Skip to content

Instantly share code, notes, and snippets.

@so0k

so0k/README.md

Last active November 10, 2020 12:42
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save so0k/0e68ccb711ea668cce7ab2ed54f72549 to your computer and use it in GitHub Desktop.
Save so0k/0e68ccb711ea668cce7ab2ed54f72549 to your computer and use it in GitHub Desktop.
Download ZIP
AWS CLI ElasticBeanstalk ec2 Queries
Raw
README.md

AWS CLI snippets

The AWS Command Line Interface is a very powerfull ally to anyone managing AWS Infrastructure.

While automating infrastructure with Terraform, some configuration can be quickly retrieved using AWS CLI.

Alternatively, some information is hard to piece together from the AWS console, in which case terminal scripts can provide fast and simple windows into your cloud.

AWS Documentation gives a good starting point and makes a short reference to the very powerfull JMESPath query language.

On top of the excellent examples provided, below are some of the snippets we tend to fall back on a lot.

Most of the below snippets were first constructed using the slightly more verbose, but more versatile Jq and later optimized to use JMESPath (which often provided faster responses)

Get AWS Account information

This one is mainly used for automation of Terraform configuration

aws iam get-user --output text --query='User.Arn' | grep -Eo '[[:digit:]]{12}'

Get ELB by EB Env Name

AWS ElasticBeanstalk uses CloudFormation to provision and tag all resources as well as provides a handy dashboard to manage the overall configuration.

However, some resources are hard to link back to their EB Environment, which the below snippet aims to address.

aws elb describe-load-balancers --query 'LoadBalancerDescriptions[].LoadBalancerName' --output text | xargs -n20 aws elb describe-tags --load-balancer-names --query "TagDescriptions[].[(Tags[?Key=='elasticbeanstalk:environment-name'].Value)[0],LoadBalancerName]" --output text | grep -v None

Notes:

  • The elb describe-tags did not provide a --filter option
  • xargs is used to pass a list of all ELB names (a required parameter to the elb describe-tags command). A maximum of 20 names can be passed on to this command, which is controlled using the xargs -n option.
  • The first Tag which has a Key of environment name is returned

Watch ELB Instances health

The below snippet shows each instance registered with a named ELB and if HealthChecks for these instances are passing. Wrapping this in a watch command will give us a report which is refreshed every second.

export lbname=awseb-e-2-AWSEBL..
watch -n 1 "aws elb describe-instance-health --load-balancer-name $lbname --query 'InstanceStates[].[InstanceId,State]' --output text"

Watch all Instances Tagged for certain EB environment

The elb commands to monitor registered instance health do not provide Ip information, when an instance is failing we may want to trouble shoot the instance by accessing it directly. The below watch should allow us to cross reference the InstanceId from the report above.

export env=honestbee
watch -n2 "aws ec2 describe-instances --filters 'Name=\"tag:elasticbeanstalk:environment-name\",Values=\"$env\"' --query 'Reservations[].Instances[].[InstanceId,InstanceType,State.Name,PublicIpAddress]' --output text | sort -k3"

Report all ELB with their instance count

A more generic report of all load balancers and the instances registered with them (using JMESPath to construct new json structures)

aws elb describe-load-balancers --query "LoadBalancerDescriptions[*].{ID:LoadBalancerName,InstanceId:Instances[*].InstanceId}[*]. {ELB:ID,InstanceId:InstanceId[*]}" --output=json

Filter ELB by InstanceCount

Building on the report above, adding a filter on the number of registered instances to identify ELBs that do not have any Instances registered with them.

This first version uses jq

aws elb describe-load-balancers | jq '.LoadBalancerDescriptions[] | select((.Instances | length) == 0) | .LoadBalancerName'

Show tags for ELBs without instances (without using jq)

aws elb describe-load-balancers --query "LoadBalancerDescriptions[*].{ID:LoadBalancerName,InstanceId:Instances[*].InstanceId,InstanceCount:length(Instances[*])}[?InstanceCount==\`0\`]. [ID]" --output=text | 
while read line
do 
 aws elb describe-tags --load-balancer-name $line --query "TagDescriptions[*].{ID:LoadBalancerName,Tags:Tags[*]}"
done

In this case, instead of using xargs a loop is used to get instance tags.

Get Default VPC Info

Populate 2 Environment variables from a single query

read DEFAULT_VPC_CIDR DEFAULT_VPC_ID <<<$(aws ec2 describe-vpcs --query 'Vpcs[?IsDefault].[CidrBlock,VpcId]' --output text)

Or construct a json object using JMESPath and Jq:

aws ec2 describe-vpcs --query 'Vpcs[?IsDefault].{id:VpcId,cidr:CidrBlock}[0]' | jq '. | {"default-vpc": . }'

which returns:

{
  "default-vpc": {
    "cidr": "172.18.0.0/16",
    "id": "vpc-3d..."
  }
}

Get AWS Region information

Finally, showing more JMESPath functionality to get a comma separated list of Availability zones for a region:

export AWS_REGION=ap-southeast-1
aws ec2 describe-availability-zones --region ${AWS_REGION} --query "AvailabilityZones[*].ZoneName | join(',', @)" --output text
@so0k
Copy link
Author

so0k commented Mar 22, 2017

Describe Auto Scaling Actions for an EB Env:

env=honestbee
asg=$(aws autoscaling describe-auto-scaling-groups --query "AutoScalingGroups[].{ID:AutoScalingGroupName,awseb:Tags[?Key=='elasticbeanstalk:environment-name'].Value | [0]} | [?awseb=='$env'].ID | [0]" --output text)

# get 5 scaling events, Activities still in progress are described first.
aws autoscaling describe-scaling-activities --auto-scaling-group-name $asg --max-items 5 | jq -r '[.Activities[] | {"Description":.Description,"Cause":.Cause,"Status":.StatusCode}]'

@so0k
Copy link
Author

so0k commented Mar 31, 2017
edited

https://aws.amazon.com/blogs/aws/new-aws-resource-tagging-api/

Added programmatic access to the same resource group operations that had been accessible only from the AWS Management Console. Finally able to get ASG/ELB based on resource Tag directly?

this (get every load balancer name and for each get all the tags:

aws elb describe-load-balancers --query 'LoadBalancerDescriptions[].LoadBalancerName' --output text | xargs -n20 aws elb describe-tags --load-balancer-names

becomes (get resources with a certain tag)

aws resourcegroupstaggingapi get-resources --resource-type-filters "elasticloadbalancing" --tag-filters Key="elasticbeanstalk:environment-name",Values="honestbee" --tags-per-page 100 --query "ResourceTagMappingList[].ResourceARN" --output text

table for resource type names

@so0k
Copy link
Author

so0k commented Jun 15, 2017
edited

ssh-i.sh:

ip=$(aws ec2 describe-instances --instance-ids $1  --query "Reservations[].Instances[].NetworkInterfaces[].Association.PublicIp" --output text)

ssh ec2-user@$ip

./ssh-i.sh i-04a3d...

@tuannvm
Copy link

tuannvm commented Jul 8, 2017

show certificate list:

aws iam list-server-certificates --output text

@cdechery
Copy link

Get Instance IDs for a given ElasticBeanstalk environment.

#!/bin/sh
envinfo=aws elasticbeanstalk describe-environment-resources --environment-name ENVNAME | jq '.EnvironmentResources| .Instances[]' | grep "Id"
while read -r line; do
instanceid=echo $line | awk -F ':' '{print $2}' | tr -d '"'
echo $instanceid
done <<< "$envinfo"

@so0k
Copy link
Author

so0k commented Dec 26, 2017
edited

@cdechery - just use

aws elasticbeanstalk describe-environment-resources --environment-name ENVNAME | \
 jq -r '.EnvironmentResources.Instances[].Id'

this one-liner does the same as your script...

but your script only returns id, no other details about the instances, which is what the original post was focused on (Getting this info from the EC2 service using the EB tags, but then also getting all the details EC2 knows)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment