英文:
Create EC2 instance, start instance and run Linux command using Boto3
问题
我正在尝试创建一个AWS EC2实例,启动它,执行一个简单的Linux命令并打印输出。然而,我一直得到以下错误:
> botocore.errorfactory.InvalidInstanceId: 在调用SendCommand操作时发生错误 (InvalidInstanceId):实例[[the_instance_id]]不处于有效状态,适用于帐户<some_account>。
目前,我使用以下的boto3脚本创建实例:
import boto3
ec2 = boto3.resource('ec2')
instance = ec2.create_instances(
ImageId='ami-0b828c1c5ac3f13ee',
MinCount=1,
MaxCount=1,
InstanceType='t2.micro'
)
print(instance)
在AWS控制台上,'状态检查'显示'2/2个检查通过'。然后,我将实例ID复制粘贴到下面的脚本中,以执行Linux的echo命令:
import boto3
commands = ['echo "hello world"']
ssm_client = boto3.client('ssm')
output = ssm_client.send_command(
InstanceIds=['<the_instance_id>'],
DocumentName='AWS-RunShellScript',
Parameters={
'commands': commands
}
)
print(output)
然而,我得到:
botocore.errorfactory.InvalidInstanceId: 在调用SendCommand操作时发生错误 (InvalidInstanceId):实例[[<the instance id>]]不处于有效状态,适用于帐户<some account>。
英文:
I am trying to create an AWS EC2 instance, start it, execute a simple Linux command and print the output. However, I keep getting:
> botocore.errorfactory.InvalidInstanceId: An error occurred
> (InvalidInstanceId) when calling the SendCommand operation: Instances
> [[the_instance_id]] not in a valid state for account <some_account>
At the moment I use this boto3 script to create the instance:
import boto3
ec2 = boto3.resource('ec2')
instance = ec2.create_instances(
ImageId='ami-0b828c1c5ac3f13ee',
MinCount=1,
MaxCount=1,
InstanceType='t2.micro'
)
print(instance)
In the AWS Console the 'status check' says '2/2 checks passed'. I then copy-paste the instance-id in to the below script to execute a Linux echo command:
import boto3
commands = [' echo "hello world"']
ssm_client = boto3.client('ssm')
output = ssm_client.send_command(
InstanceIds=[<the_instance_id>],
DocumentName='AWS-RunShellScript',
Parameters={
'commands': commands
}
)
print(output)
However, I get:
botocore.errorfactory.InvalidInstanceId: An error occurred (InvalidInstanceId) when calling the SendCommand operation: Instances [[<the instance id>]] not in a valid state for account <some account>
答案1
得分: 2
在发送这个命令之前,你需要检查几件事情。
首先,AWS SSM(系统管理器)代理程序需要在实例上运行。没有它,你将无法通过SSM发送命令。幸运的是,AWS Linux发行版默认安装了它,所以选择这个AMI会更容易些。但如果你想使用Ubuntu或其他发行版,你需要首先启动AWS SSM代理程序,并确保它始终在运行。
第二件事是实例权限。你需要添加到实例角色策略中的AmazonSSMManagedEC2InstanceDefaultPolicy,或者其他适用的策略。这里有一个完整的列表,描述了你可能的用例:https://docs.aws.amazon.com/systems-manager/latest/userguide/security-iam-awsmanpol.html
然后你应该能够轻松地运行SSM命令并通过AWS Web控制台终端连接 :-)
英文:
Before you send this command, you need to check few things.
First, the AWS SSM (Systems Manager) agent needs to be running on the instance. Without it, you won't be able to send commands through SSM. Fortunately, AWS Linux distro has it installed by default, so choose this AMI to keep things easy. But if you want to use Ubuntu or other stuff, you need to start AWS SSM Agent first and make sure it's always running.
The second thing is instance permission. You need to add to the Instance role policy called AmazonSSMManagedEC2InstanceDefaultPolicy, or other applicable. Here is a full list that describes your potential use cases: https://docs.aws.amazon.com/systems-manager/latest/userguide/security-iam-awsmanpol.html
Then you should be able to easily run SSM commands and connect through AWS Web console terminal 
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论