infra/aws
[AWS SDK for JAVA] EC2 보안그룹(Security Group) 조회
moonsiri
2023. 6. 21. 18:06
728x90
반응형
AWS SDK for JAVA 2.X 으로 EC2 인스턴스에 설정된 보안그룹을 조회해보겠습니다.
1. pom.xml에 라이브러리 추가
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>ec2</artifactId>
<version>2.20.87</version>
</dependency>※ groupId가 software이면 version 2, com.amazonaws이면 version 1입니다.
2. Ec2Client 생성
2.1. iam role 사용
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.ec2.Ec2Client;
@Configuration
public class AwsEC2Configuration {
@Resource
private Environment env;
@Bean
public Ec2Client ec2Client() {
final String region = env.getRequiredProperty("aws.region");
return Ec2Client.builder()
.region(Region.of(region))
.build();
}
}
2.2. 자격증명 사용
import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.ec2.Ec2Client;
@Configuration
public class AwsEC2Configuration {
@Resource
private Environment env;
@Bean
public Ec2Client ec2Client() {
final String region = env.getRequiredProperty("aws.region");
final String accessKey = env.getRequiredProperty("aws.accessKeyId");
final String secretKey = env.getRequiredProperty("aws.secretAccessKey");
AwsBasicCredentials credentials = AwsBasicCredentials.create(accessKey, secretKey);
return Ec2Client.builder()
.region(Region.of(region))
.credentialsProvider(StaticCredentialsProvider.create(credentials))
.build();
}
}
2.3. 임시 자격증명 사용
import software.amazon.awssdk.auth.credentials.AwsSessionCredentials;
import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.ec2.Ec2Client;
@Configuration
public class AwsEC2Configuration {
@Resource
private Environment env;
@Bean
public Ec2Client ec2Client() {
final String region = env.getRequiredProperty("aws.region");
final String accessKey = env.getRequiredProperty("aws.accessKeyId");
final String secretKey = env.getRequiredProperty("aws.secretAccessKey");
final String sessionToken = env.getRequiredProperty("aws.sessionToken");
AwsSessionCredentials credentials = AwsSessionCredentials.create(accessKey, secretKey, sessionToken);
return Ec2Client.builder()
.region(Region.of(region))
.credentialsProvider(StaticCredentialsProvider.create(credentials))
.build();
}
}
3. groupId로 보안그룹 정보 조회
[AWS > EC2 > 네트워크 및 보안 > 보안 그룹] 페이지의 보안 그룹 ID
@Resource
private Ec2Client ec2Client;
public void describeSecurityGroups(String groupId) {
try {
DescribeSecurityGroupsRequest request = DescribeSecurityGroupsRequest.builder().groupIds(groupId).build();
DescribeSecurityGroupsResponse response = ec2Client.describeSecurityGroups(request);
for (SecurityGroup group : response.securityGroups()) {
System.out.println( "Found Security Group with Id " +group.groupId() +" and group VPC "+ group.vpcId() + " : " + group);
}
} catch (Ec2Exception e) {
System.err.println(e.awsErrorDetails().errorMessage());
System.exit(1);
}
}
software.amazon.awssdk.services.ec2.model.SecurityGroup 필드
- groupName : 보안 그룹 이름
- groupId : 보안 그룹 ID
- description: 설명
- vpcId : VPC ID
- ownerId : 소유자
- ipPermissions : inbound 규칙 목록
- ipPermissionsEgress : outbound 규칙 목록
- tags : 태그 목록
[Reference]
https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/java_ec2_code_examples.html
728x90
반응형