728x90
반응형
AWS SDK for JAVA 2.X 으로 EC2 인스턴스에 설정된 보안그룹을 조회해보겠습니다.
1. pom.xml에 라이브러리 추가
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>ec2</artifactId>
<version>2.20.87</version>
</dependency>※ groupId가 software이면 version 2, com.amazonaws이면 version 1입니다.
2. Ec2Client 생성
2.1. iam role 사용
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.ec2.Ec2Client;
@Configuration
public class AwsEC2Configuration {
@Resource
private Environment env;
@Bean
public Ec2Client ec2Client() {
final String region = env.getRequiredProperty("aws.region");
return Ec2Client.builder()
.region(Region.of(region))
.build();
}
}
2.2. 자격증명 사용
import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.ec2.Ec2Client;
@Configuration
public class AwsEC2Configuration {
@Resource
private Environment env;
@Bean
public Ec2Client ec2Client() {
final String region = env.getRequiredProperty("aws.region");
final String accessKey = env.getRequiredProperty("aws.accessKeyId");
final String secretKey = env.getRequiredProperty("aws.secretAccessKey");
AwsBasicCredentials credentials = AwsBasicCredentials.create(accessKey, secretKey);
return Ec2Client.builder()
.region(Region.of(region))
.credentialsProvider(StaticCredentialsProvider.create(credentials))
.build();
}
}
2.3. 임시 자격증명 사용
import software.amazon.awssdk.auth.credentials.AwsSessionCredentials;
import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.ec2.Ec2Client;
@Configuration
public class AwsEC2Configuration {
@Resource
private Environment env;
@Bean
public Ec2Client ec2Client() {
final String region = env.getRequiredProperty("aws.region");
final String accessKey = env.getRequiredProperty("aws.accessKeyId");
final String secretKey = env.getRequiredProperty("aws.secretAccessKey");
final String sessionToken = env.getRequiredProperty("aws.sessionToken");
AwsSessionCredentials credentials = AwsSessionCredentials.create(accessKey, secretKey, sessionToken);
return Ec2Client.builder()
.region(Region.of(region))
.credentialsProvider(StaticCredentialsProvider.create(credentials))
.build();
}
}
3. groupId로 보안그룹 정보 조회
[AWS > EC2 > 네트워크 및 보안 > 보안 그룹] 페이지의 보안 그룹 ID
@Resource
private Ec2Client ec2Client;
public void describeSecurityGroups(String groupId) {
try {
DescribeSecurityGroupsRequest request = DescribeSecurityGroupsRequest.builder().groupIds(groupId).build();
DescribeSecurityGroupsResponse response = ec2Client.describeSecurityGroups(request);
for (SecurityGroup group : response.securityGroups()) {
System.out.println( "Found Security Group with Id " +group.groupId() +" and group VPC "+ group.vpcId() + " : " + group);
}
} catch (Ec2Exception e) {
System.err.println(e.awsErrorDetails().errorMessage());
System.exit(1);
}
}
software.amazon.awssdk.services.ec2.model.SecurityGroup 필드
- groupName : 보안 그룹 이름
- groupId : 보안 그룹 ID
- description: 설명
- vpcId : VPC ID
- ownerId : 소유자
- ipPermissions : inbound 규칙 목록
- ipPermissionsEgress : outbound 규칙 목록
- tags : 태그 목록
[Reference]
https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/java_ec2_code_examples.html
728x90
반응형
'aws' 카테고리의 다른 글
| [CloudFront] JA3 TLS Client Fingerprint (0) | 2023.04.19 |
|---|---|
| Java Mail API로 Amazon SES 반송 이메일 세부 정보 읽기 (1) | 2021.04.07 |
| [JAVA] AWS S3 Https 연결이 비공개로 설정되어 있지 않습니다. (Your connection is not private) 해결방안 (0) | 2020.10.31 |
댓글