English 中文(简体)
instance instance2 tag
原标题:Query EC2 tags from within instance

亚马孙最近补充说,将EC2号案例与高价值奶制品混为一谈,使大量抗逆转录病毒药品的管理更为容易。

是否有办法以与其他一些用户生成的数据相同的方式来质疑这些标签? 例如:

$ curl http://169.254.169.254/latest/meta-data/placement/availability-zone
us-east-1d

是否有类似的办法来质疑这些标签?

最佳回答

您可以使用AWS 元数据工具(检索你的笔记)和

问题回答

The following bash script Return the name of their current ec2 instance (the Value of the "Name” tag). 将TAG_NAME改为你的具体案例。

TAG_NAME="Name"
INSTANCE_ID="`wget -qO- http://instance-data/latest/meta-data/instance-id`"
REGION="`wget -qO- http://instance-data/latest/meta-data/placement/availability-zone | sed -e  s:([0-9][0-9]*)[a-z]*$:\1: `"
TAG_VALUE="`aws ec2 describe-tags --filters "Name=resource-id,Values=$INSTANCE_ID" "Name=key,Values=$TAG_NAME" --region $REGION --output=text | cut -f5`"

安装 a

sudo apt-get install python-pip -y
sudo pip install awscli

如果你使用IAM,而不是使用明确的全权证书,则使用IAM许可证:

{
  "Version": "2012-10-17",
  "Statement": [
    {    
      "Effect": "Allow",
      "Action": [ "ec2:DescribeTags"],
      "Resource": ["*"]
    }
  ]
}

您可在cloud-init上添加这一文字。 用户数据,将EC2标记下载到当地档案中:

#!/bin/sh
INSTANCE_ID=`wget -qO- http://instance-data/latest/meta-data/instance-id`
REGION=`wget -qO- http://instance-data/latest/meta-data/placement/availability-zone | sed  s/.$// `
aws ec2 describe-tags --region $REGION --filter "Name=resource-id,Values=$INSTANCE_ID" --output=text | sed -r  s/TAGS	(.*)	.*	.*	(.*)/1="2"/  > /etc/ec2-tags

您需要安装在你的系统中的天体物理动力学仪器:您可以在文字前的云层文档中安装一个<条码> 包装/代码>栏,使用已经包含这些内容的汞,或在文字开始时添加一个<条码>。

为了接触EC2类,在你看来,你需要一种政策:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1409309287000",
      "Effect": "Allow",
      "Action": [
        "ec2:DescribeTags"
      ],
      "Resource": [
        "*"
      ]
    }
  ]
}

The instance s EC2 tags will available in /etc/ec2-tags in this form:

FOO="Bar"
Name="EC2 tags with cloud-init"

如:

#!/bin/sh
. /etc/ec2-tags
echo $Name

标记在试算阶段下载,因此不会反映随后的变化。


文字和伊玛雅政策以阿伊夫伦克尔的答复为基础。

如果你不在缺省区,透视结果就会空出。

ec2-describe-tags 
   --region 
     $(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone  | sed -e "s/.$//") 
   --filter 
     resource-id=$(curl --silent http://169.254.169.254/latest/meta-data/instance-id)

如果你想添加一个过滤器,以获得一个特定的标签(如:我的环境名称),那么你可以这样做。

ec2-describe-tags 
   --region 
     $(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone  | sed -e "s/.$//") 
   --filter 
     resource-id=$(curl --silent http://169.254.169.254/latest/meta-data/instance-id) 
   --filter 
     key=elasticbeanstalk:environment-name | cut -f5

为了只得到我所过滤的帽子的价值,我们推向第五个领域。

ec2-describe-tags 
  --region 
    $(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone  | sed -e "s/.$//") 
  --filter 
    resource-id=$(curl --silent http://169.254.169.254/latest/meta-data/instance-id) 
  --filter 
    key=elasticbeanstalk:environment-name | cut -f5

您可替代使用<代码>登记-instances。 cli打字,而不是dereg-tags:

举例来说,这一实例表明,如何获得我方名的价值:

TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 10"`
aws ec2 describe-instances 
  --instance-id $(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/instance-id) 
  --query "Reservations[*].Instances[*].Tags[?Key== my-tag-name ].Value" 
  --region ap-southeast-2 --output text

改变该区域,以适应当地情况,或利用对这一问题的其他答复之一加以检索。 如果你的情况本身具有描述性特权,那么这或许是有用的,但不能描述案例说明政策中的内容。

福特

from boto import utils, ec2
from os import environ

# import keys from os.env or use default (not secure)
aws_access_key_id = environ.get( AWS_ACCESS_KEY_ID , failobj= XXXXXXXXXXX )
aws_secret_access_key = environ.get( AWS_SECRET_ACCESS_KEY , failobj= XXXXXXXXXXXXXXXXXXXXX )

#load metadata , if  = {} we are on localhost
# http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AESDG-chapter-instancedata.html
instance_metadata = utils.get_instance_metadata(timeout=0.5, num_retries=1)
region = instance_metadata[ placement ][ availability-zone ][:-1]
instance_id = instance_metadata[ instance-id ]

conn = ec2.connect_to_region(region, aws_access_key_id=aws_access_key_id, aws_secret_access_key=aws_secret_access_key)
# get tag status for our  instance_id using filters
# http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/ApiReference-cmd-DescribeTags.html
tags = conn.get_all_tags(filters={ resource-id : instance_id,  key :  status })
if tags:
    instance_status = tags[0].value
else:
    instance_status = None
    logging.error( no status tag for  +region+   +instance_id)

对上述一些答复的改动,但这是我如何从用户数据说明中得出一个具体标签的价值。

REGION=$(curl http://instance-data/latest/meta-data/placement/availability-zone | sed  s/.$// )

INSTANCE_ID=$(curl -s http://instance-data/latest/meta-data/instance-id)

TAG_VALUE=$(aws ec2 describe-tags --region $REGION --filters "Name=resource-id,Values=$INSTANCE_ID" "Name=key,Values= <TAG_NAME_HERE> " | jq -r  .Tags[].Value )

利用AWS用户数据和元数据AP ,它有可能撰写一幅画面,把pet包起来,以开始一个有定制名称的pet。

第一开始采用习惯用户数据:作用:网络服务器

#!/bin/bash

# Find the name from the user data passed in on instance creation
USER=$(curl -s "http://169.254.169.254/latest/user-data")
IFS= :  read -ra UDATA <<< "$USER"

# Find the instance ID from the meta data api
ID=$(curl -s "http://169.254.169.254/latest/meta-data/instance-id")
CERTNAME=${UDATA[1]}.$ID.aws

echo "Running Puppet for certname: " $CERTNAME
puppet agent -t --certname=$CERTNAME 

这部带有网络服务器等惯用名称的pet子,即:你可以制作一个称为网络服务器和纸浆 f脱配器的标志,这意味着它被用来向所有网络服务器提供。

这个例子假定,你以安装的pet等基象为基础。

福利:

(1) 您不必通过全权证书。

2) 你可以像你一样感到 gr。

Jq + ec2metadata makes it a little nicer. I m using cf and have access to the region. Otherwise you can grab it in bash.

aws ec2 describe-tags --region $REGION 
--filters "Name=resource-id,Values=`ec2metadata --instance-id`" | jq --raw-output 
 .Tags[] | select(.Key=="TAG_NAME") | .Value 

No jq.

aws ec2 describe-tags --region us-west-2 
--filters "Name=resource-id,Values=`ec2-metadata --instance-id | cut -d " " -f 2`" 
--query  Tags[?Key==`Name`].Value  
--output text

有可能通过元数据从试场内部获得试样。

首先,如以下解释,允许查阅元件:here

然后,为IMDSv1管理这一指挥,Refer

curl http://169.254.169.254/latest/meta-data/tags/instance/Name

IMDSv2

TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` 
&& curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/tags/instance

解决办法(2023年)将“魔法”称为http://169.254.169 在创造机会期间,他们需要能够在高级环境中工作。

“entergraph

This will return a string list of tags (e.g. Environment Name ), and then you just append them to the url eg curl http://169.254.169.254/latest/meta-data/tags/instance/Environment which returns the text value of the tag.

下载并单独执行。

有时,不能安装依靠 p的阴道。 cker可能也失色。

Here is my implementation in golang: https://github.com/hmalphettes/go-ec2-describe-tags

元数据工具似乎已不复存在,但这是一种不必要的依赖。

跟踪AWS文件,使其在政策中采取“ec2:描述Tags”行动,从而限制目标资源。 (如果由于另一个原因需要简介,那么你就不得不将政策纳入新的与形象挂钩的作用。)

然后:

aws --region $(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone  | sed -e  s/.$// ) ec2 describe-tags --filters Name=resource-type,Values=instance Name=resource-id,Values=$(curl http://169.254.169.254/latest/meta-data/instance-id) Name=key,Values=Name |
perl -nwe  print "$1
" if /"Value": "([^"]+)/; 

这里有许多很好的答案,但我完全没有在盒子外做任何出色的工作,我认为,自其中一些人以来,我国解放阵线已经更新,而且我喜欢利用国家解放联盟。 在2021年,以下单一指挥系统在我的盒子外工作(只要允许IAM角色描述标签)。

aws ec2 describe-tags 
--region "$(ec2-metadata -z | cut -d    -f2 | sed  s/.$// )" 
--filters "Name=resource-id,Values=$(ec2-metadata --instance-id | cut -d " " -f 2)" 
--query  Tags[?Key==`Name`].Value  
--output text

AWS最近宣布支持例如点元数据服务:

如果您有tag 元数据使 例如,你可以做。

$ TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 900"`
$ curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/tags/instance

Install AWS CLI:

curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"
sudo apt-get install unzip
unzip awscli-bundle.zip
sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

2. 举出目前的例子:

aws ec2 describe-tags --filters "Name=resource-id,Values=`ec2metadata --instance-id`"

产出:

{
    "Tags": [
        {
            "ResourceType": "instance", 
            "ResourceId": "i-6a7e559d", 
            "Value": "Webserver", 
            "Key": "Name"
        }
    ]
}

1. 使用旁边线提取标签:

aws ec2 describe-tags --filters 
"Name=resource-id,Values=`ec2metadata --instance-id`" | 
perl -ne  print "$1
" if /"Value": "(.*?)"/ 

回返:

Webserver

For those crazy enough to use Fish shell on EC2, here s a handy snippet for your /home/ec2-user/.config/fish/config.fish. The hostdata command now will list all your tags as well as the public IP and hostname.

set -x INSTANCE_ID (wget -qO- http://instance-data/latest/meta-data/instance-id)
set -x REGION (wget -qO- http://instance-data/latest/meta-data/placement/availability-zone | sed  s/.$// )

function hostdata
    aws ec2 describe-tags --region $REGION --filter "Name=resource-id,Values=$INSTANCE_ID" --output=text | sed -r  s/TAGS	(.*)	.*	.*	(.*)/1="2"/ 
    ec2-metadata | grep public-hostname
    ec2-metadata | grep public-ipv4
end

To add the above answers if you have awsPowerShell tools installed you can get instance-id with

Get-EC2InstanceMetadata -Category  InstanceId




相关问题
Mount windows shared drive to MWAA in bootscript

In MWAA startup script sudo yum install samba-client cifs-utils -y sudo mount.cifs //dev/test/drop /mnt/dev/test-o username=testuser,password= pwd ,domain=XX Executing above commonds giving error - ...

How to get Amazon Seller Central orders programmatically?

We have been manually been keying Amazon orders into our system and would like to automate it. However, I can t seem to figure out how to go about it. Their documentation is barely there. There is: ...

Using a CDN like Amazon S3 to control access to media

I want to use Amazon S3/CloudFront to store flash files. These files must be private as they will be accessed by members. This will be done by storing each file with a link to Amazon using a mysql ...

unable to connect to database on AWS

actually I have my website build with Joomla hosted on hostmonster but all Joomla website need a database support to run this database is on AWS configuration files need to be updated for that I ...

Using EC2 Load Balancing with Existing Wordpress Blog

I currently have a virtual dedicated server through Media Temple that I use to run several high traffic Wordpress blogs. Both tend to receive sudden StumbleUpon traffic surges that (I m assuming) ...

SSL slowness in EC2

We ve deployed our rails app to EC2. In our setup, we have two proxies on small instances behind round-robin DNS. These run nginx load balancers for a dynamically growing and shrinking farm of web ...

热门标签