AWS CLI JMESPath cheatsheet.

README.md

AWS CLI JMESPath cheatsheet

Random recipes of JMESPath for the AWS CLI tools that I might have written or stumbled upon.

• Examples
  • Return listing of all available AWS regions
  • Test if specific Lambda function exists?
  • List all Route 53 record names and their type for a zone
  • List all CloudWatch log groups
  • List all CloudWatch log groups with event expiry
  • Status of CloudFormation stack
  • EC2 system and instance reachability status as string pair
  • EC2 terminate instance ID and current state
  • EC2 instance get autoscale group name by tag
  • EC2 instance get autoscale group name by auto scaling API
  • List EC2 marketplace AMI ID's for a given product ID
  • Verify ARN identity of current API credentials
• Reference

Examples

Return listing of all available AWS regions

With one per each line.

aws ec2 describe-regions \
	--output text
	--query "Regions[].[RegionName]"

# ap-south-1
# eu-west-2
# eu-west-1
# ap-northeast-2
# ap-northeast-1
# etc.

Test if specific Lambda function exists?

aws lambda list-functions \
	--output text \
	--query "Functions[?FunctionName=='MY_FUNCTION_NAME'].CodeSha256"

List all Route 53 record names and their type for a zone

aws route53 list-resource-record-sets \
	--hosted-zone-id HOSTED_ZONE_ID \
	--output text \
	--query "ResourceRecordSets[].[join(': ',[Name,Type])]"

List all CloudWatch log groups

aws logs describe-log-groups \
	--output text \
	--query "logGroups[].[logGroupName]"

List all CloudWatch log groups with event expiry

aws logs describe-log-groups \
	--output text \
	--query "logGroups[].[join(': ',[logGroupName,to_string(retentionInDays || 'Never Expire')])]"

Status of CloudFormation stack

aws cloudformation describe-stacks \
	--stack-name STACK_NAME \
	--output text \
	--query "Stacks[0].StackStatus"

EC2 system and instance reachability status as string pair

aws ec2 describe-instance-status \
	--instance-ids INSTANCE_ID \
	--output text \
	--query "join(':',InstanceStatuses[0].[InstanceStatus,SystemStatus][].Details[0].Status)"

Returns a value in the form of passed:passed.

EC2 terminate instance ID and current state

aws ec2 terminate-instances \
	--instance-ids INSTANCE_ID \
	--output text \
	--query "TerminatingInstances[0].join(':',[InstanceId,CurrentState.Name])"

EC2 instance get autoscale group name by tag

aws ec2 describe-tags \
	--filters "Name=resource-id,Values=INSTANCE_ID" \
	--output text \
	--query "Tags[?Key=='aws:autoscaling:groupName'].Value"

EC2 instance get autoscale group name by auto scaling API

aws autoscaling describe-auto-scaling-instances \
	--instance-ids INSTANCE_ID \
	--output text \
	--query "AutoScalingInstances[*].AutoScalingGroupName"

List EC2 marketplace AMI ID's for a given product ID

aws ec2 describe-images \
	--filters "Name=name,Values=*-PRODUCT_ID-*" \
	--output text \
	--query "reverse(sort_by(Images,&CreationDate))[].[join(':',[ImageId,CreationDate,Description])]"

Verify ARN identity of current API credentials

Will return true if identity prefix matches that of expected, otherwise false. Useful to ensure a script is run against the correct identity and/or AWS account.

aws sts get-caller-identity \
	--query "starts_with(Arn,'arn:aws:ARN_IDENTITY_PREFIX/')"

Reference

• http://jmespath.org/
• http://jmespath.org/tutorial.html
• https://docs.aws.amazon.com/cli/latest/userguide/controlling-output.html#controlling-output-filter