通过Boto关联的IAM角色过滤ec2实例 [英] filtering ec2 instances by associated IAM role with boto

问题描述

我在AWS上有一些与同一IAM角色相关联的实例.我正在寻找编写返回这些实例的代码.
基于此文档: http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html ，我看到有可用的过滤器iam-instance-profile.arn.我只是不确定我将如何使用它，或者那是否是我应该使用的.

I have a few instances on AWS that are associated with the same IAM Role. I'm looking to write a code that returns these instances.
Based from this document: http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html, I see that there is an available filter iam-instance-profile.arn. I'm just not sure how I would go about using that or if that is what I should be using.

这是一个实例，其中实例通过标签过滤.

This is an example where instances are filtered by tags.

conn = boto.ec2.connect_to_region('ap-southeast-1')
reservations = conn.get_all_instances(filters={"tag:Name": "my-instance-1"});

for reservation in reservations:
    instance = reservation.instances[0] 

除了使用IAM角色作为过滤器外，我想做类似的事情.

I'd like to do something similar except with an IAM Role as the filter.

另一件事-conn.get_all_instances(filters={"tag:Name": "my-instance-1"});上面的示例返回保留.我想获取实例，而不必通过预订获取实例.例如:conn.get_only_instances(instance_ids=['i-cc186913'])返回实例.
拥有过滤器(IAM角色)并仅返回实例(不通过预订获取实例)的最佳方法是什么?

Another thing - the example above conn.get_all_instances(filters={"tag:Name": "my-instance-1"});returns reservations. I'd like to get the instances without having to get them through reservations. For example: conn.get_only_instances(instance_ids=['i-cc186913']) returns me the instance.
What is the best way where I could have a filter (IAM Role) and return ONLY instances (not getting them through reservations)?

推荐答案

为该角色传递实例配置文件ARN(可以从IAM仪表板获取或构造该角色).示例:

Pass your instance profile ARN for that role (which you can get from IAM dashboard or you can construct it). Example:

conn.get_only_instances(filters={"iam-instance-profile.arn": "arn:aws:iam::<your-account-number>:instance-profile/<your-role-name>"})

它将返回实例列表，您可以遍历该实例.

It will return a list of instance and you can loop through it.

>>> conn.get_only_instances(filters={"iam-instance-profile.arn":"arn:aws:iam::123456781221:instance-profile/stackoverflowRole"})
[Instance:i-8ba223ab]

这篇关于通过Boto关联的IAM角色过滤ec2实例的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！