如何通过 boto3 获取 AWS EC2 的配额？

Question

I'm working on boto3 - SDK python for AWS.

How can I get AWS Service Limits via boto3 library like bellow:

http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html

Answer 1

Some of those limits can be queried through EC2.Client.describe_account_attributes()

describe_account_attributes(**kwargs)

Describes attributes of your AWS account. The following are the supported account attributes:

...

• max-instances : The maximum number of On-Demand instances that you can run.

• vpc-max-security-groups-per-interface : The maximum number of security groups that you can assign to a network interface.

• max-elastic-ips : The maximum number of Elastic IP addresses that you can allocate for use with EC2-Classic.

• vpc-max-elastic-ips : The maximum number of Elastic IP addresses that you can allocate for use with EC2-VPC.

Answer 2

Why not use awsLimitchecker ? I use it to create a report every morning and send it to a slack group, where I monitor our current limits. Works really well.

Answer 3

There is a better option than awsLimitChecker , as not all AWS Service Instances' Quota can be retrieved through it, for example for many EC2 instances you need to use TrustedAdvisor service and many EC2 service instances' quota could not be retrieved at all. Also recently AWS has changed the on-demand service quota EC2 instance based limits to vCPU based limit, categorized as follows:

• Running On-Demand Standard (A, C, D, H, I, M, R, T, Z) instances -> 1152 vCPUs
• Running On-Demand F instances -> 128 vCPUs
• Running On-Demand G instances -> 128 vCPUs
• Running On-Demand P instances -> 128 vCPUs
• Running On-Demand X instances -> 128 vCPUs

Another approach to retrieve service quota is using boto3's Service Quota client . You can use APIs like list_service_quotas to retrieve complete list of service quotas support by an aws service ( ec2 ). Or for specific service quota you can use get_service_quota . Additionally to use above mentioned APIs make sure to add service quotas actions (policy) into IAM user / group.

Following is source code snippet.

import boto3

map_quota_codes = {}
client = ''

def get_service_quota(self, quota_name):
    """
    Retrieves requested AWS service quota.
    :param str quota_name: Full name of Quota e.g. Running On-Demand Standard (A, C, D, H, I, M, R, T, Z) instances
    """
    if not map_quota_codes or quota_name not in map_quota_codes:
        return {}

    quota_code = map_quota_codes[quota_name]["QuotaCode"]
    res = client.get_service_quota(ServiceCode = 'ec2', QuotaCode = quota_code)

    return res["Quota"]

if __name__ == "main":

    # AWS account login should be done here.
    client = boto3.client('service-quotas')
    service_quota_resp = self.client.list_service_quotas(ServiceCode = 'ec2')

    # this is required to map get correct quota code for respective ec2 service quota.
    for quota in service_quota_resp['Quotas']:
        map_quota_codes[quota["QuotaName"]] = {'QuotaCode': quota["QuotaCode"]}

    while "NextToken" in service_quota_resp:
        service_quota_resp = client.list_service_quotas(ServiceCode = 'ec2', NextToken = service_quota_resp["NextToken"])

        for quota in service_quota_resp['Quotas']:
            map_quota_codes[quota["QuotaName"]] = {'QuotaCode': quota["QuotaCode"]}

End Note: If you like the description and my answer helped you Upvote it and mark it as an answer. thanks

jack