本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
步骤 3:为 Amazon Keyspaces 创建 VPC 端点
在这一步中,您将使用 AWS CLI为 Amazon Keyspaces 创建 VPC 端点。要使用 VPC 控制台创建 VPC 端点,您可以按照 AWS PrivateLink 指南中的创建 VPC 端点进行操作。筛选服务名称时,请输入 Cassandra。
使用创建 VPC 终端节点 AWS CLI
-
在开始之前,请验证您是否可以使用 Amazon Keyspaces 的公共端点与其进行通信。
aws keyspaces list-tables --keyspace-name 'myKeyspace'输出显示了包含在指定键空间中的 Amazon Keyspaces 表的列表。如果您没有任何表,该列表将为空。
{ "tables": [ { "keyspaceName": "myKeyspace", "tableName": "myTable1", "resourceArn": "arn:aws:cassandra:us-east-1:111122223333:/keyspace/catalog/table/myTable1" }, { "keyspaceName": "myKeyspace", "tableName": "myTable2", "resourceArn": "arn:aws:cassandra:us-east-1:111122223333:/keyspace/catalog/table/myTable2" } ] } -
验证 Amazon Keyspaces 是否为在当前 AWS 区域创建 VPC 终端节点的可用服务。(命令以粗体文本显示,后面是示例输出。)
aws ec2 describe-vpc-endpoint-services{ "ServiceNames": [ "com.amazonaws.us-east-1.cassandra", "com.amazonaws.us-east-1.cassandra-fips" ] }在示例输出中,Amazon Keyspaces 是可用的服务之一,因此您可以继续为其创建 VPC 端点。
-
确定您的 VPC 标识符。
aws ec2 describe-vpcs{ "Vpcs": [ { "VpcId": "vpc-a1234bcd", "InstanceTenancy": "default", "State": "available", "DhcpOptionsId": "dopt-8454b7e1", "CidrBlock": "111.31.0.0/16", "IsDefault": true } ] }在示例输出中,VPC ID 为
vpc-a1234bcd。 -
使用筛选条件来收集有关 VPC 子网的详细信息。
aws ec2 describe-subnets --filters "Name=vpc-id,Values=vpc-a1234bcd"{ { "Subnets":[ { "AvailabilityZone":"us-east-1a", "AvailabilityZoneId":"use2-az1", "AvailableIpAddressCount":4085, "CidrBlock":"111.31.0.0/20", "DefaultForAz":true, "MapPublicIpOnLaunch":true, "MapCustomerOwnedIpOnLaunch":false, "State":"available", "SubnetId":"subnet-920aacf9", "VpcId":"vpc-a1234bcd", "OwnerId":"111122223333", "AssignIpv6AddressOnCreation":false, "Ipv6CidrBlockAssociationSet":[ ], "SubnetArn":"arn:aws:ec2:us-east-1:111122223333:subnet/subnet-920aacf9", "EnableDns64":false, "Ipv6Native":false, "PrivateDnsNameOptionsOnLaunch":{ "HostnameType":"ip-name", "EnableResourceNameDnsARecord":false, "EnableResourceNameDnsAAAARecord":false } }, { "AvailabilityZone":"us-east-1c", "AvailabilityZoneId":"use2-az3", "AvailableIpAddressCount":4085, "CidrBlock":"111.31.32.0/20", "DefaultForAz":true, "MapPublicIpOnLaunch":true, "MapCustomerOwnedIpOnLaunch":false, "State":"available", "SubnetId":"subnet-4c713600", "VpcId":"vpc-a1234bcd", "OwnerId":"111122223333", "AssignIpv6AddressOnCreation":false, "Ipv6CidrBlockAssociationSet":[ ], "SubnetArn":"arn:aws:ec2:us-east-1:111122223333:subnet/subnet-4c713600", "EnableDns64":false, "Ipv6Native":false, "PrivateDnsNameOptionsOnLaunch":{ "HostnameType":"ip-name", "EnableResourceNameDnsARecord":false, "EnableResourceNameDnsAAAARecord":false } }, { "AvailabilityZone":"us-east-1b", "AvailabilityZoneId":"use2-az2", "AvailableIpAddressCount":4086, "CidrBlock":"111.31.16.0/20", "DefaultForAz":true, "MapPublicIpOnLaunch":true, } ] }在示例输出中,有两个可用的子网 ID:
subnet-920aacf9和subnet-4c713600。 -
创建 VPC 端点。对于
--vpc-id参数,指定上一步中的 VPC ID。对于--subnet-id参数,指定上一步中的 子网 ID。使用--vpc-endpoint-type参数将端点定义为接口。有关命令的更多信息,请参阅 AWS CLI 命令参考中的create-vpc-endpoint。aws ec2 create-vpc-endpoint --vpc-endpoint-type Interface --vpc-id vpc-a1234bcd --service-name com.amazonaws.us-east-1.cassandra --subnet-id subnet-920aacf9 subnet-4c713600{ "VpcEndpoint": { "VpcEndpointId": "vpce-000ab1cdef23456789", "VpcEndpointType": "Interface", "VpcId": "vpc-a1234bcd", "ServiceName": "com.amazonaws.us-east-1.cassandra", "State": "pending", "RouteTableIds": [], "SubnetIds": [ "subnet-920aacf9", "subnet-4c713600" ], "Groups": [ { "GroupId": "sg-ac1b0e8d", "GroupName": "default" } ], "IpAddressType": "ipv4", "DnsOptions": { "DnsRecordIpType": "ipv4" }, "PrivateDnsEnabled": true, "RequesterManaged": false, "NetworkInterfaceIds": [ "eni-043c30c78196ad82e", "eni-06ce37e3fd878d9fa" ], "DnsEntries": [ { "DnsName": "vpce-000ab1cdef23456789-m2b22rtz.cassandra.us-east-1.vpce.amazonaws.com", "HostedZoneId": "Z7HUB22UULQXV" }, { "DnsName": "vpce-000ab1cdef23456789-m2b22rtz-us-east-1a.cassandra.us-east-1.vpce.amazonaws.com", "HostedZoneId": "Z7HUB22UULQXV" }, { "DnsName": "vpce-000ab1cdef23456789-m2b22rtz-us-east-1c.cassandra.us-east-1.vpce.amazonaws.com", "HostedZoneId": "Z7HUB22UULQXV" }, { "DnsName": "vpce-000ab1cdef23456789-m2b22rtz-us-east-1b.cassandra.us-east-1.vpce.amazonaws.com", "HostedZoneId": "Z7HUB22UULQXV" }, { "DnsName": "vpce-000ab1cdef23456789-m2b22rtz-us-east-1d.cassandra.us-east-1.vpce.amazonaws.com", "HostedZoneId": "Z7HUB22UULQXV" }, { "DnsName": "cassandra.us-east-1.amazonaws.com", "HostedZoneId": "ZONEIDPENDING" } ], "CreationTimestamp": "2023-01-27T16:12:36.834000+00:00", "OwnerId": "111122223333" } } }
