我想知道给定的 AWS VPC 子网是否是“公共子网”,即它是否可以直接访问互联网。据我了解,为此我需要检查与该子网关联的路由表是否与互联网网关关联,即它有一个带有"destination_cidr_block"="0.0.0.0/0"and的条目"gateway_id"="igw-blahblah"。所以使用 Ruby AWS SDK,我正在做这样的事情:
def is_public_subnet(subnet_id)
client = AWS::EC2::Client.new
rt = client.describe_route_tables(:filters => [:name => "association.subnet-id", :values => [subnet_id]])
if rt[:route_table_set].empty?
# no route table associated with it. Must be using main route table.
rt = client.describe_route_tables(:filters => [:name => "association.main", :values => ["true"]])
end
rt[:route_table_set][0][:route_set].each do |route|
if route[:destination_cidr_block] == "0.0.0.0/0"
if route[:gateway_id].start_with?("igw-")
return true
end
end
end
return false
end
我想问一下在方法和 ruby sdk 代码方面是否有更好的方法来做到这一点。