AWS SDK またはコマンドラインツールCreateSecurityGroupで を使用する - AWS SDK コード例

Doc AWS SDK Examples リポジトリには、他にも SDK の例があります。 AWS GitHub

翻訳は機械翻訳により提供されています。提供された翻訳内容と英語版の間で齟齬、不一致または矛盾がある場合、英語版が優先します。

AWS SDK またはコマンドラインツールCreateSecurityGroupで を使用する

以下のコード例は、CreateSecurityGroup の使用方法を示しています。

アクション例は、より大きなプログラムからのコードの抜粋であり、コンテキスト内で実行する必要があります。次のコード例で、このアクションのコンテキストを確認できます。

.NET
AWS SDK for .NET
注記

には他にもがあります GitHub。AWS コード例リポジトリ で全く同じ例を見つけて、設定と実行の方法を確認してください。

/// <summary> /// Create an Amazon EC2 security group. /// </summary> /// <param name="groupName">The name for the new security group.</param> /// <param name="groupDescription">A description of the new security group.</param> /// <returns>The group Id of the new security group.</returns> public async Task<string> CreateSecurityGroup(string groupName, string groupDescription) { var response = await _amazonEC2.CreateSecurityGroupAsync( new CreateSecurityGroupRequest(groupName, groupDescription)); return response.GroupId; }
  • API の詳細については、「 API リファレンスCreateSecurityGroup」の「」を参照してください。 AWS SDK for .NET

C++
SDK for C++
注記

には他にもがあります GitHub。AWS コード例リポジトリ で全く同じ例を見つけて、設定と実行の方法を確認してください。

Aws::EC2::EC2Client ec2Client(clientConfiguration); Aws::EC2::Model::CreateSecurityGroupRequest request; request.SetGroupName(groupName); request.SetDescription(description); request.SetVpcId(vpcID); const Aws::EC2::Model::CreateSecurityGroupOutcome outcome = ec2Client.CreateSecurityGroup(request); if (!outcome.IsSuccess()) { std::cerr << "Failed to create security group:" << outcome.GetError().GetMessage() << std::endl; return false; } std::cout << "Successfully created security group named " << groupName << std::endl;
  • API の詳細については、「 API リファレンスCreateSecurityGroup」の「」を参照してください。 AWS SDK for C++

CLI
AWS CLI

EC2-Classic 用セキュリティグループを作成するには

この例では、MySecurityGroup という名前のセキュリティグループが作成されます。

コマンド:

aws ec2 create-security-group --group-name MySecurityGroup --description "My security group"

出力:

{ "GroupId": "sg-903004f8" }

EC2-VPC 用セキュリティグループを作成するには

この例では、指定された VPC 用に MySecurityGroup という名前のセキュリティグループが作成されます。

コマンド:

aws ec2 create-security-group --group-name MySecurityGroup --description "My security group" --vpc-id vpc-1a2b3c4d

出力:

{ "GroupId": "sg-903004f8" }

詳細については、「AWS コマンドラインインターフェイスユーザーガイド」でセキュリティグループの使用方法を参照してください。

  • API の詳細については、「 コマンドリファレンスCreateSecurityGroup」の「」を参照してください。 AWS CLI

Java
SDK for Java 2.x
注記

には他にもがあります GitHub。AWS コード例リポジトリ で全く同じ例を見つけて、設定と実行の方法を確認してください。

public static String createSecurityGroup(Ec2Client ec2, String groupName, String groupDesc, String vpcId, String myIpAddress) { try { CreateSecurityGroupRequest createRequest = CreateSecurityGroupRequest.builder() .groupName(groupName) .description(groupDesc) .vpcId(vpcId) .build(); CreateSecurityGroupResponse resp = ec2.createSecurityGroup(createRequest); IpRange ipRange = IpRange.builder() .cidrIp(myIpAddress + "/0") .build(); IpPermission ipPerm = IpPermission.builder() .ipProtocol("tcp") .toPort(80) .fromPort(80) .ipRanges(ipRange) .build(); IpPermission ipPerm2 = IpPermission.builder() .ipProtocol("tcp") .toPort(22) .fromPort(22) .ipRanges(ipRange) .build(); AuthorizeSecurityGroupIngressRequest authRequest = AuthorizeSecurityGroupIngressRequest.builder() .groupName(groupName) .ipPermissions(ipPerm, ipPerm2) .build(); ec2.authorizeSecurityGroupIngress(authRequest); System.out.println("Successfully added ingress policy to security group " + groupName); return resp.groupId(); } catch (Ec2Exception e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return ""; }
  • API の詳細については、「 API リファレンスCreateSecurityGroup」の「」を参照してください。 AWS SDK for Java 2.x

JavaScript
SDK for JavaScript (v3)
注記

には他にもがあります GitHub。AWS コード例リポジトリ で全く同じ例を見つけて、設定と実行の方法を確認してください。

import { CreateSecurityGroupCommand } from "@aws-sdk/client-ec2"; import { client } from "../libs/client.js"; export const main = async () => { const command = new CreateSecurityGroupCommand({ // Up to 255 characters in length. Cannot start with sg-. GroupName: "SECURITY_GROUP_NAME", // Up to 255 characters in length. Description: "DESCRIPTION", }); try { const { GroupId } = await client.send(command); console.log(GroupId); } catch (err) { console.error(err); } };
  • API の詳細については、「 API リファレンスCreateSecurityGroup」の「」を参照してください。 AWS SDK for JavaScript

Kotlin
SDK for Kotlin
注記

には他にもがあります GitHub。AWS コード例リポジトリ で全く同じ例を見つけて、設定と実行の方法を確認してください。

suspend fun createEC2SecurityGroup(groupNameVal: String?, groupDescVal: String?, vpcIdVal: String?): String? { val request = CreateSecurityGroupRequest { groupName = groupNameVal description = groupDescVal vpcId = vpcIdVal } Ec2Client { region = "us-west-2" }.use { ec2 -> val resp = ec2.createSecurityGroup(request) val ipRange = IpRange { cidrIp = "0.0.0.0/0" } val ipPerm = IpPermission { ipProtocol = "tcp" toPort = 80 fromPort = 80 ipRanges = listOf(ipRange) } val ipPerm2 = IpPermission { ipProtocol = "tcp" toPort = 22 fromPort = 22 ipRanges = listOf(ipRange) } val authRequest = AuthorizeSecurityGroupIngressRequest { groupName = groupNameVal ipPermissions = listOf(ipPerm, ipPerm2) } ec2.authorizeSecurityGroupIngress(authRequest) println("Successfully added ingress policy to Security Group $groupNameVal") return resp.groupId } }
  • API の詳細については、CreateSecurityGroupAWS 「 SDK for Kotlin API リファレンス」の「」を参照してください。

PowerShell
のツール PowerShell

例 1: この例では、指定した VPC のセキュリティグループを作成します。

New-EC2SecurityGroup -GroupName my-security-group -Description "my security group" -VpcId vpc-12345678

出力:

sg-12345678

例 2: この例では、EC2-Classicのセキュリティグループを作成します。

New-EC2SecurityGroup -GroupName my-security-group -Description "my security group"

出力:

sg-45678901
  • API の詳細については、AWS Tools for PowerShell 「 コマンドレットリファレンスCreateSecurityGroup」の「」を参照してください。

Python
SDK for Python (Boto3)
注記

には他にもがあります GitHub。AWS コード例リポジトリ で全く同じ例を見つけて、設定と実行の方法を確認してください。

class SecurityGroupWrapper: """Encapsulates Amazon Elastic Compute Cloud (Amazon EC2) security group actions.""" def __init__(self, ec2_resource, security_group=None): """ :param ec2_resource: A Boto3 Amazon EC2 resource. This high-level resource is used to create additional high-level objects that wrap low-level Amazon EC2 service actions. :param security_group: A Boto3 SecurityGroup object. This is a high-level object that wraps security group actions. """ self.ec2_resource = ec2_resource self.security_group = security_group @classmethod def from_resource(cls): ec2_resource = boto3.resource("ec2") return cls(ec2_resource) def create(self, group_name, group_description): """ Creates a security group in the default virtual private cloud (VPC) of the current account. :param group_name: The name of the security group to create. :param group_description: The description of the security group to create. :return: A Boto3 SecurityGroup object that represents the newly created security group. """ try: self.security_group = self.ec2_resource.create_security_group( GroupName=group_name, Description=group_description ) except ClientError as err: logger.error( "Couldn't create security group %s. Here's why: %s: %s", group_name, err.response["Error"]["Code"], err.response["Error"]["Message"], ) raise else: return self.security_group
  • API の詳細については、 CreateSecurityGroup AWS SDK for Python (Boto3) API リファレンスの「」を参照してください。

Ruby
SDK for Ruby
注記

には他にもがあります GitHub。AWS コード例リポジトリ で全く同じ例を見つけて、設定と実行の方法を確認してください。

# This code example does the following: # 1. Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group. # 2. Adds inbound rules to the security group. # 3. Displays information about available security groups. # 4. Deletes the security group. require "aws-sdk-ec2" # Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group. # # Prerequisites: # # - A VPC in Amazon Virtual Private Cloud (Amazon VPC). # # @param ec2_client [Aws::EC2::Client] An initialized # Amazon EC2 client. # @param group_name [String] A name for the security group. # @param description [String] A description for the security group. # @param vpc_id [String] The ID of the VPC for the security group. # @return [String] The ID of security group that was created. # @example # puts create_security_group( # Aws::EC2::Client.new(region: 'us-west-2'), # 'my-security-group', # 'This is my security group.', # 'vpc-6713dfEX' # ) def create_security_group( ec2_client, group_name, description, vpc_id ) security_group = ec2_client.create_security_group( group_name: group_name, description: description, vpc_id: vpc_id ) puts "Created security group '#{group_name}' with ID " \ "'#{security_group.group_id}' in VPC with ID '#{vpc_id}'." return security_group.group_id rescue StandardError => e puts "Error creating security group: #{e.message}" return "Error" end # Adds an inbound rule to an Amazon Elastic Compute Cloud (Amazon EC2) # security group. # # Prerequisites: # # - The security group. # # @param ec2_client [Aws::EC2::Client] An initialized Amazon EC2 client. # @param security_group_id [String] The ID of the security group. # @param ip_protocol [String] The network protocol for the inbound rule. # @param from_port [String] The originating port for the inbound rule. # @param to_port [String] The destination port for the inbound rule. # @param cidr_ip_range [String] The CIDR IP range for the inbound rule. # @return # @example # exit 1 unless security_group_ingress_authorized?( # Aws::EC2::Client.new(region: 'us-west-2'), # 'sg-030a858e078f1b9EX', # 'tcp', # '80', # '80', # '0.0.0.0/0' # ) def security_group_ingress_authorized?( ec2_client, security_group_id, ip_protocol, from_port, to_port, cidr_ip_range ) ec2_client.authorize_security_group_ingress( group_id: security_group_id, ip_permissions: [ { ip_protocol: ip_protocol, from_port: from_port, to_port: to_port, ip_ranges: [ { cidr_ip: cidr_ip_range } ] } ] ) puts "Added inbound rule to security group '#{security_group_id}' for protocol " \ "'#{ip_protocol}' from port '#{from_port}' to port '#{to_port}' " \ "with CIDR IP range '#{cidr_ip_range}'." return true rescue StandardError => e puts "Error adding inbound rule to security group: #{e.message}" return false end # Displays information about a security group's IP permissions set in # Amazon Elastic Compute Cloud (Amazon EC2). # # Prerequisites: # # - A security group with inbound rules, outbound rules, or both. # # @param p [Aws::EC2::Types::IpPermission] The IP permissions set. # @example # ec2_client = Aws::EC2::Client.new(region: 'us-west-2') # response = ec2_client.describe_security_groups # unless sg.ip_permissions.empty? # describe_security_group_permissions( # response.security_groups[0].ip_permissions[0] # ) # end def describe_security_group_permissions(perm) print " Protocol: #{perm.ip_protocol == '-1' ? 'All' : perm.ip_protocol}" unless perm.from_port.nil? if perm.from_port == "-1" || perm.from_port == -1 print ", From: All" else print ", From: #{perm.from_port}" end end unless perm.to_port.nil? if perm.to_port == "-1" || perm.to_port == -1 print ", To: All" else print ", To: #{perm.to_port}" end end if perm.key?(:ipv_6_ranges) && perm.ipv_6_ranges.count.positive? print ", CIDR IPv6: #{perm.ipv_6_ranges[0].cidr_ipv_6}" end if perm.key?(:ip_ranges) && perm.ip_ranges.count.positive? print ", CIDR IPv4: #{perm.ip_ranges[0].cidr_ip}" end print "\n" end # Displays information about available security groups in # Amazon Elastic Compute Cloud (Amazon EC2). # # @param ec2_client [Aws::EC2::Client] An initialized Amazon EC2 client. # @example # describe_security_groups(Aws::EC2::Client.new(region: 'us-west-2')) def describe_security_groups(ec2_client) response = ec2_client.describe_security_groups if response.security_groups.count.positive? response.security_groups.each do |sg| puts "-" * (sg.group_name.length + 13) puts "Name: #{sg.group_name}" puts "Description: #{sg.description}" puts "Group ID: #{sg.group_id}" puts "Owner ID: #{sg.owner_id}" puts "VPC ID: #{sg.vpc_id}" if sg.tags.count.positive? puts "Tags:" sg.tags.each do |tag| puts " Key: #{tag.key}, Value: #{tag.value}" end end unless sg.ip_permissions.empty? puts "Inbound rules:" if sg.ip_permissions.count.positive? sg.ip_permissions.each do |p| describe_security_group_permissions(p) end end unless sg.ip_permissions_egress.empty? puts "Outbound rules:" if sg.ip_permissions.count.positive? sg.ip_permissions_egress.each do |p| describe_security_group_permissions(p) end end end else puts "No security groups found." end rescue StandardError => e puts "Error getting information about security groups: #{e.message}" end # Deletes an Amazon Elastic Compute Cloud (Amazon EC2) # security group. # # Prerequisites: # # - The security group. # # @param ec2_client [Aws::EC2::Client] An initialized # Amazon EC2 client. # @param security_group_id [String] The ID of the security group to delete. # @return [Boolean] true if the security group was deleted; otherwise, false. # @example # exit 1 unless security_group_deleted?( # Aws::EC2::Client.new(region: 'us-west-2'), # 'sg-030a858e078f1b9EX' # ) def security_group_deleted?(ec2_client, security_group_id) ec2_client.delete_security_group(group_id: security_group_id) puts "Deleted security group '#{security_group_id}'." return true rescue StandardError => e puts "Error deleting security group: #{e.message}" return false end # Example usage: def run_me group_name = "" description = "" vpc_id = "" ip_protocol_http = "" from_port_http = "" to_port_http = "" cidr_ip_range_http = "" ip_protocol_ssh = "" from_port_ssh = "" to_port_ssh = "" cidr_ip_range_ssh = "" region = "" # Print usage information and then stop. if ARGV[0] == "--help" || ARGV[0] == "-h" puts "Usage: ruby ec2-ruby-example-security-group.rb " \ "GROUP_NAME DESCRIPTION VPC_ID IP_PROTOCOL_1 FROM_PORT_1 TO_PORT_1 " \ "CIDR_IP_RANGE_1 IP_PROTOCOL_2 FROM_PORT_2 TO_PORT_2 " \ "CIDR_IP_RANGE_2 REGION" puts "Example: ruby ec2-ruby-example-security-group.rb " \ "my-security-group 'This is my security group.' vpc-6713dfEX " \ "tcp 80 80 '0.0.0.0/0' tcp 22 22 '0.0.0.0/0' us-west-2" exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? group_name = "my-security-group" description = "This is my security group." vpc_id = "vpc-6713dfEX" ip_protocol_http = "tcp" from_port_http = "80" to_port_http = "80" cidr_ip_range_http = "0.0.0.0/0" ip_protocol_ssh = "tcp" from_port_ssh = "22" to_port_ssh = "22" cidr_ip_range_ssh = "0.0.0.0/0" # Replace us-west-2 with the AWS Region you're using for Amazon EC2. region = "us-west-2" # Otherwise, use the values as specified at the command prompt. else group_name = ARGV[0] description = ARGV[1] vpc_id = ARGV[2] ip_protocol_http = ARGV[3] from_port_http = ARGV[4] to_port_http = ARGV[5] cidr_ip_range_http = ARGV[6] ip_protocol_ssh = ARGV[7] from_port_ssh = ARGV[8] to_port_ssh = ARGV[9] cidr_ip_range_ssh = ARGV[10] region = ARGV[11] end security_group_id = "" security_group_exists = false ec2_client = Aws::EC2::Client.new(region: region) puts "Attempting to create security group..." security_group_id = create_security_group( ec2_client, group_name, description, vpc_id ) if security_group_id == "Error" puts "Could not create security group. Skipping this step." else security_group_exists = true end if security_group_exists puts "Attempting to add inbound rules to security group..." unless security_group_ingress_authorized?( ec2_client, security_group_id, ip_protocol_http, from_port_http, to_port_http, cidr_ip_range_http ) puts "Could not add inbound HTTP rule to security group. " \ "Skipping this step." end unless security_group_ingress_authorized?( ec2_client, security_group_id, ip_protocol_ssh, from_port_ssh, to_port_ssh, cidr_ip_range_ssh ) puts "Could not add inbound SSH rule to security group. " \ "Skipping this step." end end puts "\nInformation about available security groups:" describe_security_groups(ec2_client) if security_group_exists puts "\nAttempting to delete security group..." unless security_group_deleted?(ec2_client, security_group_id) puts "Could not delete security group. You must delete it yourself." end end end run_me if $PROGRAM_NAME == __FILE__
  • API の詳細については、「 API リファレンスCreateSecurityGroup」の「」を参照してください。 AWS SDK for Ruby

SAP ABAP
SDK for SAP ABAP
注記

には他にもがあります GitHub。AWS コード例リポジトリ で全く同じ例を見つけて、設定と実行の方法を確認してください。

TRY. oo_result = lo_ec2->createsecuritygroup( " oo_result is returned for testing purposes. " iv_description = 'Security group example' iv_groupname = iv_security_group_name iv_vpcid = iv_vpc_id ). MESSAGE 'Security group created.' TYPE 'I'. CATCH /aws1/cx_rt_service_generic INTO DATA(lo_exception). DATA(lv_error) = |"{ lo_exception->av_err_code }" - { lo_exception->av_err_msg }|. MESSAGE lv_error TYPE 'E'. ENDTRY.
  • API の詳細については、CreateSecurityGroupAWS 「 SDK for SAP ABAP API リファレンス」の「」を参照してください。