Find Old Snapshots
aws ec2 describe-snapshots --region us-east-1 --profile profile --query 'Snapshots[?StartTime<=`2019-03-01`]'
Retrieve Windows Password
aws ec2 get-password-data --instance-id $instance --profile profile --priv-launch-key ~/Desktop/my.pem
Refresh an Auto Scaling Group
aws autoscaling start-instance-refresh --auto-scaling-group-name my-asg --profile profile --region us-east-2
Show All EC2 Instances Behind an ASG
aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names `aws autoscaling describe-auto-scaling-groups --profile profile --query 'AutoScalingGroups[].AutoScalingGroupName' --output text` --profile profile --query 'AutoScalingGroups[].Instances[].InstanceId'
List EC2 Instance if Tag Exists
aws ec2 --profile account --region region describe-instances --filters "Name=tag-key,Values=SomeString" --query 'Reservations[].Instances[].[Tags[?Key==`Name`].Value | join(`, `, @), InstanceId | join(`, `, to_array(to_string(@))) ]' --output table
List EC2 Instance if Tag DOES NOT Exists
aws ec2 describe-instances --profile profile --region region --query 'Reservations[].Instances[?!contains(Tags[].Key, `SomeString`)][].[Tags[?Key==`Name`].Value | join(`, `, @), InstanceId | join(`, `, to_array(to_string(@))) ]' --output table
Describe Instances and Sort
aws ec2 describe-instances --profile profile --region us-east-2 --query 'Reservations[*].Instances[*][InstanceId,LaunchTime,ImageId,PlatformDetails,Tags[?Key==`Name`]| [0].Value][] | sort_by(@, &[1]) ' --output table
List Name of EC2 Instances
aws ec2 describe-instances --region us-east-1 --profile profile --query 'Reservations[].Instances[].Tags[?Key==`Name`].Value' --output text
Find Images by Name
aws ec2 describe-instances --region us-east-1 --profile profile --query "Reservations[].Instances[?Tags[?Key == 'Name' && contains(Value, '<query string>')][]][].[join(': ',[InstanceId,SecurityGroups[0].GroupId])]"
Contains Example
aws secretsmanager list-secrets --region us-east-1 --query 'SecretList[?contains(Name, `ssh`)==`true`].Name'
Find Network Interfaces
aws ec2 describe-instances --filters "Name=vpc-id,Values=vpc-5ef0b731" --query 'Reservations[*].Instances[*].NetworkInterfaces[*].NetworkInterfaceId' --output text
List Name of EC2 Instance and Related Network Interface
aws ec2 describe-instances --region us-east-1 --query 'Reservations[*].Instances[].[Tags[?Key==`Name`].Value, NetworkInterfaces[*].NetworkInterfaceId]' --output text
List Instances Name and Instance ID
aws ec2 describe-instances --region us-east-1 --profile profile --query 'Reservations[*].Instances[].[Tags[?Key==`Name`].Value | join(`, `, @), InstanceId | join(`, `, to_array(to_string(@))) ]' --output table
List Instance Name, ID and Type
aws ec2 describe-instances --region us-east-1 --profile profile --query 'Reservations[*].Instances[].[Tags[?Key==`Name`].Value | join(`, `, @), InstanceId, InstanceType | join(`, `, to_array(to_string(@))) ]' --output table
Instance Name, ID, and Key
aws ec2 describe-instances --instance-ids `cat /tmp/instances.txt` --region us-east-1 --query 'Reservations[].Instances[].[Tags[?Key==`Name`].Value | join(`, `, @), InstanceId,KeyName | join(`, `, to_array(to_string(@))) ]' --output table
List Name of EC2 Instances
aws ec2 describe-instances --region us-east-1 --profile 133 --query 'Reservations[*].Instances[].Tags[?Key==`Name`].Value' --output text
Show Name of Running Instances
aws ec2 describe-instances --profile 133 --region us-east-1 --filters "Name=instance-state-code, Values=16" --query 'Reservations[].Instances[].NetworkInterfaces[].PrivateIpAddresses[].PrivateIpAddress' --output text
Show EC2 Instance Name and IP Address
aws ec2 describe-instances --query 'Reservations[*].Instances[].[ Tags[?Key==`Name`].Value | join(`, `, @), NetworkInterfaces[].PrivateIpAddress[] | join(`, `, to_array(to_string(@))) ]' --profile legacy --region us-east-1 --output table
Show EC2 Instance Name and Instance ID
aws ec2 describe-instances --query 'Reservations[*].Instances[].[ Tags[?Key==`Name`].Value | join(`, `, @), InstanceId | join(`, `, to_array(to_string(@))) ]' --profile legacy --region us-east-1 --output table
Encrypt Bucket with AES256
aws s3api put-bucket-encryption --bucket famc-gold-image --server-side-encryption-configuration '{"Rules": [{"ApplyServerSideEncryptionByDefault": {"SSEAlgorithm": "AES256"}}]}' --profile legacy
Find Name of EC2 Instances Associated with Network Interface
aws ec2 describe-instances --output text --query 'Reservations[*].Instances[].Tags[?Key==`Name`].Value' --filters "Name=instance-state-name,Values=running,Name=network-interface.network-interface-id , Values=eni-8c20e1a0" --profile legacy --region us-east-1
List Snapshots
aws ec2 describe-snapshots --query Snapshots[].SnapshotId --filters Name=owner-id,Values=858737304353 --profile legacy --region us-east-1
Delete Available Volumes
for each in `aws ec2 describe-volumes --filter "Name=status, Values=available" --profile famc-prod --region us-east-1 --query Volumes[].VolumeId --output text`; do echo $each; aws ec2 delete-volume --volume-id $each --profile prod --region us-east-1; done
Allocate Elastic IP
ip2=`aws ec2 allocate-address --profile legacy --region us-east-1 | jq .PublicIp | sed 's/\"//g' `
ACL – Add Read Permissions to Object
aws s3 cp Image\ from\ iOS.jpg s3://thinkicide/public/ --acl public-read --profile default --region us-east-1
ACL – Add Read Permissions for Any AWS User
Cannot be done through the console!
aws s3 cp Image\ from\ iOS.jpg s3://thinkicide/public/ --acl authenticated-read --profile default --region us-east-1
List Names of EC2 Instance
aws ec2 describe-instances --profile famc-legacy --region us-east-1 | jq '.Reservations[].Instances[].Tags[]|select(.Key=="Name").Value'
List Name and IP Addresses of Running EC2
aws ec2 describe-instances --filters Name=instance-state-code,Values=16 --query 'Reservations[*].Instances[].[ Tags[?Key==`Name`].Value | join(`, `, @), NetworkInterfaces[].PrivateIpAddress[] | join(`, `, to_array(to_string(@))) ]' --profile ops --region us-east-1 --output table
List Unencrypted Volumes
aws ec2 describe-volumes --profile legacy --region us-east-1 --filters "Name=encrypted,Values=false" --query 'Volumes[].Tags[?Key==Name
].Value[] | []'
AmazonSSMRoleForInstancesQuickSetup
aws ec2 describe-instances --profile profile --region us-east-1 --filters Name=iam-instance-profile.arn,Values=arn:aws:iam::<account>:instance-profile/AmazonSSMRoleForInstancesQuickSetup --query Reservations[].Instances[].InstanceId
Add IAM Policy
aws iam create-policy --policy-name DenyFromNonFAMCNetwork --policy-document file://policy --profile famc-qa
All EC2 Instances in a Subnet
aws ec2 describe-instances --filters Name=subnet-id,Values=subnet-f0fcbb9f --profile legacy --region us-east-1 --query 'Reservations[].Instances[].Tags[?Key==`Name`].Value[] | []'
Create and EKS Cluster
aws eks create-cluster --name test --role-arn arn:aws:iam::442327582670:role/eksClusterRole --resources-vpc-config subnetIds=subnet-0d0d281ff87371cfa,subnet-0f45ccf5e7ef61ed5 --region us-east-1 --profile whatsbrewingnashville
Restore Instance from AMI
aws ec2 run-instances --image-id ami-0270754c4d6d906fb --count 1 --instance-type t2.large --key-name orc-be --security-group-ids sg-0b7204c40f9316d93 --subnet-id subnet-7bec4151 --private-ip-address 172.24.98.145 --profile qa --region us-east-1
List QuardDuty Members
aws guardduty list-members --detector-id xxxx --profile legacy --region us-east-1 --output table
Create AMI from EC2 Instance
aws ec2 create-image --instance-id i-1578acbd --name "orc-be ami" --description "orc-be prior to update" --profile legacy --region us-east-1
Create an EBS Volume
ec2 create-volume --availability-zone=us-east-1a --size=10 --volume-type=gp2 --profile whatsbrewingnashville --region us-east-1
Create a VPC
aws ec2 create-vpc --cidr-block 10.0.0.0/16 --region us-east-1 --profile legacy
Create a Subnet
aws ec2 create-subnet --vpc-id vpc-05082fb9b9fde73be --cidr-block 10.0.1.0/24 --availability-zone us-east-1a --region us-east-1 --profile legacy
List gp2 Volumes
aws ec2 describe-volumes --filters Name=volume-type,Values=gp2 --query Volumes[].VolumeId --output text --profile legacy --region us-east-1
Create a CodeCommit Repository
aws codecommit create-repository --repository-name MyDemoRepo --repository-description "My demonstration repository" --profile legacy --region us-east-1
Add Files to Your CodeCommit Repository
aws codecommit put-file --repository-name MyDemoRepo --branch-name master --file-content fileb://ec2.json --file-path ec2.json --profile legacy --region us-east-1
List Names of S3 Buckets
aws s3api list-buckets --profile legacy --region us-east-1 --query Buckets[].Name --output text
List Names of VPC(s)
aws ec2 describe-vpcs --query 'Vpcs[].Tags[?Key==`Name`].Value' --profile legacy --region us-east-1 --output text
List VPC Endpoint Id(s)
aws ec2 describe-vpc-endpoints --query VpcEndpoints[].VpcEndpointId[] --profile legacy --region us-east-1 --output text
List NAT Gateways
aws ec2 describe-nat-gateways --query 'NatGateways[].Tags[?Key==`Name`].Value' --profile legacy --region us-east-1 --output text
Authenticate to ECR
aws ecr get-login-password --region us-east-1 --profile legacy | docker login --username AWS --password-stdin 123456789123.dkr.ecr.us-east-1.amazonaws.com
Find VPC by Tag
aws ec2 describe-vpcs --filter "Name=tag:Name,Values=main" --query 'Vpcs[].VpcId' --output text
Does S3 Bucket Exist
aws s3api list-buckets --query 'Buckets[?Name==bucket_name
].Name' --profile profile --output text
Find Certificate ARN for Specific Domain
aws acm list-certificates --profile saml --query 'CertificateSummaryList[?DomainName==`'$var'`]' | jq '.[0].CertificateArn'
Show instance ID and volume that are unencrypted
aws ec2 describe-volumes --filters Name=encrypted,Values=false --profile profile --region us-east-1 --query 'Volumes[*].[Attachments[*].InstanceId| join(`, `, @), VolumeId | join(`, `, to_array(to_string(@))) ]' --output table
Recent Comments