Skip to content

Instantly share code, notes, and snippets.

@devasat
Last active June 9, 2024 04:18
Show Gist options
  • Save devasat/b47a6c289d76b417c76c107181ebbad5 to your computer and use it in GitHub Desktop.
Save devasat/b47a6c289d76b417c76c107181ebbad5 to your computer and use it in GitHub Desktop.
AWS CLI Examples
# ********** EC2 ***********
# describe ec2 instances
aws ec2 describe-instances \
--query 'Reservations[*].Instances[*].[InstanceId,Tags[?Key==`Name`].Value|[0],State.Name,
PrivateIpAddress,PublicIpAddress]' \
--output table
# stopped instances
aws ec2 describe-instances --filter Name=instance-state-name,Values=stopped \
--query 'Reservations[].Instances[].{ID:InstanceId, Name:Tags[?Key==`Name`].Value|[0]}' \
--output table
# matching pattern
PATTERN=__REPLACE_ME__
aws ec2 describe-instances --filter "Name=tag:Name,Values=$PATTERN" \
--query 'Reservations[].Instances[].Tags[?Key==`Name`].Value'
# ********** Security Group ***********
# find security group id from group name
GROUP_NAME=__REPLACE_ME__
VPC_ID=__REPLACE_ME__
aws ec2 describe-security-groups \
--filters Name=group-name,Values=$GROUP_NAME \
Name=vpc-id,Values=$VPC_ID \
--query 'SecurityGroups[*].GroupId' \
--output text
# ********** RDS ***********
# describe rds instances
aws rds describe-db-instances \
--query 'DBInstances[*].{ID:DBInstanceIdentifier,Name:DBName,EngineName:Engine,Version:EngineVersion,
Public:PubliclyAccessible,Type:DBInstanceClass,OptionGroup:OptionGroupMemberships[*].OptionGroupName|[0],
VpcId:DBSubnetGroup.VpcId}' \
--output table
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# modify RDS instances matching pattern DB_SEARCH_TERM
# changes: option group, publicly accessible, master password and update vpc security group
OPTION_GROUP_NAME=__REPLACE_ME__
MASTER_PASSWORD=__REPLACE_ME__
SECURITY_GROUP_PREFIX=__REPLACE_ME__
DB_SEARCH_TERM=__REPLACE_ME__
DATABASE_INSTANCE_LIST=$(aws rds describe-db-instances \
--query 'DBInstances[*].{ID:DBInstanceIdentifier}' \
--output text | grep $DB_SEARCH_TERM | tr '\n' ' ')
for db in ${DATABASE_INSTANCE_LIST}; do
vpc_id=$(aws rds describe-db-instances \
--db-instance-identifier $db \
--query 'DBInstances[*].DBSubnetGroup.VpcId' \
--output text)
existing_vpc_security_group_ids=$(aws rds describe-db-instances \
--db-instance-identifier $db \
--query 'DBInstances[*].VpcSecurityGroups[*].VpcSecurityGroupId' \
--output text)
new_security_group_id=$(aws ec2 describe-security-groups \
--filters Name=group-name,Values=${SECURITY_GROUP_PREFIX}${vpc_id} Name=vpc-id,Values=${vpc_id} \
--query 'SecurityGroups[*].GroupId' \
--output text)
# option group, public, master pwd, apply immediately
aws rds modify-db-instance \
--db-instance-identifier $db \
--apply-immediately \
--option-group-name $OPTION_GROUP_NAME \
--publicly-accessible \
--master-user-password $MASTER_PASSWORD \
--vpc-security-group-ids $existing_vpc_security_group_ids $new_security_group_id
done 2>&1 | tee modify-db.log.2
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# ********** S3 ***********
# Copy files from S3 matching pattern
BUCKET_NAME=__REPLACE_ME__
FOLDER_NAME=__REPLACE_ME__
PATTERN="__REPLACE_ME*__"
aws s3 cp s3://${BUCKET_NAME}/${FOLDER_NAME}/ . --recursive --exclude "*" --include "${PATTERN}"
# list objects matching pattern
BUCKET_NAME=__REPLACE_ME__
PATTERN=__REPLACE_ME__
aws s3api list-objects --bucket ${BUCKET_NAME} --prefix "${PATTERN}" --query 'Contents[*].{fn:Key,lm:LastModified}' --output table
# ********** Load Balancer ***********
# Policies attachced to listeners
aws elb describe-load-balancers --query LoadBalancerDescriptions[*].[LoadBalancerName,ListenerDescriptions] | grep -i policy
# Policies attachced to backend
aws elb describe-load-balancers --query LoadBalancerDescriptions[*].[LoadBalancerName,BackendServerDescriptions] | grep -i policy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment