· 6 years ago · Oct 23, 2019, 11:04 PM
1AWS Reference **WIP
2
3# Volumes
4
5### Describing volumes
6
7```
8aws ec2 describe-volumes
9```
10
11Describing filtered volumes:
12
13```
14aws ec2 describe-volumes --filters Name=status,Values=creating | available | in-use | deleting | deleted | error
15```
16
17
18e.g, describing all deleted volumes:
19
20```
21aws ec2 describe-volumes --filters Name=status,Values=deleted
22```
23
24Filters can be applied to the attachment status:
25
26```
27aws ec2 describe-volumes --filters Name=attachment.status,Values=attaching | attached | detaching | detached
28```
29
30e.g: describing all volumes with the status "attaching":
31
32
33```
34aws ec2 describe-volumes --filters Name=attachment.status,Values=attaching
35```
36
37
38This is the generic form. Use --profile ```<your_profile_name> ```, if you have multiple AWS profiles or accounts.
39
40
41```
42aws ec2 describe-volumes --filters Name:'tag:Name',Values: ['some_values'] --profile <your_profile_name>
43```
44
45### Describing volumes using a different aws user profile
46
47```
48aws ec2 describe-volumes --filters Name=status,Values=in-use --profile <your_profile_name>
49```
50
51### Listing Available Volumes IDs
52
53
54```
55aws ec2 describe-volumes --filters Name=status,Values=available |grep VolumeId|awk '{print $2}' | tr '\n|,|"' ' '
56```
57
58With "profile":
59
60```
61aws ec2 describe-volumes --filters Name=status,Values=available --profile <your_profile_name>|grep VolumeId|awk '{print $2}' | tr '\n|,|"' ' '
62```
63
64
65### Deleting a Volume
66
67```
68aws ec2 delete-volume --region <region> --volume-id <volume_id>
69```
70
71
72### Deleting Unused Volumes.. Think Before You Type :-)
73
74
75```
76for x in $(aws ec2 describe-volumes --filters Name=status,Values=available --profile <your_profile_name>|grep VolumeId|awk '{print $2}' | tr ',|"' ' '); do aws ec2 delete-volume --region <region> --volume-id $x; done
77```
78
79With "profile":
80
81```
82for x in $(aws ec2 describe-volumes --filters Name=status,Values=available --profile <your_profile_name>|grep VolumeId|awk '{print $2}' | tr ',|"' ' '); do aws ec2 delete-volume --region <region> --volume-id $x --profile <your_profile_name>; done
83```
84
85
86### Creating a Snapshot
87
88```
89aws ec2 create-snapshot --volume-id <vol-id>
90```
91
92```
93aws ec2 create-snapshot --volume-id <vol-id> --description "snapshot-$(date +'%Y-%m-%d_%H-%M-%S')"
94```
95
96### Creating an Image (AMI)
97
98```
99aws ec2 create-image --instance-id <instance_id> --name "image-$(date +'%Y-%m-%d_%H-%M-%S')" --description "image-$(date +'%Y-%m-%d_%H-%M-%S')"
100```
101
102
103### Creating AMI Without Rebooting the Machine
104
105```
106aws ec2 create-image --instance-id <instance_id> --name "image-$(date +'%Y-%m-%d_%H-%M-%S')" --description "image-$(date +'%Y-%m-%d_%H-%M-%S')" --no-reboot
107```
108
109You are free to change the AMI name ``` image-$(date +'%Y-%m-%d_%H-%M-%S') ``` to a name of your choice.
110
111
112# AMIs
113
114### Listing AMI(s)
115
116```
117aws ec2 describe-images
118```
119
120### Describing AMI(s)
121
122```
123aws ec2 describe-images --image-ids <image_id> --profile <profile> --region <region>
124```
125
126e.g:
127
128```
129aws ec2 describe-images --image-ids ami-e24dfa9f --profile terraform --region eu-west-3
130```
131
132### Listing Amazon AMIs
133
134```
135aws ec2 describe-images --owners amazon
136```
137
138### Using Filters
139
140e.g: Describing Windows AMIs that are backed by Amazon EBS.
141
142```
143aws ec2 describe-images --filters "Name=platform,Values=windows" "Name=root-device-type,Values=ebs"
144```
145
146e.g: Describing Ubuntu AMIs
147
148```
149aws ec2 describe-images --filters "Name=name,Values=ubuntu*"
150```
151
152# Lambda
153
154### Using AWS Lambda with Scheduled Events
155
156```
157sid=Sid$(date +%Y%m%d%H%M%S); aws lambda add-permission --statement-id $sid --action 'lambda:InvokeFunction' --principal events.amazonaws.com --source-arn arn:aws:events:<region>:<arn>:rule/AWSLambdaBasicExecutionRole --function-name function:<awsents> --region <region>
158```
159
160
161# IAM
162
163### List Users
164
165```
166aws iam list-users
167```
168
169
170### List Policies
171
172```
173aws iam list-policies
174```
175
176### List Groups
177
178```
179aws iam list-groups
180```
181
182### Get Users in a Group
183
184```
185aws iam get-group --group-name <group_name>
186```
187
188
189### Describing a Policy
190
191```
192aws iam get-policy --policy-arn arn:aws:iam::aws:policy/<policy_name>
193```
194
195
196### List Access Keys
197
198```
199aws iam list-access-keys
200```
201
202
203### List Keys
204
205```
206aws iam list-access-keys
207```
208
209
210### List the Access Key IDs for an IAM User
211
212```
213aws iam list-access-keys --user-name <user_name>
214```
215
216
217### List the SSH Public Keys for a User
218
219```
220aws iam list-ssh-public-keys --user-name <user_name>
221```
222
223
224# S3 API
225
226### Listing Buckets
227
228```
229aws s3api list-buckets
230```
231
232Or
233
234```
235aws s3 ls
236```
237
238
239e.g
240
241```
242aws s3 ls --profile eon01
243```
244
245### Listing Only Bucket Names
246
247```
248aws s3api list-buckets --query 'Buckets[].Name'
249```
250
251
252### Getting a Bucket Region
253
254```
255aws s3api get-bucket-location --bucket <bucket_name>
256```
257
258e.g
259
260```
261aws s3api get-bucket-location --bucket practicalaws.com
262```
263
264
265### Listing the Content of a Bucket
266
267```
268aws s3 ls s3://<bucket_name> --region <region>
269```
270
271e.g
272
273```
274aws s3 ls s3://practicalaws.com
275
276aws s3 ls s3://practicalaws.com --region eu-west-1
277
278aws s3 ls s3://practicalaws.com --region eu-west-1 --profile eon01
279```
280
281### Syncing a Local Folder with a Bucket
282
283```
284aws s3 sync <local_path> s3://<bucket_name>
285```
286
287e.g
288
289```
290aws s3 sync . s3://practicalaws.com --region eu-west-1
291```
292
293### Copying Files
294
295```
296aws s3 cp <file_name> s3://<bucket_name>
297```
298
299Or:
300
301```
302aws s3 cp <file_name> s3://<bucket_name>/<folder_name>/
303```
304
305To copy all files from a filder, look at "Copying Folders". Or use the following example, where I copy the content of the folder "images (contains images) in the remote folder "images".
306
307```
308cd images
309aws s3 cp . s3://saltstackfordevops.com/images --recursive --region us-east-2
310```
311
312### Copying Folders
313
314```
315aws s3 cp <folder_name>/ s3://<bucket_name>/ --recursive
316```
317
318To exclude files:
319
320```
321aws s3 cp <folder_name>/ s3://<bucket_name>/ --recursive --exclude "<file_name_or_a_wildcard>"
322```
323
324e.g: To only include a certain type of files (PNG) and exclude others (JPG)
325
326```
327aws s3 cp practicalaws.com/ s3://practicalaws-backup/ --recursive --exclude "*.jpg" --include "*.png"
328```
329
330e.g: To exclude a folder
331
332```
333aws s3 cp practicalaws.com/ s3://practicalaws-backup/ --recursive --exclude ".git/*"
334```
335
336### Removing a File from a Bucket
337
338```
339aws s3 rm s3://<bucket_name>/<object_name>
340```
341
342e.g
343
344```
345aws s3 rm s3://practicalaws.com/temp.txt
346```
347
348### Deleting a Bucket
349
350```
351aws s3 rb s3://<bucket_name> --force
352```
353
354If the bucket is not empty, use --force.
355
356e.g
357
358```
359aws s3 rb s3://practicalaws.com --force
360```
361
362### Emptying a Bucket
363
364```
365aws s3 rm s3://<bucket_name>/<key_name> --recursive
366```
367
368e.g
369
370In order to remove tempfiles/file1.txt and tempfiles/file2.txt from practicalaws.com bucket, use:
371
372```
373aws s3 rm s3://practicalaws.com/tempfiles --recursive
374```
375
376Remove all objects using:
377
378```
379aws s3 rm s3://practicalaws.com/tempfiles
380```
381
382# VPC
383
384### Creating A VPC
385
386```
387aws ec2 create-vpc --cidr-block <cidr_block> --regiosn <region>
388```
389
390e.g
391
392```
393aws ec2 create-vpc --cidr-block 10.0.0.0/16 --region eu-west-1
394```
395
396### Allowing DNS hostnames
397
398```
399aws ec2 modify-vpc-attribute --vpc-id <vpc_id> --enable-dns-hostnames "{\"Value\":true}" --region <region>
400```
401
402# Subnets
403
404### Creating A Subnet
405
406```
407aws ec2 create-subnet --vpc-id <vpc_id> --cidr-block <cidr_block> --availability-zone <availability_zone> --region <region>
408```
409
410### Auto Assigning Public IPs To Instances In A Public Subnet
411
412```
413aws ec2 modify-subnet-attribute --subnet-id <subnet_id> --map-public-ip-on-launch --region <region>
414```
415
416# Internet Gateway
417
418### Creating An IGW
419
420```
421aws ec2 create-internet-gateway --region <region>
422```
423
424### Attaching An IGW to A VPC
425
426```
427aws ec2 attach-internet-gateway --internet-gateway-id <igw_id> --vpc-id <vpc_id> --region <region>
428```
429
430# NAT
431
432### Setting Up A NAT Gateway
433
434Allocate Elastic IP
435
436```
437aws ec2 allocate-address --domain vpc --region <region>
438```
439
440then use the AllocationId to create the NAT Gateway for the public zone in <region>
441
442```
443aws ec2 create-nat-gateway --subnet-id <subnet_id> --allocation-id <allocation_id> --region <region>
444```
445
446# Route Tables
447
448### Creating A Public Route Table
449
450Create the Route Table:
451
452```
453aws ec2 create-route-table --vpc-id <vpc_id> --region <region>
454```
455
456then create a route for an Internet Gateway.
457
458Now, use the outputted Route Table ID:
459
460```
461aws ec2 create-route --route-table-id <route_table_id> --destination-cidr-block 0.0.0.0/0 --gateway-id <igw_id> --region <region>
462```
463
464Finally, associate the public subnet with the Route Table
465
466```
467aws ec2 associate-route-table --route-table-id <route_table_id> --subnet-id <subnet_id> --region <region>
468```
469
470### Creating A Private Route Tables
471
472Create the Route Table
473
474```
475aws ec2 create-route-table --vpc-id <vpc_id> --region <region>
476```
477
478then create a route that points to a NAT Gateway
479
480```
481aws ec2 create-route --route-table-id <route_table_id> --destination-cidr-block 0.0.0.0/0 --nat-gateway-id <net_gateway_id> --region <region>
482```
483
484Finally, associate the subnet
485
486```
487aws ec2 associate-route-table --route-table-id <route_table_id> --subnet-id <subnet_id> --region <region>
488```
489
490# CloudFront
491
492### Listing Distributions
493
494In some cases, you need to setup this first:
495
496```
497aws configure set preview.cloudfront true
498```
499
500Then:
501
502```
503aws cloudfront list-distributions
504```
505
506### Invalidating Files From a Distribution
507
508To invalidate index and error HTML files from the distribution with the ID Z3W7LX2VBMOPYX:
509
510```
511aws cloudfront create-invalidation --distribution-id Z3W7LX2VBMOPYX --paths /index.html /error.html
512```
513
514To invalidate everything in the distribution:
515
516```
517aws cloudfront create-invalidation --distribution-id Z3W7LX2VBMOPYX --paths '/*'
518```