尝试将安全组添加到 EC2 实例时出错

【问题标题】:Error when trying to add a Security group to an EC2 Instance尝试将安全组添加到 EC2 实例时出错
【发布时间】:2021-05-29 19:58:25
【问题描述】: 
sg = ec2.create_security_group(GroupName='MyWebServer', Description = 'WebServer', VpcId='vpc-0dea879f34afff60d')

instance = ec2.create_instances(
 ImageId='ami-0fc970315c2d38f01',
 MinCount=1,
 MaxCount=1,
 InstanceType='t2.nano',
 SecurityGroups=[ sg.group_id ] 
)

我正在尝试创建一个实例并将一个安全组附加到它, 当我在调用 RunInstances 操作时运行 ''(InvalidParameterValue) 的代码时出现错误:Value () 参数 groupId 无效。该值不能为空。”

它创建安全组,但在调用时不创建实例。任何解决方案或帮助将不胜感激。

【问题讨论】:

    标签: python amazon-web-services amazon-ec2 boto3 aws-security-group


    【解决方案1】:

    我们可以使用sg['GroupId']访问组ID

    import boto3

ec2 = boto3.client('ec2', region_name='us-east-1')
sg = ec2.create_security_group(GroupName='MyWebServer', Description = 'WebServer', VpcId='vpc-0dea879f34afff60d')

response = ec2.run_instances(
    ImageId='ami-0fc970315c2d38f01',
    InstanceType='t2.micro',
    MaxCount=1,
    MinCount=1,
    SecurityGroupIds=[
       sg['GroupId']
    ],
)

    【讨论】:

      【解决方案2】:

      试试这个:

      instance = ec2.create_instances(
 ImageId='ami-0fc970315c2d38f01',
 MinCount=1,
 MaxCount=1,
 InstanceType='t2.nano',
 SecurityGroupIds=[ sg.group_id ] 
)

      【讨论】:

      • 执行此操作时,调用 RunInstances 操作时出现“(InvalidParameter)错误:安全组 sg-0f6364ba81996a69 和子网 subnet-83cfabe5 属于不同的网络。”
      • 要解决这个问题,您需要指定一个位于 VPC vpc-0dea879f34afff60d 内的子网 ID
      【解决方案3】: 
         // BELOW CODE WILL CREATE AWS INSTANCE AND LINK IT WITH SECURITY GROUP
   // PROVIDER MENTIONING THE REGION AND THE ACCESS KEY FOR THE CLOUD
      provider "aws" {
        # Configuration options
        region= "us-east-2"
        access_key= "XXXX"
        secret_key= "XXXXXX"
      }
      // CREATING THE AMI INSTANCE AND ASSOCIATING TO THE SECURITY GROUP
      resource "aws_instance" "base" {
        ami = "ami-0277b52859bac6f4b"
        instance_type = "t2.micro"
        associate_public_ip_address = true
        key_name = "Linux"  // ASSOCIATING THE EXISTING LOGIN KEY PAIR NAME
        tags = {
            Name="terraform"  
        }
        //ASSOCIATING THE EXISTING SECURITY GROUP TO THE INSTANCE
        vpc_security_group_ids  = [ aws_security_group.customSecGrp.id ] 
      }

// CREATING A SECURITY WITH INBOUND AND OUTBOUND PORTS
resource "aws_security_group" "customSecGrp" {  
name = "customSecGrp"
description = "Security group allowing Inbound"

  tags = {
    Name = "customSecGrp"
  } 

ingress {
description = "SSL TLS from VPC" 
from_port = 443
to_port = 443 
protocol    = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
  cidr_blocks = [ "0.0.0.0/0" ]
  description = "tomcat port from vpc"
  from_port = 8080
  protocol = "tcp"
  self = false
  to_port = 8080
} 
  egress { 
  from_port = 0
  to_port   = 0
  protocol  = "-1" 
  cidr_blocks = ["0.0.0.0/0"]
  }
}

      【讨论】:

      • 能否请您至少添加一些解释您的答案是什么?
      猜你喜欢
      • 2021-05-29
      • 2020-08-25
      • 2017-10-25
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2016-01-23
      • 1970-01-01
      • 2013-08-03
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode