AWS CLI

, , Comments Off on AWS CLI

Find Old Snapshots

aws ec2 describe-snapshots --region us-east-1 --profile 272 --query 'Snapshots[?StartTime<=`2019-03-01`]'

Find Network Interfaces

aws ec2 describe-instances --filters "Name=vpc-id,Values=vpc-5ef0b731" --query 'Reservations[*].Instances[*].NetworkInterfaces[*].NetworkInterfaceId'  --output text

List Name of EC2 Instance and Related Network Interface

aws ec2 describe-instances --region us-east-1  --query 'Reservations[*].Instances[].[Tags[?Key==`Name`].Value,  NetworkInterfaces[*].NetworkInterfaceId]' --output text 

List Name of EC2 Instances

aws ec2 describe-instances --region us-east-1 --profile 133 --query 'Reservations[*].Instances[].Tags[?Key==`Name`].Value' --output text 

Show Name of Running Instances

aws ec2 describe-instances --profile 133 --region us-east-1 --filters "Name=instance-state-code, Values=16" --query 'Reservations[].Instances[].NetworkInterfaces[].PrivateIpAddresses[].PrivateIpAddress' --output text

Show EC2 Instance Name and IP Address

aws ec2 describe-instances  --query 'Reservations[*].Instances[].[ Tags[?Key==`Name`].Value  |  join(`, `, @), NetworkInterfaces[].PrivateIpAddress[] |  join(`, `, to_array(to_string(@))) ]' --profile famc-legacy --region us-east-1 --output table

Show EC2 Instance Name and Instance ID

aws ec2 describe-instances  --query 'Reservations[*].Instances[].[ Tags[?Key==`Name`].Value  |  join(`, `, @), InstanceId |  join(`, `, to_array(to_string(@))) ]' --profile famc-legacy --region us-east-1 --output table

Encrypt Bucket with AES256

aws s3api put-bucket-encryption --bucket famc-gold-image --server-side-encryption-configuration  '{"Rules": [{"ApplyServerSideEncryptionByDefault": {"SSEAlgorithm": "AES256"}}]}' --profile famc-legacy

Find Name of EC2 Instances Associated with Network Interface

aws ec2 describe-instances --output text --query 'Reservations[*].Instances[].Tags[?Key==`Name`].Value' --filters "Name=instance-state-name,Values=running,Name=network-interface.network-interface-id , Values=eni-8c20e1a0" --profile famc-legacy --region us-east-1

List Snapshots 

aws ec2 describe-snapshots --query Snapshots[].SnapshotId  --filters Name=owner-id,Values=858737304353 --profile famc-legacy --region us-east-1 

Delete Available Volumes

for each in `aws  ec2 describe-volumes --filter "Name=status, Values=available" --profile famc-prod --region us-east-1 --query Volumes[].VolumeId --output text`; do echo $each; aws ec2 delete-volume --volume-id $each  --profile famc-prod --region us-east-1; done

Allocate Elastic IP

ip2=`aws ec2 allocate-address --profile famc-legacy --region us-east-1 | jq .PublicIp | sed 's/\"//g' `

ACL – Add Read Permissions to Object

aws s3 cp Image\ from\ iOS.jpg s3://thinkicide/public/ --acl public-read --profile default --region us-east-1

ACL – Add Read Permissions for Any AWS User

Cannot be done through the console!
aws s3 cp Image\ from\ iOS.jpg s3://thinkicide/public/ --acl authenticated-read --profile default --region us-east-1
upload: ./Image from iOS.jpg to s3://thinkicide/public/Image from iOS.jpg

List Names of EC2 Instance

aws ec2 describe-instances  --profile famc-legacy --region us-east-1 | jq '.Reservations[].Instances[].Tags[]|select(.Key=="Name").Value'

List Unencrypted Volumes

aws ec2 describe-volumes --profile famc-legacy --region us-east-1 --filters "Name=encrypted,Values=false" --query 'Volumes[].Tags[?Key==Name].Value[] | []'

AmazonSSMRoleForInstancesQuickSetup

aws ec2 describe-instances --profile famc-prod --region us-east-1 --filters Name=iam-instance-profile.arn,Values=arn:aws:iam::926668386439:instance-profile/AmazonSSMRoleForInstancesQuickSetup --query Reservations[].Instances[].InstanceId

Add IAM Policy

aws iam create-policy --policy-name DenyFromNonFAMCNetwork --policy-document file://policy --profile famc-qa

All EC2 Instances in a Subnet

aws ec2 describe-instances  --filters Name=subnet-id,Values=subnet-f0fcbb9f --profile famc-legacy --region us-east-1 --query 'Reservations[].Instances[].Tags[?Key==`Name`].Value[] | []'

Create and EKS Cluster

aws eks create-cluster --name test --role-arn arn:aws:iam::442327582670:role/eksClusterRole --resources-vpc-config subnetIds=subnet-0d0d281ff87371cfa,subnet-0f45ccf5e7ef61ed5 --region us-east-1 --profile whatsbrewingnashville

Restore Instance from AMI

aws ec2 run-instances --image-id ami-0270754c4d6d906fb  --count 1 --instance-type t2.large --key-name orc-be  --security-group-ids sg-0b7204c40f9316d93 --subnet-id subnet-7bec4151 --private-ip-address 172.24.98.145 --profile qa --region us-east-1

List QuardDuty Members

aws guardduty list-members --detector-id xxxx --profile legacy --region us-east-1 --output table

Create AMI from EC2 Instance

aws ec2 create-image --instance-id i-1578acbd --name "orc-be ami" --description "orc-be prior to update" --profile legacy --region us-east-1

Create an EBS Volume

ec2 create-volume --availability-zone=us-east-1a --size=10 --volume-type=gp2 --profile whatsbrewingnashville --region us-east-1

Create a VPC

ekendall$ aws ec2 create-vpc --cidr-block 10.0.0.0/16 --region us-east-1 --profile famc-legacy

Create a Subnet

ekendall$ aws ec2 create-subnet --vpc-id vpc-05082fb9b9fde73be --cidr-block 10.0.1.0/24 --availability-zone us-east-1a --region us-east-1 --profile famc-legacy