如何使用 AWS CLI 来管理服务配额请求，进而排查错误？

简短描述

以下是使用 AWS CLI 查看和管理提高配额请求时可能出现的常见错误：

• list-service-quotas 命令未列出所有可用配额。
• 错误：“An error occurred (ResourceAlreadyExistsException) when calling the RequestServiceQuotaIncrease operation: Only one open service quota increase request is allowed per quota”。
• 错误：“An error occurred (NoSuchResourceException) when calling the ListAWSDefaultServiceQuotas operation: The request failed because the specified service does not exist”。

有关解决与 Service Quotas 无关的 AWS CLI 错误的一般信息，请参阅为什么我在运行 AWS CLI 命令时会遇到错误？

解决方案

确认您使用的是最新版本的 AWS CLI

如果您使用的是较早版本的 AWS CLI，则可能会在使用 API 命令时遇到问题。请升级到最新版本的 AWS CLI，然后再次尝试运行命令。

错误：list-service-quotas 命令未列出所有可用配额

list-service-quotas 命令返回已应用配额值的配额。要返回所有默认值，请使用 list-aws-default-service-quotas 命令。

以下示例使用 list-service-quotas 命令。输出列出了已应用值的两项服务。

# aws service-quotas list-service-quotas --service-code vpc --region eu-west-1 --query "Quotas[*].{ServiceName:ServiceName,QuotaName:QuotaName,QuotaCode:QuotaCode,Value:Value}" --output table
------------------------------------------------------------------------------------------------------
| ListServiceQuotas |
+------------+--------------------------------+---------------------------------------------+--------+
| QuotaCode | QuotaName | ServiceName | Value |
+------------+--------------------------------+---------------------------------------------+--------+
| L-A4707A72| Internet gateways per Region | Amazon Virtual Private Cloud (Amazon VPC) | 10.0 |
| L-F678F1CE| VPCs per Region | Amazon Virtual Private Cloud (Amazon VPC) | 10.0 |
+------------+--------------------------------+---------------------------------------------+--------+

以下示例使用 list-service-quota 命令。输出列出了与服务（在此示例中为 VPC）相关联的所有配额及其默认配额值。

# aws service-quotas list-aws-default-service-quotas --service-code vpc --region eu-west-1 --query "Quotas[*].{ServiceName:ServiceName,QuotaName:QuotaName,QuotaCode:QuotaCode,Value:Value}" --output table
-----------------------------------------------------------------------------------------------------------------------
| ListAWSDefaultServiceQuotas |
+------------+------------------------------------------------+---------------------------------------------+---------+
| QuotaCode | QuotaName | ServiceName | Value |
+------------+------------------------------------------------+---------------------------------------------+---------+
| L-7E9ECCDB| Active VPC peering connections per VPC | Amazon Virtual Private Cloud (Amazon VPC) | 50.0 |
| L-45FE3B85| Egress-only internet gateways per Region | Amazon Virtual Private Cloud (Amazon VPC) | 5.0 |
| L-1B52E74A| Gateway VPC endpoints per Region | Amazon Virtual Private Cloud (Amazon VPC) | 20.0 |
| L-83CA0A9D| IPv4 CIDR blocks per VPC | Amazon Virtual Private Cloud (Amazon VPC) | 5.0 |
| L-085A6257| IPv6 CIDR blocks per VPC | Amazon Virtual Private Cloud (Amazon VPC) | 1.0 |
| L-0EA8095F| Inbound or outbound rules per security group | Amazon Virtual Private Cloud (Amazon VPC) | 60.0 |
| L-29B6F2EB| Interface VPC endpoints per VPC | Amazon Virtual Private Cloud (Amazon VPC) | 50.0 |
| L-A4707A72| Internet gateways per Region | Amazon Virtual Private Cloud (Amazon VPC) | 5.0 |
| L-FE5A380F| NAT gateways per Availability Zone | Amazon Virtual Private Cloud (Amazon VPC) | 5.0 |
| L-B4A6D682| Network ACLs per VPC | Amazon Virtual Private Cloud (Amazon VPC) | 200.0 |
| L-DF5E4CA3| Network interfaces per Region | Amazon Virtual Private Cloud (Amazon VPC) | 5000.0 |
| L-DC9F7029| Outstanding VPC peering connection requests | Amazon Virtual Private Cloud (Amazon VPC) | 25.0 |
| L-2C462E13| Participant accounts per VPC | Amazon Virtual Private Cloud (Amazon VPC) | 100.0 |
| L-589F43AA| Route tables per VPC | Amazon Virtual Private Cloud (Amazon VPC) | 200.0 |
| L-93826ACB| Routes per route table | Amazon Virtual Private Cloud (Amazon VPC) | 50.0 |
| L-2AEEBF1A| Rules per network ACL | Amazon Virtual Private Cloud (Amazon VPC) | 20.0 |
| L-2AFB9258| Security groups per network interface | Amazon Virtual Private Cloud (Amazon VPC) | 5.0 |
| L-407747CB| Subnets per VPC | Amazon Virtual Private Cloud (Amazon VPC) | 200.0 |
| L-44499CD2| Subnets that can be shared with an account | Amazon Virtual Private Cloud (Amazon VPC) | 100.0 |
| L-8312C5BB| VPC peering connection request expiry hours | Amazon Virtual Private Cloud (Amazon VPC) | 168.0 |
| L-E79EC296| VPC security groups per Region | Amazon Virtual Private Cloud (Amazon VPC) | 2500.0 |
| L-F678F1CE| VPCs per Region | Amazon Virtual Private Cloud (Amazon VPC) | 5.0 |
+------------+------------------------------------------------+---------------------------------------------+---------+

错误：“An error occurred (ResourceAlreadyExistsException) when calling the RequestServiceQuotaIncrease operation: Only one open service quota increase request is allowed per quota.”

每个配额仅允许提出一个提高服务配额的请求。如果前一个请求尚未完成即提交另一个请求，那么您会遇到 ResourceAlreadyExistsException 错误。

在提交另一个提高配额的请求之前，请先验证前一个配额提高请求是否已完成。

错误：“An error occurred (NoSuchResourceException) when calling the ListAWSDefaultServiceQuotas operation: The request failed because the specified service does not exist.”

出现这一错误可能是由于以下原因：

• 客户正在尝试访问未与 Service Quotas 集成的服务。
• 服务代码区分大小写。例如，您不能将服务代码 ec2 的值输入为 EC2。以下示例显示 --service-code 值应正确显示为 ec2：

# aws service-quotas get-service-quota --service-code ec2 --quota-code L-0263D0A3 --region eu-west-1

---

相关信息

如何使用 AWS CLI 命令请求、查看和管理增加服务配额的请求？

什么是 Service Quotas？

Service Quotas 简介：从一个位置集中查看和管理 AWS 服务的配额

Service Quotas API 参考

AWS CLI 命令参考 - 服务配额