aws 如何管理对 ec2 的 iam ssh 访问
aws how to manage iam ssh access to ec2
我正在尝试遵循此 guid,但看起来堆栈可能缺少一些信息。我正在尝试在 eu-west-2
中创建它
https://cloudonaut.io/manage-aws-ec2-ssh-access-with-iam/
错误 “Template validation error: Template error: Unable to get mapping for RegionMap::eu-west-2::AMI”
更新
区域地图应该是这样的吗?
Mappings:
RegionMap:
'eu-west-2':
AMI: 'ami-098828924dc89ea4a'
我仍然遇到错误 Template error: Unable to get mapping for RegionMap::eu-west-2::AMI
更新 2
我缩短了让我去创建的 AMI id,但现在在创建过程中我得到了一个错误
The image id '[ami-09882892]' does not exist (Service: AmazonEC2; Status Code: 400; Error Code: InvalidAMIID.NotFound; Request ID: 63e7da3e-ac16-4382-91a2-5ea365d63fec; Proxy: null)
那个博客快 5 岁了,eu-west-2 那时候还不存在,它是在 2016 年 12 月公开发布的,博客是从 2016 年 4 月开始的。
根据链接的模板,这些是受支持的区域:
Mappings:
RegionMap:
'ap-south-1':
AMI: 'ami-cacbbea5'
'eu-west-1':
AMI: 'ami-d41d58a7'
'ap-northeast-2':
AMI: 'ami-a04297ce'
'ap-northeast-1':
AMI: 'ami-1a15c77b'
'sa-east-1':
AMI: 'ami-b777e4db'
'ap-southeast-1':
AMI: 'ami-7243e611'
'ap-southeast-2':
AMI: 'ami-55d4e436'
'eu-central-1':
AMI: 'ami-0044b96f'
'us-east-1':
AMI: 'ami-c481fad3'
'us-east-2':
AMI: 'ami-71ca9114'
'us-west-1':
AMI: 'ami-de347abe'
'us-west-2':
AMI: 'ami-b04e92d0'
我会非常小心地使用这个模板,因为这里使用的 AMI 可能已经完全过时了。
您应该使用以下 AMI,更新 CFT 并使用它
aws ssm get-parameter --name /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2 --region eu-west-2
{
"Parameter": {
"Name": "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2",
"Type": "String",
"Value": "ami-098828924dc89ea4a",
"Version": 38,
"LastModifiedDate": "2021-01-27T07:52:29.948000+05:30",
"ARN": "arn:aws:ssm:eu-west-2::parameter/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2",
"DataType": "text"
}
}
要获取最新的 Amazon Linux AMI 列表,请使用以下 ssm CLI
aws ssm get-parameters-by-path --path /aws/service/ami-amazon-linux-latest --query "Parameters[].Name" --region eu-west-2
[
"/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-ebs",
"/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-gp2",
"/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-s3",
"/aws/service/ami-amazon-linux-latest/amzn-ami-minimal-hvm-x86_64-ebs",
"/aws/service/ami-amazon-linux-latest/amzn-ami-minimal-hvm-x86_64-s3",
"/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-arm64-gp2",
"/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-ebs",
"/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2",
"/aws/service/ami-amazon-linux-latest/amzn2-ami-minimal-hvm-arm64-ebs",
"/aws/service/ami-amazon-linux-latest/amzn2-ami-minimal-hvm-x86_64-ebs"
]
我正在尝试遵循此 guid,但看起来堆栈可能缺少一些信息。我正在尝试在 eu-west-2
中创建它https://cloudonaut.io/manage-aws-ec2-ssh-access-with-iam/
错误 “Template validation error: Template error: Unable to get mapping for RegionMap::eu-west-2::AMI”
更新
区域地图应该是这样的吗?
Mappings:
RegionMap:
'eu-west-2':
AMI: 'ami-098828924dc89ea4a'
我仍然遇到错误 Template error: Unable to get mapping for RegionMap::eu-west-2::AMI
更新 2
我缩短了让我去创建的 AMI id,但现在在创建过程中我得到了一个错误
The image id '[ami-09882892]' does not exist (Service: AmazonEC2; Status Code: 400; Error Code: InvalidAMIID.NotFound; Request ID: 63e7da3e-ac16-4382-91a2-5ea365d63fec; Proxy: null)
那个博客快 5 岁了,eu-west-2 那时候还不存在,它是在 2016 年 12 月公开发布的,博客是从 2016 年 4 月开始的。
根据链接的模板,这些是受支持的区域:
Mappings:
RegionMap:
'ap-south-1':
AMI: 'ami-cacbbea5'
'eu-west-1':
AMI: 'ami-d41d58a7'
'ap-northeast-2':
AMI: 'ami-a04297ce'
'ap-northeast-1':
AMI: 'ami-1a15c77b'
'sa-east-1':
AMI: 'ami-b777e4db'
'ap-southeast-1':
AMI: 'ami-7243e611'
'ap-southeast-2':
AMI: 'ami-55d4e436'
'eu-central-1':
AMI: 'ami-0044b96f'
'us-east-1':
AMI: 'ami-c481fad3'
'us-east-2':
AMI: 'ami-71ca9114'
'us-west-1':
AMI: 'ami-de347abe'
'us-west-2':
AMI: 'ami-b04e92d0'
我会非常小心地使用这个模板,因为这里使用的 AMI 可能已经完全过时了。
您应该使用以下 AMI,更新 CFT 并使用它
aws ssm get-parameter --name /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2 --region eu-west-2
{
"Parameter": {
"Name": "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2",
"Type": "String",
"Value": "ami-098828924dc89ea4a",
"Version": 38,
"LastModifiedDate": "2021-01-27T07:52:29.948000+05:30",
"ARN": "arn:aws:ssm:eu-west-2::parameter/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2",
"DataType": "text"
}
}
要获取最新的 Amazon Linux AMI 列表,请使用以下 ssm CLI
aws ssm get-parameters-by-path --path /aws/service/ami-amazon-linux-latest --query "Parameters[].Name" --region eu-west-2
[
"/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-ebs",
"/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-gp2",
"/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-s3",
"/aws/service/ami-amazon-linux-latest/amzn-ami-minimal-hvm-x86_64-ebs",
"/aws/service/ami-amazon-linux-latest/amzn-ami-minimal-hvm-x86_64-s3",
"/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-arm64-gp2",
"/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-ebs",
"/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2",
"/aws/service/ami-amazon-linux-latest/amzn2-ami-minimal-hvm-arm64-ebs",
"/aws/service/ami-amazon-linux-latest/amzn2-ami-minimal-hvm-x86_64-ebs"
]