '0.0.0.0/0' us-west-2"
end
def default_values
[
'my-security-group', 'This is my security group.', 'vpc-6713dfEX', 'tcp', '80', '80',
'0.0.0.0/0', 'tcp', '22', '22', '0.0.0.0/0', 'us-west-2'
]
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 如需 API 詳細資訊,請參閱《適用於 Ruby 的 AWS SDK API 參考》**中的 [CreateSecurityGroup](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateSecurityGroup)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
```
pub async fn create_security_group(
&self,
name: &str,
description: &str,
) -> Result {
tracing::info!("Creating security group {name}");
let create_output = self
.client
.create_security_group()
.group_name(name)
.description(description)
.send()
.await
.map_err(EC2Error::from)?;
let group_id = create_output
.group_id
.ok_or_else(|| EC2Error::new("Missing security group id after creation"))?;
let group = self
.describe_security_group(&group_id)
.await?
.ok_or_else(|| {
EC2Error::new(format!("Could not find security group with id {group_id}"))
})?;
tracing::info!("Created security group {name} as {group_id}");
Ok(group)
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [CreateSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_security_group)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
oo_result = lo_ec2->createsecuritygroup( " oo_result is returned for testing purposes. "
iv_description = 'Security group example'
iv_groupname = iv_security_group_name
iv_vpcid = iv_vpc_id ).
MESSAGE 'Security group created.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 SAP ABAP 的AWS SDK API 參考》**中的 [CreateSecurityGroup](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
```
import AWSEC2
/// Create a new security group.
///
/// - Parameters:
/// - groupName: The name of the group to create.
/// - groupDescription: A description of the new security group.
///
/// - Returns: The ID string of the new security group.
func createSecurityGroup(name groupName: String, description groupDescription: String) async -> String? {
do {
let output = try await ec2Client.createSecurityGroup(
input: CreateSecurityGroupInput(
description: groupDescription,
groupName: groupName
)
)
return output.groupId
} catch {
print("*** Error creating the security group: \(error.localizedDescription)")
return nil
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Swift 的 AWS SDK API 參考》**中的 [CreateSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/createsecuritygroup(input:))。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateSnapshot` 與 CLI
下列程式碼範例示範如何使用 `CreateSnapshot`。
------
#### [ CLI ]
**AWS CLI**
**建立快照**
此範例命令會建立磁碟區 ID 為 `vol-1234567890abcdef0` 的磁碟區快照,以及識別快照的簡短描述。
命令:
```
aws ec2 create-snapshot --volume-id vol-1234567890abcdef0 --description "This is my root volume snapshot"
```
輸出:
```
{
"Description": "This is my root volume snapshot",
"Tags": [],
"Encrypted": false,
"VolumeId": "vol-1234567890abcdef0",
"State": "pending",
"VolumeSize": 8,
"StartTime": "2018-02-28T21:06:01.000Z",
"Progress": "",
"OwnerId": "012345678910",
"SnapshotId": "snap-066877671789bd71b"
}
```
**使用標籤建立快照**
此範例命令會建立快照並套用兩個標籤:purpose=prod and costcenter=123。
命令:
```
aws ec2 create-snapshot --volume-id vol-1234567890abcdef0 --description 'Prod backup' --tag-specifications 'ResourceType=snapshot,Tags=[{Key=purpose,Value=prod},{Key=costcenter,Value=123}]'
```
輸出:
```
{
"Description": "Prod backup",
"Tags": [
{
"Value": "prod",
"Key": "purpose"
},
{
"Value": "123",
"Key": "costcenter"
}
],
"Encrypted": false,
"VolumeId": "vol-1234567890abcdef0",
"State": "pending",
"VolumeSize": 8,
"StartTime": "2018-02-28T21:06:06.000Z",
"Progress": "",
"OwnerId": "012345678910",
"SnapshotId": "snap-09ed24a70bc19bbe4"
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateSnapshot](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-snapshot.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立指定磁碟區的快照。**
```
New-EC2Snapshot -VolumeId vol-12345678 -Description "This is a test"
```
**輸出:**
```
DataEncryptionKeyId :
Description : This is a test
Encrypted : False
KmsKeyId :
OwnerAlias :
OwnerId : 123456789012
Progress :
SnapshotId : snap-12345678
StartTime : 12/22/2015 1:28:42 AM
State : pending
StateMessage :
Tags : {}
VolumeId : vol-12345678
VolumeSize : 20
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateSnapshot](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立指定磁碟區的快照。**
```
New-EC2Snapshot -VolumeId vol-12345678 -Description "This is a test"
```
**輸出:**
```
DataEncryptionKeyId :
Description : This is a test
Encrypted : False
KmsKeyId :
OwnerAlias :
OwnerId : 123456789012
Progress :
SnapshotId : snap-12345678
StartTime : 12/22/2015 1:28:42 AM
State : pending
StateMessage :
Tags : {}
VolumeId : vol-12345678
VolumeSize : 20
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateSnapshot](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateSpotDatafeedSubscription` 與 CLI
下列程式碼範例示範如何使用 `CreateSpotDatafeedSubscription`。
------
#### [ CLI ]
**AWS CLI**
**建立 Spot 執行個體資料饋送**
下列 `create-spot-datafeed-subscription` 範例會建立 Spot 執行個體資料饋送。
```
aws ec2 create-spot-datafeed-subscription \
--bucket amzn-s3-demo-bucket \
--prefix spot-data-feed
```
輸出:
```
{
"SpotDatafeedSubscription": {
"Bucket": "amzn-s3-demo-bucket",
"OwnerId": "123456789012",
"Prefix": "spot-data-feed",
"State": "Active"
}
}
```
資料饋送會存放在您指定的 Amazon S3 儲存貯體中。此資料饋送的檔案名稱具有以下格式。
```
amzn-s3-demo-bucket.s3.amazonaws.com/spot-data-feed/123456789012.YYYY-MM-DD-HH.n.abcd1234.gz
```
如需詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的 [Spot 執行個體資料饋送](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html)。
+ 如需 API 詳細資訊,請參閱《*AWS CLI 命令參考*》中的 [CreateSpotDatafeedSubscription](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-spot-datafeed-subscription.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立 Spot 執行個體資料饋送。**
```
New-EC2SpotDatafeedSubscription -Bucket amzn-s3-demo-bucket -Prefix spotdata
```
**輸出:**
```
Bucket : amzn-s3-demo-bucket
Fault :
OwnerId : 123456789012
Prefix : spotdata
State : Active
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立 Spot 執行個體資料饋送。**
```
New-EC2SpotDatafeedSubscription -Bucket amzn-s3-demo-bucket -Prefix spotdata
```
**輸出:**
```
Bucket : amzn-s3-demo-bucket
Fault :
OwnerId : 123456789012
Prefix : spotdata
State : Active
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `CreateSubnet` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `CreateSubnet`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
+ [開始使用 Transit Gateway](example_vpc_TransitGatewayGettingStarted_section.md)
------
#### [ CLI ]
**AWS CLI**
**範例 1:建立僅具有 IPv4 CIDR 區塊的子網路**
以下 `create-subnet` 範例會在指定 VPC 內建立具有指定 IPv4 CIDR 區塊的子網路。
```
aws ec2 create-subnet \
--vpc-id vpc-081ec835f3EXAMPLE \
--cidr-block 10.0.0.0/24 \
--tag-specifications ResourceType=subnet,Tags=[{Key=Name,Value=my-ipv4-only-subnet}]
```
輸出:
```
{
"Subnet": {
"AvailabilityZone": "us-west-2a",
"AvailabilityZoneId": "usw2-az2",
"AvailableIpAddressCount": 251,
"CidrBlock": "10.0.0.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-0e99b93155EXAMPLE",
"VpcId": "vpc-081ec835f3EXAMPLE",
"OwnerId": "123456789012",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [],
"Tags": [
{
"Key": "Name",
"Value": "my-ipv4-only-subnet"
}
],
"SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0e99b93155EXAMPLE"
}
}
```
**範例 2:建立具有 IPv4 和 IPv6 CIDR 區塊的子網路**
以下 `create-subnet` 範例會在指定 VPC 內建立具有指定 IPv4 和 IPv6 CIDR 區塊的子網路。
```
aws ec2 create-subnet \
--vpc-id vpc-081ec835f3EXAMPLE \
--cidr-block 10.0.0.0/24 \
--ipv6-cidr-block 2600:1f16:cfe:3660::/64 \
--tag-specifications ResourceType=subnet,Tags=[{Key=Name,Value=my-ipv4-ipv6-subnet}]
```
輸出:
```
{
"Subnet": {
"AvailabilityZone": "us-west-2a",
"AvailabilityZoneId": "usw2-az2",
"AvailableIpAddressCount": 251,
"CidrBlock": "10.0.0.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-0736441d38EXAMPLE",
"VpcId": "vpc-081ec835f3EXAMPLE",
"OwnerId": "123456789012",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [
{
"AssociationId": "subnet-cidr-assoc-06c5f904499fcc623",
"Ipv6CidrBlock": "2600:1f13:cfe:3660::/64",
"Ipv6CidrBlockState": {
"State": "associating"
}
}
],
"Tags": [
{
"Key": "Name",
"Value": "my-ipv4-ipv6-subnet"
}
],
"SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0736441d38EXAMPLE"
}
}
```
**範例 3:建立僅具有 IPv6 CIDR 區塊的子網路**
以下 `create-subnet` 範例會在指定 VPC 內建立具有指定 IPv6 CIDR 區塊的子網路。
```
aws ec2 create-subnet \
--vpc-id vpc-081ec835f3EXAMPLE \
--ipv6-native \
--ipv6-cidr-block 2600:1f16:115:200::/64 \
--tag-specifications ResourceType=subnet,Tags=[{Key=Name,Value=my-ipv6-only-subnet}]
```
輸出:
```
{
"Subnet": {
"AvailabilityZone": "us-west-2a",
"AvailabilityZoneId": "usw2-az2",
"AvailableIpAddressCount": 0,
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "available",
"SubnetId": "subnet-03f720e7deEXAMPLE",
"VpcId": "vpc-081ec835f3EXAMPLE",
"OwnerId": "123456789012",
"AssignIpv6AddressOnCreation": true,
"Ipv6CidrBlockAssociationSet": [
{
"AssociationId": "subnet-cidr-assoc-01ef639edde556709",
"Ipv6CidrBlock": "2600:1f13:cfe:3660::/64",
"Ipv6CidrBlockState": {
"State": "associating"
}
}
],
"Tags": [
{
"Key": "Name",
"Value": "my-ipv6-only-subnet"
}
],
"SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-03f720e7deEXAMPLE"
}
}
```
如需詳細資訊,請參閱《Amazon VPC 使用者指南》**中的 [VPC 和子網路](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateSubnet](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-subnet.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立具有指定 CIDR 的子網路。**
```
New-EC2Subnet -VpcId vpc-12345678 -CidrBlock 10.0.0.0/24
```
**輸出:**
```
AvailabilityZone : us-west-2c
AvailableIpAddressCount : 251
CidrBlock : 10.0.0.0/24
DefaultForAz : False
MapPublicIpOnLaunch : False
State : pending
SubnetId : subnet-1a2b3c4d
Tag : {}
VpcId : vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateSubnet](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立具有指定 CIDR 的子網路。**
```
New-EC2Subnet -VpcId vpc-12345678 -CidrBlock 10.0.0.0/24
```
**輸出:**
```
AvailabilityZone : us-west-2c
AvailableIpAddressCount : 251
CidrBlock : 10.0.0.0/24
DefaultForAz : False
MapPublicIpOnLaunch : False
State : pending
SubnetId : subnet-1a2b3c4d
Tag : {}
VpcId : vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateSubnet](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Ruby ]
**SDK for Ruby**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中設定和執行。
```
require 'aws-sdk-ec2'
# Creates a subnet within a virtual private cloud (VPC) in
# Amazon Virtual Private Cloud (Amazon VPC) and then tags
# the subnet.
#
# Prerequisites:
#
# - A VPC in Amazon VPC.
#
# @param ec2_resource [Aws::EC2::Resource] An initialized
# Amazon Elastic Compute Cloud (Amazon EC2) resource object.
# @param vpc_id [String] The ID of the VPC for the subnet.
# @param cidr_block [String] The IPv4 CIDR block for the subnet.
# @param availability_zone [String] The ID of the Availability Zone
# for the subnet.
# @param tag_key [String] The key portion of the tag for the subnet.
# @param tag_vlue [String] The value portion of the tag for the subnet.
# @return [Boolean] true if the subnet was created and tagged;
# otherwise, false.
# @example
# exit 1 unless subnet_created_and_tagged?(
# Aws::EC2::Resource.new(region: 'us-west-2'),
# 'vpc-6713dfEX',
# '10.0.0.0/24',
# 'us-west-2a',
# 'my-key',
# 'my-value'
# )
def subnet_created_and_tagged?(
ec2_resource,
vpc_id,
cidr_block,
availability_zone,
tag_key,
tag_value
)
subnet = ec2_resource.create_subnet(
vpc_id: vpc_id,
cidr_block: cidr_block,
availability_zone: availability_zone
)
subnet.create_tags(
tags: [
{
key: tag_key,
value: tag_value
}
]
)
puts "Subnet created with ID '#{subnet.id}' in VPC with ID '#{vpc_id}' " \
"and CIDR block '#{cidr_block}' in availability zone " \
"'#{availability_zone}' and tagged with key '#{tag_key}' and " \
"value '#{tag_value}'."
true
rescue StandardError => e
puts "Error creating or tagging subnet: #{e.message}"
false
end
# Example usage:
def run_me
vpc_id = ''
cidr_block = ''
availability_zone = ''
tag_key = ''
tag_value = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-create-subnet.rb ' \
'VPC_ID CIDR_BLOCK AVAILABILITY_ZONE TAG_KEY TAG_VALUE REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-create-subnet.rb ' \
'vpc-6713dfEX 10.0.0.0/24 us-west-2a my-key my-value us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
elsif ARGV.count.zero?
vpc_id = 'vpc-6713dfEX'
cidr_block = '10.0.0.0/24'
availability_zone = 'us-west-2a'
tag_key = 'my-key'
tag_value = 'my-value'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
vpc_id = ARGV[0]
cidr_block = ARGV[1]
availability_zone = ARGV[2]
tag_key = ARGV[3]
tag_value = ARGV[4]
region = ARGV[5]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
if subnet_created_and_tagged?(
ec2_resource,
vpc_id,
cidr_block,
availability_zone,
tag_key,
tag_value
)
puts 'Subnet created and tagged.'
else
puts 'Subnet not created or not tagged.'
end
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 如需 API 詳細資訊,請參閱 *適用於 Ruby 的 AWS SDK API 參考*中的 [CreateSubnet](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateSubnet)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `CreateTags` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `CreateTags`。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! Add or overwrite only the specified tags for the specified Amazon Elastic Compute Cloud (Amazon EC2) resource or resources.
/*!
\param resources: The resources for the tags.
\param tags: Vector of tags.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::createTags(const Aws::Vector &resources,
const Aws::Vector &tags,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::CreateTagsRequest createTagsRequest;
createTagsRequest.SetResources(resources);
createTagsRequest.SetTags(tags);
Aws::EC2::Model::CreateTagsOutcome outcome = ec2Client.CreateTags(createTagsRequest);
if (outcome.IsSuccess()) {
std::cout << "Successfully created tags for resources" << std::endl;
} else {
std::cerr << "Failed to create tags for resources, " << outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [CreateTags](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/CreateTags)。
------
#### [ CLI ]
**AWS CLI**
**範例 1:將標籤新增至資源**
以下 `create-tags` 範例會將標籤 `Stack=production` 新增至指定的映像,或覆寫 AMI 的現有標籤,其中標籤金鑰為 `Stack`。
```
aws ec2 create-tags \
--resources ami-1234567890abcdef0 \
--tags Key=Stack,Value=production
```
此命令不會產生輸出。
**範例 2:將標籤新增至多個資源**
下列 `create-tags` 範例會為 AMI 和執行個體新增 (或覆寫) 兩個標籤。其中一個標籤具有索引鍵 (`webserver`),但沒有值 (值會設定為空白字串)。另一個標籤則有一個索引鍵 (`stack`) 和一個值 (`Production`)。
```
aws ec2 create-tags \
--resources ami-1a2b3c4d i-1234567890abcdef0 \
--tags Key=webserver,Value= Key=stack,Value=Production
```
此命令不會產生輸出。
**範例 3:新增包含特殊字元的標籤**
下列 `create-tags` 範例為執行個體新增標籤 `[Group]=test`。中括號 ([ 和 ]) 是特殊字元,必須將其逸出。下列範例也會使用每個環境適用的行接續字元。
如果您使用 Windows,請以雙引號 (") 括住具有特殊字元的元素,然後在每個雙引號字元前面加上反斜線 (\$1),如下所示。
```
aws ec2 create-tags ^
--resources i-1234567890abcdef0 ^
--tags Key=\"[Group]\",Value=test
```
如果您使用 Windows PowerShell,請以雙引號 (") 括住具有特殊字元的元素,在每個雙引號字元前面加上反斜線 (\$1),然後用單引號 (') 括住整個索引鍵和值結構,如下所示。
```
aws ec2 create-tags `
--resources i-1234567890abcdef0 `
--tags 'Key=\"[Group]\",Value=test'
```
如果您是使用 Linux 或 OS X,請以雙引號 (") 括住具有特殊字元的值,然後使用單引號 (') 括住整個索引鍵和值結構,如下所示。
```
aws ec2 create-tags \
--resources i-1234567890abcdef0 \
--tags 'Key="[Group]",Value=test'
```
如需更多詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的[標記您的 Amazon EC2 資源](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateTags](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-tags.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會將單一標籤新增至指定的資源。標籤索引鍵為 'myTag',標籤值為 'myTagValue'。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
New-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag"; Value="myTagValue" }
```
**範例 2:此範例會更新或新增指定的標籤至指定的資源。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
New-EC2Tag -Resource i-12345678 -Tag @( @{ Key="myTag"; Value="newTagValue" }, @{ Key="test"; Value="anotherTagValue" } )
```
**範例 3:使用 PowerShell 版本 2 時,必須使用 New-Object 為 Tag 參數建立標籤。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
New-EC2Tag -Resource i-12345678 -Tag $tag
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateTags](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會將單一標籤新增至指定的資源。標籤索引鍵為 'myTag',標籤值為 'myTagValue'。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
New-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag"; Value="myTagValue" }
```
**範例 2:此範例會更新或新增指定的標籤至指定的資源。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
New-EC2Tag -Resource i-12345678 -Tag @( @{ Key="myTag"; Value="newTagValue" }, @{ Key="test"; Value="anotherTagValue" } )
```
**範例 3:使用 PowerShell 版本 2 時,必須使用 New-Object 來建立 Tag 參數的標籤。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
New-EC2Tag -Resource i-12345678 -Tag $tag
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateTags](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
此範例會在建立執行個體後套用名稱標籤。
```
pub async fn create_instance<'a>(
&self,
image_id: &'a str,
instance_type: InstanceType,
key_pair: &'a KeyPairInfo,
security_groups: Vec<&'a SecurityGroup>,
) -> Result {
let run_instances = self
.client
.run_instances()
.image_id(image_id)
.instance_type(instance_type)
.key_name(
key_pair
.key_name()
.ok_or_else(|| EC2Error::new("Missing key name when launching instance"))?,
)
.set_security_group_ids(Some(
security_groups
.iter()
.filter_map(|sg| sg.group_id.clone())
.collect(),
))
.min_count(1)
.max_count(1)
.send()
.await?;
if run_instances.instances().is_empty() {
return Err(EC2Error::new("Failed to create instance"));
}
let instance_id = run_instances.instances()[0].instance_id().unwrap();
let response = self
.client
.create_tags()
.resources(instance_id)
.tags(
Tag::builder()
.key("Name")
.value("From SDK Examples")
.build(),
)
.send()
.await;
match response {
Ok(_) => tracing::info!("Created {instance_id} and applied tags."),
Err(err) => {
tracing::info!("Error applying tags to {instance_id}: {err:?}");
return Err(err.into());
}
}
tracing::info!("Instance is created.");
Ok(instance_id.to_string())
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [CreateTags](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.create_tags)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateVolume` 與 CLI
下列程式碼範例示範如何使用 `CreateVolume`。
------
#### [ CLI ]
**AWS CLI**
**建立空的一般用途 SSD (gp2) 磁碟區**
下列 `create-volume` 範例會在指定的可用區域中,建立 80 GiB 一般用途 SSD (gp2) 磁碟區。請注意,目前區域必須是 `us-east-1`,或者您可以新增 `--region` 參數來指定命令施行的區域。
```
aws ec2 create-volume \
--volume-type gp2 \
--size 80 \
--availability-zone us-east-1a
```
輸出:
```
{
"AvailabilityZone": "us-east-1a",
"Tags": [],
"Encrypted": false,
"VolumeType": "gp2",
"VolumeId": "vol-1234567890abcdef0",
"State": "creating",
"Iops": 240,
"SnapshotId": "",
"CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"Size": 80
}
```
如果您未指定磁碟區類型,則預設磁碟區類型為 `gp2`。
```
aws ec2 create-volume \
--size 80 \
--availability-zone us-east-1a
```
**範例 2:從快照建立佈建 IOPS SSD (io1) 磁碟區**
下列 `create-volume` 範例使用指定的快照,在指定的可用區域中建立具有 1000 個佈建 IOPS 的佈建 IOPS SSD (io1) 磁碟區。
```
aws ec2 create-volume \
--volume-type io1 \
--iops 1000 \
--snapshot-id snap-066877671789bd71b \
--availability-zone us-east-1a
```
輸出:
```
{
"AvailabilityZone": "us-east-1a",
"Tags": [],
"Encrypted": false,
"VolumeType": "io1",
"VolumeId": "vol-1234567890abcdef0",
"State": "creating",
"Iops": 1000,
"SnapshotId": "snap-066877671789bd71b",
"CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"Size": 500
}
```
**範例 3:建立加密磁碟區**
下列 `create-volume` 範例使用 EBS 加密的預設 CMK 建立加密磁碟區。如果預設停用加密,您必須指定 `--encrypted` 參數,如下所示。
```
aws ec2 create-volume \
--size 80 \
--encrypted \
--availability-zone us-east-1a
```
輸出:
```
{
"AvailabilityZone": "us-east-1a",
"Tags": [],
"Encrypted": true,
"VolumeType": "gp2",
"VolumeId": "vol-1234567890abcdef0",
"State": "creating",
"Iops": 240,
"SnapshotId": "",
"CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z",
"Size": 80
}
```
如果預設啟用加密,即使沒有 `--encrypted` 參數,下列範例命令也會建立加密的磁碟區。
```
aws ec2 create-volume \
--size 80 \
--availability-zone us-east-1a
```
如果您使用 `--kms-key-id` 參數來指定客戶管理的 CMK,即使預設為啟用加密,您都必須指定 `--encrypted` 參數。
```
aws ec2 create-volume \
--volume-type gp2 \
--size 80 \
--encrypted \
--kms-key-id 0ea3fef3-80a7-4778-9d8c-1c0c6EXAMPLE \
--availability-zone us-east-1a
```
**範例 4:使用標籤建立磁碟區**
下列 `create-volume` 範例會建立磁碟區,並新增兩個標籤。
```
aws ec2 create-volume \
--availability-zone us-east-1a \
--volume-type gp2 \
--size 80 \
--tag-specifications 'ResourceType=volume,Tags=[{Key=purpose,Value=production},{Key=cost-center,Value=cc123}]'
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateVolume](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-volume.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立指定的磁碟區。**
```
New-EC2Volume -Size 50 -AvailabilityZone us-west-2a -VolumeType gp2
```
**輸出:**
```
Attachments : {}
AvailabilityZone : us-west-2a
CreateTime : 12/22/2015 1:42:07 AM
Encrypted : False
Iops : 150
KmsKeyId :
Size : 50
SnapshotId :
State : creating
Tags : {}
VolumeId : vol-12345678
VolumeType : gp2
```
**範例 2:此範例請求會建立磁碟區,並套用具有堆疊索引鍵和生產值的標籤。**
```
$tag = @{ Key="stack"; Value="production" }
$tagspec = new-object Amazon.EC2.Model.TagSpecification
$tagspec.ResourceType = "volume"
$tagspec.Tags.Add($tag)
New-EC2Volume -Size 80 -AvailabilityZone "us-west-2a" -TagSpecification $tagspec
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateVolume](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立指定的磁碟區。**
```
New-EC2Volume -Size 50 -AvailabilityZone us-west-2a -VolumeType gp2
```
**輸出:**
```
Attachments : {}
AvailabilityZone : us-west-2a
CreateTime : 12/22/2015 1:42:07 AM
Encrypted : False
Iops : 150
KmsKeyId :
Size : 50
SnapshotId :
State : creating
Tags : {}
VolumeId : vol-12345678
VolumeType : gp2
```
**範例 2:此範例請求會建立磁碟區,並套用具有堆疊索引鍵和生產值的標籤。**
```
$tag = @{ Key="stack"; Value="production" }
$tagspec = new-object Amazon.EC2.Model.TagSpecification
$tagspec.ResourceType = "volume"
$tagspec.Tags.Add($tag)
New-EC2Volume -Size 80 -AvailabilityZone "us-west-2a" -TagSpecification $tagspec
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateVolume](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `CreateVpc` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `CreateVpc`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
+ [開始使用 Transit Gateway](example_vpc_TransitGatewayGettingStarted_section.md)
+ [開始使用 VPC IPAM](example_vpc_GettingStartedIpam_section.md)
------
#### [ CLI ]
**AWS CLI**
**範例 1:建立 VPC**
以下 `create-vpc` 範例會建立具有指定 IPv4 CIDR 區塊和名稱標籤的 VPC。
```
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--tag-specifications ResourceType=vpc,Tags=[{Key=Name,Value=MyVpc}]
```
輸出:
```
{
"Vpc": {
"CidrBlock": "10.0.0.0/16",
"DhcpOptionsId": "dopt-5EXAMPLE",
"State": "pending",
"VpcId": "vpc-0a60eb65b4EXAMPLE",
"OwnerId": "123456789012",
"InstanceTenancy": "default",
"Ipv6CidrBlockAssociationSet": [],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-07501b79ecEXAMPLE",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false,
"Tags": [
{
"Key": "Name",
"Value": MyVpc"
}
]
}
}
```
**範例 2:建立具有專用租用的 VPC**
以下 `create-vpc` 範例會建立具有指定 IPv4 CIDR 區塊和專用租用的 VPC。
```
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--instance-tenancy dedicated
```
輸出:
```
{
"Vpc": {
"CidrBlock": "10.0.0.0/16",
"DhcpOptionsId": "dopt-19edf471",
"State": "pending",
"VpcId": "vpc-0a53287fa4EXAMPLE",
"OwnerId": "111122223333",
"InstanceTenancy": "dedicated",
"Ipv6CidrBlockAssociationSet": [],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-00b24cc1c2EXAMPLE",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false
}
}
```
**範例 3:建立具有 IPv6 CIDR 區塊的 VPC**
以下 `create-vpc` 範例會建立具有 Amazon 提供之 IPv6 CIDR 區塊的 VPC。
```
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--amazon-provided-ipv6-cidr-block
```
輸出:
```
{
"Vpc": {
"CidrBlock": "10.0.0.0/16",
"DhcpOptionsId": "dopt-dEXAMPLE",
"State": "pending",
"VpcId": "vpc-0fc5e3406bEXAMPLE",
"OwnerId": "123456789012",
"InstanceTenancy": "default",
"Ipv6CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-068432c60bEXAMPLE",
"Ipv6CidrBlock": "",
"Ipv6CidrBlockState": {
"State": "associating"
},
"Ipv6Pool": "Amazon",
"NetworkBorderGroup": "us-west-2"
}
],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-0669f8f9f5EXAMPLE",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false
}
}
```
**範例 4:使用來自 IPAM 集區的 CIDR 建立 VPC**
以下 `create-vpc` 範例會使用來自 Amazon VPC IP 位址管理器 (IPAM) 集區的 CIDR 建立 VPC。
Linux 和 macOS:
```
aws ec2 create-vpc \
--ipv4-ipam-pool-id ipam-pool-0533048da7d823723 \
--tag-specifications ResourceType=vpc,Tags='[{Key=Environment,Value="Preprod"},{Key=Owner,Value="Build Team"}]'
```
Windows:
```
aws ec2 create-vpc ^
--ipv4-ipam-pool-id ipam-pool-0533048da7d823723 ^
--tag-specifications ResourceType=vpc,Tags=[{Key=Environment,Value="Preprod"},{Key=Owner,Value="Build Team"}]
```
輸出:
```
{
"Vpc": {
"CidrBlock": "10.0.1.0/24",
"DhcpOptionsId": "dopt-2afccf50",
"State": "pending",
"VpcId": "vpc-010e1791024eb0af9",
"OwnerId": "123456789012",
"InstanceTenancy": "default",
"Ipv6CidrBlockAssociationSet": [],
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-0a77de1d803226d4b",
"CidrBlock": "10.0.1.0/24",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false,
"Tags": [
{
"Key": "Environment",
"Value": "Preprod"
},
{
"Key": "Owner",
"Value": "Build Team"
}
]
}
}
```
如需詳細資訊,請參閱《*Amazon VPC IPAM 使用者指南*》中的[建立使用 IPAM 集區 CIDR的 VPC](https://docs.aws.amazon.com/vpc/latest/ipam/create-vpc-ipam.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateVpc](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpc.html)。
------
#### [ PHP ]
**適用於 PHP 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples)中設定和執行。
```
/**
* @param string $cidr
* @return array
*/
public function createVpc(string $cidr): array
{
try {
$result = $this->ec2Client->createVpc([
"CidrBlock" => $cidr,
]);
return $result['Vpc'];
}catch(Ec2Exception $caught){
echo "There was a problem creating the VPC: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ 如需 API 詳細資訊,請參閱 *適用於 PHP 的 AWS SDK API 參考*中的 [CreateVpc](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/CreateVpc)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立具有指定 CIDR 的 VPC。Amazon VPC 也會為 VPC 建立下列項目:預設 DHCP 選項集、主要路由表,以及預設網路 ACL。**
```
New-EC2VPC -CidrBlock 10.0.0.0/16
```
**輸出:**
```
CidrBlock : 10.0.0.0/16
DhcpOptionsId : dopt-1a2b3c4d
InstanceTenancy : default
IsDefault : False
State : pending
Tags : {}
VpcId : vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateVpc](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立具有指定 CIDR 的 VPC。Amazon VPC 也會為 VPC 建立下列項目:預設 DHCP 選項集、主要路由表,以及預設網路 ACL。**
```
New-EC2VPC -CidrBlock 10.0.0.0/16
```
**輸出:**
```
CidrBlock : 10.0.0.0/16
DhcpOptionsId : dopt-1a2b3c4d
InstanceTenancy : default
IsDefault : False
State : pending
Tags : {}
VpcId : vpc-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateVpc](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create(self, cidr_block: str) -> str:
"""
Creates a new Amazon VPC with the specified CIDR block.
:param cidr_block: The CIDR block for the new VPC, such as '10.0.0.0/16'.
:return: The ID of the new VPC.
"""
try:
response = self.ec2_client.create_vpc(CidrBlock=cidr_block)
vpc_id = response["Vpc"]["VpcId"]
waiter = self.ec2_client.get_waiter("vpc_available")
waiter.wait(VpcIds=[vpc_id])
return vpc_id
except ClientError as client_error:
logging.error(
"Couldn't create the vpc. Here's why: %s",
client_error.response["Error"]["Message"],
)
raise
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Python (Boto3) API 參考》**中的 [CreateVpc](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateVpc)。
------
#### [ Ruby ]
**SDK for Ruby**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中設定和執行。
```
require 'aws-sdk-ec2'
# Creates a virtual private cloud (VPC) in
# Amazon Virtual Private Cloud (Amazon VPC) and then tags
# the VPC.
#
# @param ec2_resource [Aws::EC2::Resource] An initialized
# Amazon Elastic Compute Cloud (Amazon EC2) resource object.
# @param cidr_block [String] The IPv4 CIDR block for the subnet.
# @param tag_key [String] The key portion of the tag for the VPC.
# @param tag_value [String] The value portion of the tag for the VPC.
# @return [Boolean] true if the VPC was created and tagged;
# otherwise, false.
# @example
# exit 1 unless vpc_created_and_tagged?(
# Aws::EC2::Resource.new(region: 'us-west-2'),
# '10.0.0.0/24',
# 'my-key',
# 'my-value'
# )
def vpc_created_and_tagged?(
ec2_resource,
cidr_block,
tag_key,
tag_value
)
vpc = ec2_resource.create_vpc(cidr_block: cidr_block)
# Create a public DNS by enabling DNS support and DNS hostnames.
vpc.modify_attribute(enable_dns_support: { value: true })
vpc.modify_attribute(enable_dns_hostnames: { value: true })
vpc.create_tags(tags: [{ key: tag_key, value: tag_value }])
puts "Created VPC with ID '#{vpc.id}' and tagged with key " \
"'#{tag_key}' and value '#{tag_value}'."
true
rescue StandardError => e
puts e.message
false
end
# Example usage:
def run_me
cidr_block = ''
tag_key = ''
tag_value = ''
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-create-vpc.rb ' \
'CIDR_BLOCK TAG_KEY TAG_VALUE REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-create-vpc.rb ' \
'10.0.0.0/24 my-key my-value us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
elsif ARGV.count.zero?
cidr_block = '10.0.0.0/24'
tag_key = 'my-key'
tag_value = 'my-value'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
cidr_block = ARGV[0]
tag_key = ARGV[1]
tag_value = ARGV[2]
region = ARGV[3]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
if vpc_created_and_tagged?(
ec2_resource,
cidr_block,
tag_key,
tag_value
)
puts 'VPC created and tagged.'
else
puts 'VPC not created or not tagged.'
end
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 如需 API 詳細資訊,請參閱 *適用於 Ruby 的 AWS SDK API 參考*中的 [CreateVpc](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/CreateVpc)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
" iv_cidr_block = '10.0.0.0/16'
TRY.
oo_result = lo_ec2->createvpc( iv_cidrblock = iv_cidr_block ). " oo_result is returned for testing purposes. "
DATA(lv_vpc_id) = oo_result->get_vpc( )->get_vpcid( ).
MESSAGE 'Created VPC.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 *AWS SAP ABAP 的 SDK API 參考*》中的 [CreateVpc](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `CreateVpcEndpoint` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `CreateVpcEndpoint`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
------
#### [ CLI ]
**AWS CLI**
**範例 1:建立閘道端點**
下列 `create-vpc-endpoint` 範例會在 `us-east-1` 區域中的 VPC `vpc-1a2b3c4d` 和 Amazon S3 之間建立閘道 VPC 端點,並將路由表 `rtb-11aa22bb` 與端點相關聯。
```
aws ec2 create-vpc-endpoint \
--vpc-id vpc-1a2b3c4d \
--service-name com.amazonaws.us-east-1.s3 \
--route-table-ids rtb-11aa22bb
```
輸出:
```
{
"VpcEndpoint": {
"PolicyDocument": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"\*\",\"Action\":\"\*\",\"Resource\":\"\*\"}]}",
"VpcId": "vpc-1a2b3c4d",
"State": "available",
"ServiceName": "com.amazonaws.us-east-1.s3",
"RouteTableIds": [
"rtb-11aa22bb"
],
"VpcEndpointId": "vpc-1a2b3c4d",
"CreationTimestamp": "2015-05-15T09:40:50Z"
}
}
```
如需詳細資訊,請參閱《AWS PrivateLink 使用者指南》**中的[建立閘道端點](https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html#create-gateway-endpoint-s3)。
**範例 2:建立介面端點**
下列 `create-vpc-endpoint` 範例會在 `us-east-1` 區域中的 VPC `vpc-1a2b3c4d` 和 Amazon S3 之間,建立介面 VPC 端點。命令會在子網路 `subnet-1a2b3c4d` 中建立端點,將其與安全群組 `sg-1a2b3c4d` 相關聯,並新增具有索引鍵 "Service" 和值 "S3" 的標籤。
```
aws ec2 create-vpc-endpoint \
--vpc-id vpc-1a2b3c4d \
--vpc-endpoint-type Interface \
--service-name com.amazonaws.us-east-1.s3 \
--subnet-ids subnet-7b16de0c \
--security-group-id sg-1a2b3c4d \
--tag-specifications ResourceType=vpc-endpoint,Tags=[{Key=service,Value=S3}]
```
輸出:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-1a2b3c4d5e6f1a2b3",
"VpcEndpointType": "Interface",
"VpcId": "vpc-1a2b3c4d",
"ServiceName": "com.amazonaws.us-east-1.s3",
"State": "pending",
"RouteTableIds": [],
"SubnetIds": [
"subnet-1a2b3c4d"
],
"Groups": [
{
"GroupId": "sg-1a2b3c4d",
"GroupName": "default"
}
],
"PrivateDnsEnabled": false,
"RequesterManaged": false,
"NetworkInterfaceIds": [
"eni-0b16f0581c8ac6877"
],
"DnsEntries": [
{
"DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg.s3.us-east-1.vpce.amazonaws.com",
"HostedZoneId": "Z7HUB22UULQXV"
},
{
"DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg-us-east-1c.s3.us-east-1.vpce.amazonaws.com",
"HostedZoneId": "Z7HUB22UULQXV"
}
],
"CreationTimestamp": "2021-03-05T14:46:16.030000+00:00",
"Tags": [
{
"Key": "service",
"Value": "S3"
}
],
"OwnerId": "123456789012"
}
}
```
如需詳細資訊,請參閱《*AWS PrivateLink 使用者指南*》中的[建立介面 VPC 端點](https://docs.aws.amazon.com/vpc/latest/privatelink/create-interface-endpoint.html)。
**步驟 3:建立 Gateway Load Balancer 端點**
下列 `create-vpc-endpoint` 範例會在 VPC `vpc-111122223333aabbc` 和使用 Gateway Load Balancer 設定的服務之間,建立 Gateway Load Balancer 端點。
```
aws ec2 create-vpc-endpoint \
--service-name com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123 \
--vpc-endpoint-type GatewayLoadBalancer \
--vpc-id vpc-111122223333aabbc \
--subnet-ids subnet-0011aabbcc2233445
```
輸出:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-aabbaabbaabbaabba",
"VpcEndpointType": "GatewayLoadBalancer",
"VpcId": "vpc-111122223333aabbc",
"ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123",
"State": "pending",
"SubnetIds": [
"subnet-0011aabbcc2233445"
],
"RequesterManaged": false,
"NetworkInterfaceIds": [
"eni-01010120203030405"
],
"CreationTimestamp": "2020-11-11T08:06:03.522Z",
"OwnerId": "123456789012"
}
}
```
如需詳細資訊,請參閱《AWS PrivateLink 使用者指南》**中的 [Gateway Load Balancer 端點](https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-load-balancer-endpoints.html)。
**範例 4:建立資源端點**
以下 `create-vpc-endpoint` 範例會建立資源端點。
```
aws ec2 create-vpc-endpoint \
--vpc-endpoint-type Resource \
--vpc-id vpc-111122223333aabbc \
--subnet-ids subnet-0011aabbcc2233445 \
--resource-configuration-arn arn:aws:vpc-lattice-us-east-1:123456789012:resourceconfiguration/rcfg-0123abcde98765432
```
輸出:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-00939a7ed9EXAMPLE",
"VpcEndpointType": "Resource",
"VpcId": "vpc-111122223333aabbc",
"State": "Pending",
"SubnetIds": [
"subnet-0011aabbcc2233445"
],
"Groups": [
{
"GroupId": "sg-03e2f15fbfc09b000",
"GroupName": "default"
}
],
"IpAddressType": "IPV4",
"PrivateDnsEnabled": false,
"CreationTimestamp": "2025-02-06T23:38:49.525000+00:00",
"Tags": [],
"OwnerId": "123456789012",
"ResourceConfigurationArn": "arn:aws:vpc-lattice:us-east-1:123456789012:resourceconfiguration/rcfg-0123abcde98765432"
}
}
```
如需詳細資訊,請參閱《AWS PrivateLink 使用者指南》**中的[資源端點](https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-resources.html)。
**範例 5:建立服務網路端點**
下列 `create-vpc-endpoint` 範例會建立服務網路端點。
```
aws ec2 create-vpc-endpoint \
--vpc-endpoint-type ServiceNetwork \
--vpc-id vpc-111122223333aabbc \
--subnet-ids subnet-0011aabbcc2233445 \
--service-network-arn arn:aws:vpc-lattice:us-east-1:123456789012:servicenetwork/sn-0101abcd5432abcd0 \
--security-group-ids sg-0123456789012abcd
```
輸出:
```
{
"VpcEndpoint": {
"VpcEndpointId": "vpce-0f00567fa8EXAMPLE",
"VpcEndpointType": "ServiceNetwork",
"VpcId": "vpc-111122223333aabbc",
"State": "Pending",
"SubnetIds": [
"subnet-0011aabbcc2233445"
],
"Groups": [
{
"GroupId": "sg-0123456789012abcd",
"GroupName": "my-security-group"
}
],
"IpAddressType": "IPV4",
"PrivateDnsEnabled": false,
"CreationTimestamp": "2025-02-06T23:44:20.449000+00:00",
"Tags": [],
"OwnerId": "123456789012",
"ServiceNetworkArn": "arn:aws:vpc-lattice:us-east-1:123456789012:servicenetwork/sn-0101abcd5432abcd0"
}
}
```
如需詳細資訊,請參閱《AWS PrivateLink 使用者指南》**中的[服務網路端點](https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-service-networks.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateVpcEndpoint](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpc-endpoint.html)。
------
#### [ PHP ]
**適用於 PHP 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples)中設定和執行。
```
/**
* @param string $serviceName
* @param string $vpcId
* @param array $routeTableIds
* @return array
*/
public function createVpcEndpoint(string $serviceName, string $vpcId, array $routeTableIds): array
{
try {
$result = $this->ec2Client->createVpcEndpoint([
'ServiceName' => $serviceName,
'VpcId' => $vpcId,
'RouteTableIds' => $routeTableIds,
]);
return $result["VpcEndpoint"];
} catch(Ec2Exception $caught){
echo "There was a problem creating the VPC Endpoint: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 PHP 的 AWS SDK API 參考》**中的 [CreateVpcEndpoint](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/CreateVpcEndpoint)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會在 VPC vpc-0fc1ff23f45b678eb 中為服務 com.amazonaws.eu-west-1.s3 建立新的 VPC 端點**
```
New-EC2VpcEndpoint -ServiceName com.amazonaws.eu-west-1.s3 -VpcId vpc-0fc1ff23f45b678eb
```
**輸出:**
```
ClientToken VpcEndpoint
----------- -----------
Amazon.EC2.Model.VpcEndpoint
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateVpcEndpoint](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會在 VPC vpc-0fc1ff23f45b678eb 中為服務 com.amazonaws.eu-west-1.s3 建立新的 VPC 端點**
```
New-EC2VpcEndpoint -ServiceName com.amazonaws.eu-west-1.s3 -VpcId vpc-0fc1ff23f45b678eb
```
**輸出:**
```
ClientToken VpcEndpoint
----------- -----------
Amazon.EC2.Model.VpcEndpoint
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateVpcEndpoint](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def create_vpc_endpoint(
self, vpc_id: str, service_name: str, route_table_ids: list[str]
) -> Dict[str, Any]:
"""
Creates a new VPC endpoint for the specified service and associates it with the specified route tables.
:param vpc_id: The ID of the VPC to create the endpoint in.
:param service_name: The name of the service to create the endpoint for.
:param route_table_ids: A list of IDs of the route tables to associate with the endpoint.
:return: A dictionary representing the newly created VPC endpoint.
"""
try:
response = self.ec2_client.create_vpc_endpoint(
VpcId=vpc_id,
ServiceName=service_name,
RouteTableIds=route_table_ids,
)
return response["VpcEndpoint"]
except ClientError as err:
logger.error(
"Couldn't create VPC endpoint for service %s. Here's why: %s: %s",
service_name,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Python (Boto3) API 參考》**中的 [CreateVpcEndpoint](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/CreateVpcEndpoint)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
" iv_vpc_id = 'vpc-abc123'
" iv_service_name = 'com.amazonaws.region.service'
TRY.
oo_result = lo_ec2->createvpcendpoint( " oo_result is returned for testing purposes. "
iv_vpcid = iv_vpc_id
iv_servicename = iv_service_name
it_routetableids = it_route_table_ids ).
DATA(lv_vpc_endpoint_id) = oo_result->get_vpcendpoint( )->get_vpcendpointid( ).
MESSAGE 'Created VPC endpoint.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 *AWS SAP ABAP 的 SDK API 參考*》中的 [CreateVpcEndpoint](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateVpnConnection` 與 CLI
下列程式碼範例示範如何使用 `CreateVpnConnection`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:使用動態路由建立 VPN 連線**
下列 `create-vpn-connection` 範例會在指定的虛擬私有閘道與指定的客戶閘道之間建立 VPN 連線,並將標籤套用至 VPN 連線。輸出包含客戶閘道裝置的組態資訊,格式為 XML。
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--customer-gateway-id cgw-001122334455aabbc \
--vpn-gateway-id vgw-1a1a1a1a1a1a2b2b2 \
--tag-specification 'ResourceType=vpn-connection,Tags=[{Key=Name,Value=BGP-VPN}]'
```
輸出:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "...configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-123123123123abcab",
"VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": false,
"LocalIpv4NetworkCidr": "0.0.0.0/0",
"RemoteIpv4NetworkCidr": "0.0.0.0/0",
"TunnelInsideIpVersion": "ipv4",
"TunnelOptions": [
{},
{}
]
},
"Routes": [],
"Tags": [
{
"Key": "Name",
"Value": "BGP-VPN"
}
]
}
}
```
如需詳細資訊,請參閱[AWS 《 Site-to-Site VPN 使用者指南》中的 HowSite-to-Site VPN 運作](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html)。 *AWS Site-to-Site *
**範例 2:使用靜態路由建立 VPN 連線**
下列 `create-vpn-connection` 範例會在指定的虛擬私有閘道與指定的客戶閘道之間建立 VPN 連線。選項指定靜態路由。輸出包含客戶閘道裝置的組態資訊,格式為 XML。
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--customer-gateway-id cgw-001122334455aabbc \
--vpn-gateway-id vgw-1a1a1a1a1a1a2b2b2 \
--options "{\"StaticRoutesOnly\":true}"
```
輸出:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "..configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-123123123123abcab",
"VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": true,
"LocalIpv4NetworkCidr": "0.0.0.0/0",
"RemoteIpv4NetworkCidr": "0.0.0.0/0",
"TunnelInsideIpVersion": "ipv4",
"TunnelOptions": [
{},
{}
]
},
"Routes": [],
"Tags": []
}
}
```
如需詳細資訊,請參閱[AWS 《 Site-to-Site VPN 使用者指南》中的 HowSite-to-Site VPN 運作](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html)。 *AWS Site-to-Site *
**範例 3:建立 VPN 連線,並指定您自己內部的 CIDR 和預先共享金鑰**
下列 `create-vpn-connection` 範例會建立 VPN 連線,並指定每個通道的內部 IP 位址 CIDR 區塊,和自訂預先共享金鑰。指定的值會在 `CustomerGatewayConfiguration` 資訊中傳回。
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--customer-gateway-id cgw-001122334455aabbc \
--vpn-gateway-id vgw-1a1a1a1a1a1a2b2b2 \
--options TunnelOptions='[{TunnelInsideCidr=169.254.12.0/30,PreSharedKey=ExamplePreSharedKey1},{TunnelInsideCidr=169.254.13.0/30,PreSharedKey=ExamplePreSharedKey2}]'
```
輸出:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "..configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-123123123123abcab",
"VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": false,
"LocalIpv4NetworkCidr": "0.0.0.0/0",
"RemoteIpv4NetworkCidr": "0.0.0.0/0",
"TunnelInsideIpVersion": "ipv4",
"TunnelOptions": [
{
"OutsideIpAddress": "203.0.113.3",
"TunnelInsideCidr": "169.254.12.0/30",
"PreSharedKey": "ExamplePreSharedKey1"
},
{
"OutsideIpAddress": "203.0.113.5",
"TunnelInsideCidr": "169.254.13.0/30",
"PreSharedKey": "ExamplePreSharedKey2"
}
]
},
"Routes": [],
"Tags": []
}
}
```
如需詳細資訊,請參閱[AWS 《 Site-to-Site VPN 使用者指南》中的 HowSite-to-Site VPN 運作](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html)。 *AWS Site-to-Site *
**範例 4:建立支援 IPv6 流量的 VPN 連線**
下列 `create-vpn-connection` 範例會建立 VPN 連線,以支援指定傳輸閘道與指定客戶閘道之間的 IPv6 流量。兩個通道的通道選項會指定 AWS 必須啟動 IKE 交涉。
```
aws ec2 create-vpn-connection \
--type ipsec.1 \
--transit-gateway-id tgw-12312312312312312 \
--customer-gateway-id cgw-001122334455aabbc \
--options TunnelInsideIpVersion=ipv6,TunnelOptions=[{StartupAction=start},{StartupAction=start}]
```
輸出:
```
{
"VpnConnection": {
"CustomerGatewayConfiguration": "..configuration information...",
"CustomerGatewayId": "cgw-001122334455aabbc",
"Category": "VPN",
"State": "pending",
"VpnConnectionId": "vpn-11111111122222222",
"TransitGatewayId": "tgw-12312312312312312",
"Options": {
"EnableAcceleration": false,
"StaticRoutesOnly": false,
"LocalIpv6NetworkCidr": "::/0",
"RemoteIpv6NetworkCidr": "::/0",
"TunnelInsideIpVersion": "ipv6",
"TunnelOptions": [
{
"OutsideIpAddress": "203.0.113.3",
"StartupAction": "start"
},
{
"OutsideIpAddress": "203.0.113.5",
"StartupAction": "start"
}
]
},
"Routes": [],
"Tags": []
}
}
```
如需詳細資訊,請參閱[AWS 《 Site-to-Site VPN 使用者指南》中的 HowSite-to-Site VPN 運作](https://docs.aws.amazon.com/vpn/latest/s2svpn/how_it_works.html)。 *AWS Site-to-Site *
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateVpnConnection](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpn-connection.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會在指定的虛擬私有閘道與指定的客戶閘道之間建立 VPN 連線。輸出包含網路管理員所需的 XML 格式組態資訊。**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d
```
**輸出:**
```
CustomerGatewayConfiguration : [XML document]
CustomerGatewayId : cgw-1a2b3c4d
Options :
Routes : {}
State : pending
Tags : {}
Type :
VgwTelemetry : {}
VpnConnectionId : vpn-12345678
VpnGatewayId : vgw-1a2b3c4d
```
**範例 2:此範例會建立 VPN 連線,並在具有指定名稱的檔案中擷取組態。**
```
(New-EC2VpnConnection -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d).CustomerGatewayConfiguration | Out-File C:\path\vpn-configuration.xml
```
**範例 3:此範例會在指定的虛擬私有閘道與指定的客戶閘道之間,建立具有靜態路由的 VPN 連線。**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d -Options_StaticRoutesOnly $true
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateVpnConnection](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會在指定的虛擬私有閘道與指定的客戶閘道之間建立 VPN 連線。輸出包含網路管理員所需的 XML 格式組態資訊。**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d
```
**輸出:**
```
CustomerGatewayConfiguration : [XML document]
CustomerGatewayId : cgw-1a2b3c4d
Options :
Routes : {}
State : pending
Tags : {}
Type :
VgwTelemetry : {}
VpnConnectionId : vpn-12345678
VpnGatewayId : vgw-1a2b3c4d
```
**範例 2:此範例會建立 VPN 連線,並在具有指定名稱的檔案中擷取組態。**
```
(New-EC2VpnConnection -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d).CustomerGatewayConfiguration | Out-File C:\path\vpn-configuration.xml
```
**範例 3:此範例會在指定的虛擬私有閘道與指定的客戶閘道之間,建立具有靜態路由的 VPN 連線。**
```
New-EC2VpnConnection -Type ipsec.1 -CustomerGatewayId cgw-1a2b3c4d -VpnGatewayId vgw-1a2b3c4d -Options_StaticRoutesOnly $true
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateVpnConnection](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateVpnConnectionRoute` 與 CLI
下列程式碼範例示範如何使用 `CreateVpnConnectionRoute`。
------
#### [ CLI ]
**AWS CLI**
**為 VPN 連線建立靜態路由**
此範例會為指定的 VPN 連線建立靜態路由。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 create-vpn-connection-route --vpn-connection-id vpn-40f41529 --destination-cidr-block 11.12.0.0/16
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateVpnConnectionRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpn-connection-route.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會為指定的 VPN 連接建立指定的靜態路由。**
```
New-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會為指定的 VPN 連接建立指定的靜態路由。**
```
New-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `CreateVpnGateway` 與 CLI
下列程式碼範例示範如何使用 `CreateVpnGateway`。
------
#### [ CLI ]
**AWS CLI**
**建立虛擬私有閘道**
此範例會建立虛擬私有閘道。
命令:
```
aws ec2 create-vpn-gateway --type ipsec.1
```
輸出:
```
{
"VpnGateway": {
"AmazonSideAsn": 64512,
"State": "available",
"Type": "ipsec.1",
"VpnGatewayId": "vgw-9a4cacf3",
"VpcAttachments": []
}
}
```
**使用特定 Amazon 端 ASN 建立虛擬私有閘道**
此範例會建立虛擬私有閘道,並指定 BGP 工作階段之 Amazon 端的自治系統編號 (ASN)。
命令:
```
aws ec2 create-vpn-gateway --type ipsec.1 --amazon-side-asn 65001
```
輸出:
```
{
"VpnGateway": {
"AmazonSideAsn": 65001,
"State": "available",
"Type": "ipsec.1",
"VpnGatewayId": "vgw-9a4cacf3",
"VpcAttachments": []
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateVpnGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpn-gateway.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會建立指定的虛擬私有閘道。**
```
New-EC2VpnGateway -Type ipsec.1
```
**輸出:**
```
AvailabilityZone :
State : available
Tags : {}
Type : ipsec.1
VpcAttachments : {}
VpnGatewayId : vgw-1a2b3c4d
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [CreateVpnGateway](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會建立指定的虛擬私有閘道。**
```
New-EC2VpnGateway -Type ipsec.1
```
**輸出:**
```
AvailabilityZone :
State : available
Tags : {}
Type : ipsec.1
VpcAttachments : {}
VpnGatewayId : vgw-1a2b3c4d
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [CreateVpnGateway](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteCustomerGateway` 與 CLI
下列程式碼範例示範如何使用 `DeleteCustomerGateway`。
------
#### [ CLI ]
**AWS CLI**
**刪除客戶閘道**
此範例會刪除指定的客戶閘道。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-customer-gateway --customer-gateway-id cgw-0e11f167
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteCustomerGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-customer-gateway.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的客戶閘道。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2CustomerGateway (DeleteCustomerGateway)" on Target "cgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteCustomerGateway](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的客戶閘道。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2CustomerGateway (DeleteCustomerGateway)" on Target "cgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteCustomerGateway](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteDhcpOptions` 與 CLI
下列程式碼範例示範如何使用 `DeleteDhcpOptions`。
------
#### [ CLI ]
**AWS CLI**
**刪除 DHCP 選項集**
此範例會刪除指定的 DHCP 選項集。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-dhcp-options --dhcp-options-id dopt-d9070ebb
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-dhcp-options.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的 DHCP 選項集。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2DhcpOption (DeleteDhcpOptions)" on Target "dopt-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的 DHCP 選項集。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2DhcpOption (DeleteDhcpOptions)" on Target "dopt-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteFlowLogs` 與 CLI
下列程式碼範例示範如何使用 `DeleteFlowLogs`。
------
#### [ CLI ]
**AWS CLI**
**刪除流量日誌**
以下 `delete-flow-logs` 範例會刪除指定的流量日誌。
```
aws ec2 delete-flow-logs --flow-log-id fl-11223344556677889
```
輸出:
```
{
"Unsuccessful": []
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteFlowLogs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-flow-logs.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會移除給定的 FlowLogId fl-01a2b3456a789c01**
```
Remove-EC2FlowLog -FlowLogId fl-01a2b3456a789c01
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2FlowLog (DeleteFlowLogs)" on target "fl-01a2b3456a789c01".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Y
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteFlowLogs](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會移除給定的 FlowLogId fl-01a2b3456a789c01**
```
Remove-EC2FlowLog -FlowLogId fl-01a2b3456a789c01
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2FlowLog (DeleteFlowLogs)" on target "fl-01a2b3456a789c01".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Y
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteInternetGateway` 與 CLI
下列程式碼範例示範如何使用 `DeleteInternetGateway`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**刪除網際網路閘道**
以下 `delete-internet-gateway` 範例會刪除指定的網際網路閘道。
```
aws ec2 delete-internet-gateway \
--internet-gateway-id igw-0d0fb496b3EXAMPLE
```
此命令不會產生輸出。
如需詳細資訊,請參閱《Amazon VPC 使用者指南》**中的[網際網路閘道](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteInternetGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-internet-gateway.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的網際網路閘道。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2InternetGateway (DeleteInternetGateway)" on Target "igw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteInternetGateway](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的網際網路閘道。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2InternetGateway (DeleteInternetGateway)" on Target "igw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteInternetGateway](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DeleteKeyPair` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DeleteKeyPair`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中設定和執行。
```
///
/// Delete an Amazon EC2 key pair.
///
/// The name of the key pair to delete.
/// A Boolean value indicating the success of the action.
public async Task DeleteKeyPair(string keyPairName)
{
try
{
await _amazonEC2.DeleteKeyPairAsync(new DeleteKeyPairRequest(keyPairName)).ConfigureAwait(false);
return true;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidKeyPair.NotFound")
{
_logger.LogError($"KeyPair {keyPairName} does not exist and cannot be deleted. Please verify the key pair name and try again.");
}
return false;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't delete the key pair because: {ex.Message}");
return false;
}
}
///
/// Delete the temporary file where the key pair information was saved.
///
/// The path to the temporary file.
public void DeleteTempFile(string tempFileName)
{
if (File.Exists(tempFileName))
{
File.Delete(tempFileName);
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [DeleteKeyPair](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DeleteKeyPair)。
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# function ec2_delete_keypair
#
# This function deletes an Amazon EC2 ED25519 or 2048-bit RSA key pair.
#
# Parameters:
# -n key_pair_name - A key pair name.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_delete_keypair() {
local key_pair_name response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_delete_keypair"
echo "Deletes an Amazon EC2 ED25519 or 2048-bit RSA key pair."
echo " -n key_pair_name - A key pair name."
echo ""
}
# Retrieve the calling parameters.
while getopts "n:h" option; do
case "${option}" in
n) key_pair_name="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$key_pair_name" ]]; then
errecho "ERROR: You must provide a key pair name with the -n parameter."
usage
return 1
fi
response=$(aws ec2 delete-key-pair \
--key-name "$key_pair_name") || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports delete-key-pair operation failed.$response"
return 1
}
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteKeyPair](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DeleteKeyPair)。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! Delete an Amazon Elastic Compute Cloud (Amazon EC2) instance key pair.
/*!
\param keyPairName: A name for a key pair.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::deleteKeyPair(const Aws::String &keyPairName,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DeleteKeyPairRequest request;
request.SetKeyName(keyPairName);
const Aws::EC2::Model::DeleteKeyPairOutcome outcome = ec2Client.DeleteKeyPair(
request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to delete key pair " << keyPairName <<
":" << outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully deleted key pair named " << keyPairName <<
std::endl;
}
return outcome.IsSuccess();
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [DeleteKeyPair](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DeleteKeyPair)。
------
#### [ CLI ]
**AWS CLI**
**刪除金鑰對**
以下 `delete-key-pair` 範例會刪除指定的金鑰對。
```
aws ec2 delete-key-pair \
--key-name my-key-pair
```
輸出:
```
{
"Return": true,
"KeyPairId": "key-03c8d3aceb53b507"
}
```
如需詳細資訊,請參閱《*AWS Command Line Interface 使用者指南*》中的[建立和刪除金鑰對](https://docs.aws.amazon.com/cli/latest/userguide/cli-ec2-keypairs.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteKeyPair](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-key-pair.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中設定和執行。
```
/**
* Deletes a key pair asynchronously.
*
* @param keyPair the name of the key pair to delete
* @return a {@link CompletableFuture} that represents the result of the asynchronous operation.
* The {@link CompletableFuture} will complete with a {@link DeleteKeyPairResponse} object
* that provides the result of the key pair deletion operation.
*/
public CompletableFuture deleteKeysAsync(String keyPair) {
DeleteKeyPairRequest request = DeleteKeyPairRequest.builder()
.keyName(keyPair)
.build();
// Initiate the asynchronous request to delete the key pair.
CompletableFuture response = getAsyncClient().deleteKeyPair(request);
return response.whenComplete((resp, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to delete key pair: " + keyPair, ex);
} else if (resp == null) {
throw new RuntimeException("No response received for deleting key pair: " + keyPair);
}
});
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [DeleteKeyPair](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteKeyPair)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { DeleteKeyPairCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Deletes the specified key pair, by removing the public key from Amazon EC2.
* @param {{ keyName: string }} options
*/
export const main = async ({ keyName }) => {
const client = new EC2Client({});
const command = new DeleteKeyPairCommand({
KeyName: keyName,
});
try {
await client.send(command);
console.log("Successfully deleted key pair.");
} catch (caught) {
if (caught instanceof Error && caught.name === "MissingParameter") {
console.warn(`${caught.message}. Did you provide the required value?`);
} else {
throw caught;
}
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [DeleteKeyPair](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteKeyPairCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
suspend fun deleteKeys(keyPair: String?) {
val request =
DeleteKeyPairRequest {
keyName = keyPair
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteKeyPair(request)
println("Successfully deleted key pair named $keyPair")
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Kotlin 的 AWS SDK API 參考》**中的 [DeleteKeyPair](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的金鑰對。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2KeyPair -KeyName my-key-pair
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2KeyPair (DeleteKeyPair)" on Target "my-key-pair".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteKeyPair](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的金鑰對。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2KeyPair -KeyName my-key-pair
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2KeyPair (DeleteKeyPair)" on Target "my-key-pair".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteKeyPair](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def delete(self, key_name: str) -> bool:
"""
Deletes a key pair by its name.
:param key_name: The name of the key pair to delete.
:return: A boolean indicating whether the deletion was successful.
:raises ClientError: If there is an error in deleting the key pair, for example,
if the key pair does not exist.
"""
try:
self.ec2_client.delete_key_pair(KeyName=key_name)
logger.info(f"Successfully deleted key pair: {key_name}")
self.key_pair = None
return True
except self.ec2_client.exceptions.ClientError as err:
logger.error(f"Deletion failed for key pair: {key_name}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidKeyPair.NotFound":
logger.error(
f"The key pair '{key_name}' does not exist and cannot be deleted. "
"Please verify the key pair name and try again."
)
raise
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的 AWS SDK API 參考》**中的 [DeleteKeyPair](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteKeyPair)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
包裝 delete\$1key 的函式也會移除後備私有 PEM 金鑰。
```
pub async fn delete(self, ec2: &EC2, util: &Util) -> Result<(), EC2Error> {
if let Some(key_name) = self.key_pair.key_name() {
ec2.delete_key_pair(key_name).await?;
if let Some(key_path) = self.key_file_path() {
if let Err(err) = util.remove(key_path) {
eprintln!("Failed to remove {key_path:?} ({err:?})");
}
}
}
Ok(())
}
```
```
pub async fn delete_key_pair(&self, key_name: &str) -> Result<(), EC2Error> {
let key_name: String = key_name.into();
tracing::info!("Deleting key pair {key_name}");
self.client
.delete_key_pair()
.key_name(key_name)
.send()
.await?;
Ok(())
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [DeleteKeyPair](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_key_pair)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
lo_ec2->deletekeypair( iv_keyname = iv_key_name ).
MESSAGE 'Amazon EC2 key pair deleted.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 SAP ABAP 的 AWS SDK API 參考》**中的 [DeleteKeyPair](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
```
import AWSEC2
/// Delete an EC2 key pair.
///
/// - Parameter keyPair: The name of the key pair to delete.
///
/// - Returns: `true` if the key pair is deleted successfully; otherwise
/// `false`.
func deleteKeyPair(keyPair: String) async -> Bool {
do {
_ = try await ec2Client.deleteKeyPair(
input: DeleteKeyPairInput(
keyName: keyPair
)
)
return true
} catch {
print("*** Error deleting the key pair: \(error.localizedDescription)")
return false
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Swift 的 AWS SDK API 參考》**中的 [DeleteKeyPair](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletekeypair(input:))。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DeleteLaunchTemplate` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DeleteLaunchTemplate`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建置及管理彈性服務](example_cross_ResilientService_section.md)
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples)中設定和執行。
```
///
/// Delete a launch template by name.
///
/// The name of the template to delete.
/// Async task.
public async Task DeleteTemplateByName(string templateName)
{
try
{
await _amazonEc2.DeleteLaunchTemplateAsync(
new DeleteLaunchTemplateRequest()
{
LaunchTemplateName = templateName
});
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidLaunchTemplateName.NotFoundException")
{
_logger.LogError(
$"Could not delete the template, the name {_launchTemplateName} was not found.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while deleting the template.: {ex.Message}");
throw;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [DeleteLaunchTemplate](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DeleteLaunchTemplate)。
------
#### [ CLI ]
**AWS CLI**
**刪除啟動範本**
此範例會刪除指定的啟動範本。
命令:
```
aws ec2 delete-launch-template --launch-template-id lt-0abcd290751193123
```
輸出:
```
{
"LaunchTemplate": {
"LatestVersionNumber": 2,
"LaunchTemplateId": "lt-0abcd290751193123",
"LaunchTemplateName": "TestTemplate",
"DefaultVersionNumber": 2,
"CreatedBy": "arn:aws:iam::123456789012:root",
"CreateTime": "2017-11-23T16:46:25.000Z"
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteLaunchTemplate](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-launch-template.html)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cross-services/wkflw-resilient-service#code-examples)中設定和執行。
```
await client.send(
new DeleteLaunchTemplateCommand({
LaunchTemplateName: NAMES.launchTemplateName,
}),
);
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [DeleteLaunchTemplate](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteLaunchTemplateCommand)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def delete_template(self):
"""
Deletes a launch template.
"""
try:
self.ec2_client.delete_launch_template(
LaunchTemplateName=self.launch_template_name
)
self.delete_instance_profile(
self.instance_profile_name, self.instance_role_name
)
log.info("Launch template %s deleted.", self.launch_template_name)
except ClientError as err:
if (
err.response["Error"]["Code"]
== "InvalidLaunchTemplateName.NotFoundException"
):
log.info(
"Launch template %s does not exist, nothing to do.",
self.launch_template_name,
)
log.error(f"Full error:\n\t{err}")
```
+ 如需 API 詳細資訊,請參閱《*適用於 Python (Boto3) 的AWS SDK API 參考*》中的 [DeleteLaunchTemplate](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteLaunchTemplate)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteNetworkAcl` 與 CLI
下列程式碼範例示範如何使用 `DeleteNetworkAcl`。
------
#### [ CLI ]
**AWS CLI**
**刪除網路 ACL**
此範例刪除指定的網路 ACL。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-network-acl --network-acl-id acl-5fb85d36
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteNetworkAcl](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-network-acl.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的網路 ACL。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2NetworkAcl -NetworkAclId acl-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAcl (DeleteNetworkAcl)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteNetworkAcl](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的網路 ACL。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2NetworkAcl -NetworkAclId acl-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAcl (DeleteNetworkAcl)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteNetworkAcl](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteNetworkAclEntry` 與 CLI
下列程式碼範例示範如何使用 `DeleteNetworkAclEntry`。
------
#### [ CLI ]
**AWS CLI**
**刪除網路 ACL 輸入項**
此範例從指定的網路 ACL 刪除輸入規則編號 100。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 100
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteNetworkAclEntry](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-network-acl-entry.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會從指定的網路 ACL 移除指定的規則。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAclEntry (DeleteNetworkAclEntry)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteNetworkAclEntry](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會從指定的網路 ACL 移除指定的規則。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2NetworkAclEntry -NetworkAclId acl-12345678 -Egress $false -RuleNumber 100
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkAclEntry (DeleteNetworkAclEntry)" on Target "acl-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteNetworkAclEntry](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteNetworkInterface` 與 CLI
下列程式碼範例示範如何使用 `DeleteNetworkInterface`。
------
#### [ CLI ]
**AWS CLI**
**刪除網路介面**
此範例會刪除指定的網路介面。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-network-interface --network-interface-id eni-e5aa89a3
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteNetworkInterface](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-network-interface.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的網路介面。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2NetworkInterface -NetworkInterfaceId eni-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkInterface (DeleteNetworkInterface)" on Target "eni-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteNetworkInterface](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的網路介面。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2NetworkInterface -NetworkInterfaceId eni-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2NetworkInterface (DeleteNetworkInterface)" on Target "eni-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteNetworkInterface](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeletePlacementGroup` 與 CLI
下列程式碼範例示範如何使用 `DeletePlacementGroup`。
------
#### [ CLI ]
**AWS CLI**
**刪除置放群組**
此範例命令會刪除指定的置放群組。
命令:
```
aws ec2 delete-placement-group --group-name my-cluster
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeletePlacementGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-placement-group.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的置放群組。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2PlacementGroup -GroupName my-placement-group
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2PlacementGroup (DeletePlacementGroup)" on Target "my-placement-group".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeletePlacementGroup](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的置放群組。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2PlacementGroup -GroupName my-placement-group
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2PlacementGroup (DeletePlacementGroup)" on Target "my-placement-group".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeletePlacementGroup](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteRoute` 與 CLI
下列程式碼範例示範如何使用 `DeleteRoute`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [開始使用 Transit Gateway](example_vpc_TransitGatewayGettingStarted_section.md)
------
#### [ CLI ]
**AWS CLI**
**刪除路由**
此範例會刪除指定之路由表的指定路由。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-route --route-table-id rtb-22574640 --destination-cidr-block 0.0.0.0/0
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-route.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會從指定的路由表刪除指定的路由。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Route (DeleteRoute)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteRoute](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會從指定的路由表刪除指定的路由。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2Route -RouteTableId rtb-1a2b3c4d -DestinationCidrBlock 0.0.0.0/0
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Route (DeleteRoute)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteRoute](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteRouteTable` 與 CLI
下列程式碼範例示範如何使用 `DeleteRouteTable`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**刪除路由表**
此範例會刪除指定的路由表。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-route-table --route-table-id rtb-22574640
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteRouteTable](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-route-table.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的路由表。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2RouteTable -RouteTableId rtb-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2RouteTable (DeleteRouteTable)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteRouteTable](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的路由表。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2RouteTable -RouteTableId rtb-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2RouteTable (DeleteRouteTable)" on Target "rtb-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteRouteTable](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DeleteSecurityGroup` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DeleteSecurityGroup`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中設定和執行。
```
///
/// Delete an Amazon EC2 security group.
///
/// The name of the group to delete.
/// A Boolean value indicating the success of the action.
public async Task DeleteSecurityGroup(string groupId)
{
try
{
var response =
await _amazonEC2.DeleteSecurityGroupAsync(
new DeleteSecurityGroupRequest { GroupId = groupId });
return response.HttpStatusCode == HttpStatusCode.OK;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidGroup.NotFound")
{
_logger.LogError(
$"Security Group {groupId} does not exist and cannot be deleted. Please verify the ID and try again.");
}
return false;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't delete the security group because: {ex.Message}");
return false;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DeleteSecurityGroup)。
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# function ec2_delete_security_group
#
# This function deletes an Amazon Elastic Compute Cloud (Amazon EC2) security group.
#
# Parameters:
# -i security_group_id - The ID of the security group to delete.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_delete_security_group() {
local security_group_id response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_delete_security_group"
echo "Deletes an Amazon Elastic Compute Cloud (Amazon EC2) security group."
echo " -i security_group_id - The ID of the security group to delete."
echo ""
}
# Retrieve the calling parameters.
while getopts "i:h" option; do
case "${option}" in
i) security_group_id="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
if [[ -z "$security_group_id" ]]; then
errecho "ERROR: You must provide a security group ID with the -i parameter."
usage
return 1
fi
response=$(aws ec2 delete-security-group --group-id "$security_group_id" --output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports delete-security-group operation failed.$response"
return 1
}
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DeleteSecurityGroup)。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! Delete a security group.
/*!
\param securityGroupID: A security group ID.
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::deleteSecurityGroup(const Aws::String &securityGroupID,
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DeleteSecurityGroupRequest request;
request.SetGroupId(securityGroupID);
Aws::EC2::Model::DeleteSecurityGroupOutcome outcome = ec2Client.DeleteSecurityGroup(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to delete security group " << securityGroupID <<
":" << outcome.GetError().GetMessage() << std::endl;
} else {
std::cout << "Successfully deleted security group " << securityGroupID <<
std::endl;
}
return outcome.IsSuccess();
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DeleteSecurityGroup)。
------
#### [ CLI ]
**AWS CLI**
**[EC2-Classic] 刪除安全群組**
此範例會刪除名為 `MySecurityGroup` 的安全群組。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-security-group --group-name MySecurityGroup
```
**[EC2-VPC] 刪除安全群組**
此範例會刪除 ID 為 `sg-903004f8` 的安全群組。請注意,EC2-VPC 的安全群組不能按名稱引用。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-security-group --group-id sg-903004f8
```
如需詳細資訊,請參閱《AWS 命令行介面使用者指南》**中的「使用安全群組」。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteSecurityGroup](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-security-group.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中設定和執行。
```
/**
* Deletes an EC2 security group asynchronously.
*
* @param groupId the ID of the security group to delete
* @return a CompletableFuture that completes when the security group is deleted
*/
public CompletableFuture deleteEC2SecGroupAsync(String groupId) {
DeleteSecurityGroupRequest request = DeleteSecurityGroupRequest.builder()
.groupId(groupId)
.build();
CompletableFuture response = getAsyncClient().deleteSecurityGroup(request);
return response.whenComplete((resp, ex) -> {
if (ex != null) {
throw new RuntimeException("Failed to delete security group with Id " + groupId, ex);
} else if (resp == null) {
throw new RuntimeException("No response received for deleting security group with Id " + groupId);
}
}).thenApply(resp -> null);
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DeleteSecurityGroup)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { DeleteSecurityGroupCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Deletes a security group.
* @param {{ groupId: string }} options
*/
export const main = async ({ groupId }) => {
const client = new EC2Client({});
const command = new DeleteSecurityGroupCommand({
GroupId: groupId,
});
try {
await client.send(command);
console.log("Security group deleted successfully.");
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidGroupId.Malformed") {
console.warn(`${caught.message}. Please provide a valid GroupId.`);
} else {
throw caught;
}
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [DeleteSecurityGroup](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteSecurityGroupCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
suspend fun deleteEC2SecGroup(groupIdVal: String) {
val request =
DeleteSecurityGroupRequest {
groupId = groupIdVal
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
ec2.deleteSecurityGroup(request)
println("Successfully deleted Security Group with id $groupIdVal")
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Kotlin 的 AWS SDK API 參考》**中的 [DeleteSecurityGroup](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除 EC2-VPC 的指定安全群組。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2SecurityGroup -GroupId sg-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SecurityGroup (DeleteSecurityGroup)" on Target "sg-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
**範例 2:此範例會刪除 EC2-Classic 的指定安全群組。**
```
Remove-EC2SecurityGroup -GroupName my-security-group -Force
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteSecurityGroup](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除 EC2-VPC 的指定安全群組。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2SecurityGroup -GroupId sg-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SecurityGroup (DeleteSecurityGroup)" on Target "sg-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
**範例 2:此範例會刪除 EC2-Classic 的指定安全群組。**
```
Remove-EC2SecurityGroup -GroupName my-security-group -Force
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteSecurityGroup](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class SecurityGroupWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions."""
def __init__(self, ec2_client: boto3.client, security_group: Optional[str] = None):
"""
Initializes the SecurityGroupWrapper with an EC2 client and an optional security group ID.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param security_group: The ID of a security group to manage. This is a high-level identifier
that represents the security group.
"""
self.ec2_client = ec2_client
self.security_group = security_group
@classmethod
def from_client(cls) -> "SecurityGroupWrapper":
"""
Creates a SecurityGroupWrapper instance with a default EC2 client.
:return: An instance of SecurityGroupWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def delete(self, security_group_id: str) -> bool:
"""
Deletes the specified security group.
:param security_group_id: The ID of the security group to delete. Required.
:returns: True if the deletion is successful.
:raises ClientError: If the security group cannot be deleted due to an AWS service error.
"""
try:
self.ec2_client.delete_security_group(GroupId=security_group_id)
logger.info(f"Successfully deleted security group '{security_group_id}'")
return True
except ClientError as err:
logger.error(f"Deletion failed for security group '{security_group_id}'")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidGroup.NotFound":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it does not exist."
)
elif error_code == "DependencyViolation":
logger.error(
f"Security group '{security_group_id}' cannot be deleted because it is still in use."
" Verify that it is:"
"\n\t- Detached from resources"
"\n\t- Removed from references in other groups"
"\n\t- Removed from VPC's as a default group"
)
raise
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的 AWS SDK API 參考》**中的 [DeleteSecurityGroup](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteSecurityGroup)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
```
pub async fn delete_security_group(&self, group_id: &str) -> Result<(), EC2Error> {
tracing::info!("Deleting security group {group_id}");
self.client
.delete_security_group()
.group_id(group_id)
.send()
.await?;
Ok(())
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [DeleteSecurityGroup](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_security_group)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
lo_ec2->deletesecuritygroup( iv_groupid = iv_security_group_id ).
MESSAGE 'Security group deleted.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 SAP ABAP 的 AWS SDK API 參考》**中的 [DeleteSecurityGroup](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
```
import AWSEC2
/// Delete a security group.
///
/// - Parameter groupId: The ID of the security group to delete.
///
/// - Returns: `true` on successful deletion; `false` on error.
func deleteSecurityGroup(groupId: String) async -> Bool {
do {
_ = try await ec2Client.deleteSecurityGroup(
input: DeleteSecurityGroupInput(
groupId: groupId
)
)
return true
} catch {
print("*** Error deleting the security group: \(error.localizedDescription)")
return false
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Swift 的 AWS SDK API 參考》**中的 [DeleteSecurityGroup](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/deletesecuritygroup(input:))。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DeleteSnapshot` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DeleteSnapshot`。
------
#### [ CLI ]
**AWS CLI**
**刪除快照**
此範例命令會刪除快照 ID 為 `snap-1234567890abcdef0` 的快照。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-snapshot --snapshot-id snap-1234567890abcdef0
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteSnapshot](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-snapshot.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的快照。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2Snapshot -SnapshotId snap-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Snapshot (DeleteSnapshot)" on target "snap-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteSnapshot](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的快照。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2Snapshot -SnapshotId snap-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Snapshot (DeleteSnapshot)" on target "snap-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteSnapshot](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ebs#code-examples)中設定和執行。
```
async fn delete_snapshot(client: &Client, id: &str) -> Result<(), Error> {
client.delete_snapshot().snapshot_id(id).send().await?;
println!("Deleted");
Ok(())
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Rust 的 AWS SDK API 參考》**中的 [DeleteSnapshot](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.delete_snapshot)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteSpotDatafeedSubscription` 與 CLI
下列程式碼範例示範如何使用 `DeleteSpotDatafeedSubscription`。
------
#### [ CLI ]
**AWS CLI**
**取消 Spot 執行個體資料饋送訂閱**
此範例命令會刪除帳戶的 Spot 資料饋送訂閱。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-spot-datafeed-subscription
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteSpotDatafeedSubscription](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-spot-datafeed-subscription.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除您的 Spot 執行個體資料饋送。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2SpotDatafeedSubscription
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SpotDatafeedSubscription (DeleteSpotDatafeedSubscription)" on Target "".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除您的 Spot 執行個體資料饋送。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2SpotDatafeedSubscription
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2SpotDatafeedSubscription (DeleteSpotDatafeedSubscription)" on Target "".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteSpotDatafeedSubscription](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteSubnet` 與 CLI
下列程式碼範例示範如何使用 `DeleteSubnet`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**刪除子網路**
此範例會刪除指定的子網路。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-subnet --subnet-id subnet-9d4a7b6c
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteSubnet](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-subnet.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的子網路。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2Subnet -SubnetId subnet-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Subnet (DeleteSubnet)" on Target "subnet-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteSubnet](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的子網路。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2Subnet -SubnetId subnet-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Subnet (DeleteSubnet)" on Target "subnet-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteSubnet](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteTags` 與 CLI
下列程式碼範例示範如何使用 `DeleteTags`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:從資源刪除標籤**
下列 `delete-tags` 範例會從指定的映像刪除標籤 `Stack=Test`。當您同時指定值和索引鍵名稱時,只有在標籤的值符合指定的值時,才會刪除標籤。
```
aws ec2 delete-tags \
--resources ami-1234567890abcdef0 \
--tags Key=Stack,Value=Test
```
您可以選擇指定標籤的值。下列 `delete-tags` 範例會從指定的執行個體刪除具有索引鍵名稱 `purpose` 的標籤,無論標籤的標籤值為何。
```
aws ec2 delete-tags \
--resources i-1234567890abcdef0 \
--tags Key=purpose
```
如果您將空字串指定為標籤值,則只有在標籤值為空字串時,才會刪除標籤。下列 `delete-tags` 範例指定空字串做為要刪除之標籤的標籤值。
```
aws ec2 delete-tags \
--resources i-1234567890abcdef0 \
--tags Key=Name,Value=
```
**範例 2:從多個資源刪除標籤**
下列 `delete-tags` 範例會從執行個體和 AMI 中刪除 tag``Purpose=Test``。如先前範例所示,您可以從命令省略標籤值。
```
aws ec2 delete-tags \
--resources i-1234567890abcdef0 ami-1234567890abcdef0 \
--tags Key=Purpose
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteTags](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-tags.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會從指定的資源刪除指定的標籤,無論標籤值為何。此範例使用的語法需要 PowerShell 版本 3 或更新版本。**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag" } -Force
```
**範例 2:此範例會從指定的資源刪除指定的標籤,但僅限於標籤值相符時。此範例使用的語法需要 PowerShell 版本 3 或更新版本。**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag";Value="myTagValue" } -Force
```
**範例 3:此範例會從指定的資源刪除指定的標籤,無論標籤值為何。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
**範例 4:此範例會從指定的資源刪除指定的標籤,但僅限於標籤值相符時。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
+ 如需 API 詳細資訊,請參閱《*AWS Tools for PowerShell Cmdlet 參考 (V4)*》中的 [DeleteTags](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會從指定的資源刪除指定的標籤,無論標籤值為何。此範例使用的語法需要 PowerShell 版本 3 或更新版本。**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag" } -Force
```
**範例 2:此範例會從指定的資源刪除指定的標籤,但僅限於標籤值相符時。此範例使用的語法需要 PowerShell 版本 3 或更新版本。**
```
Remove-EC2Tag -Resource i-12345678 -Tag @{ Key="myTag";Value="myTagValue" } -Force
```
**範例 3:此範例會從指定的資源刪除指定的標籤,無論標籤值為何。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
**範例 4:此範例會從指定的資源刪除指定的標籤,但僅限於標籤值相符時。**
```
$tag = New-Object Amazon.EC2.Model.Tag
$tag.Key = "myTag"
$tag.Value = "myTagValue"
Remove-EC2Tag -Resource i-12345678 -Tag $tag -Force
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteTags](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteVolume` 與 CLI
下列程式碼範例示範如何使用 `DeleteVolume`。
------
#### [ CLI ]
**AWS CLI**
**刪除磁碟區**
此範例命令會刪除磁碟區 ID 為 `vol-049df61146c4d7901` 的可用磁碟區。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-volume --volume-id vol-049df61146c4d7901
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteVolume](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-volume.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會分開指定的磁碟區。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2Volume -VolumeId vol-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Volume (DeleteVolume)" on target "vol-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteVolume](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會分開指定的磁碟區。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2Volume -VolumeId vol-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove-EC2Volume (DeleteVolume)" on target "vol-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteVolume](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DeleteVpc` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DeleteVpc`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
+ [開始使用 VPC IPAM](example_vpc_GettingStartedIpam_section.md)
------
#### [ CLI ]
**AWS CLI**
**刪除 VPC**
此範例會刪除指定的 VPC。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-vpc --vpc-id vpc-a01106c2
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteVpc](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpc.html)。
------
#### [ PHP ]
**適用於 PHP 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples)中設定和執行。
```
/**
* @param string $vpcId
* @return void
*/
public function deleteVpc(string $vpcId)
{
try {
$this->ec2Client->deleteVpc([
"VpcId" => $vpcId,
]);
}catch(Ec2Exception $caught){
echo "There was a problem deleting the VPC: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 PHP 的 AWS SDK API 參考》**中的 [DeleteVpc](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/DeleteVpc)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的 VPC。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2Vpc -VpcId vpc-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Vpc (DeleteVpc)" on Target "vpc-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteVpc](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的 VPC。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2Vpc -VpcId vpc-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2Vpc (DeleteVpc)" on Target "vpc-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteVpc](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def delete(self, vpc_id: str) -> None:
"""
Deletes the specified VPC.
:param vpc_id: The ID of the VPC to delete.
"""
try:
self.ec2_client.delete_vpc(VpcId=vpc_id)
except ClientError as err:
logger.error(
"Couldn't delete VPC %s. Here's why: %s: %s",
vpc_id,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Python (Boto3) API 參考》**中的 [DeleteVpc](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteVpc)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
lo_ec2->deletevpc( iv_vpcid = iv_vpc_id ).
MESSAGE 'Deleted VPC.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 *AWS SAP ABAP 的 SDK API 參考*》中的 [DeleteVpc](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DeleteVpcEndpoints` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DeleteVpcEndpoints`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
------
#### [ CLI ]
**AWS CLI**
**刪除端點**
此範例會刪除端點 vpce-aa22bb33 和 vpce-1a2b3c4d。如果命令部分成功或部分失敗,則會傳回失敗項目的清單。如果命令成功,傳回的清單會是空的。
命令:
```
aws ec2 delete-vpc-endpoints --vpc-endpoint-ids vpce-aa22bb33 vpce-1a2b3c4d
```
輸出:
```
{
"Unsuccessful": []
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteVpcEndpoints](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpc-endpoints.html)。
------
#### [ PHP ]
**適用於 PHP 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code/ec2#code-examples)中設定和執行。
```
/**
* @param string $vpcEndpointId
* @return void
*/
public function deleteVpcEndpoint(string $vpcEndpointId)
{
try {
$this->ec2Client->deleteVpcEndpoints([
"VpcEndpointIds" => [$vpcEndpointId],
]);
}catch (Ec2Exception $caught){
echo "There was a problem deleting the VPC Endpoint: {$caught->getAwsErrorMessage()}\n";
throw $caught;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 PHP 的 AWS SDK API 參考》**中的 [DeleteVpcEndpoints](https://docs.aws.amazon.com/goto/SdkForPHPV3/ec2-2016-11-15/DeleteVpcEndpoints)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class VpcWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud actions."""
def __init__(self, ec2_client: boto3.client):
"""
Initializes the VpcWrapper with an EC2 client.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
"""
self.ec2_client = ec2_client
@classmethod
def from_client(cls) -> "VpcWrapper":
"""
Creates a VpcWrapper instance with a default EC2 client.
:return: An instance of VpcWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def delete_vpc_endpoints(self, vpc_endpoint_ids: list[str]) -> None:
"""
Deletes the specified VPC endpoints.
:param vpc_endpoint_ids: A list of IDs of the VPC endpoints to delete.
"""
try:
self.ec2_client.delete_vpc_endpoints(VpcEndpointIds=vpc_endpoint_ids)
except ClientError as err:
logger.error(
"Couldn't delete VPC endpoints %s. Here's why: %s: %s",
vpc_endpoint_ids,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Python (Boto3) API 參考》**中的 [DeleteVpcEndpoints](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DeleteVpcEndpoints)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
lo_ec2->deletevpcendpoints( it_vpcendpointids = it_vpc_endpoint_ids ).
MESSAGE 'Deleted VPC endpoint(s).' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 *AWS SAP ABAP 的 SDK API 參考*》中的 [DeleteVpcEndpoints](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteVpnConnection` 與 CLI
下列程式碼範例示範如何使用 `DeleteVpnConnection`。
------
#### [ CLI ]
**AWS CLI**
**刪除 VPN 連接**
此範例會刪除指定的 VPN 連線。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-vpn-connection --vpn-connection-id vpn-40f41529
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteVpnConnection](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpn-connection.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的 VPN 連線。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2VpnConnection -VpnConnectionId vpn-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnection (DeleteVpnConnection)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteVpnConnection](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的 VPN 連線。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2VpnConnection -VpnConnectionId vpn-12345678
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnection (DeleteVpnConnection)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteVpnConnection](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteVpnConnectionRoute` 與 CLI
下列程式碼範例示範如何使用 `DeleteVpnConnectionRoute`。
------
#### [ CLI ]
**AWS CLI**
**從 VPN 連接刪除靜態路由**
此範例會從指定的 VPN 連線中刪除指定的靜態路由。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-vpn-connection-route --vpn-connection-id vpn-40f41529 --destination-cidr-block 11.12.0.0/16
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteVpnConnectionRoute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpn-connection-route.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會從指定的 VPN 連線移除指定的靜態路由。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnectionRoute (DeleteVpnConnectionRoute)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會從指定的 VPN 連線移除指定的靜態路由。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2VpnConnectionRoute -VpnConnectionId vpn-12345678 -DestinationCidrBlock 11.12.0.0/16
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnConnectionRoute (DeleteVpnConnectionRoute)" on Target "vpn-12345678".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteVpnConnectionRoute](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeleteVpnGateway` 與 CLI
下列程式碼範例示範如何使用 `DeleteVpnGateway`。
------
#### [ CLI ]
**AWS CLI**
**刪除虛擬私有閘道**
此範例會刪除指定的虛擬私有閘道。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 delete-vpn-gateway --vpn-gateway-id vgw-9a4cacf3
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteVpnGateway](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpn-gateway.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會刪除指定的虛擬私有閘道。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnGateway (DeleteVpnGateway)" on Target "vgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeleteVpnGateway](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會刪除指定的虛擬私有閘道。除非也指定 Force 參數,否則在繼續操作之前,系統會提示您確認。**
```
Remove-EC2VpnGateway -VpnGatewayId vgw-1a2b3c4d
```
**輸出:**
```
Confirm
Are you sure you want to perform this action?
Performing operation "Remove-EC2VpnGateway (DeleteVpnGateway)" on Target "vgw-1a2b3c4d".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeleteVpnGateway](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DeregisterImage` 與 CLI
下列程式碼範例示範如何使用 `DeregisterImage`。
------
#### [ CLI ]
**AWS CLI**
**取消註冊 AMI**
此範例會將指定的 AMI 取消註冊。如果命令成功,則不會傳回任何輸出。
命令:
```
aws ec2 deregister-image --image-id ami-4fa54026
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeregisterImage](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/deregister-image.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會取消註冊指定的 AMI。**
```
Unregister-EC2Image -ImageId ami-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DeregisterImage](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會取消註冊指定的 AMI。**
```
Unregister-EC2Image -ImageId ami-12345678
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DeregisterImage](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeAccountAttributes` 與 CLI
下列程式碼範例示範如何使用 `DescribeAccountAttributes`。
------
#### [ CLI ]
**AWS CLI**
**描述您 AWS 帳戶的所有屬性**
此範例說明您 AWS 帳戶的屬性。
命令:
```
aws ec2 describe-account-attributes
```
輸出:
```
{
"AccountAttributes": [
{
"AttributeName": "vpc-max-security-groups-per-interface",
"AttributeValues": [
{
"AttributeValue": "5"
}
]
},
{
"AttributeName": "max-instances",
"AttributeValues": [
{
"AttributeValue": "20"
}
]
},
{
"AttributeName": "supported-platforms",
"AttributeValues": [
{
"AttributeValue": "EC2"
},
{
"AttributeValue": "VPC"
}
]
},
{
"AttributeName": "default-vpc",
"AttributeValues": [
{
"AttributeValue": "none"
}
]
},
{
"AttributeName": "max-elastic-ips",
"AttributeValues": [
{
"AttributeValue": "5"
}
]
},
{
"AttributeName": "vpc-max-elastic-ips",
"AttributeValues": [
{
"AttributeValue": "5"
}
]
}
]
}
```
**描述您 AWS 帳戶的單一屬性**
此範例說明您 AWS 帳戶的 `supported-platforms` 屬性。
命令:
```
aws ec2 describe-account-attributes --attribute-names supported-platforms
```
輸出:
```
{
"AccountAttributes": [
{
"AttributeName": "supported-platforms",
"AttributeValues": [
{
"AttributeValue": "EC2"
},
{
"AttributeValue": "VPC"
}
]
}
]
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeAccountAttributes](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-account-attributes.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述您是否可以將執行個體啟動到該區域中的 EC2-Classic 和 EC2-VPC 中,或只能啟動到 EC2-VPC 中。**
```
(Get-EC2AccountAttribute -AttributeName supported-platforms).AttributeValues
```
**輸出:**
```
AttributeValue
--------------
EC2
VPC
```
**範例 2:此範例描述您的預設 VPC,或如果區域中沒有預設 VPC,則為 'none'**。
```
(Get-EC2AccountAttribute -AttributeName default-vpc).AttributeValues
```
**輸出:**
```
AttributeValue
--------------
vpc-12345678
```
**範例 3:此範例描述您可以執行的隨需執行個體數量上限。**
```
(Get-EC2AccountAttribute -AttributeName max-instances).AttributeValues
```
**輸出:**
```
AttributeValue
--------------
20
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeAccountAttributes](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述您是否可以將執行個體啟動到該區域中的 EC2-Classic 和 EC2-VPC 中,或只能啟動到 EC2-VPC 中。**
```
(Get-EC2AccountAttribute -AttributeName supported-platforms).AttributeValues
```
**輸出:**
```
AttributeValue
--------------
EC2
VPC
```
**範例 2:此範例描述您的預設 VPC,或如果區域中沒有預設 VPC,則為 'none'**。
```
(Get-EC2AccountAttribute -AttributeName default-vpc).AttributeValues
```
**輸出:**
```
AttributeValue
--------------
vpc-12345678
```
**範例 3:此範例描述您可以執行的隨需執行個體數量上限。**
```
(Get-EC2AccountAttribute -AttributeName max-instances).AttributeValues
```
**輸出:**
```
AttributeValue
--------------
20
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeAccountAttributes](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DescribeAddresses` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DescribeAddresses`。
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! Describe all Elastic IP addresses.
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::describeAddresses(
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeAddressesRequest request;
Aws::EC2::Model::DescribeAddressesOutcome outcome = ec2Client.DescribeAddresses(request);
if (outcome.IsSuccess()) {
std::cout << std::left << std::setw(20) << "InstanceId" <<
std::setw(15) << "Public IP" << std::setw(10) << "Domain" <<
std::setw(30) << "Allocation ID" << std::setw(25) <<
"NIC ID" << std::endl;
const Aws::Vector &addresses = outcome.GetResult().GetAddresses();
for (const auto &address: addresses) {
Aws::String domainString =
Aws::EC2::Model::DomainTypeMapper::GetNameForDomainType(
address.GetDomain());
std::cout << std::left << std::setw(20) <<
address.GetInstanceId() << std::setw(15) <<
address.GetPublicIp() << std::setw(10) << domainString <<
std::setw(30) << address.GetAllocationId() << std::setw(25)
<< address.GetNetworkInterfaceId() << std::endl;
}
} else {
std::cerr << "Failed to describe Elastic IP addresses:" <<
outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [DescribeAddresses](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeAddresses)。
------
#### [ CLI ]
**AWS CLI**
**範例 1:擷取有關您所有彈性 IP 位址的詳細資訊**
以下 `describe addresses` 範例顯示有關您彈性 IP 位址的詳細資訊。
```
aws ec2 describe-addresses
```
輸出:
```
{
"Addresses": [
{
"InstanceId": "i-1234567890abcdef0",
"PublicIp": "198.51.100.0",
"PublicIpv4Pool": "amazon",
"Domain": "standard"
},
{
"Domain": "vpc",
"PublicIpv4Pool": "amazon",
"InstanceId": "i-1234567890abcdef0",
"NetworkInterfaceId": "eni-12345678",
"AssociationId": "eipassoc-12345678",
"NetworkInterfaceOwnerId": "123456789012",
"PublicIp": "203.0.113.0",
"AllocationId": "eipalloc-12345678",
"PrivateIpAddress": "10.0.1.241"
}
]
}
```
**範例 2:擷取有關 EC2-VPC 適用之彈性 IP 位址的詳細資訊**
下列 `describe-addresses` 範例會顯示彈性 IP 位址的詳細資訊,以便搭配 VPC 中的執行個體使用。
```
aws ec2 describe-addresses \
--filters "Name=domain,Values=vpc"
```
輸出:
```
{
"Addresses": [
{
"Domain": "vpc",
"PublicIpv4Pool": "amazon",
"InstanceId": "i-1234567890abcdef0",
"NetworkInterfaceId": "eni-12345678",
"AssociationId": "eipassoc-12345678",
"NetworkInterfaceOwnerId": "123456789012",
"PublicIp": "203.0.113.0",
"AllocationId": "eipalloc-12345678",
"PrivateIpAddress": "10.0.1.241"
}
]
}
```
**範例 3:擷取有關透過配置 ID 所指定的彈性 IP 位址的詳細資訊**
下列 `describe-addresses` 範例顯示具有指定配置 ID (已與 EC2-VPC 中的執行個體建立關聯) 的彈性 IP 位址的詳細資訊。
```
aws ec2 describe-addresses \
--allocation-ids eipalloc-282d9641
```
輸出:
```
{
"Addresses": [
{
"Domain": "vpc",
"PublicIpv4Pool": "amazon",
"InstanceId": "i-1234567890abcdef0",
"NetworkInterfaceId": "eni-1a2b3c4d",
"AssociationId": "eipassoc-123abc12",
"NetworkInterfaceOwnerId": "1234567891012",
"PublicIp": "203.0.113.25",
"AllocationId": "eipalloc-282d9641",
"PrivateIpAddress": "10.251.50.12"
}
]
}
```
**範例 4:擷取有關透過其 VPC 私有 IP 位址所指定的彈性 IP 位址的詳細資訊**
下列 `describe-addresses` 範例針對已與 EC2-VPC 中特定私有 IP 位址建立關聯的彈性 IP 位址,顯示詳細資訊。
```
aws ec2 describe-addresses \
--filters "Name=private-ip-address,Values=10.251.50.12"
```
**範例 5:擷取有關 EC2-Classic 中彈性 IP 位址的詳細資訊**
下列`describe-addresses`範例顯示彈性 IP 地址的詳細資訊,可用於 EC2-Classic。
```
aws ec2 describe-addresses \
--filters "Name=domain,Values=standard"
```
輸出:
```
{
"Addresses": [
{
"InstanceId": "i-1234567890abcdef0",
"PublicIp": "203.0.110.25",
"PublicIpv4Pool": "amazon",
"Domain": "standard"
}
]
}
```
**範例 6:擷取有關透過其公有 IP 位址所指定的彈性 IP 位址的詳細資訊**
下列 `describe-addresses` 範例顯示具有值 `203.0.110.25` (已與 EC2-Classic 中的執行個體建立關聯) 的彈性 IP 位址的詳細資訊。
```
aws ec2 describe-addresses \
--public-ips 203.0.110.25
```
輸出:
```
{
"Addresses": [
{
"InstanceId": "i-1234567890abcdef0",
"PublicIp": "203.0.110.25",
"PublicIpv4Pool": "amazon",
"Domain": "standard"
}
]
}
```
+ 如需 API 的詳細資訊,請參閱*《AWS CLI 命令參考》*中的 [DescribeAddresses](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-addresses.html)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { DescribeAddressesCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* Describes the specified Elastic IP addresses or all of your Elastic IP addresses.
* @param {{ allocationId: string }} options
*/
export const main = async ({ allocationId }) => {
const client = new EC2Client({});
const command = new DescribeAddressesCommand({
// You can omit this property to show all addresses.
AllocationIds: [allocationId],
});
try {
const { Addresses } = await client.send(command);
const addressList = Addresses.map((address) => ` • ${address.PublicIp}`);
console.log("Elastic IP addresses:");
console.log(addressList.join("\n"));
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidAllocationID.NotFound"
) {
console.warn(`${caught.message}. Please provide a valid AllocationId.`);
} else {
throw caught;
}
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [DescribeAddresses](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeAddressesCommand)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述 EC2-Classic 中執行個體的指定彈性 IP 位址。**
```
Get-EC2Address -AllocationId eipalloc-12345678
```
**輸出:**
```
AllocationId : eipalloc-12345678
AssociationId : eipassoc-12345678
Domain : vpc
InstanceId : i-87654321
NetworkInterfaceId : eni-12345678
NetworkInterfaceOwnerId : 12345678
PrivateIpAddress : 10.0.2.172
PublicIp : 198.51.100.2
```
**範例 2:此範例描述 VPC 中執行個體的彈性 IP 位址。此語法需要 PowerShell 版本 3 或更新版本。**
```
Get-EC2Address -Filter @{ Name="domain";Values="vpc" }
```
**範例 3:此範例描述 EC2-Classic 中執行個體的指定彈性 IP 位址。**
```
Get-EC2Address -PublicIp 203.0.113.17
```
**輸出:**
```
AllocationId :
AssociationId :
Domain : standard
InstanceId : i-12345678
NetworkInterfaceId :
NetworkInterfaceOwnerId :
PrivateIpAddress :
PublicIp : 203.0.113.17
```
**範例 4:此範例描述 EC2-Classic 中執行個體的彈性 IP 位址。此語法需要 PowerShell 版本 3 或更新版本。**
```
Get-EC2Address -Filter @{ Name="domain";Values="standard" }
```
**範例 5:此範例描述您所有的彈性 IP 位址。**
```
Get-EC2Address
```
**範例 6:此範例會傳回篩選條件中提供的執行個體 ID 的公有和私有 IP**
```
Get-EC2Address -Region eu-west-1 -Filter @{Name="instance-id";Values="i-0c12d3f4f567ffb89"} | Select-Object PrivateIpAddress, PublicIp
```
**輸出:**
```
PrivateIpAddress PublicIp
---------------- --------
10.0.0.99 63.36.5.227
```
**範例 7:此範例會擷取所有具有其配置 ID、關聯 ID 和執行個體 ID 的彈性 IP**
```
Get-EC2Address -Region eu-west-1 | Select-Object InstanceId, AssociationId, AllocationId, PublicIp
```
**輸出:**
```
InstanceId AssociationId AllocationId PublicIp
---------- ------------- ------------ --------
eipalloc-012e3b456789e1fad 17.212.120.178
i-0c123dfd3415bac67 eipassoc-0e123456bb7890bdb eipalloc-01cd23ebf45f7890c 17.212.124.77
eipalloc-012345678eeabcfad 17.212.225.7
i-0123d405c67e89a0c eipassoc-0c123b456783966ba eipalloc-0123cdd456a8f7892 37.216.52.173
i-0f1bf2f34c5678d09 eipassoc-0e12934568a952d96 eipalloc-0e1c23e4d5e6789e4 37.218.222.278
i-012e3cb4df567e8aa eipassoc-0d1b2fa4d67d03810 eipalloc-0123f456f78a01b58 37.210.82.27
i-0123bcf4b567890e1 eipassoc-01d2345f678903fb1 eipalloc-0e1db23cfef5c45c7 37.215.222.270
```
**範例 8:此範例會擷取值為 'Prod' 且符合標籤索引鍵 'Category' 的 EC2 IP 位址清單**
```
Get-EC2Address -Filter @{Name="tag:Category";Values="Prod"}
```
**輸出:**
```
AllocationId : eipalloc-0123f456f81a01b58
AssociationId : eipassoc-0d1b23a456d103810
CustomerOwnedIp :
CustomerOwnedIpv4Pool :
Domain : vpc
InstanceId : i-012e3cb4df567e1aa
NetworkBorderGroup : eu-west-1
NetworkInterfaceId : eni-0123f41d5a60d5f40
NetworkInterfaceOwnerId : 123456789012
PrivateIpAddress : 192.168.1.84
PublicIp : 34.250.81.29
PublicIpv4Pool : amazon
Tags : {Category, Name}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeAddresses](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述 EC2-Classic 中執行個體的指定彈性 IP 位址。**
```
Get-EC2Address -AllocationId eipalloc-12345678
```
**輸出:**
```
AllocationId : eipalloc-12345678
AssociationId : eipassoc-12345678
Domain : vpc
InstanceId : i-87654321
NetworkInterfaceId : eni-12345678
NetworkInterfaceOwnerId : 12345678
PrivateIpAddress : 10.0.2.172
PublicIp : 198.51.100.2
```
**範例 2:此範例描述 VPC 中執行個體的彈性 IP 位址。此語法需要 PowerShell 版本 3 或更新版本。**
```
Get-EC2Address -Filter @{ Name="domain";Values="vpc" }
```
**範例 3:此範例描述 EC2-Classic 中執行個體的指定彈性 IP 位址。**
```
Get-EC2Address -PublicIp 203.0.113.17
```
**輸出:**
```
AllocationId :
AssociationId :
Domain : standard
InstanceId : i-12345678
NetworkInterfaceId :
NetworkInterfaceOwnerId :
PrivateIpAddress :
PublicIp : 203.0.113.17
```
**範例 4:此範例描述 EC2-Classic 中執行個體的彈性 IP 位址。此語法需要 PowerShell 版本 3 或更新版本。**
```
Get-EC2Address -Filter @{ Name="domain";Values="standard" }
```
**範例 5:此範例描述您所有的彈性 IP 位址。**
```
Get-EC2Address
```
**範例 6:此範例會傳回篩選條件中提供的執行個體 ID 的公有和私有 IP**
```
Get-EC2Address -Region eu-west-1 -Filter @{Name="instance-id";Values="i-0c12d3f4f567ffb89"} | Select-Object PrivateIpAddress, PublicIp
```
**輸出:**
```
PrivateIpAddress PublicIp
---------------- --------
10.0.0.99 63.36.5.227
```
**範例 7:此範例會擷取所有具有其配置 ID、關聯 ID 和執行個體 ID 的彈性 IP**
```
Get-EC2Address -Region eu-west-1 | Select-Object InstanceId, AssociationId, AllocationId, PublicIp
```
**輸出:**
```
InstanceId AssociationId AllocationId PublicIp
---------- ------------- ------------ --------
eipalloc-012e3b456789e1fad 17.212.120.178
i-0c123dfd3415bac67 eipassoc-0e123456bb7890bdb eipalloc-01cd23ebf45f7890c 17.212.124.77
eipalloc-012345678eeabcfad 17.212.225.7
i-0123d405c67e89a0c eipassoc-0c123b456783966ba eipalloc-0123cdd456a8f7892 37.216.52.173
i-0f1bf2f34c5678d09 eipassoc-0e12934568a952d96 eipalloc-0e1c23e4d5e6789e4 37.218.222.278
i-012e3cb4df567e8aa eipassoc-0d1b2fa4d67d03810 eipalloc-0123f456f78a01b58 37.210.82.27
i-0123bcf4b567890e1 eipassoc-01d2345f678903fb1 eipalloc-0e1db23cfef5c45c7 37.215.222.270
```
**範例 8:此範例會擷取值為 'Prod' 且符合標籤索引鍵 'Category' 的 EC2 IP 位址清單**
```
Get-EC2Address -Filter @{Name="tag:Category";Values="Prod"}
```
**輸出:**
```
AllocationId : eipalloc-0123f456f81a01b58
AssociationId : eipassoc-0d1b23a456d103810
CustomerOwnedIp :
CustomerOwnedIpv4Pool :
Domain : vpc
InstanceId : i-012e3cb4df567e1aa
NetworkBorderGroup : eu-west-1
NetworkInterfaceId : eni-0123f41d5a60d5f40
NetworkInterfaceOwnerId : 123456789012
PrivateIpAddress : 192.168.1.84
PublicIp : 34.250.81.29
PublicIpv4Pool : amazon
Tags : {Category, Name}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeAddresses](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
oo_result = lo_ec2->describeaddresses( ). " oo_result is returned for testing purposes. "
DATA(lt_addresses) = oo_result->get_addresses( ).
MESSAGE 'Retrieved information about Elastic IP addresses.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 SAP ABAP 的 AWS SDK API 參考》**中的 [DescribeAddresses](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DescribeAvailabilityZones` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DescribeAvailabilityZones`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建置及管理彈性服務](example_cross_ResilientService_section.md)
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
+ [開始使用 Transit Gateway](example_vpc_TransitGatewayGettingStarted_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples)中設定和執行。
```
///
/// Get a list of Availability Zones in the AWS Region of the Amazon EC2 Client.
///
/// A list of availability zones.
public async Task> DescribeAvailabilityZones()
{
try
{
var zoneResponse = await _amazonEc2.DescribeAvailabilityZonesAsync(
new DescribeAvailabilityZonesRequest());
return zoneResponse.AvailabilityZones.Select(z => z.ZoneName).ToList();
}
catch (AmazonEC2Exception ec2Exception)
{
_logger.LogError($"An Amazon EC2 error occurred while listing availability zones.: {ec2Exception.Message}");
throw;
}
catch (Exception ex)
{
_logger.LogError($"An error occurred while listing availability zones.: {ex.Message}");
throw;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [DescribeAvailabilityZones](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeAvailabilityZones)。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! DescribeAvailabilityZones
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
int AwsDoc::EC2::describeAvailabilityZones(const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeAvailabilityZonesRequest request;
Aws::EC2::Model::DescribeAvailabilityZonesOutcome outcome = ec2Client.DescribeAvailabilityZones(request);
if (outcome.IsSuccess()) {
std::cout << std::left <<
std::setw(32) << "ZoneName" <<
std::setw(20) << "State" <<
std::setw(32) << "Region" << std::endl;
const auto &zones =
outcome.GetResult().GetAvailabilityZones();
for (const auto &zone: zones) {
Aws::String stateString =
Aws::EC2::Model::AvailabilityZoneStateMapper::GetNameForAvailabilityZoneState(
zone.GetState());
std::cout << std::left <<
std::setw(32) << zone.GetZoneName() <<
std::setw(20) << stateString <<
std::setw(32) << zone.GetRegionName() << std::endl;
}
} else {
std::cerr << "Failed to describe availability zones:" <<
outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [DescribeAvailabilityZones](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeAvailabilityZones)。
------
#### [ CLI ]
**AWS CLI**
**描述您的可用區域**
下列範例 `describe-availability-zones` 針對可供您使用的可用區域顯示詳細資訊。回應包含僅適用於目前區域的可用區域。在這個範例中,它預設在 `us-west-2` (奧勒岡) 區域使用設定檔。
```
aws ec2 describe-availability-zones
```
輸出:
```
{
"AvailabilityZones": [
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2a",
"ZoneId": "usw2-az1",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2b",
"ZoneId": "usw2-az2",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2c",
"ZoneId": "usw2-az3",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opt-in-not-required",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2d",
"ZoneId": "usw2-az4",
"GroupName": "us-west-2",
"NetworkBorderGroup": "us-west-2"
},
{
"State": "available",
"OptInStatus": "opted-in",
"Messages": [],
"RegionName": "us-west-2",
"ZoneName": "us-west-2-lax-1a",
"ZoneId": "usw2-lax1-az1",
"GroupName": "us-west-2-lax-1",
"NetworkBorderGroup": "us-west-2-lax-1"
}
]
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeAvailabilityZones](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-availability-zones.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述目前可用區域的可用區域。**
```
Get-EC2AvailabilityZone
```
**輸出:**
```
Messages RegionName State ZoneName
-------- ---------- ----- --------
{} us-west-2 available us-west-2a
{} us-west-2 available us-west-2b
{} us-west-2 available us-west-2c
```
**範例 2:此範例描述處於受損狀態的任何可用區域。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
Get-EC2AvailabilityZone -Filter @{ Name="state";Values="impaired" }
```
**範例 3:使用 PowerShell 版本 2 時,必須使用 New-Object 來建立篩選條件。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = "impaired"
Get-EC2AvailabilityZone -Filter $filter
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeAvailabilityZones](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述目前可用區域的可用區域。**
```
Get-EC2AvailabilityZone
```
**輸出:**
```
Messages RegionName State ZoneName
-------- ---------- ----- --------
{} us-west-2 available us-west-2a
{} us-west-2 available us-west-2b
{} us-west-2 available us-west-2c
```
**範例 2:此範例描述處於受損狀態的任何可用區域。此範例使用的語法需要 PowerShell 版本 3 或更高版本。**
```
Get-EC2AvailabilityZone -Filter @{ Name="state";Values="impaired" }
```
**範例 3:使用 PowerShell 版本 2 時,必須使用 New-Object 來建立篩選條件。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = "impaired"
Get-EC2AvailabilityZone -Filter $filter
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeAvailabilityZones](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def get_availability_zones(self) -> List[str]:
"""
Gets a list of Availability Zones in the AWS Region of the Amazon EC2 client.
:return: The list of Availability Zones for the client Region.
"""
try:
response = self.ec2_client.describe_availability_zones()
zones = [zone["ZoneName"] for zone in response["AvailabilityZones"]]
log.info(f"Retrieved {len(zones)} availability zones: {zones}.")
except ClientError as err:
log.error("Failed to retrieve availability zones.")
log.error(f"Full error:\n\t{err}")
else:
return zones
```
+ 如需 API 詳細資訊,請參閱《*適用於 Python (Boto3) 的AWS SDK API 參考*》中的 [DescribeAvailabilityZones](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeAvailabilityZones)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
oo_result = lo_ec2->describeavailabilityzones( ). " oo_result is returned for testing purposes. "
DATA(lt_zones) = oo_result->get_availabilityzones( ).
MESSAGE 'Retrieved information about Availability Zones.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 SAP ABAP 的 AWS SDK API 參考》**中的 [DescribeAvailabilityZones](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeBundleTasks` 與 CLI
下列程式碼範例示範如何使用 `DescribeBundleTasks`。
------
#### [ CLI ]
**AWS CLI**
**描述您的 Bundle 任務**
此範例描述所有 Bundle 任務。
命令:
```
aws ec2 describe-bundle-tasks
```
輸出:
```
{
"BundleTasks": [
{
"UpdateTime": "2015-09-15T13:26:54.000Z",
"InstanceId": "i-1234567890abcdef0",
"Storage": {
"S3": {
"Prefix": "winami",
"Bucket": "bundletasks"
}
},
"State": "bundling",
"StartTime": "2015-09-15T13:24:35.000Z",
"Progress": "3%",
"BundleId": "bun-2a4e041c"
}
]
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeBundleTasks](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-bundle-tasks.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定的綁定任務。**
```
Get-EC2BundleTask -BundleId bun-12345678
```
**範例 2:此範例描述狀態為「完成」或「失敗」的綁定任務。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "complete", "failed" )
Get-EC2BundleTask -Filter $filter
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeBundleTasks](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定的綁定任務。**
```
Get-EC2BundleTask -BundleId bun-12345678
```
**範例 2:此範例描述狀態為「完成」或「失敗」的綁定任務。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "complete", "failed" )
Get-EC2BundleTask -Filter $filter
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeBundleTasks](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeCapacityReservations` 與 CLI
下列程式碼範例示範如何使用 `DescribeCapacityReservations`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:描述一或多個容量保留**
下列`describe-capacity-reservations`範例顯示目前 AWS 區域中所有容量保留的詳細資訊。
```
aws ec2 describe-capacity-reservations
```
輸出:
```
{
"CapacityReservations": [
{
"CapacityReservationId": "cr-1234abcd56EXAMPLE ",
"OwnerId": "123456789111",
"CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-1234abcd56EXAMPLE",
"AvailabilityZoneId": "use1-az2",
"InstanceType": "c5.large",
"InstancePlatform": "Linux/UNIX",
"AvailabilityZone": "us-east-1a",
"Tenancy": "default",
"TotalInstanceCount": 1,
"AvailableInstanceCount": 1,
"EbsOptimized": true,
"EphemeralStorage": false,
"State": "active",
"StartDate": "2024-10-23T15:00:24+00:00",
"EndDateType": "unlimited",
"InstanceMatchCriteria": "open",
"CreateDate": "2024-10-23T15:00:24+00:00",
"Tags": [],
"CapacityAllocations": []
},
{
"CapacityReservationId": "cr-abcdEXAMPLE9876ef ",
"OwnerId": "123456789111",
"CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-abcdEXAMPLE9876ef",
"AvailabilityZoneId": "use1-az2",
"InstanceType": "c4.large",
"InstancePlatform": "Linux/UNIX",
"AvailabilityZone": "us-east-1a",
"Tenancy": "default",
"TotalInstanceCount": 1,
"AvailableInstanceCount": 1,
"EbsOptimized": true,
"EphemeralStorage": false,
"State": "cancelled",
"StartDate": "2024-10-23T15:01:03+00:00",
"EndDateType": "unlimited",
"InstanceMatchCriteria": "open",
"CreateDate": "2024-10-23T15:01:02+00:00",
"Tags": [],
"CapacityAllocations": []
}
]
}
```
**範例 2:描述一或多個容量保留**
下列 `describe-capacity-reservations` 範例顯示指定之容量保留的詳細資訊。
```
aws ec2 describe-capacity-reservations \
--capacity-reservation-ids cr-1234abcd56EXAMPLE
```
輸出:
```
{
"CapacityReservations": [
{
"CapacityReservationId": "cr-abcdEXAMPLE9876ef ",
"OwnerId": "123456789111",
"CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-abcdEXAMPLE9876ef",
"AvailabilityZoneId": "use1-az2",
"InstanceType": "c4.large",
"InstancePlatform": "Linux/UNIX",
"AvailabilityZone": "us-east-1a",
"Tenancy": "default",
"TotalInstanceCount": 1,
"AvailableInstanceCount": 1,
"EbsOptimized": true,
"EphemeralStorage": false,
"State": "active",
"StartDate": "2024-10-23T15:01:03+00:00",
"EndDateType": "unlimited",
"InstanceMatchCriteria": "open",
"CreateDate": "2024-10-23T15:01:02+00:00",
"Tags": [],
"CapacityAllocations": []
}
]
}
```
如需詳細資訊,請參閱《*適用於 Linux 執行個體的 Amazon Elastic Compute Cloud 使用者指南*》中的[檢視容量保留](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html#capacity-reservations-view)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeCapacityReservations](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-capacity-reservations.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述區域的一或多個容量保留**
```
Get-EC2CapacityReservation -Region eu-west-1
```
**輸出:**
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeCapacityReservations](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述區域的一或多個容量保留**
```
Get-EC2CapacityReservation -Region eu-west-1
```
**輸出:**
```
AvailabilityZone : eu-west-1b
AvailableInstanceCount : 2
CapacityReservationId : cr-0c1f2345db6f7cdba
CreateDate : 3/28/2019 9:29:41 AM
EbsOptimized : True
EndDate : 1/1/0001 12:00:00 AM
EndDateType : unlimited
EphemeralStorage : False
InstanceMatchCriteria : open
InstancePlatform : Windows
InstanceType : m4.xlarge
State : active
Tags : {}
Tenancy : default
TotalInstanceCount : 2
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeCapacityReservations](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeCustomerGateways` 與 CLI
下列程式碼範例示範如何使用 `DescribeCustomerGateways`。
------
#### [ CLI ]
**AWS CLI**
**描述您的客戶閘道**
此範例描述您的客戶閘道。
命令:
```
aws ec2 describe-customer-gateways
```
輸出:
```
{
"CustomerGateways": [
{
"CustomerGatewayId": "cgw-b4dc3961",
"IpAddress": "203.0.113.12",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65000"
},
{
"CustomerGatewayId": "cgw-0e11f167",
"IpAddress": "12.1.2.3",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65534"
}
]
}
```
**描述特定客戶閘道**
此範例描述指定的客戶閘道。
命令:
```
aws ec2 describe-customer-gateways --customer-gateway-ids cgw-0e11f167
```
輸出:
```
{
"CustomerGateways": [
{
"CustomerGatewayId": "cgw-0e11f167",
"IpAddress": "12.1.2.3",
"State": "available",
"Type": "ipsec.1",
"BgpAsn": "65534"
}
]
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeCustomerGateways](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-customer-gateways.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定的客戶閘道。**
```
Get-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**輸出:**
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
**範例 2:此範例描述狀態為待處理或可用的任何客戶閘道。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "pending", "available" )
Get-EC2CustomerGateway -Filter $filter
```
**範例 3:此範例描述您所有的客戶閘道。**
```
Get-EC2CustomerGateway
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeCustomerGateways](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定的客戶閘道。**
```
Get-EC2CustomerGateway -CustomerGatewayId cgw-1a2b3c4d
```
**輸出:**
```
BgpAsn : 65534
CustomerGatewayId : cgw-1a2b3c4d
IpAddress : 203.0.113.12
State : available
Tags : {}
Type : ipsec.1
```
**範例 2:此範例描述狀態為待處理或可用的任何客戶閘道。**
```
$filter = New-Object Amazon.EC2.Model.Filter
$filter.Name = "state"
$filter.Values = @( "pending", "available" )
Get-EC2CustomerGateway -Filter $filter
```
**範例 3:此範例描述您所有的客戶閘道。**
```
Get-EC2CustomerGateway
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeCustomerGateways](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeDhcpOptions` 與 CLI
下列程式碼範例示範如何使用 `DescribeDhcpOptions`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:描述您的 DHCP 選項**
下列 `describe-dhcp-options` 範例會擷取有關您 DHCP 選項的詳細資訊。
```
aws ec2 describe-dhcp-options
```
輸出:
```
{
"DhcpOptions": [
{
"DhcpConfigurations": [
{
"Key": "domain-name",
"Values": [
{
"Value": "us-east-2.compute.internal"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "AmazonProvidedDNS"
}
]
}
],
"DhcpOptionsId": "dopt-19edf471",
"OwnerId": "111122223333"
},
{
"DhcpConfigurations": [
{
"Key": "domain-name",
"Values": [
{
"Value": "us-east-2.compute.internal"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "AmazonProvidedDNS"
}
]
}
],
"DhcpOptionsId": "dopt-fEXAMPLE",
"OwnerId": "111122223333"
}
]
}
```
如需資訊,請參閱《*AWS VPC 使用者指南*》中的[使用 DHCP 選項集](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html#DHCPOptionSet)。
**範例 2:描述您的 DHCP 選項並篩選輸出**
下列 `describe-dhcp-options` 範例描述您的 DHCP 選項,並使用篩選條件以僅傳回網域名稱伺服器具有 `example.com` 的 DHCP 選項。此範例會使用 `--query` 參數,在輸出中僅顯示組態資訊和 ID。
```
aws ec2 describe-dhcp-options \
--filters Name=key,Values=domain-name-servers Name=value,Values=example.com \
--query "DhcpOptions[*].[DhcpConfigurations,DhcpOptionsId]"
```
輸出:
```
[
[
[
{
"Key": "domain-name",
"Values": [
{
"Value": "example.com"
}
]
},
{
"Key": "domain-name-servers",
"Values": [
{
"Value": "172.16.16.16"
}
]
}
],
"dopt-001122334455667ab"
]
]
```
如需資訊,請參閱《*AWS VPC 使用者指南*》中的[使用 DHCP 選項集](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html#DHCPOptionSet)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeDhcpOptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-dhcp-options.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例列出您的 DHCP 選項集。**
```
Get-EC2DhcpOption
```
**輸出:**
```
DhcpConfigurations DhcpOptionsId Tag
------------------ ------------- ---
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
{domain-name-servers} dopt-3a4b5c6d {}
```
**範例 2:此範例會取得指定 DHCP 選項集的組態詳細資訊。**
```
(Get-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d).DhcpConfigurations
```
**輸出:**
```
Key Values
--- ------
domain-name {abc.local}
domain-name-servers {10.0.0.101, 10.0.0.102}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeDhcpOptions](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例列出您的 DHCP 選項集。**
```
Get-EC2DhcpOption
```
**輸出:**
```
DhcpConfigurations DhcpOptionsId Tag
------------------ ------------- ---
{domain-name, domain-name-servers} dopt-1a2b3c4d {}
{domain-name, domain-name-servers} dopt-2a3b4c5d {}
{domain-name-servers} dopt-3a4b5c6d {}
```
**範例 2:此範例會取得指定 DHCP 選項集的組態詳細資訊。**
```
(Get-EC2DhcpOption -DhcpOptionsId dopt-1a2b3c4d).DhcpConfigurations
```
**輸出:**
```
Key Values
--- ------
domain-name {abc.local}
domain-name-servers {10.0.0.101, 10.0.0.102}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeDhcpOptions](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeFlowLogs` 與 CLI
下列程式碼範例示範如何使用 `DescribeFlowLogs`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:描述所有流程日誌**
下列 `describe-flow-logs` 範例顯示所有流程日誌的詳細資訊。
```
aws ec2 describe-flow-logs
```
輸出:
```
{
"FlowLogs": [
{
"CreationTime": "2018-02-21T13:22:12.644Z",
"DeliverLogsPermissionArn": "arn:aws:iam::123456789012:role/flow-logs-role",
"DeliverLogsStatus": "SUCCESS",
"FlowLogId": "fl-aabbccdd112233445",
"MaxAggregationInterval": 600,
"FlowLogStatus": "ACTIVE",
"LogGroupName": "FlowLogGroup",
"ResourceId": "subnet-12345678901234567",
"TrafficType": "ALL",
"LogDestinationType": "cloud-watch-logs",
"LogFormat": "${version} ${account-id} ${interface-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${packets} ${bytes} ${start} ${end} ${action} ${log-status}"
},
{
"CreationTime": "2020-02-04T15:22:29.986Z",
"DeliverLogsStatus": "SUCCESS",
"FlowLogId": "fl-01234567890123456",
"MaxAggregationInterval": 60,
"FlowLogStatus": "ACTIVE",
"ResourceId": "vpc-00112233445566778",
"TrafficType": "ACCEPT",
"LogDestinationType": "s3",
"LogDestination": "arn:aws:s3:::my-flow-log-bucket/custom",
"LogFormat": "${version} ${vpc-id} ${subnet-id} ${instance-id} ${interface-id} ${account-id} ${type} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${pkt-srcaddr} ${pkt-dstaddr} ${protocol} ${bytes} ${packets} ${start} ${end} ${action} ${tcp-flags} ${log-status}"
}
]
}
```
**範例 2:描述流程日誌的子集**
下列 `describe-flow-logs` 範例使用篩選條件,僅顯示 Amazon CloudWatch Logs 中指定之日誌群組中流程日誌的詳細資訊。
```
aws ec2 describe-flow-logs \
--filter "Name=log-group-name,Values=MyFlowLogs"
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeFlowLogs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-flow-logs.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述日誌目的地類型為 's3' 的一或多個流程日誌**
```
Get-EC2FlowLog -Filter @{Name="log-destination-type";Values="s3"}
```
**輸出:**
```
CreationTime : 2/25/2019 9:07:36 PM
DeliverLogsErrorMessage :
DeliverLogsPermissionArn :
DeliverLogsStatus : SUCCESS
FlowLogId : fl-01b2e3d45f67f8901
FlowLogStatus : ACTIVE
LogDestination : arn:aws:s3:::amzn-s3-demo-bucket-dd-tata
LogDestinationType : s3
LogGroupName :
ResourceId : eni-01d2dda3456b7e890
TrafficType : ALL
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeFlowLogs](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述日誌目的地類型為 's3' 的一或多個流程日誌**
```
Get-EC2FlowLog -Filter @{Name="log-destination-type";Values="s3"}
```
**輸出:**
```
CreationTime : 2/25/2019 9:07:36 PM
DeliverLogsErrorMessage :
DeliverLogsPermissionArn :
DeliverLogsStatus : SUCCESS
FlowLogId : fl-01b2e3d45f67f8901
FlowLogStatus : ACTIVE
LogDestination : arn:aws:s3:::amzn-s3-demo-bucket-dd-tata
LogDestinationType : s3
LogGroupName :
ResourceId : eni-01d2dda3456b7e890
TrafficType : ALL
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeHostReservationOfferings` 與 CLI
下列程式碼範例示範如何使用 `DescribeHostReservationOfferings`。
------
#### [ CLI ]
**AWS CLI**
**描述專用主機保留產品**
此範例描述可供購買的 M4 執行個體系列的專用主機保留。
命令:
```
aws ec2 describe-host-reservation-offerings --filter Name=instance-family,Values=m4
```
輸出:
```
{
"OfferingSet": [
{
"HourlyPrice": "1.499",
"OfferingId": "hro-03f707bf363b6b324",
"InstanceFamily": "m4",
"PaymentOption": "NoUpfront",
"UpfrontPrice": "0.000",
"Duration": 31536000
},
{
"HourlyPrice": "1.045",
"OfferingId": "hro-0ef9181cabdef7a02",
"InstanceFamily": "m4",
"PaymentOption": "NoUpfront",
"UpfrontPrice": "0.000",
"Duration": 94608000
},
{
"HourlyPrice": "0.714",
"OfferingId": "hro-04567a15500b92a51",
"InstanceFamily": "m4",
"PaymentOption": "PartialUpfront",
"UpfrontPrice": "6254.000",
"Duration": 31536000
},
{
"HourlyPrice": "0.484",
"OfferingId": "hro-0d5d7a9d23ed7fbfe",
"InstanceFamily": "m4",
"PaymentOption": "PartialUpfront",
"UpfrontPrice": "12720.000",
"Duration": 94608000
},
{
"HourlyPrice": "0.000",
"OfferingId": "hro-05da4108ca998c2e5",
"InstanceFamily": "m4",
"PaymentOption": "AllUpfront",
"UpfrontPrice": "23913.000",
"Duration": 94608000
},
{
"HourlyPrice": "0.000",
"OfferingId": "hro-0a9f9be3b95a3dc8f",
"InstanceFamily": "m4",
"PaymentOption": "AllUpfront",
"UpfrontPrice": "12257.000",
"Duration": 31536000
}
]
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeHostReservationOfferings](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-host-reservation-offerings.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述專用主機保留,可供購買給指定篩選條件 'instance-family',其中 PaymentOption 為 'NoUpfront'**
```
Get-EC2HostReservationOffering -Filter @{Name="instance-family";Values="m4"} | Where-Object PaymentOption -eq NoUpfront
```
**輸出:**
```
CurrencyCode :
Duration : 94608000
HourlyPrice : 1.307
InstanceFamily : m4
OfferingId : hro-0c1f234567890d9ab
PaymentOption : NoUpfront
UpfrontPrice : 0.000
CurrencyCode :
Duration : 31536000
HourlyPrice : 1.830
InstanceFamily : m4
OfferingId : hro-04ad12aaaf34b5a67
PaymentOption : NoUpfront
UpfrontPrice : 0.000
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeHostReservationOfferings](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述專用主機保留,可供購買給指定篩選條件 'instance-family',其中 PaymentOption 為 'NoUpfront'**
```
Get-EC2HostReservationOffering -Filter @{Name="instance-family";Values="m4"} | Where-Object PaymentOption -eq NoUpfront
```
**輸出:**
```
CurrencyCode :
Duration : 94608000
HourlyPrice : 1.307
InstanceFamily : m4
OfferingId : hro-0c1f234567890d9ab
PaymentOption : NoUpfront
UpfrontPrice : 0.000
CurrencyCode :
Duration : 31536000
HourlyPrice : 1.830
InstanceFamily : m4
OfferingId : hro-04ad12aaaf34b5a67
PaymentOption : NoUpfront
UpfrontPrice : 0.000
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeHostReservationOfferings](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeHosts` 與 CLI
下列程式碼範例示範如何使用 `DescribeHosts`。
------
#### [ CLI ]
**AWS CLI**
**檢視專用主機的詳細資訊**
下列`describe-hosts`範例顯示您 AWS 帳戶中`available`專用主機的詳細資訊。
```
aws ec2 describe-hosts --filter "Name=state,Values=available"
```
輸出:
```
{
"Hosts": [
{
"HostId": "h-07879acf49EXAMPLE",
"Tags": [
{
"Value": "production",
"Key": "purpose"
}
],
"HostProperties": {
"Cores": 48,
"TotalVCpus": 96,
"InstanceType": "m5.large",
"Sockets": 2
},
"Instances": [],
"State": "available",
"AvailabilityZone": "eu-west-1a",
"AvailableCapacity": {
"AvailableInstanceCapacity": [
{
"AvailableCapacity": 48,
"InstanceType": "m5.large",
"TotalCapacity": 48
}
],
"AvailableVCpus": 96
},
"HostRecovery": "on",
"AllocationTime": "2019-08-19T08:57:44.000Z",
"AutoPlacement": "off"
}
]
}
```
如需詳細資訊,請參閱《[適用於 Linux 執行個體的 Amazon Elastic Compute Cloud 使用者指南](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-managing)》中的*檢視專用主機*。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeHosts](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-hosts.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會傳回 EC2 主機詳細資訊。**
```
Get-EC2Host
```
**輸出:**
```
AllocationTime : 3/23/2019 4:55:22 PM
AutoPlacement : off
AvailabilityZone : eu-west-1b
AvailableCapacity : Amazon.EC2.Model.AvailableCapacity
ClientToken :
HostId : h-01e23f4cd567890f1
HostProperties : Amazon.EC2.Model.HostProperties
HostReservationId :
Instances : {}
ReleaseTime : 1/1/0001 12:00:00 AM
State : available
Tags : {}
```
**範例 2:此範例會查詢主機 h-01e23f4cd567899f1 的 AvailableInstanceCapacity**
```
Get-EC2Host -HostId h-01e23f4cd567899f1 | Select-Object -ExpandProperty AvailableCapacity | Select-Object -expand AvailableInstanceCapacity
```
**輸出:**
```
AvailableCapacity InstanceType TotalCapacity
----------------- ------------ -------------
11 m4.xlarge 11
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeHosts](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會傳回 EC2 主機詳細資訊。**
```
Get-EC2Host
```
**輸出:**
```
AllocationTime : 3/23/2019 4:55:22 PM
AutoPlacement : off
AvailabilityZone : eu-west-1b
AvailableCapacity : Amazon.EC2.Model.AvailableCapacity
ClientToken :
HostId : h-01e23f4cd567890f1
HostProperties : Amazon.EC2.Model.HostProperties
HostReservationId :
Instances : {}
ReleaseTime : 1/1/0001 12:00:00 AM
State : available
Tags : {}
```
**範例 2:此範例會查詢主機 h-01e23f4cd567899f1 的 AvailableInstanceCapacity**
```
Get-EC2Host -HostId h-01e23f4cd567899f1 | Select-Object -ExpandProperty AvailableCapacity | Select-Object -expand AvailableInstanceCapacity
```
**輸出:**
```
AvailableCapacity InstanceType TotalCapacity
----------------- ------------ -------------
11 m4.xlarge 11
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeHosts](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DescribeIamInstanceProfileAssociations` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DescribeIamInstanceProfileAssociations`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [建置及管理彈性服務](example_cross_ResilientService_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/cross-service/ResilientService/AutoScalerActions#code-examples)中設定和執行。
```
///
/// Get the instance profile association data for an instance.
///
/// The Id of the instance.
/// Instance profile associations data.
public async Task GetInstanceProfile(string instanceId)
{
try
{
var response = await _amazonEc2.DescribeIamInstanceProfileAssociationsAsync(
new DescribeIamInstanceProfileAssociationsRequest()
{
Filters = new List()
{
new("instance-id", new List() { instanceId })
},
});
return response.IamInstanceProfileAssociations[0];
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidInstanceID.NotFound")
{
_logger.LogError(ec2Exception, $"Instance {instanceId} not found");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(ex, $"An error occurred while creating the template.: {ex.Message}");
throw;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [DescribeIamInstanceProfileAssociations](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeIamInstanceProfileAssociations)。
------
#### [ CLI ]
**AWS CLI**
**描述 IAM 執行個體設定檔關聯**
此範例描述所有 IAM 執行個體設定檔關聯。
命令:
```
aws ec2 describe-iam-instance-profile-associations
```
輸出:
```
{
"IamInstanceProfileAssociations": [
{
"InstanceId": "i-09eb09efa73ec1dee",
"State": "associated",
"AssociationId": "iip-assoc-0db249b1f25fa24b8",
"IamInstanceProfile": {
"Id": "AIPAJVQN4F5WVLGCJDRGM",
"Arn": "arn:aws:iam::123456789012:instance-profile/admin-role"
}
},
{
"InstanceId": "i-0402909a2f4dffd14",
"State": "associating",
"AssociationId": "iip-assoc-0d1ec06278d29f44a",
"IamInstanceProfile": {
"Id": "AGJAJVQN4F5WVLGCJABCM",
"Arn": "arn:aws:iam::123456789012:instance-profile/user1-role"
}
}
]
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeIamInstanceProfileAssociations](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-iam-instance-profile-associations.html)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cross-services/wkflw-resilient-service#code-examples)中設定和執行。
```
const ec2Client = new EC2Client({});
const { IamInstanceProfileAssociations } = await ec2Client.send(
new DescribeIamInstanceProfileAssociationsCommand({
Filters: [
{ Name: "instance-id", Values: [state.targetInstance.InstanceId] },
],
}),
);
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [DescribeIamInstanceProfileAssociations](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeIamInstanceProfileAssociationsCommand)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class AutoScalingWrapper:
"""
Encapsulates Amazon EC2 Auto Scaling and EC2 management actions.
"""
def __init__(
self,
resource_prefix: str,
inst_type: str,
ami_param: str,
autoscaling_client: boto3.client,
ec2_client: boto3.client,
ssm_client: boto3.client,
iam_client: boto3.client,
):
"""
Initializes the AutoScaler class with the necessary parameters.
:param resource_prefix: The prefix for naming AWS resources that are created by this class.
:param inst_type: The type of EC2 instance to create, such as t3.micro.
:param ami_param: The Systems Manager parameter used to look up the AMI that is created.
:param autoscaling_client: A Boto3 EC2 Auto Scaling client.
:param ec2_client: A Boto3 EC2 client.
:param ssm_client: A Boto3 Systems Manager client.
:param iam_client: A Boto3 IAM client.
"""
self.inst_type = inst_type
self.ami_param = ami_param
self.autoscaling_client = autoscaling_client
self.ec2_client = ec2_client
self.ssm_client = ssm_client
self.iam_client = iam_client
sts_client = boto3.client("sts")
self.account_id = sts_client.get_caller_identity()["Account"]
self.key_pair_name = f"{resource_prefix}-key-pair"
self.launch_template_name = f"{resource_prefix}-template-"
self.group_name = f"{resource_prefix}-group"
# Happy path
self.instance_policy_name = f"{resource_prefix}-pol"
self.instance_role_name = f"{resource_prefix}-role"
self.instance_profile_name = f"{resource_prefix}-prof"
# Failure mode
self.bad_creds_policy_name = f"{resource_prefix}-bc-pol"
self.bad_creds_role_name = f"{resource_prefix}-bc-role"
self.bad_creds_profile_name = f"{resource_prefix}-bc-prof"
def get_instance_profile(self, instance_id: str) -> Dict[str, Any]:
"""
Gets data about the profile associated with an instance.
:param instance_id: The ID of the instance to look up.
:return: The profile data.
"""
try:
response = self.ec2_client.describe_iam_instance_profile_associations(
Filters=[{"Name": "instance-id", "Values": [instance_id]}]
)
if not response["IamInstanceProfileAssociations"]:
log.info(f"No instance profile found for instance {instance_id}.")
profile_data = response["IamInstanceProfileAssociations"][0]
log.info(f"Retrieved instance profile for instance {instance_id}.")
return profile_data
except ClientError as err:
log.error(
f"Failed to retrieve instance profile for instance {instance_id}."
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
log.error(f"The instance ID '{instance_id}' does not exist.")
log.error(f"Full error:\n\t{err}")
```
+ 如需 API 的詳細資訊,請參閱《*適用於 Python (Boto3) 的AWS SDK API 參考*》中的 [DescribeIamInstanceProfileAssociations](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeIamInstanceProfileAssociations)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeIdFormat` 與 CLI
下列程式碼範例示範如何使用 `DescribeIdFormat`。
------
#### [ CLI ]
**AWS CLI**
**範例 1:描述資源的 ID 格式**
下列 `describe-id-format` 範例描述安全群組的 ID 格式。
```
aws ec2 describe-id-format \
--resource security-group
```
在下列範例輸出中,`Deadline` 值表示此資源類型永久從短 ID 格式切換為長 ID 格式的截止日期,已於 2018 年 8 月 15 日 00:00 UTC 到期。
```
{
"Statuses": [
{
"Deadline": "2018-08-15T00:00:00.000Z",
"Resource": "security-group",
"UseLongIds": true
}
]
}
```
**範例 2:描述所有資源的 ID 格式**
下列 `describe-id-format` 範例描述所有資源類型的 ID 格式。支援短 ID 格式的所有資源類型,均已切換為使用長 ID 格式。
```
aws ec2 describe-id-format
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeIdFormat](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-id-format.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定資源類型的 ID 格式。**
```
Get-EC2IdFormat -Resource instance
```
**輸出:**
```
Resource UseLongIds
-------- ----------
instance False
```
**範例 2:此範例描述支援較長 ID 的所有資源類型的 ID 格式。**
```
Get-EC2IdFormat
```
**輸出:**
```
Resource UseLongIds
-------- ----------
reservation False
instance False
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeIdFormat](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定資源類型的 ID 格式。**
```
Get-EC2IdFormat -Resource instance
```
**輸出:**
```
Resource UseLongIds
-------- ----------
instance False
```
**範例 2:此範例描述支援較長 ID 的所有資源類型的 ID 格式。**
```
Get-EC2IdFormat
```
**輸出:**
```
Resource UseLongIds
-------- ----------
reservation False
instance False
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeIdFormat](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeIdentityIdFormat` 與 CLI
下列程式碼範例示範如何使用 `DescribeIdentityIdFormat`。
------
#### [ CLI ]
**AWS CLI**
**描述 IAM 角色的 ID 格式**
下列`describe-identity-id-format`範例說明 IAM 角色`EC2Role`在您 AWS 帳戶中建立的執行個體所收到的 ID 格式。
```
aws ec2 describe-identity-id-format \
--principal-arn arn:aws:iam::123456789012:role/my-iam-role \
--resource instance
```
下列輸出指出此角色建立的執行個體會收到長 ID 格式的 ID。
```
{
"Statuses": [
{
"Deadline": "2016-12-15T00:00:00Z",
"Resource": "instance",
"UseLongIds": true
}
]
}
```
**描述 IAM 使用者的 ID 格式**
下列`describe-identity-id-format`範例說明 `AdminUser` AWS 帳戶中 IAM 使用者所建立快照所收到的 ID 格式。
```
aws ec2 describe-identity-id-format \
--principal-arn arn:aws:iam::123456789012:user/AdminUser \
--resource snapshot
```
輸出指出,此使用者建立的快照會收到長 ID 格式的 ID。
```
{
"Statuses": [
{
"Deadline": "2016-12-15T00:00:00Z",
"Resource": "snapshot",
"UseLongIds": true
}
]
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeIdentityIdFormat](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-identity-id-format.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會傳回指定角色之資源 'image' 的 ID 格式**
```
Get-EC2IdentityIdFormat -PrincipalArn arn:aws:iam::123456789511:role/JDBC -Resource image
```
**輸出:**
```
Deadline Resource UseLongIds
-------- -------- ----------
8/2/2018 11:30:00 PM image True
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeIdentityIdFormat](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會傳回指定角色之資源 'image' 的 ID 格式**
```
Get-EC2IdentityIdFormat -PrincipalArn arn:aws:iam::123456789511:role/JDBC -Resource image
```
**輸出:**
```
Deadline Resource UseLongIds
-------- -------- ----------
8/2/2018 11:30:00 PM image True
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeIdentityIdFormat](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeImageAttribute` 與 CLI
下列程式碼範例示範如何使用 `DescribeImageAttribute`。
------
#### [ CLI ]
**AWS CLI**
**描述 AMI 的啟動許可**
此範例描述指定之 AMI 的啟動許可。
命令:
```
aws ec2 describe-image-attribute --image-id ami-5731123e --attribute launchPermission
```
輸出:
```
{
"LaunchPermissions": [
{
"UserId": "123456789012"
}
],
"ImageId": "ami-5731123e",
}
```
**描述 AMI 的產品代碼**
此範例描述指定之 AMI 的產品代碼。請注意,此 AMI 沒有產品代碼。
命令:
```
aws ec2 describe-image-attribute --image-id ami-5731123e --attribute productCodes
```
輸出:
```
{
"ProductCodes": [],
"ImageId": "ami-5731123e",
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeImageAttribute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-image-attribute.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例會取得指定 AMI 的描述。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute description
```
**輸出:**
```
BlockDeviceMappings : {}
Description : My image description
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**範例 2:此範例會取得指定 AMI 的啟動許可。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute launchPermission
```
**輸出:**
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {all}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**範例 3:此範例會測試增強型聯網是否已啟用。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute sriovNetSupport
```
**輸出:**
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport : simple
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeImageAttribute](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例會取得指定 AMI 的描述。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute description
```
**輸出:**
```
BlockDeviceMappings : {}
Description : My image description
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**範例 2:此範例會取得指定 AMI 的啟動許可。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute launchPermission
```
**輸出:**
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {all}
ProductCodes : {}
RamdiskId :
SriovNetSupport :
```
**範例 3:此範例會測試增強型聯網是否已啟用。**
```
Get-EC2ImageAttribute -ImageId ami-12345678 -Attribute sriovNetSupport
```
**輸出:**
```
BlockDeviceMappings : {}
Description :
ImageId : ami-12345678
KernelId :
LaunchPermissions : {}
ProductCodes : {}
RamdiskId :
SriovNetSupport : simple
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeImageAttribute](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DescribeImages` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DescribeImages`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
+ [建立具私有子網路和 NAT 閘道的 VPC](example_vpc_GettingStartedPrivate_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# function ec2_describe_images
#
# This function describes one or more Amazon Elastic Compute Cloud (Amazon EC2) images.
#
# Parameters:
# -i image_ids - A space-separated list of image IDs (optional).
# -h - Display help.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_describe_images() {
local image_ids response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_describe_images"
echo "Describes one or more Amazon Elastic Compute Cloud (Amazon EC2) images."
echo " -i image_ids - A space-separated list of image IDs (optional)."
echo " -h - Display help."
echo ""
}
# Retrieve the calling parameters.
while getopts "i:h" option; do
case "${option}" in
i) image_ids="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
local aws_cli_args=()
if [[ -n "$image_ids" ]]; then
# shellcheck disable=SC2206
aws_cli_args+=("--image-ids" $image_ids)
fi
response=$(aws ec2 describe-images \
"${aws_cli_args[@]}" \
--query 'Images[*].[Description,Architecture,ImageId]' \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports describe-images operation failed.$response"
return 1
}
echo "$response"
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱*《AWS CLI 命令參考》*中的 [DescribeImages](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeImages)。
------
#### [ CLI ]
**AWS CLI**
**範例 1:描述 AMI**
下列 `describe-images` 範例描述指定區域中的指定 AMI。
```
aws ec2 describe-images \
--region us-east-1 \
--image-ids ami-1234567890EXAMPLE
```
輸出:
```
{
"Images": [
{
"VirtualizationType": "hvm",
"Description": "Provided by Red Hat, Inc.",
"PlatformDetails": "Red Hat Enterprise Linux",
"EnaSupport": true,
"Hypervisor": "xen",
"State": "available",
"SriovNetSupport": "simple",
"ImageId": "ami-1234567890EXAMPLE",
"UsageOperation": "RunInstances:0010",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sda1",
"Ebs": {
"SnapshotId": "snap-111222333444aaabb",
"DeleteOnTermination": true,
"VolumeType": "gp2",
"VolumeSize": 10,
"Encrypted": false
}
}
],
"Architecture": "x86_64",
"ImageLocation": "123456789012/RHEL-8.0.0_HVM-20190618-x86_64-1-Hourly2-GP2",
"RootDeviceType": "ebs",
"OwnerId": "123456789012",
"RootDeviceName": "/dev/sda1",
"CreationDate": "2019-05-10T13:17:12.000Z",
"Public": true,
"ImageType": "machine",
"Name": "RHEL-8.0.0_HVM-20190618-x86_64-1-Hourly2-GP2"
}
]
}
```
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的 [Amazon Machine Images (AMI)](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html)。
**範例 2:根據篩選條件描述 AMI**
以下 `describe-images` 範例描述 Amazon 所提供,且受 Amazon EBS 支援的 Windows AMI。
```
aws ec2 describe-images \
--owners amazon \
--filters "Name=platform,Values=windows" "Name=root-device-type,Values=ebs"
```
如需 `describe-images` 的輸出範例,請參閱範例 1。
如需使用篩選條件的其他範例,請參閱*《Amazon EC2 使用者指南》*中的[列出與篩選您的資源](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html#Filtering_Resources_CLI)。
**範例 3:根據標籤描述 AMI**
下列 `describe-images` 範例描述具有標籤 `Type=Custom` 的所有 AMI。此範例使用 `--query` 參數,僅顯示 AMI ID。
```
aws ec2 describe-images \
--filters "Name=tag:Type,Values=Custom" \
--query 'Images[*].[ImageId]' \
--output text
```
輸出:
```
ami-1234567890EXAMPLE
ami-0abcdef1234567890
```
如需使用標籤篩選條件的其他範例,請參閱*《Amazon EC2 使用者指南》*中的[使用標籤](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#Using_Tags_CLI)。
+ 如需 API 的詳細資訊,請參閱*《AWS CLI 命令參考》*中的 [DescribeImages](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-images.html)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { EC2Client, paginateDescribeImages } from "@aws-sdk/client-ec2";
/**
* Describes the specified images (AMIs, AKIs, and ARIs) available to you or all of the images available to you.
* @param {{ architecture: string, pageSize: number }} options
*/
export const main = async ({ architecture, pageSize }) => {
pageSize = Number.parseInt(pageSize);
const client = new EC2Client({});
// The paginate function is a wrapper around the base command.
const paginator = paginateDescribeImages(
// Without limiting the page size, this call can take a long time. pageSize is just sugar for
// the MaxResults property in the base command.
{ client, pageSize },
{
// There are almost 70,000 images available. Be specific with your filtering
// to increase efficiency.
// See https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-ec2/interfaces/describeimagescommandinput.html#filters
Filters: [{ Name: "architecture", Values: [architecture] }],
},
);
/**
* @type {import('@aws-sdk/client-ec2').Image[]}
*/
const images = [];
let recordsScanned = 0;
try {
for await (const page of paginator) {
recordsScanned += pageSize;
if (page.Images.length) {
images.push(...page.Images);
break;
}
console.log(
`No matching image found yet. Searched ${recordsScanned} records.`,
);
}
if (images.length) {
console.log(
`Found ${images.length} images:\n\n${images.map((image) => image.Name).join("\n")}\n`,
);
} else {
console.log(
`No matching images found. Searched ${recordsScanned} records.\n`,
);
}
return images;
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}`);
return [];
}
throw caught;
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [DescribeImages](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeImagesCommand)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定的 AMI。**
```
Get-EC2Image -ImageId ami-12345678
```
**輸出:**
```
Architecture : x86_64
BlockDeviceMappings : {/dev/xvda}
CreationDate : 2014-10-20T00:56:28.000Z
Description : My image
Hypervisor : xen
ImageId : ami-12345678
ImageLocation : 123456789012/my-image
ImageOwnerAlias :
ImageType : machine
KernelId :
Name : my-image
OwnerId : 123456789012
Platform :
ProductCodes : {}
Public : False
RamdiskId :
RootDeviceName : /dev/xvda
RootDeviceType : ebs
SriovNetSupport : simple
State : available
StateReason :
Tags : {Name}
VirtualizationType : hvm
```
**範例 2:此範例描述您擁有的 AMI。**
```
Get-EC2Image -owner self
```
**範例 3:此範例描述執行 Microsoft Windows Server 的公有 AMI。**
```
Get-EC2Image -Filter @{ Name="platform"; Values="windows" }
```
**範例 4:此範例描述 'us-west-2' 區域中的所有公有 AMI。**
```
Get-EC2Image -Region us-west-2
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeImages](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定的 AMI。**
```
Get-EC2Image -ImageId ami-12345678
```
**輸出:**
```
Architecture : x86_64
BlockDeviceMappings : {/dev/xvda}
CreationDate : 2014-10-20T00:56:28.000Z
Description : My image
Hypervisor : xen
ImageId : ami-12345678
ImageLocation : 123456789012/my-image
ImageOwnerAlias :
ImageType : machine
KernelId :
Name : my-image
OwnerId : 123456789012
Platform :
ProductCodes : {}
Public : False
RamdiskId :
RootDeviceName : /dev/xvda
RootDeviceType : ebs
SriovNetSupport : simple
State : available
StateReason :
Tags : {Name}
VirtualizationType : hvm
```
**範例 2:此範例描述您擁有的 AMI。**
```
Get-EC2Image -owner self
```
**範例 3:此範例描述執行 Microsoft Windows Server 的公有 AMI。**
```
Get-EC2Image -Filter @{ Name="platform"; Values="windows" }
```
**範例 4:此範例描述 'us-west-2' 區域中的所有公有 AMI。**
```
Get-EC2Image -Region us-west-2
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeImages](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def get_images(self, image_ids: List[str]) -> List[Dict[str, Any]]:
"""
Gets information about Amazon Machine Images (AMIs) from a list of AMI IDs.
:param image_ids: The list of AMI IDs to look up.
:return: A list of dictionaries representing the requested AMIs.
"""
try:
response = self.ec2_client.describe_images(ImageIds=image_ids)
images = response["Images"]
except ClientError as err:
logger.error(f"Failed to stop AMI(s): {','.join(map(str, image_ids))}")
error_code = err.response["Error"]["Code"]
if error_code == "InvalidAMIID.NotFound":
logger.error("One or more of the AMI IDs does not exist.")
raise
return images
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的 AWS SDK API 參考》**中的 [DescribeImages](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeImages)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
```
pub async fn list_images(&self, ids: Vec) -> Result, EC2Error> {
let image_ids = ids.into_iter().filter_map(|p| p.value).collect();
let output = self
.client
.describe_images()
.set_image_ids(Some(image_ids))
.send()
.await?;
let images = output.images.unwrap_or_default();
if images.is_empty() {
Err(EC2Error::new("No images for selected AMIs"))
} else {
Ok(images)
}
}
```
搭配使用 list\$1images 函數和 SSM,以根據您的環境施以限制。如需 SSM 的詳細資訊,請參閱 https://docs.aws.amazon.com/systems-manager/latest/userguide/example\$1ssm\$1GetParameters\$1section.html。
```
async fn find_image(&mut self) -> Result {
let params: Vec = self
.ssm
.list_path("/aws/service/ami-amazon-linux-latest")
.await
.map_err(|e| e.add_message("Could not find parameters for available images"))?
.into_iter()
.filter(|param| param.name().is_some_and(|name| name.contains("amzn2")))
.collect();
let amzn2_images: Vec = self
.ec2
.list_images(params)
.await
.map_err(|e| e.add_message("Could not find images"))?
.into_iter()
.map(ScenarioImage::from)
.collect();
println!("We will now create an instance from an Amazon Linux 2 AMI");
let ami = self.util.select_scenario_image(amzn2_images)?;
Ok(ami)
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [DescribeImages](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_images)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
oo_result = lo_ec2->describeimages( it_imageids = it_image_ids ). " oo_result is returned for testing purposes. "
DATA(lt_images) = oo_result->get_images( ).
MESSAGE 'Retrieved information about Amazon Machine Images (AMIs).' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 *AWS SAP ABAP 的 SDK API 參考*》中的 [DescribeImages](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
```
import AWSEC2
/// Return an array of `EC2ClientTypes.Image` objects describing all of
/// the images in the specified array.
///
/// - Parameter idList: A list of image ID strings indicating the images
/// to return details about.
///
/// - Returns: An array of the images.
func describeImages(_ idList: [String]) async -> [EC2ClientTypes.Image] {
do {
let output = try await ec2Client.describeImages(
input: DescribeImagesInput(
imageIds: idList
)
)
guard let images = output.images else {
print("*** No images found.")
return []
}
for image in images {
guard let id = image.imageId else {
continue
}
print(" \(id): \(image.description ?? "")")
}
return images
} catch {
print("*** Error getting image descriptions: \(error.localizedDescription)")
return []
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Swift 的 AWS SDK API 參考》**中的 [DescribeImages](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeimages(input:))。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeImportImageTasks` 與 CLI
下列程式碼範例示範如何使用 `DescribeImportImageTasks`。
------
#### [ CLI ]
**AWS CLI**
**監控匯入映像任務**
下列 `describe-import-image-tasks` 範例會檢查指定之匯入映像任務的狀態。
```
aws ec2 describe-import-image-tasks \
--import-task-ids import-ami-1234567890abcdef0
```
進行中的匯入映像任務的輸出。
```
{
"ImportImageTasks": [
{
"ImportTaskId": "import-ami-1234567890abcdef0",
"Progress": "28",
"SnapshotDetails": [
{
"DiskImageSize": 705638400.0,
"Format": "ova",
"Status": "completed",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.ova"
}
}
],
"Status": "active",
"StatusMessage": "converting"
}
]
}
```
已完成匯入映像任務的輸出。由 `ImageId` 提供的結果 AMI 的 ID。
```
{
"ImportImageTasks": [
{
"ImportTaskId": "import-ami-1234567890abcdef0",
"ImageId": "ami-1234567890abcdef0",
"SnapshotDetails": [
{
"DiskImageSize": 705638400.0,
"Format": "ova",
"SnapshotId": "snap-1234567890abcdef0"
"Status": "completed",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.ova"
}
}
],
"Status": "completed"
}
]
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeImportImageTasks](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-import-image-tasks.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定的映像匯入任務。**
```
Get-EC2ImportImageTask -ImportTaskId import-ami-hgfedcba
```
**輸出:**
```
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
**範例 2:此範例描述所有映像匯入任務。**
```
Get-EC2ImportImageTask
```
**輸出:**
```
Architecture :
Description : Windows Image 1
Hypervisor :
ImageId :
ImportTaskId : import-ami-abcdefgh
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {}
Status : deleted
StatusMessage : User initiated task cancelation
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeImportImageTasks](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定的映像匯入任務。**
```
Get-EC2ImportImageTask -ImportTaskId import-ami-hgfedcba
```
**輸出:**
```
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
**範例 2:此範例描述所有映像匯入任務。**
```
Get-EC2ImportImageTask
```
**輸出:**
```
Architecture :
Description : Windows Image 1
Hypervisor :
ImageId :
ImportTaskId : import-ami-abcdefgh
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {}
Status : deleted
StatusMessage : User initiated task cancelation
Architecture : x86_64
Description : Windows Image 2
Hypervisor :
ImageId : ami-1a2b3c4d
ImportTaskId : import-ami-hgfedcba
LicenseType : AWS
Platform : Windows
Progress :
SnapshotDetails : {/dev/sda1}
Status : completed
StatusMessage :
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeImportImageTasks](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeImportSnapshotTasks` 與 CLI
下列程式碼範例示範如何使用 `DescribeImportSnapshotTasks`。
------
#### [ CLI ]
**AWS CLI**
**監控匯入快照任務**
下列 `describe-import-snapshot-tasks` 範例會檢查指定之匯入快照任務的狀態。
```
aws ec2 describe-import-snapshot-tasks \
--import-task-ids import-snap-1234567890abcdef0
```
進行中的匯入快照任務的輸出:
```
{
"ImportSnapshotTasks": [
{
"Description": "My server VMDK",
"ImportTaskId": "import-snap-1234567890abcdef0",
"SnapshotTaskDetail": {
"Description": "My server VMDK",
"DiskImageSize": "705638400.0",
"Format": "VMDK",
"Progress": "42",
"Status": "active",
"StatusMessage": "downloading/converting",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.vmdk"
}
}
}
]
}
```
已完成匯入快照任務的輸出。由 `SnapshotId` 提供的結果快照的 ID。
```
{
"ImportSnapshotTasks": [
{
"Description": "My server VMDK",
"ImportTaskId": "import-snap-1234567890abcdef0",
"SnapshotTaskDetail": {
"Description": "My server VMDK",
"DiskImageSize": "705638400.0",
"Format": "VMDK",
"SnapshotId": "snap-1234567890abcdef0"
"Status": "completed",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key": "vms/my-server-vm.vmdk"
}
}
}
]
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeImportSnapshotTasks](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-import-snapshot-tasks.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定的快照匯入任務。**
```
Get-EC2ImportSnapshotTask -ImportTaskId import-snap-abcdefgh
```
**輸出:**
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
```
**範例 2:此範例描述所有快照匯入任務。**
```
Get-EC2ImportSnapshotTask
```
**輸出:**
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
Disk Image Import 2 import-snap-hgfedcba Amazon.EC2.Model.SnapshotTaskDetail
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeImportSnapshotTasks](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定的快照匯入任務。**
```
Get-EC2ImportSnapshotTask -ImportTaskId import-snap-abcdefgh
```
**輸出:**
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
```
**範例 2:此範例描述所有快照匯入任務。**
```
Get-EC2ImportSnapshotTask
```
**輸出:**
```
Description ImportTaskId SnapshotTaskDetail
----------------- -------------------- ------------------
Disk Image Import 1 import-snap-abcdefgh Amazon.EC2.Model.SnapshotTaskDetail
Disk Image Import 2 import-snap-hgfedcba Amazon.EC2.Model.SnapshotTaskDetail
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeImportSnapshotTasks](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeInstanceAttribute` 與 CLI
下列程式碼範例示範如何使用 `DescribeInstanceAttribute`。
------
#### [ CLI ]
**AWS CLI**
**描述執行個體類型**
此範例描述指定之執行個體的執行個體類型。
命令:
```
aws ec2 describe-instance-attribute --instance-id i-1234567890abcdef0 --attribute instanceType
```
輸出:
```
{
"InstanceId": "i-1234567890abcdef0"
"InstanceType": {
"Value": "t1.micro"
}
}
```
**描述 disableApiTermination 屬性**
此範例描述指定之執行個體的 `disableApiTermination` 屬性。
命令:
```
aws ec2 describe-instance-attribute --instance-id i-1234567890abcdef0 --attribute disableApiTermination
```
輸出:
```
{
"InstanceId": "i-1234567890abcdef0"
"DisableApiTermination": {
"Value": "false"
}
}
```
**描述執行個體的區塊型儲存設備映射**
此範例描述指定之執行個體的 `blockDeviceMapping` 屬性。
命令:
```
aws ec2 describe-instance-attribute --instance-id i-1234567890abcdef0 --attribute blockDeviceMapping
```
輸出:
```
{
"InstanceId": "i-1234567890abcdef0"
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sda1",
"Ebs": {
"Status": "attached",
"DeleteOnTermination": true,
"VolumeId": "vol-049df61146c4d7901",
"AttachTime": "2013-05-17T22:42:34.000Z"
}
},
{
"DeviceName": "/dev/sdf",
"Ebs": {
"Status": "attached",
"DeleteOnTermination": false,
"VolumeId": "vol-049df61146c4d7901",
"AttachTime": "2013-09-10T23:07:00.000Z"
}
}
],
}
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeInstanceAttribute](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instance-attribute.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定之執行個體的執行個體類型。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceType
```
**輸出:**
```
InstanceType : t2.micro
```
**範例 2:此範例描述是否為指定的執行個體啟用增強型聯網。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute sriovNetSupport
```
**輸出:**
```
SriovNetSupport : simple
```
**範例 3:此範例描述指定之執行個體的安全群組。**
```
(Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute groupSet).Groups
```
**輸出:**
```
GroupId
-------
sg-12345678
sg-45678901
```
**範例 4:此範例描述指定之執行個體是否啟用 EBS 最佳化。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute ebsOptimized
```
**輸出:**
```
EbsOptimized : False
```
**範例 5:此範例描述指定之執行個體的 'disableApiTermination' 屬性。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute disableApiTermination
```
**輸出:**
```
DisableApiTermination : False
```
**範例 6:此範例描述指定之執行個體的 'instanceInitiatedShutdownBehavior' 屬性。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceInitiatedShutdownBehavior
```
**輸出:**
```
InstanceInitiatedShutdownBehavior : stop
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeInstanceAttribute](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定之執行個體的執行個體類型。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceType
```
**輸出:**
```
InstanceType : t2.micro
```
**範例 2:此範例描述是否為指定的執行個體啟用增強型聯網。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute sriovNetSupport
```
**輸出:**
```
SriovNetSupport : simple
```
**範例 3:此範例描述指定之執行個體的安全群組。**
```
(Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute groupSet).Groups
```
**輸出:**
```
GroupId
-------
sg-12345678
sg-45678901
```
**範例 4:此範例描述指定之執行個體是否啟用 EBS 最佳化。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute ebsOptimized
```
**輸出:**
```
EbsOptimized : False
```
**範例 5:此範例描述指定之執行個體的 'disableApiTermination' 屬性。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute disableApiTermination
```
**輸出:**
```
DisableApiTermination : False
```
**範例 6:此範例描述指定之執行個體的 'instanceInitiatedShutdownBehavior' 屬性。**
```
Get-EC2InstanceAttribute -InstanceId i-12345678 -Attribute instanceInitiatedShutdownBehavior
```
**輸出:**
```
InstanceInitiatedShutdownBehavior : stop
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeInstanceAttribute](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DescribeInstanceStatus` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DescribeInstanceStatus`。
------
#### [ CLI ]
**AWS CLI**
**描述執行個體的狀態**
下列 `describe-instance-status` 範例會描述指定執行個體的目前狀態。
```
aws ec2 describe-instance-status \
--instance-ids i-1234567890abcdef0
```
輸出:
```
{
"InstanceStatuses": [
{
"InstanceId": "i-1234567890abcdef0",
"InstanceState": {
"Code": 16,
"Name": "running"
},
"AvailabilityZone": "us-east-1d",
"SystemStatus": {
"Status": "ok",
"Details": [
{
"Status": "passed",
"Name": "reachability"
}
]
},
"InstanceStatus": {
"Status": "ok",
"Details": [
{
"Status": "passed",
"Name": "reachability"
}
]
}
}
]
}
```
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的[監控您的執行個體狀態](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instances-status-check.html)。
+ 如需 API 詳細資訊,請參閱*《AWS CLI 命令參考》*中的 [DescribeInstanceStatus](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instance-status.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定之執行個體的狀態。**
```
Get-EC2InstanceStatus -InstanceId i-12345678
```
**輸出:**
```
AvailabilityZone : us-west-2a
Events : {}
InstanceId : i-12345678
InstanceState : Amazon.EC2.Model.InstanceState
Status : Amazon.EC2.Model.InstanceStatusSummary
SystemStatus : Amazon.EC2.Model.InstanceStatusSummary
```
```
$status = Get-EC2InstanceStatus -InstanceId i-12345678
$status.InstanceState
```
**輸出:**
```
Code Name
---- ----
16 running
```
```
$status.Status
```
**輸出:**
```
Details Status
------- ------
{reachability} ok
```
```
$status.SystemStatus
```
**輸出:**
```
Details Status
------- ------
{reachability} ok
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeInstanceStatus](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定之執行個體的狀態。**
```
Get-EC2InstanceStatus -InstanceId i-12345678
```
**輸出:**
```
AvailabilityZone : us-west-2a
Events : {}
InstanceId : i-12345678
InstanceState : Amazon.EC2.Model.InstanceState
Status : Amazon.EC2.Model.InstanceStatusSummary
SystemStatus : Amazon.EC2.Model.InstanceStatusSummary
```
```
$status = Get-EC2InstanceStatus -InstanceId i-12345678
$status.InstanceState
```
**輸出:**
```
Code Name
---- ----
16 running
```
```
$status.Status
```
**輸出:**
```
Details Status
------- ------
{reachability} ok
```
```
$status.SystemStatus
```
**輸出:**
```
Details Status
------- ------
{reachability} ok
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeInstanceStatus](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
```
async fn show_all_events(client: &Client) -> Result<(), Error> {
let resp = client.describe_regions().send().await.unwrap();
for region in resp.regions.unwrap_or_default() {
let reg: &'static str = Box::leak(Box::from(region.region_name().unwrap()));
let region_provider = RegionProviderChain::default_provider().or_else(reg);
let config = aws_config::from_env().region(region_provider).load().await;
let new_client = Client::new(&config);
let resp = new_client.describe_instance_status().send().await;
println!("Instances in region {}:", reg);
println!();
for status in resp.unwrap().instance_statuses() {
println!(
" Events scheduled for instance ID: {}",
status.instance_id().unwrap_or_default()
);
for event in status.events() {
println!(" Event ID: {}", event.instance_event_id().unwrap());
println!(" Description: {}", event.description().unwrap());
println!(" Event code: {}", event.code().unwrap().as_ref());
println!();
}
}
}
Ok(())
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Rust 的 AWS SDK API 參考》**中的 [DescribeInstanceStatus](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instance_status)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DescribeInstanceTypes` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DescribeInstanceTypes`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中設定和執行。
```
///
/// Describe the instance types available.
///
/// A list of instance type information.
public async Task> DescribeInstanceTypes(ArchitectureValues architecture)
{
try
{
var request = new DescribeInstanceTypesRequest();
var filters = new List
{
new Filter("processor-info.supported-architecture",
new List { architecture.ToString() })
};
filters.Add(new Filter("instance-type", new() { "*.micro", "*.small" }));
request.Filters = filters;
var instanceTypes = new List();
var paginator = _amazonEC2.Paginators.DescribeInstanceTypes(request);
await foreach (var instanceType in paginator.InstanceTypes)
{
instanceTypes.Add(instanceType);
}
return instanceTypes;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidParameterValue")
{
_logger.LogError(
$"Parameters are invalid. Ensure architecture and size strings conform to DescribeInstanceTypes API reference.");
}
throw;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't delete the security group because: {ex.Message}");
throw;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeInstanceTypes)。
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# ec2_describe_instance_types
#
# This function describes EC2 instance types filtered by processor architecture
# and optionally by instance type. It takes the following arguments:
#
# -a, --architecture ARCHITECTURE Specify the processor architecture (e.g., x86_64)
# -t, --type INSTANCE_TYPE Comma-separated list of instance types (e.g., t2.micro)
# -h, --help Show the usage help
#
# The function prints the instance type and supported architecture for each
# matching instance type.
###############################################################################
function ec2_describe_instance_types() {
local architecture=""
local instance_types=""
# bashsupport disable=BP5008
function usage() {
echo "Usage: ec2_describe_instance_types [-a|--architecture ARCHITECTURE] [-t|--type INSTANCE_TYPE] [-h|--help]"
echo " -a, --architecture ARCHITECTURE Specify the processor architecture (e.g., x86_64)"
echo " -t, --type INSTANCE_TYPE Comma-separated list of instance types (e.g., t2.micro)"
echo " -h, --help Show this help message"
}
while [[ $# -gt 0 ]]; do
case "$1" in
-a | --architecture)
architecture="$2"
shift 2
;;
-t | --type)
instance_types="$2"
shift 2
;;
-h | --help)
usage
return 0
;;
*)
echo "Unknown argument: $1"
return 1
;;
esac
done
if [[ -z "$architecture" ]]; then
errecho "Error: Architecture not specified."
usage
return 1
fi
if [[ -z "$instance_types" ]]; then
errecho "Error: Instance type not specified."
usage
return 1
fi
local tmp_json_file="temp_ec2.json"
echo -n '[
{
"Name": "processor-info.supported-architecture",
"Values": [' >"$tmp_json_file"
local items
IFS=',' read -ra items <<<"$architecture"
local array_size
array_size=${#items[@]}
for i in $(seq 0 $((array_size - 1))); do
echo -n '"'"${items[$i]}"'"' >>"$tmp_json_file"
if [[ $i -lt $((array_size - 1)) ]]; then
echo -n ',' >>"$tmp_json_file"
fi
done
echo -n ']},
{
"Name": "instance-type",
"Values": [' >>"$tmp_json_file"
IFS=',' read -ra items <<<"$instance_types"
local array_size
array_size=${#items[@]}
for i in $(seq 0 $((array_size - 1))); do
echo -n '"'"${items[$i]}"'"' >>"$tmp_json_file"
if [[ $i -lt $((array_size - 1)) ]]; then
echo -n ',' >>"$tmp_json_file"
fi
done
echo -n ']}]' >>"$tmp_json_file"
local response
response=$(aws ec2 describe-instance-types --filters file://"$tmp_json_file" \
--query 'InstanceTypes[*].[InstanceType]' --output text)
local error_code=$?
rm "$tmp_json_file"
if [[ $error_code -ne 0 ]]; then
aws_cli_error_log $error_code
echo "ERROR: AWS reports describe-instance-types operation failed."
return 1
fi
echo "$response"
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱*《AWS CLI 命令參考》*中的 [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeInstanceTypes)。
------
#### [ CLI ]
**AWS CLI**
**範例 1:描述執行個體類型**
下列 `describe-instance-types` 範例顯示指定執行個體類型的詳細資訊。
```
aws ec2 describe-instance-types \
--instance-types t2.micro
```
輸出:
```
{
"InstanceTypes": [
{
"InstanceType": "t2.micro",
"CurrentGeneration": true,
"FreeTierEligible": true,
"SupportedUsageClasses": [
"on-demand",
"spot"
],
"SupportedRootDeviceTypes": [
"ebs"
],
"BareMetal": false,
"Hypervisor": "xen",
"ProcessorInfo": {
"SupportedArchitectures": [
"i386",
"x86_64"
],
"SustainedClockSpeedInGhz": 2.5
},
"VCpuInfo": {
"DefaultVCpus": 1,
"DefaultCores": 1,
"DefaultThreadsPerCore": 1,
"ValidCores": [
1
],
"ValidThreadsPerCore": [
1
]
},
"MemoryInfo": {
"SizeInMiB": 1024
},
"InstanceStorageSupported": false,
"EbsInfo": {
"EbsOptimizedSupport": "unsupported",
"EncryptionSupport": "supported"
},
"NetworkInfo": {
"NetworkPerformance": "Low to Moderate",
"MaximumNetworkInterfaces": 2,
"Ipv4AddressesPerInterface": 2,
"Ipv6AddressesPerInterface": 2,
"Ipv6Supported": true,
"EnaSupport": "unsupported"
},
"PlacementGroupInfo": {
"SupportedStrategies": [
"partition",
"spread"
]
},
"HibernationSupported": false,
"BurstablePerformanceSupported": true,
"DedicatedHostsSupported": false,
"AutoRecoverySupported": true
}
]
}
```
如需詳細資訊,請參閱《*適用於 Linux 執行個體的 Amazon Elastic Compute Cloud 使用者指南*》中的[執行個體類型](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)。
**範例 2:若要篩選可用的執行個體類型**
您可以指定篩選條件,將結果範圍限制為具有特定特性的執行個體類型。下列 `describe-instance-types` 範例列出支援休眠的執行個體類型。
```
aws ec2 describe-instance-types \
--filters Name=hibernation-supported,Values=true --query 'InstanceTypes[*].InstanceType'
```
輸出:
```
[
"m5.8xlarge",
"r3.large",
"c3.8xlarge",
"r5.large",
"m4.4xlarge",
"c4.large",
"m5.xlarge",
"m4.xlarge",
"c3.large",
"c4.8xlarge",
"c4.4xlarge",
"c5.xlarge",
"c5.12xlarge",
"r5.4xlarge",
"c5.4xlarge"
]
```
如需詳細資訊,請參閱《*適用於 Linux 執行個體的 Amazon Elastic Compute Cloud 使用者指南*》中的[執行個體類型](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)。
+ 如需 API 詳細資訊,請參閱*《AWS CLI 命令參考》*中的 [DescribeInstanceTypes](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instance-types.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中設定和執行。
```
/**
* Asynchronously retrieves the instance types available in the current AWS region.
*
* This method uses the AWS SDK's asynchronous API to fetch the available instance types
* and then processes the response. It logs the memory information, network information,
* and instance type for each instance type returned. Additionally, it returns a
* {@link CompletableFuture} that resolves to the instance type string for the "t2.2xlarge"
* instance type, if it is found in the response. If the "t2.2xlarge" instance type is not
* found, an empty string is returned.
*
*
* @return a {@link CompletableFuture} that resolves to the instance type string for the
* "t2.2xlarge" instance type, or an empty string if the instance type is not found
*/
public CompletableFuture getInstanceTypesAsync() {
DescribeInstanceTypesRequest typesRequest = DescribeInstanceTypesRequest.builder()
.maxResults(10)
.build();
CompletableFuture response = getAsyncClient().describeInstanceTypes(typesRequest);
response.whenComplete((resp, ex) -> {
if (resp != null) {
List instanceTypes = resp.instanceTypes();
for (InstanceTypeInfo type : instanceTypes) {
logger.info("The memory information of this type is " + type.memoryInfo().sizeInMiB());
logger.info("Network information is " + type.networkInfo().toString());
logger.info("Instance type is " + type.instanceType().toString());
}
} else {
throw (RuntimeException) ex;
}
});
return response.thenApply(resp -> {
for (InstanceTypeInfo type : resp.instanceTypes()) {
String instanceType = type.instanceType().toString();
if (instanceType.equals("t2.2xlarge")) {
return instanceType;
}
}
return "";
});
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstanceTypes)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { EC2Client, paginateDescribeInstanceTypes } from "@aws-sdk/client-ec2";
/**
* Describes the specified instance types. By default, all instance types for the
* current Region are described. Alternatively, you can filter the results.
* @param {{ pageSize: string, supportedArch: string[], freeTier: boolean }} options
*/
export const main = async ({ pageSize, supportedArch, freeTier }) => {
pageSize = Number.parseInt(pageSize);
const client = new EC2Client({});
// The paginate function is a wrapper around the underlying command.
const paginator = paginateDescribeInstanceTypes(
// Without limiting the page size, this call can take a long time. pageSize is just sugar for
// the MaxResults property in the underlying command.
{ client, pageSize },
{
Filters: [
{
Name: "processor-info.supported-architecture",
Values: supportedArch,
},
{ Name: "free-tier-eligible", Values: [freeTier ? "true" : "false"] },
],
},
);
try {
/**
* @type {import('@aws-sdk/client-ec2').InstanceTypeInfo[]}
*/
const instanceTypes = [];
for await (const page of paginator) {
if (page.InstanceTypes.length) {
instanceTypes.push(...page.InstanceTypes);
// When we have at least 1 result, we can stop.
if (instanceTypes.length >= 1) {
break;
}
}
}
console.log(
`Memory size in MiB for matching instance types:\n\n${instanceTypes.map((it) => `${it.InstanceType}: ${it.MemoryInfo.SizeInMiB} MiB`).join("\n")}`,
);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}`);
return [];
}
throw caught;
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [DescribeInstanceTypes](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstanceTypesCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
// Get a list of instance types.
suspend fun getInstanceTypesSc(): String {
var instanceType = ""
val filterObs = ArrayList()
val filter =
Filter {
name = "processor-info.supported-architecture"
values = listOf("arm64")
}
filterObs.add(filter)
val typesRequest =
DescribeInstanceTypesRequest {
filters = filterObs
maxResults = 10
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstanceTypes(typesRequest)
response.instanceTypes?.forEach { type ->
println("The memory information of this type is ${type.memoryInfo?.sizeInMib}")
println("Maximum number of network cards is ${type.networkInfo?.maximumNetworkCards}")
instanceType = type.instanceType.toString()
}
return instanceType
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Kotlin 的 AWS SDK API 參考》**中的 [DescribeInstanceTypes](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def get_instance_types(
self, architecture: str = "x86_64", sizes: List[str] = ["*.micro", "*.small"]
) -> List[Dict[str, Any]]:
"""
Gets instance types that support the specified architecture and size.
See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypes.html
for a list of allowable parameters.
:param architecture: The architecture supported by instance types. Default: 'x86_64'.
:param sizes: The size of instance types. Default: '*.micro', '*.small',
:return: A list of dictionaries representing instance types that support the specified architecture and size.
"""
try:
inst_types = []
paginator = self.ec2_client.get_paginator("describe_instance_types")
for page in paginator.paginate(
Filters=[
{
"Name": "processor-info.supported-architecture",
"Values": [architecture],
},
{"Name": "instance-type", "Values": sizes},
]
):
inst_types += page["InstanceTypes"]
except ClientError as err:
logger.error(
f"Failed to get instance types: {architecture}, {','.join(map(str, sizes))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidParameterValue":
logger.error(
"Parameters are invalid. "
"Ensure architecture and size strings conform to DescribeInstanceTypes API reference."
)
raise
else:
return inst_types
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的 AWS SDK API 參考》**中的 [DescribeInstanceTypes](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstanceTypes)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
```
/// List instance types that match an image's architecture and are free tier eligible.
pub async fn list_instance_types(&self, image: &Image) -> Result, EC2Error> {
let architecture = format!(
"{}",
image.architecture().ok_or_else(|| EC2Error::new(format!(
"Image {:?} does not have a listed architecture",
image.image_id()
)))?
);
let free_tier_eligible_filter = Filter::builder()
.name("free-tier-eligible")
.values("false")
.build();
let supported_architecture_filter = Filter::builder()
.name("processor-info.supported-architecture")
.values(architecture)
.build();
let response = self
.client
.describe_instance_types()
.filters(free_tier_eligible_filter)
.filters(supported_architecture_filter)
.send()
.await?;
Ok(response
.instance_types
.unwrap_or_default()
.into_iter()
.filter_map(|iti| iti.instance_type)
.collect())
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [DescribeInstanceTypes](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instance_types)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
" Create filters for architecture and instance type patterns
" iv_architecture = 'x86_64'
DATA lt_filters TYPE /aws1/cl_ec2filter=>tt_filterlist.
APPEND NEW /aws1/cl_ec2filter(
iv_name = 'processor-info.supported-architecture'
it_values = VALUE /aws1/cl_ec2valuestringlist_w=>tt_valuestringlist(
( NEW /aws1/cl_ec2valuestringlist_w( iv_architecture ) )
)
) TO lt_filters.
" Filter for instance type patterns like '*.micro', '*.small'
APPEND NEW /aws1/cl_ec2filter(
iv_name = 'instance-type'
it_values = VALUE /aws1/cl_ec2valuestringlist_w=>tt_valuestringlist(
( NEW /aws1/cl_ec2valuestringlist_w( '*.micro' ) )
( NEW /aws1/cl_ec2valuestringlist_w( '*.small' ) )
)
) TO lt_filters.
TRY.
oo_result = lo_ec2->describeinstancetypes( it_filters = lt_filters ). " oo_result is returned for testing purposes. "
DATA(lt_instance_types) = oo_result->get_instancetypes( ).
MESSAGE 'Retrieved information about EC2 instance types.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 *AWS SAP ABAP 的 SDK API 參考*》中的 [DescribeInstanceTypes](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
```
import AWSEC2
/// Return a list of instance types matching the specified architecture
/// and instance sizes.
///
/// - Parameters:
/// - architecture: The architecture of the instance types to return, as
/// a member of `EC2ClientTypes.ArchitectureValues`.
/// - sizes: An array of one or more strings identifying sizes of
/// instance type to accept.
///
/// - Returns: An array of `EC2ClientTypes.InstanceTypeInfo` records
/// describing the instance types matching the given requirements.
func getMatchingInstanceTypes(architecture: EC2ClientTypes.ArchitectureValues = EC2ClientTypes.ArchitectureValues.x8664,
sizes: [String] = ["*.micro", "*.small"]) async
-> [EC2ClientTypes.InstanceTypeInfo] {
var instanceTypes: [EC2ClientTypes.InstanceTypeInfo] = []
let archFilter = EC2ClientTypes.Filter(
name: "processor-info.supported-architecture",
values: [architecture.rawValue]
)
let sizeFilter = EC2ClientTypes.Filter(
name: "instance-type",
values: sizes
)
do {
let pages = ec2Client.describeInstanceTypesPaginated(
input: DescribeInstanceTypesInput(
filters: [archFilter, sizeFilter]
)
)
for try await page in pages {
guard let types = page.instanceTypes else {
return []
}
instanceTypes += types
}
} catch {
print("*** Error getting image types: \(error.localizedDescription)")
return []
}
return instanceTypes
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Swift 的 AWS SDK API 參考》**中的 [DescribeInstanceTypes](https://sdk.amazonaws.com/swift/api/awsec2/latest/documentation/awsec2/ec2client/describeinstancetypes(input:))。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DescribeInstances` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DescribeInstances`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
+ [建置及管理彈性服務](example_cross_ResilientService_section.md)
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中設定和執行。
```
///
/// Get information about EC2 instances with a particular state.
///
/// The name of the tag to filter on.
/// The value of the tag to look for.
/// True if successful.
public async Task GetInstancesWithState(string state)
{
try
{
// Filters the results of the instance list.
var filters = new List
{
new Filter
{
Name = $"instance-state-name",
Values = new List { state, },
},
};
var request = new DescribeInstancesRequest { Filters = filters, };
Console.WriteLine($"\nShowing instances with state {state}");
var paginator = _amazonEC2.Paginators.DescribeInstances(request);
await foreach (var response in paginator.Responses)
{
foreach (var reservation in response.Reservations)
{
foreach (var instance in reservation.Instances)
{
Console.Write($"Instance ID: {instance.InstanceId} ");
Console.WriteLine($"\tCurrent State: {instance.State.Name}");
}
}
}
return true;
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidParameterValue")
{
_logger.LogError(
$"Invalid parameter value for filtering instances.");
}
return false;
}
catch (Exception ex)
{
Console.WriteLine($"Couldn't list instances because: {ex.Message}");
return false;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [DescribeInstances](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeInstances)。
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# function ec2_describe_instances
#
# This function describes one or more Amazon Elastic Compute Cloud (Amazon EC2) instances.
#
# Parameters:
# -i instance_id - The ID of the instance to describe (optional).
# -q query - The query to filter the response (optional).
# -h - Display help.
#
# Returns:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_describe_instances() {
local instance_id query response
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_describe_instances"
echo "Describes one or more Amazon Elastic Compute Cloud (Amazon EC2) instances."
echo " -i instance_id - The ID of the instance to describe (optional)."
echo " -q query - The query to filter the response (optional)."
echo " -h - Display help."
echo ""
}
# Retrieve the calling parameters.
while getopts "i:q:h" option; do
case "${option}" in
i) instance_id="${OPTARG}" ;;
q) query="${OPTARG}" ;;
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
local aws_cli_args=()
if [[ -n "$instance_id" ]]; then
# shellcheck disable=SC2206
aws_cli_args+=("--instance-ids" $instance_id)
fi
local query_arg=""
if [[ -n "$query" ]]; then
query_arg="--query '$query'"
else
query_arg="--query Reservations[*].Instances[*].[InstanceId,ImageId,InstanceType,KeyName,VpcId,PublicIpAddress,State.Name]"
fi
# shellcheck disable=SC2086
response=$(aws ec2 describe-instances \
"${aws_cli_args[@]}" \
$query_arg \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports describe-instances operation failed.$response"
return 1
}
echo "$response"
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱*《AWS CLI 命令參考》*中的 [DescribeInstances](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeInstances)。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! Describe all Amazon Elastic Compute Cloud (Amazon EC2) instances associated with an account.
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::describeInstances(
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeInstancesRequest request;
bool header = false;
bool done = false;
while (!done) {
Aws::EC2::Model::DescribeInstancesOutcome outcome = ec2Client.DescribeInstances(request);
if (outcome.IsSuccess()) {
if (!header) {
std::cout << std::left <<
std::setw(48) << "Name" <<
std::setw(20) << "ID" <<
std::setw(25) << "Ami" <<
std::setw(15) << "Type" <<
std::setw(15) << "State" <<
std::setw(15) << "Monitoring" << std::endl;
header = true;
}
const std::vector &reservations =
outcome.GetResult().GetReservations();
for (const auto &reservation: reservations) {
const std::vector &instances =
reservation.GetInstances();
for (const auto &instance: instances) {
Aws::String instanceStateString =
Aws::EC2::Model::InstanceStateNameMapper::GetNameForInstanceStateName(
instance.GetState().GetName());
Aws::String typeString =
Aws::EC2::Model::InstanceTypeMapper::GetNameForInstanceType(
instance.GetInstanceType());
Aws::String monitorString =
Aws::EC2::Model::MonitoringStateMapper::GetNameForMonitoringState(
instance.GetMonitoring().GetState());
Aws::String name = "Unknown";
const std::vector &tags = instance.GetTags();
auto nameIter = std::find_if(tags.cbegin(), tags.cend(),
[](const Aws::EC2::Model::Tag &tag) {
return tag.GetKey() == "Name";
});
if (nameIter != tags.cend()) {
name = nameIter->GetValue();
}
std::cout <<
std::setw(48) << name <<
std::setw(20) << instance.GetInstanceId() <<
std::setw(25) << instance.GetImageId() <<
std::setw(15) << typeString <<
std::setw(15) << instanceStateString <<
std::setw(15) << monitorString << std::endl;
}
}
if (!outcome.GetResult().GetNextToken().empty()) {
request.SetNextToken(outcome.GetResult().GetNextToken());
} else {
done = true;
}
} else {
std::cerr << "Failed to describe EC2 instances:" <<
outcome.GetError().GetMessage() << std::endl;
return false;
}
}
return true;
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [DescribeInstances](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeInstances)。
------
#### [ CLI ]
**AWS CLI**
**範例 1:描述執行個體**
下列 `describe-instances` 範例會描述指定的執行個體。
```
aws ec2 describe-instances \
--instance-ids i-1234567890abcdef0
```
輸出:
```
{
"Reservations": [
{
"Groups": [],
"Instances": [
{
"AmiLaunchIndex": 0,
"ImageId": "ami-0abcdef1234567890",
"InstanceId": "i-1234567890abcdef0",
"InstanceType": "t3.nano",
"KeyName": "my-key-pair",
"LaunchTime": "2022-11-15T10:48:59+00:00",
"Monitoring": {
"State": "disabled"
},
"Placement": {
"AvailabilityZone": "us-east-2a",
"GroupName": "",
"Tenancy": "default"
},
"PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal",
"PrivateIpAddress": "10-0-0-157",
"ProductCodes": [],
"PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com",
"PublicIpAddress": "34.253.223.13",
"State": {
"Code": 16,
"Name": "running"
},
"StateTransitionReason": "",
"SubnetId": "subnet-04a636d18e83cfacb",
"VpcId": "vpc-1234567890abcdef0",
"Architecture": "x86_64",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/xvda",
"Ebs": {
"AttachTime": "2022-11-15T10:49:00+00:00",
"DeleteOnTermination": true,
"Status": "attached",
"VolumeId": "vol-02e6ccdca7de29cf2"
}
}
],
"ClientToken": "1234abcd-1234-abcd-1234-d46a8903e9bc",
"EbsOptimized": true,
"EnaSupport": true,
"Hypervisor": "xen",
"IamInstanceProfile": {
"Arn": "arn:aws:iam::111111111111:instance-profile/AmazonSSMRoleForInstancesQuickSetup",
"Id": "111111111111111111111"
},
"NetworkInterfaces": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com",
"PublicIp": "34.253.223.13"
},
"Attachment": {
"AttachTime": "2022-11-15T10:48:59+00:00",
"AttachmentId": "eni-attach-1234567890abcdefg",
"DeleteOnTermination": true,
"DeviceIndex": 0,
"Status": "attached",
"NetworkCardIndex": 0
},
"Description": "",
"Groups": [
{
"GroupName": "launch-wizard-146",
"GroupId": "sg-1234567890abcdefg"
}
],
"Ipv6Addresses": [],
"MacAddress": "00:11:22:33:44:55",
"NetworkInterfaceId": "eni-1234567890abcdefg",
"OwnerId": "104024344472",
"PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal",
"PrivateIpAddress": "10-0-0-157",
"PrivateIpAddresses": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com",
"PublicIp": "34.253.223.13"
},
"Primary": true,
"PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal",
"PrivateIpAddress": "10-0-0-157"
}
],
"SourceDestCheck": true,
"Status": "in-use",
"SubnetId": "subnet-1234567890abcdefg",
"VpcId": "vpc-1234567890abcdefg",
"InterfaceType": "interface"
}
],
"RootDeviceName": "/dev/xvda",
"RootDeviceType": "ebs",
"SecurityGroups": [
{
"GroupName": "launch-wizard-146",
"GroupId": "sg-1234567890abcdefg"
}
],
"SourceDestCheck": true,
"Tags": [
{
"Key": "Name",
"Value": "my-instance"
}
],
"VirtualizationType": "hvm",
"CpuOptions": {
"CoreCount": 1,
"ThreadsPerCore": 2
},
"CapacityReservationSpecification": {
"CapacityReservationPreference": "open"
},
"HibernationOptions": {
"Configured": false
},
"MetadataOptions": {
"State": "applied",
"HttpTokens": "optional",
"HttpPutResponseHopLimit": 1,
"HttpEndpoint": "enabled",
"HttpProtocolIpv6": "disabled",
"InstanceMetadataTags": "enabled"
},
"EnclaveOptions": {
"Enabled": false
},
"PlatformDetails": "Linux/UNIX",
"UsageOperation": "RunInstances",
"UsageOperationUpdateTime": "2022-11-15T10:48:59+00:00",
"PrivateDnsNameOptions": {
"HostnameType": "ip-name",
"EnableResourceNameDnsARecord": true,
"EnableResourceNameDnsAAAARecord": false
},
"MaintenanceOptions": {
"AutoRecovery": "default"
}
}
],
"OwnerId": "111111111111",
"ReservationId": "r-1234567890abcdefg"
}
]
}
```
**範例 2:篩選具有指定類型的執行個體**
下列 `describe-instances` 範例會使用篩選條件,將結果範圍限定為指定類型的執行個體。
```
aws ec2 describe-instances \
--filters Name=instance-type,Values=m5.large
```
如需輸出範例,請參閱範例 1。
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的[使用 CLI 列出和篩選](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html#Filtering_Resources_CLI)。
**範例 3:篩選具有指定類型和可用區域的執行個體**
下列 `describe-instances` 範例會使用多個篩選條件,將結果範圍限定為指定可用區域中具有指定類型的執行個體。
```
aws ec2 describe-instances \
--filters Name=instance-type,Values=t2.micro,t3.micro Name=availability-zone,Values=us-east-2c
```
如需輸出範例,請參閱範例 1。
**範例 4:使用 JSON 檔案篩選具有指定類型和可用區域的執行個體**
下列 `describe-instances` 範例會使用 JSON 輸入檔案來執行與先前範例相同的篩選條件。若篩選條件變得更複雜,便可更輕鬆地在 JSON 檔案中指定這些條件。
```
aws ec2 describe-instances \
--filters file://filters.json
```
`filters.json` 的內容:
```
[
{
"Name": "instance-type",
"Values": ["t2.micro", "t3.micro"]
},
{
"Name": "availability-zone",
"Values": ["us-east-2c"]
}
]
```
如需輸出範例,請參閱範例 1。
**範例 5:篩選具有指定 Owner 標籤的執行個體**
下列 `describe-instances` 範例會使用標籤篩選條件,將結果範圍限定為其標籤具有指定標籤索引鍵 (Owner) 的執行個體,不論標籤值為何。
```
aws ec2 describe-instances \
--filters "Name=tag-key,Values=Owner"
```
如需輸出範例,請參閱範例 1。
**範例 6:篩選具有指定 my-team 標籤值的執行個體**
下列 `describe-instances` 範例會使用標籤篩選條件,將結果範圍限定為其標籤具有指定標籤值 (my-team) 的執行個體,不論標籤索引鍵為何。
```
aws ec2 describe-instances \
--filters "Name=tag-value,Values=my-team"
```
如需輸出範例,請參閱範例 1。
**範例 7:篩選具有指定 Owner 標籤和 my-team 值的執行個體**
下列 `describe-instances` 範例會使用標籤篩選條件,將結果範圍限定為具有指定標籤 (Owner=my-team) 的執行個體。
```
aws ec2 describe-instances \
--filters "Name=tag:Owner,Values=my-team"
```
如需輸出範例,請參閱範例 1。
**範例 8:僅顯示所有執行個體的執行個體和子網路 ID**
下列 `describe-instances` 範例會使用 `--query` 參數,以 JSON 格式僅顯示所有執行個體的執行個體和子網路 ID。
Linux 和 macOS:
```
aws ec2 describe-instances \
--query 'Reservations[*].Instances[*].{Instance:InstanceId,Subnet:SubnetId}' \
--output json
```
Windows:
```
aws ec2 describe-instances ^
--query "Reservations[*].Instances[*].{Instance:InstanceId,Subnet:SubnetId}" ^
--output json
```
輸出:
```
[
{
"Instance": "i-057750d42936e468a",
"Subnet": "subnet-069beee9b12030077"
},
{
"Instance": "i-001efd250faaa6ffa",
"Subnet": "subnet-0b715c6b7db68927a"
},
{
"Instance": "i-027552a73f021f3bd",
"Subnet": "subnet-0250c25a1f4e15235"
}
...
]
```
**範例 9:篩選指定類型的執行個體,並僅顯示其執行個體 ID**
下列 `describe-instances` 範例會使用篩選條件,將結果範圍限定為指定類型的執行個體以及 `--query` 參數,以便僅顯示執行個體 ID。
```
aws ec2 describe-instances \
--filters "Name=instance-type,Values=t2.micro" \
--query "Reservations[*].Instances[*].[InstanceId]" \
--output text
```
輸出:
```
i-031c0dc19de2fb70c
i-00d8bff789a736b75
i-0b715c6b7db68927a
i-0626d4edd54f1286d
i-00b8ae04f9f99908e
i-0fc71c25d2374130c
```
**範例 10:篩選指定類型的執行個體,並僅顯示其執行個體 ID、可用區域以及指定標籤值**
下列 `describe-instances` 範例會針對其標籤具有名稱 `tag-key` 的執行個體,以表格格式顯示執行個體 ID、可用區域以及 `Name` 標籤的值。
Linux 和 macOS:
```
aws ec2 describe-instances \
--filters Name=tag-key,Values=Name \
--query 'Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key==`Name`]|[0].Value}' \
--output table
```
Windows:
```
aws ec2 describe-instances ^
--filters Name=tag-key,Values=Name ^
--query "Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key=='Name']|[0].Value}" ^
--output table
```
輸出:
```
-------------------------------------------------------------
| DescribeInstances |
+--------------+-----------------------+--------------------+
| AZ | Instance | Name |
+--------------+-----------------------+--------------------+
| us-east-2b | i-057750d42936e468a | my-prod-server |
| us-east-2a | i-001efd250faaa6ffa | test-server-1 |
| us-east-2a | i-027552a73f021f3bd | test-server-2 |
+--------------+-----------------------+--------------------+
```
**範例 11:描述分區放置群組中的執行個體**
下列 `describe-instances` 範例會描述指定的執行個體。輸出包含執行個體的放置資料,其中包括執行個體的放置群組名稱和分區號碼。
```
aws ec2 describe-instances \
--instance-ids i-0123a456700123456 \
--query "Reservations[*].Instances[*].Placement"
```
輸出:
```
[
[
{
"AvailabilityZone": "us-east-1c",
"GroupName": "HDFS-Group-A",
"PartitionNumber": 3,
"Tenancy": "default"
}
]
]
```
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的[描述放置群組中的執行個體](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html#describe-instance-placement)。
**範例 12:篩選為具有指定放置群組和分區號碼的執行個體**
下列 `describe-instances` 範例會將結果篩選為僅顯示具有指定放置群組和分割區號碼的執行個體。
```
aws ec2 describe-instances \
--filters "Name=placement-group-name,Values=HDFS-Group-A" "Name=placement-partition-number,Values=7"
```
以下內容僅顯示輸出的相關資訊。
```
"Instances": [
{
"InstanceId": "i-0123a456700123456",
"InstanceType": "r4.large",
"Placement": {
"AvailabilityZone": "us-east-1c",
"GroupName": "HDFS-Group-A",
"PartitionNumber": 7,
"Tenancy": "default"
}
},
{
"InstanceId": "i-9876a543210987654",
"InstanceType": "r4.large",
"Placement": {
"AvailabilityZone": "us-east-1c",
"GroupName": "HDFS-Group-A",
"PartitionNumber": 7,
"Tenancy": "default"
}
],
```
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的[描述放置群組中的執行個體](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html#describe-instance-placement)。
**範例 13:篩選出設定為允許從執行個體中繼資料存取標籤的執行個體**
下列 `describe-instances` 範例會將結果篩選為僅顯示設定為允許從執行個體中繼資料存取執行個體標籤的執行個體。
```
aws ec2 describe-instances \
--filters "Name=metadata-options.instance-metadata-tags,Values=enabled" \
--query "Reservations[*].Instances[*].InstanceId" \
--output text
```
以下內容顯示預期的輸出。
```
i-1234567890abcdefg
i-abcdefg1234567890
i-11111111aaaaaaaaa
i-aaaaaaaa111111111
```
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的[使用執行個體中繼資料中的執行個體標籤](https://docs.aws.amazon.com/en_us/AWSEC2/latest/UserGuide/Using_Tags.html#view-access-to-tags-in-IMDS)。
+ 如需 API 的詳細資訊,請參閱*《AWS CLI 命令參考》*中的 [DescribeInstances](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instances.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中設定和執行。
```
/**
* Asynchronously describes the state of an EC2 instance.
* The paginator helps you iterate over multiple pages of results.
*
* @param newInstanceId the ID of the EC2 instance to describe
* @return a {@link CompletableFuture} that, when completed, contains a string describing the state of the EC2 instance
*/
public CompletableFuture describeEC2InstancesAsync(String newInstanceId) {
DescribeInstancesRequest request = DescribeInstancesRequest.builder()
.instanceIds(newInstanceId)
.build();
DescribeInstancesPublisher paginator = getAsyncClient().describeInstancesPaginator(request);
AtomicReference publicIpAddressRef = new AtomicReference<>();
return paginator.subscribe(response -> {
response.reservations().stream()
.flatMap(reservation -> reservation.instances().stream())
.filter(instance -> instance.instanceId().equals(newInstanceId))
.findFirst()
.ifPresent(instance -> publicIpAddressRef.set(instance.publicIpAddress()));
}).thenApply(v -> {
String publicIpAddress = publicIpAddressRef.get();
if (publicIpAddress == null) {
throw new RuntimeException("Instance with ID " + newInstanceId + " not found.");
}
return publicIpAddress;
}).exceptionally(ex -> {
logger.info("Failed to describe instances: " + ex.getMessage());
throw new RuntimeException("Failed to describe instances", ex);
});
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [DescribeInstances](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeInstances)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { EC2Client, paginateDescribeInstances } from "@aws-sdk/client-ec2";
/**
* List all of your EC2 instances running with the provided architecture that
* were launched in the past month.
* @param {{ pageSize: string, architectures: string[] }} options
*/
export const main = async ({ pageSize, architectures }) => {
pageSize = Number.parseInt(pageSize);
const client = new EC2Client({});
const d = new Date();
const year = d.getFullYear();
const month = `0${d.getMonth() + 1}`.slice(-2);
const launchTimePattern = `${year}-${month}-*`;
const paginator = paginateDescribeInstances(
{
client,
pageSize,
},
{
Filters: [
{ Name: "architecture", Values: architectures },
{ Name: "instance-state-name", Values: ["running"] },
{
Name: "launch-time",
Values: [launchTimePattern],
},
],
},
);
try {
/**
* @type {import('@aws-sdk/client-ec2').Instance[]}
*/
const instanceList = [];
for await (const page of paginator) {
const { Reservations } = page;
for (const reservation of Reservations) {
instanceList.push(...reservation.Instances);
}
}
console.log(
`Running instances launched this month:\n\n${instanceList.map((instance) => instance.InstanceId).join("\n")}`,
);
} catch (caught) {
if (caught instanceof Error && caught.name === "InvalidParameterValue") {
console.warn(`${caught.message}.`);
} else {
throw caught;
}
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [DescribeInstances](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeInstancesCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
suspend fun describeEC2Instances() {
val request =
DescribeInstancesRequest {
maxResults = 6
}
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeInstances(request)
response.reservations?.forEach { reservation ->
reservation.instances?.forEach { instance ->
println("Instance Id is ${instance.instanceId}")
println("Image id is ${instance.imageId}")
println("Instance type is ${instance.instanceType}")
println("Instance state name is ${instance.state?.name}")
println("monitoring information is ${instance.monitoring?.state}")
}
}
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Kotlin 的 AWS SDK API 參考》**中的 [DescribeInstances](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定的執行個體。**
```
(Get-EC2Instance -InstanceId i-12345678).Instances
```
**輸出:**
```
AmiLaunchIndex : 0
Architecture : x86_64
BlockDeviceMappings : {/dev/sda1}
ClientToken : TleEy1448154045270
EbsOptimized : False
Hypervisor : xen
IamInstanceProfile : Amazon.EC2.Model.IamInstanceProfile
ImageId : ami-12345678
InstanceId : i-12345678
InstanceLifecycle :
InstanceType : t2.micro
KernelId :
KeyName : my-key-pair
LaunchTime : 12/4/2015 4:44:40 PM
Monitoring : Amazon.EC2.Model.Monitoring
NetworkInterfaces : {ip-10-0-2-172.us-west-2.compute.internal}
Placement : Amazon.EC2.Model.Placement
Platform : Windows
PrivateDnsName : ip-10-0-2-172.us-west-2.compute.internal
PrivateIpAddress : 10.0.2.172
ProductCodes : {}
PublicDnsName :
PublicIpAddress :
RamdiskId :
RootDeviceName : /dev/sda1
RootDeviceType : ebs
SecurityGroups : {default}
SourceDestCheck : True
SpotInstanceRequestId :
SriovNetSupport :
State : Amazon.EC2.Model.InstanceState
StateReason :
StateTransitionReason :
SubnetId : subnet-12345678
Tags : {Name}
VirtualizationType : hvm
VpcId : vpc-12345678
```
**範例 2:此範例描述目前區域中,依預留分組的所有執行個體。若要查看執行個體詳細資訊,請在每個保留物件中展開執行個體集合。**
```
Get-EC2Instance
```
**輸出:**
```
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 226008221399
ReservationId : r-c5df370c
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 854251627541
ReservationId : r-63e65bab
...
```
**範例 3:此範例說明使用篩選條件查詢特定 VPC 子網路中的 EC2 執行個體。**
```
(Get-EC2Instance -Filter @{Name="vpc-id";Values="vpc-1a2bc34d"},@{Name="subnet-id";Values="subnet-1a2b3c4d"}).Instances
```
**輸出:**
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-01af...82cf180e19 t2.medium Windows 10.0.0.98 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0374...7e9d5b0c45 t2.xlarge Windows 10.0.0.53 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**範例 4:此範例說明使用具有多個值的篩選條件,查詢執行中和已停止的 EC2 執行個體**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
(Get-EC2Instance @InstanceParams).Instances
```
**輸出:**
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**範例 5:此範例說明使用具有多個值的篩選條件,查詢執行中和已停止的 EC2 執行個體,以及使用 Select-Object Cmdlet 以選擇要輸出的特定值。**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
$SelectParams = @{
Property = @(
"InstanceID", "InstanceType", "Platform", "PrivateIpAddress",
@{Name="Name";Expression={$_.Tags[$_.Tags.Key.IndexOf("Name")].Value}},
@{Name="State";Expression={$_.State.Name}}
)
}
$result = Get-EC2Instance @InstanceParams
$result.Instances | Select-Object @SelectParams | Format-Table -AutoSize
```
**輸出:**
```
InstanceId InstanceType Platform PrivateIpAddress Name State
---------- ------------ -------- ---------------- ---- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ec2-name-01 running
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ec2-name-02 stopped
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ec2-name-03 running
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ec2-name-04 stopped
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ec2-name-05 running
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ec2-name-06 stopped
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeInstances](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定的執行個體。**
```
(Get-EC2Instance -InstanceId i-12345678).Instances
```
**輸出:**
```
AmiLaunchIndex : 0
Architecture : x86_64
BlockDeviceMappings : {/dev/sda1}
ClientToken : TleEy1448154045270
EbsOptimized : False
Hypervisor : xen
IamInstanceProfile : Amazon.EC2.Model.IamInstanceProfile
ImageId : ami-12345678
InstanceId : i-12345678
InstanceLifecycle :
InstanceType : t2.micro
KernelId :
KeyName : my-key-pair
LaunchTime : 12/4/2015 4:44:40 PM
Monitoring : Amazon.EC2.Model.Monitoring
NetworkInterfaces : {ip-10-0-2-172.us-west-2.compute.internal}
Placement : Amazon.EC2.Model.Placement
Platform : Windows
PrivateDnsName : ip-10-0-2-172.us-west-2.compute.internal
PrivateIpAddress : 10.0.2.172
ProductCodes : {}
PublicDnsName :
PublicIpAddress :
RamdiskId :
RootDeviceName : /dev/sda1
RootDeviceType : ebs
SecurityGroups : {default}
SourceDestCheck : True
SpotInstanceRequestId :
SriovNetSupport :
State : Amazon.EC2.Model.InstanceState
StateReason :
StateTransitionReason :
SubnetId : subnet-12345678
Tags : {Name}
VirtualizationType : hvm
VpcId : vpc-12345678
```
**範例 2:此範例描述目前區域中,依預留分組的所有執行個體。若要查看執行個體詳細資訊,請在每個保留物件中展開執行個體集合。**
```
Get-EC2Instance
```
**輸出:**
```
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 226008221399
ReservationId : r-c5df370c
GroupNames : {}
Groups : {}
Instances : {}
OwnerId : 123456789012
RequesterId : 854251627541
ReservationId : r-63e65bab
...
```
**範例 3:此範例說明使用篩選條件查詢特定 VPC 子網路中的 EC2 執行個體。**
```
(Get-EC2Instance -Filter @{Name="vpc-id";Values="vpc-1a2bc34d"},@{Name="subnet-id";Values="subnet-1a2b3c4d"}).Instances
```
**輸出:**
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-01af...82cf180e19 t2.medium Windows 10.0.0.98 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0374...7e9d5b0c45 t2.xlarge Windows 10.0.0.53 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**範例 4:此範例說明使用具有多個值的篩選條件,查詢執行中和已停止的 EC2 執行個體**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
(Get-EC2Instance @InstanceParams).Instances
```
**輸出:**
```
InstanceId InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId VpcId
---------- ------------ -------- ---------------- --------------- -------------- -------- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ... subnet-1a2b3c4d vpc-1a2b3c4d
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ... subnet-1a2b3c4d vpc-1a2b3c4d
```
**範例 5:此範例說明使用具有多個值的篩選條件,查詢執行中和已停止的 EC2 執行個體,以及使用 Select-Object Cmdlet 以選擇要輸出的特定值。**
```
$InstanceParams = @{
Filter = @(
@{'Name' = 'instance-state-name';'Values' = @("running","stopped")}
)
}
$SelectParams = @{
Property = @(
"InstanceID", "InstanceType", "Platform", "PrivateIpAddress",
@{Name="Name";Expression={$_.Tags[$_.Tags.Key.IndexOf("Name")].Value}},
@{Name="State";Expression={$_.State.Name}}
)
}
$result = Get-EC2Instance @InstanceParams
$result.Instances | Select-Object @SelectParams | Format-Table -AutoSize
```
**輸出:**
```
InstanceId InstanceType Platform PrivateIpAddress Name State
---------- ------------ -------- ---------------- ---- -----
i-05a9...f6c5f46e18 t3.medium 10.0.1.7 ec2-name-01 running
i-02cf...945c4fdd07 t3.medium Windows 10.0.1.8 ec2-name-02 stopped
i-0ac0...c037f9f3a1 t3.xlarge Windows 10.0.1.10 ec2-name-03 running
i-066b...57b7b08888 t3.medium Windows 10.0.1.11 ec2-name-04 stopped
i-0fee...82e83ccd72 t3.medium Windows 10.0.1.5 ec2-name-05 running
i-0a68...274cc5043b t3.medium Windows 10.0.1.6 ec2-name-06 stopped
```
**範例 6:此範例會驗證使用 DryRun 參數取得 EC2 執行個體的許可,而不會實際擷取。注意:如果成功,則會擲回例外狀況,這是預期的行為。**
```
Get-EC2Tag -DryRun $true
```
**輸出:**
```
Get-EC2Instance: Request would have succeeded, but DryRun flag is set.
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeInstances](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class EC2InstanceWrapper:
"""Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) instance actions using the client interface."""
def __init__(
self, ec2_client: Any, instances: Optional[List[Dict[str, Any]]] = None
) -> None:
"""
Initializes the EC2InstanceWrapper with an EC2 client and optional instances.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param instances: A list of dictionaries representing Boto3 Instance objects. These are high-level objects that
wrap instance actions.
"""
self.ec2_client = ec2_client
self.instances = instances or []
@classmethod
def from_client(cls) -> "EC2InstanceWrapper":
"""
Creates an EC2InstanceWrapper instance with a default EC2 client.
:return: An instance of EC2InstanceWrapper initialized with the default EC2 client.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client)
def display(self, state_filter: Optional[str] = "running") -> None:
"""
Displays information about instances, filtering by the specified state.
:param state_filter: The instance state to include in the output. Only instances in this state
will be displayed. Default is 'running'. Example states: 'running', 'stopped'.
"""
if not self.instances:
logger.info("No instances to display.")
return
instance_ids = [instance["InstanceId"] for instance in self.instances]
paginator = self.ec2_client.get_paginator("describe_instances")
page_iterator = paginator.paginate(InstanceIds=instance_ids)
try:
for page in page_iterator:
for reservation in page["Reservations"]:
for instance in reservation["Instances"]:
instance_state = instance["State"]["Name"]
# Apply the state filter (default is 'running')
if state_filter and instance_state != state_filter:
continue # Skip this instance if it doesn't match the filter
# Create a formatted string with instance details
instance_info = (
f"• ID: {instance['InstanceId']}\n"
f"• Image ID: {instance['ImageId']}\n"
f"• Instance type: {instance['InstanceType']}\n"
f"• Key name: {instance['KeyName']}\n"
f"• VPC ID: {instance['VpcId']}\n"
f"• Public IP: {instance.get('PublicIpAddress', 'N/A')}\n"
f"• State: {instance_state}"
)
print(instance_info)
except ClientError as err:
logger.error(
f"Failed to display instance(s). : {' '.join(map(str, instance_ids))}"
)
error_code = err.response["Error"]["Code"]
if error_code == "InvalidInstanceID.NotFound":
logger.error(
"One or more instance IDs do not exist. "
"Please verify the instance IDs and try again."
)
raise
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的 AWS SDK API 參考》**中的 [DescribeInstances](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeInstances)。
------
#### [ Ruby ]
**SDK for Ruby**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/ec2#code-examples)中設定和執行。
```
require 'aws-sdk-ec2'
# @param ec2_resource [Aws::EC2::Resource] An initialized EC2 resource object.
# @example
# list_instance_ids_states(Aws::EC2::Resource.new(region: 'us-west-2'))
def list_instance_ids_states(ec2_resource)
response = ec2_resource.instances
if response.count.zero?
puts 'No instances found.'
else
puts 'Instances -- ID, state:'
response.each do |instance|
puts "#{instance.id}, #{instance.state.name}"
end
end
rescue StandardError => e
puts "Error getting information about instances: #{e.message}"
end
# Example usage:
def run_me
region = ''
# Print usage information and then stop.
if ARGV[0] == '--help' || ARGV[0] == '-h'
puts 'Usage: ruby ec2-ruby-example-get-all-instance-info.rb REGION'
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
puts 'Example: ruby ec2-ruby-example-get-all-instance-info.rb us-west-2'
exit 1
# If no values are specified at the command prompt, use these default values.
# Replace us-west-2 with the AWS Region you're using for Amazon EC2.
elsif ARGV.count.zero?
region = 'us-west-2'
# Otherwise, use the values as specified at the command prompt.
else
region = ARGV[0]
end
ec2_resource = Aws::EC2::Resource.new(region: region)
list_instance_ids_states(ec2_resource)
end
run_me if $PROGRAM_NAME == __FILE__
```
+ 如需 API 詳細資訊,請參閱《適用於 Ruby 的 AWS SDK API 參考》**中的 [DescribeInstances](https://docs.aws.amazon.com/goto/SdkForRubyV3/ec2-2016-11-15/DescribeInstances)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
擷取 EC2 執行個體的詳細資訊。
```
pub async fn describe_instance(&self, instance_id: &str) -> Result {
let response = self
.client
.describe_instances()
.instance_ids(instance_id)
.send()
.await?;
let instance = response
.reservations()
.first()
.ok_or_else(|| EC2Error::new(format!("No instance reservations for {instance_id}")))?
.instances()
.first()
.ok_or_else(|| {
EC2Error::new(format!("No instances in reservation for {instance_id}"))
})?;
Ok(instance.clone())
}
```
建立 EC2 執行個體之後,擷取並儲存其詳細資訊。
```
/// Create an EC2 instance with the given ID on a given type, using a
/// generated KeyPair and applying a list of security groups.
pub async fn create(
&mut self,
ec2: &EC2,
image_id: &str,
instance_type: InstanceType,
key_pair: &KeyPairInfo,
security_groups: Vec<&SecurityGroup>,
) -> Result<(), EC2Error> {
let instance_id = ec2
.create_instance(image_id, instance_type, key_pair, security_groups)
.await?;
let instance = ec2.describe_instance(&instance_id).await?;
self.instance = Some(instance);
Ok(())
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Rust 的 AWS SDK API 參考》**中的 [DescribeInstances](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_instances)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
oo_result = lo_ec2->describeinstances( ). " oo_result is returned for testing purposes. "
" Retrieving details of EC2 instances. "
DATA: lv_istance_id TYPE /aws1/ec2string,
lv_status TYPE /aws1/ec2instancestatename,
lv_instance_type TYPE /aws1/ec2instancetype,
lv_image_id TYPE /aws1/ec2string.
LOOP AT oo_result->get_reservations( ) INTO DATA(lo_reservation).
LOOP AT lo_reservation->get_instances( ) INTO DATA(lo_instance).
lv_istance_id = lo_instance->get_instanceid( ).
lv_status = lo_instance->get_state( )->get_name( ).
lv_instance_type = lo_instance->get_instancetype( ).
lv_image_id = lo_instance->get_imageid( ).
ENDLOOP.
ENDLOOP.
MESSAGE 'Retrieved information about EC2 instances.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 SAP ABAP 的 AWS SDK API 參考》**中的 [DescribeInstances](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# 搭配使用 `DescribeInternetGateways` 與 CLI
下列程式碼範例示範如何使用 `DescribeInternetGateways`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [開始使用 Amazon VPC](example_vpc_GettingStartedCLI_section.md)
------
#### [ CLI ]
**AWS CLI**
**描述網際網路閘道**
下列 `describe-internet-gateways` 範例會描述指定的網際網路閘道。
```
aws ec2 describe-internet-gateways \
--internet-gateway-ids igw-0d0fb496b3EXAMPLE
```
輸出:
```
{
"InternetGateways": [
{
"Attachments": [
{
"State": "available",
"VpcId": "vpc-0a60eb65b4EXAMPLE"
}
],
"InternetGatewayId": "igw-0d0fb496b3EXAMPLE",
"OwnerId": "123456789012",
"Tags": [
{
"Key": "Name",
"Value": "my-igw"
}
]
}
]
}
```
如需詳細資訊,請參閱《Amazon VPC 使用者指南》**中的[網際網路閘道](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DescribeInternetGateways](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-internet-gateways.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定的網際網路閘道。**
```
Get-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**輸出:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
```
**範例 2:此範例描述您的所有網際網路閘道。**
```
Get-EC2InternetGateway
```
**輸出:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
{} igw-2a3b4c5d {}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeInternetGateways](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定的網際網路閘道。**
```
Get-EC2InternetGateway -InternetGatewayId igw-1a2b3c4d
```
**輸出:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
```
**範例 2:此範例描述您的所有網際網路閘道。**
```
Get-EC2InternetGateway
```
**輸出:**
```
Attachments InternetGatewayId Tags
----------- ----------------- ----
{vpc-1a2b3c4d} igw-1a2b3c4d {}
{} igw-2a3b4c5d {}
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeInternetGateways](https://docs.aws.amazon.com/powershell/v5/reference)。
------
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱 [使用 SDK 建立 Amazon EC2 資源 AWS](sdk-general-information-section.md)。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。
# `DescribeKeyPairs` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `DescribeKeyPairs`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [了解基本概念](example_ec2_Scenario_GetStartedInstances_section.md)
------
#### [ .NET ]
**適用於 .NET 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/EC2#code-examples)中設定和執行。
```
///
/// Get information about an Amazon EC2 key pair.
///
/// The name of the key pair.
/// A list of key pair information.
public async Task> DescribeKeyPairs(string keyPairName)
{
try
{
var request = new DescribeKeyPairsRequest();
if (!string.IsNullOrEmpty(keyPairName))
{
request = new DescribeKeyPairsRequest
{
KeyNames = new List { keyPairName }
};
}
var response = await _amazonEC2.DescribeKeyPairsAsync(request);
return response.KeyPairs.ToList();
}
catch (AmazonEC2Exception ec2Exception)
{
if (ec2Exception.ErrorCode == "InvalidKeyPair.NotFound")
{
_logger.LogError(
$"A key pair called {keyPairName} does not exist.");
}
throw;
}
catch (Exception ex)
{
_logger.LogError(
$"An error occurred while describing the key pair.: {ex.Message}");
throw;
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 .NET 的 AWS SDK API 參考》**中的 [DescribeKeyPairs](https://docs.aws.amazon.com/goto/DotNetSDKV3/ec2-2016-11-15/DescribeKeyPairs)。
------
#### [ Bash ]
**AWS CLI 使用 Bash 指令碼**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/ec2#code-examples)中設定和執行。
```
###############################################################################
# function ec2_describe_key_pairs
#
# This function describes one or more Amazon Elastic Compute Cloud (Amazon EC2) key pairs.
#
# Parameters:
# -h - Display help.
#
# And:
# 0 - If successful.
# 1 - If it fails.
###############################################################################
function ec2_describe_key_pairs() {
local option OPTARG # Required to use getopts command in a function.
# bashsupport disable=BP5008
function usage() {
echo "function ec2_describe_key_pairs"
echo "Describes one or more Amazon Elastic Compute Cloud (Amazon EC2) key pairs."
echo " -h - Display help."
echo ""
}
# Retrieve the calling parameters.
while getopts "h" option; do
case "${option}" in
h)
usage
return 0
;;
\?)
echo "Invalid parameter"
usage
return 1
;;
esac
done
export OPTIND=1
local response
response=$(aws ec2 describe-key-pairs \
--query 'KeyPairs[*].[KeyName, KeyFingerprint]' \
--output text) || {
aws_cli_error_log ${?}
errecho "ERROR: AWS reports describe-key-pairs operation failed.$response"
return 1
}
echo "$response"
return 0
}
```
此範例中使用的公用程式函數。
```
###############################################################################
# function errecho
#
# This function outputs everything sent to it to STDERR (standard error output).
###############################################################################
function errecho() {
printf "%s\n" "$*" 1>&2
}
##############################################################################
# function aws_cli_error_log()
#
# This function is used to log the error messages from the AWS CLI.
#
# The function expects the following argument:
# $1 - The error code returned by the AWS CLI.
#
# Returns:
# 0: - Success.
#
##############################################################################
function aws_cli_error_log() {
local err_code=$1
errecho "Error code : $err_code"
if [ "$err_code" == 1 ]; then
errecho " One or more S3 transfers failed."
elif [ "$err_code" == 2 ]; then
errecho " Command line failed to parse."
elif [ "$err_code" == 130 ]; then
errecho " Process received SIGINT."
elif [ "$err_code" == 252 ]; then
errecho " Command syntax invalid."
elif [ "$err_code" == 253 ]; then
errecho " The system environment or configuration was invalid."
elif [ "$err_code" == 254 ]; then
errecho " The service returned an error."
elif [ "$err_code" == 255 ]; then
errecho " 255 is a catch-all error."
fi
return 0
}
```
+ 如需 API 詳細資訊,請參閱*《AWS CLI 命令參考》*中的 [DescribeKeyPairs](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeKeyPairs)。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/ec2#code-examples)中設定和執行。
```
//! Describe all Amazon Elastic Compute Cloud (Amazon EC2) instance key pairs.
/*!
\param clientConfiguration: AWS client configuration.
\return bool: Function succeeded.
*/
bool AwsDoc::EC2::describeKeyPairs(
const Aws::Client::ClientConfiguration &clientConfiguration) {
Aws::EC2::EC2Client ec2Client(clientConfiguration);
Aws::EC2::Model::DescribeKeyPairsRequest request;
Aws::EC2::Model::DescribeKeyPairsOutcome outcome = ec2Client.DescribeKeyPairs(request);
if (outcome.IsSuccess()) {
std::cout << std::left <<
std::setw(32) << "Name" <<
std::setw(64) << "Fingerprint" << std::endl;
const std::vector &key_pairs =
outcome.GetResult().GetKeyPairs();
for (const auto &key_pair: key_pairs) {
std::cout << std::left <<
std::setw(32) << key_pair.GetKeyName() <<
std::setw(64) << key_pair.GetKeyFingerprint() << std::endl;
}
} else {
std::cerr << "Failed to describe key pairs:" <<
outcome.GetError().GetMessage() << std::endl;
}
return outcome.IsSuccess();
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [DescribeKeyPairs](https://docs.aws.amazon.com/goto/SdkForCpp/ec2-2016-11-15/DescribeKeyPairs)。
------
#### [ CLI ]
**AWS CLI**
**顯示金鑰對**
下列 `describe-key-pairs` 範例顯示指定金鑰對的相關資訊。
```
aws ec2 describe-key-pairs \
--key-names my-key-pair
```
輸出:
```
{
"KeyPairs": [
{
"KeyPairId": "key-0b94643da6EXAMPLE",
"KeyFingerprint": "1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f",
"KeyName": "my-key-pair",
"KeyType": "rsa",
"Tags": [],
"CreateTime": "2022-05-27T21:51:16.000Z"
}
]
}
```
如需詳細資訊,請參閱*《Amazon EC2 使用者指南》*中的[描述公有金鑰](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/describe-keys.html)。
+ 如需 API 的詳細資訊,請參閱*《AWS CLI 命令參考》*中的 [DescribeKeyPairs](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-key-pairs.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ec2#code-examples)中設定和執行。
```
/**
* Asynchronously describes the key pairs associated with the current AWS account.
*
* @return a {@link CompletableFuture} containing the {@link DescribeKeyPairsResponse} object, which provides
* information about the key pairs.
*/
public CompletableFuture describeKeysAsync() {
CompletableFuture responseFuture = getAsyncClient().describeKeyPairs();
responseFuture.whenComplete((response, exception) -> {
if (exception != null) {
throw new RuntimeException("Failed to describe key pairs: " + exception.getMessage(), exception);
}
});
return responseFuture;
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [DescribeKeyPairs](https://docs.aws.amazon.com/goto/SdkForJavaV2/ec2-2016-11-15/DescribeKeyPairs)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/ec2#code-examples)中設定和執行。
```
import { DescribeKeyPairsCommand, EC2Client } from "@aws-sdk/client-ec2";
/**
* List all key pairs in the current AWS account.
* @param {{ dryRun: boolean }}
*/
export const main = async ({ dryRun }) => {
const client = new EC2Client({});
const command = new DescribeKeyPairsCommand({ DryRun: dryRun });
try {
const { KeyPairs } = await client.send(command);
const keyPairList = KeyPairs.map(
(kp) => ` • ${kp.KeyPairId}: ${kp.KeyName}`,
).join("\n");
console.log("The following key pairs were found in your account:");
console.log(keyPairList);
} catch (caught) {
if (caught instanceof Error && caught.name === "DryRunOperation") {
console.log(`${caught.message}`);
} else {
throw caught;
}
}
};
```
+ 如需 API 詳細資訊,請參閱《適用於 JavaScript 的 AWS SDK API 參考》**中的 [DescribeKeyPairs](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeKeyPairsCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ec2#code-examples)中設定和執行。
```
suspend fun describeEC2Keys() {
Ec2Client.fromEnvironment { region = "us-west-2" }.use { ec2 ->
val response = ec2.describeKeyPairs(DescribeKeyPairsRequest {})
response.keyPairs?.forEach { keyPair ->
println("Found key pair with name ${keyPair.keyName} and fingerprint ${ keyPair.keyFingerprint}")
}
}
}
```
+ 如需 API 詳細資訊,請參閱《適用於 Kotlin 的 AWS SDK API 參考》**中的 [DescribeKeyPairs](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此範例描述指定的金鑰對。**
```
Get-EC2KeyPair -KeyName my-key-pair
```
**輸出:**
```
KeyFingerprint KeyName
-------------- -------
1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f my-key-pair
```
**範例 2:此範例描述所有金鑰對。**
```
Get-EC2KeyPair
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [DescribeKeyPairs](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此範例描述指定的金鑰對。**
```
Get-EC2KeyPair -KeyName my-key-pair
```
**輸出:**
```
KeyFingerprint KeyName
-------------- -------
1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f my-key-pair
```
**範例 2:此範例描述所有金鑰對。**
```
Get-EC2KeyPair
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [DescribeKeyPairs](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ec2#code-examples)中設定和執行。
```
class KeyPairWrapper:
"""
Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) key pair actions.
This class provides methods to create, list, and delete EC2 key pairs.
"""
def __init__(
self,
ec2_client: boto3.client,
key_file_dir: Union[tempfile.TemporaryDirectory, str],
key_pair: Optional[dict] = None,
):
"""
Initializes the KeyPairWrapper with the specified EC2 client, key file directory,
and an optional key pair.
:param ec2_client: A Boto3 Amazon EC2 client. This client provides low-level
access to AWS EC2 services.
:param key_file_dir: The folder where the private key information is stored.
This should be a secure folder.
:param key_pair: A dictionary representing the Boto3 KeyPair object.
This is a high-level object that wraps key pair actions. Optional.
"""
self.ec2_client = ec2_client
self.key_pair = key_pair
self.key_file_path: Optional[str] = None
self.key_file_dir = key_file_dir
@classmethod
def from_client(cls) -> "KeyPairWrapper":
"""
Class method to create an instance of KeyPairWrapper using a new EC2 client
and a temporary directory for storing key files.
:return: An instance of KeyPairWrapper.
"""
ec2_client = boto3.client("ec2")
return cls(ec2_client, tempfile.TemporaryDirectory())
def list(self, limit: Optional[int] = None) -> None:
"""
Displays a list of key pairs for the current account.
WARNING: Results are not paginated.
:param limit: The maximum number of key pairs to list. If not specified,
all key pairs will be listed.
:raises ClientError: If there is an error in listing the key pairs.
"""
try:
response = self.ec2_client.describe_key_pairs()
key_pairs = response.get("KeyPairs", [])
if limit:
key_pairs = key_pairs[:limit]
for key_pair in key_pairs:
logger.info(
f"Found {key_pair['KeyType']} key '{key_pair['KeyName']}' with fingerprint:"
)
logger.info(f"\t{key_pair['KeyFingerprint']}")
except ClientError as err:
logger.error(f"Failed to list key pairs: {str(err)}")
raise
```
+ 如需 API 詳細資訊,請參閱《適用於 Python (Boto3) 的 AWS SDK API 參考》**中的 [DescribeKeyPairs](https://docs.aws.amazon.com/goto/boto3/ec2-2016-11-15/DescribeKeyPairs)。
------
#### [ Rust ]
**適用於 Rust 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ec2#code-examples)中設定和執行。
```
pub async fn list_key_pair(&self) -> Result, EC2Error> {
let output = self.client.describe_key_pairs().send().await?;
Ok(output.key_pairs.unwrap_or_default())
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Rust API 參考》**中的 [DescribeKeyPairs](https://docs.rs/aws-sdk-ec2/latest/aws_sdk_ec2/client/struct.Client.html#method.describe_key_pairs)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ec2#code-examples)中設定和執行。
```
TRY.
oo_result = lo_ec2->describekeypairs( ). " oo_result is returned for testing purposes. "
DATA(lt_key_pairs) = oo_result->get_keypairs( ).
MESSAGE 'Retrieved information about key pairs.' TYPE 'I'.
CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception).
DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|.
MESSAGE lv_error TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 SAP ABAP 的 AWS SDK API 參考》**中的 [DescribeKeyPairs](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------
#### [ Swift ]
**適用於 Swift 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/ec2#code-examples)中設定和執行。
```
import AWSEC2
/// Describe the key pairs associated with the user by outputting each key
/// pair's name and fingerprint.
func describeKeyPairs() async {
do {
let output = try await ec2Client.describeKeyPairs(
input: DescribeKeyPairsInput()
)
guard let keyPairs = output.keyPairs else {
print("*** No key pairs list available.")
return
}
for keyPair in keyPairs {
print(keyPair.keyName ?? "", ":", keyPair.keyFingerprint ?? "