是否可以在 AWS 中标记 SSH 密钥对?
Is it possible to tag a SSH key pair in AWS?
DescribeKeypairs说KeyPair可以有tags,但是不能通过tag或者tag_key过滤keys。 Plus 密钥对没有特定的类型 ID,如 i-*、vol-* 等,因此也无法使用 CreateTags 进行标记。也无法通过网络创建。
这一切看起来很混乱,因为无法创建标签但可以标记
有没有办法标记密钥对?
嗯...我没有亲自尝试过,但在 AWS CLI 中使用 describe-key-pairs 应该会给你密钥 ID。
然而,我发现标记密钥 ID 的唯一方法是使用 AWS CLI 生成它并查看输出。
如果使用简单的命令:
aws ec2 create-key-pair --key-name my-test-key --profile my-profile
然后输出有密钥id。
{
"KeyFingerprint": "6d:5c:e0:19:de:.........",
"KeyMaterial": "......",
"KeyName": "my-test-key",
"KeyPairId": "key-0ab4ff01abc9999e"
}
然后您可以使用您已经知道的 create-tags 标记资源。
1. IDs
从 aws-cli 版本 2.2.11 开始,对于 Linux,我发现密钥有 KeyPairIds ...资源 ID.
2。在标记键上
是的,您可以使用 ec2 create-tags。使用 create-key-pair 是很有问题的。
aws ec2 create-tags help 是以下命令的参考。
一般命令和参数...
aws ec2 create-tags \
--resources "string" "string" --tags Key=string,Value=string ...
示例。
首先描述我的密钥以获取资源 ID...密钥对 ID。
aws ec2 describe-key-pairs --profile-name adrianteri-devops
输出
{
"KeyPairs": [
{
"KeyPairId": "key-044180521638ac88d",
"KeyFingerprint": "69:b4:71:46:65:40:37:59:7c:8c:5f:fa:c6:46:5a:e4:12:e0:46:54",
"KeyName": "adrianteri-devops",
"Tags": []
},
{
"KeyPairId": "key-0c010638921030fdc",
"KeyFingerprint": "21:6b:f8:05:bc:96:13:8d:ba:75:41:bb:5b:43:15:f7:9c:b0:a3:a4",
"KeyName": "ansible-devops",
"Tags": []
}
{
"KeyPairId": "key-0d047bbc242c7e0a2",
"KeyFingerprint": "69:2d:6f:6f:af:cf:45:d3:a9:d5:e7:63:b3:54:8b:85:32:67:9e:a0",
"KeyName": "test-keypair",
"Tags": []
}
]
}
(END)
现在创建标签...
aws ec2 create-tags --resources key-044180521638ac88d key-0c010638921030fdc --tags Key=Project,Value=adrianteri-com Key=CreatedBy,Value=adrianteri --profile adrianteri-devops
测试密钥对有不同的标签。
aws ec2 create-tags --resources key-0d047bbc242c7e0a2 --tags Key=Project,Value=Test Key=CreatedBy,Value=TestBot Key=Billing,Value=QualityAssuarance --profile adrianteri-live-devops
再次描述我的密钥对的结果:
{
"KeyPairs": [
{
"KeyPairId": "key-044180521638ac88d",
"KeyFingerprint": "69:b4:71:46:65:40:37:59:7c:8c:5f:fa:c6:46:5a:e4:12:e0:46:54",
"KeyName": "adrianteri-devops-keypair",
"Tags": [
{
"Key": "Project",
"Value": "adrianteri-com"
},
{
"Key": "CreatedBy",
"Value": "adrianteri"
}
]
},
{
"KeyPairId": "key-0c010638921030fdc",
"KeyFingerprint": "21:6b:f8:05:bc:96:13:8d:ba:75:41:bb:5b:43:15:f7:9c:b0:a3:a4",
"KeyName": "ansible-devops-keypair",
"Tags": [
{
"Key": "Project",
"Value": "adrianteri-com"
},
{
"Key": "CreatedBy",
"Value": "adrianteri"
}
]
},
{
"KeyPairId": "key-0d047bbc242c7e0a2",
"KeyFingerprint": "69:2d:6f:6f:af:cf:45:d3:a9:d5:e7:63:b3:54:8b:85:32:67:9e:a0",
"KeyName": "test-keypair",
"Tags": [
{
"Key": "Project",
"Value": "Test"
},
{
"Key": "CreatedBy",
"Value": "TestBot"
},
{
"Key": "Billing",
"Value": "QualityAssuarance"
}
]
}
]
}
(END)
3。按标签过滤键
也可以使用 --过滤器 tag-key 和 tag :<key>.
tag-key
aws ec2 describe-key-pairs --filters Name=tag-key,Values=Billing --profile adrianteri-devops
输出
{
"KeyPairs": [
{
"KeyPairId": "key-0d047bbc242c7e0a2",
"KeyFingerprint": "69:2d:6f:6f:af:cf:45:d3:a9:d5:e7:63:b3:54:8b:85:32:67:9e:a0",
"KeyName": "test-keypair",
"Tags": [
{
"Key": "Project",
"Value": "Test"
},
{
"Key": "CreatedBy",
"Value": "TestBot"
},
{
"Key": "Billing",
"Value": "QualityAssurance"
}
]
}
]
}
(END)
tag :<key>
aws ec2 describe-key-pairs --filters Name=tag:CreatedBy,Values=adrianteri -profile adrianteri-devops
输出
{
"KeyPairs": [
{
"KeyPairId": "key-044180521638ac88d",
"KeyFingerprint": "69:b4:71:46:65:40:37:59:7c:8c:5f:fa:c6:46:5a:e4:12:e0:46:54",
"KeyName": "adrianteri-devops-keypair",
"Tags": [
{
"Key": "Project",
"Value": "adrianteri-com"
},
{
"Key": "CreatedBy",
"Value": "adrianteri"
}
]
},
{
"KeyPairId": "key-0c010638921030fdc",
"KeyFingerprint": "21:6b:f8:05:bc:96:13:8d:ba:75:41:bb:5b:43:15:f7:9c:b0:a3:a4",
"KeyName": "ansible-devops-keypair",
"Tags": [
{
"Key": "Project",
"Value": "adrianteri-com"
},
{
"Key": "CreatedBy",
"Value": "adrianteri"
}
]
}
]
}
(END)
DescribeKeypairs说KeyPair可以有tags,但是不能通过tag或者tag_key过滤keys。 Plus 密钥对没有特定的类型 ID,如 i-*、vol-* 等,因此也无法使用 CreateTags 进行标记。也无法通过网络创建。
这一切看起来很混乱,因为无法创建标签但可以标记
有没有办法标记密钥对?
嗯...我没有亲自尝试过,但在 AWS CLI 中使用 describe-key-pairs 应该会给你密钥 ID。
然而,我发现标记密钥 ID 的唯一方法是使用 AWS CLI 生成它并查看输出。
如果使用简单的命令:
aws ec2 create-key-pair --key-name my-test-key --profile my-profile
然后输出有密钥id。
{
"KeyFingerprint": "6d:5c:e0:19:de:.........",
"KeyMaterial": "......",
"KeyName": "my-test-key",
"KeyPairId": "key-0ab4ff01abc9999e"
}
然后您可以使用您已经知道的 create-tags 标记资源。
1. IDs
从 aws-cli 版本 2.2.11 开始,对于 Linux,我发现密钥有 KeyPairIds ...资源 ID.
2。在标记键上
是的,您可以使用 ec2 create-tags。使用 create-key-pair 是很有问题的。
aws ec2 create-tags help 是以下命令的参考。
一般命令和参数...
aws ec2 create-tags \
--resources "string" "string" --tags Key=string,Value=string ...
示例。
首先描述我的密钥以获取资源 ID...密钥对 ID。
aws ec2 describe-key-pairs --profile-name adrianteri-devops
输出
{
"KeyPairs": [
{
"KeyPairId": "key-044180521638ac88d",
"KeyFingerprint": "69:b4:71:46:65:40:37:59:7c:8c:5f:fa:c6:46:5a:e4:12:e0:46:54",
"KeyName": "adrianteri-devops",
"Tags": []
},
{
"KeyPairId": "key-0c010638921030fdc",
"KeyFingerprint": "21:6b:f8:05:bc:96:13:8d:ba:75:41:bb:5b:43:15:f7:9c:b0:a3:a4",
"KeyName": "ansible-devops",
"Tags": []
}
{
"KeyPairId": "key-0d047bbc242c7e0a2",
"KeyFingerprint": "69:2d:6f:6f:af:cf:45:d3:a9:d5:e7:63:b3:54:8b:85:32:67:9e:a0",
"KeyName": "test-keypair",
"Tags": []
}
]
}
(END)
现在创建标签...
aws ec2 create-tags --resources key-044180521638ac88d key-0c010638921030fdc --tags Key=Project,Value=adrianteri-com Key=CreatedBy,Value=adrianteri --profile adrianteri-devops
测试密钥对有不同的标签。
aws ec2 create-tags --resources key-0d047bbc242c7e0a2 --tags Key=Project,Value=Test Key=CreatedBy,Value=TestBot Key=Billing,Value=QualityAssuarance --profile adrianteri-live-devops
再次描述我的密钥对的结果:
{
"KeyPairs": [
{
"KeyPairId": "key-044180521638ac88d",
"KeyFingerprint": "69:b4:71:46:65:40:37:59:7c:8c:5f:fa:c6:46:5a:e4:12:e0:46:54",
"KeyName": "adrianteri-devops-keypair",
"Tags": [
{
"Key": "Project",
"Value": "adrianteri-com"
},
{
"Key": "CreatedBy",
"Value": "adrianteri"
}
]
},
{
"KeyPairId": "key-0c010638921030fdc",
"KeyFingerprint": "21:6b:f8:05:bc:96:13:8d:ba:75:41:bb:5b:43:15:f7:9c:b0:a3:a4",
"KeyName": "ansible-devops-keypair",
"Tags": [
{
"Key": "Project",
"Value": "adrianteri-com"
},
{
"Key": "CreatedBy",
"Value": "adrianteri"
}
]
},
{
"KeyPairId": "key-0d047bbc242c7e0a2",
"KeyFingerprint": "69:2d:6f:6f:af:cf:45:d3:a9:d5:e7:63:b3:54:8b:85:32:67:9e:a0",
"KeyName": "test-keypair",
"Tags": [
{
"Key": "Project",
"Value": "Test"
},
{
"Key": "CreatedBy",
"Value": "TestBot"
},
{
"Key": "Billing",
"Value": "QualityAssuarance"
}
]
}
]
}
(END)
3。按标签过滤键
也可以使用 --过滤器 tag-key 和 tag :<key>.
tag-key
aws ec2 describe-key-pairs --filters Name=tag-key,Values=Billing --profile adrianteri-devops
输出
{
"KeyPairs": [
{
"KeyPairId": "key-0d047bbc242c7e0a2",
"KeyFingerprint": "69:2d:6f:6f:af:cf:45:d3:a9:d5:e7:63:b3:54:8b:85:32:67:9e:a0",
"KeyName": "test-keypair",
"Tags": [
{
"Key": "Project",
"Value": "Test"
},
{
"Key": "CreatedBy",
"Value": "TestBot"
},
{
"Key": "Billing",
"Value": "QualityAssurance"
}
]
}
]
}
(END)
tag :<key>
aws ec2 describe-key-pairs --filters Name=tag:CreatedBy,Values=adrianteri -profile adrianteri-devops
输出
{
"KeyPairs": [
{
"KeyPairId": "key-044180521638ac88d",
"KeyFingerprint": "69:b4:71:46:65:40:37:59:7c:8c:5f:fa:c6:46:5a:e4:12:e0:46:54",
"KeyName": "adrianteri-devops-keypair",
"Tags": [
{
"Key": "Project",
"Value": "adrianteri-com"
},
{
"Key": "CreatedBy",
"Value": "adrianteri"
}
]
},
{
"KeyPairId": "key-0c010638921030fdc",
"KeyFingerprint": "21:6b:f8:05:bc:96:13:8d:ba:75:41:bb:5b:43:15:f7:9c:b0:a3:a4",
"KeyName": "ansible-devops-keypair",
"Tags": [
{
"Key": "Project",
"Value": "adrianteri-com"
},
{
"Key": "CreatedBy",
"Value": "adrianteri"
}
]
}
]
}
(END)