• Stars
    star
    197
  • Rank 197,722 (Top 4 %)
  • Language
  • License
    GNU Affero Genera...
  • Created over 7 years ago
  • Updated 11 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

☁️ The AWS Cheat Sheet ☁️

AWS CLI Cheat Sheet


Table of Contents

Volumes

Describing volumes

aws ec2 describe-volumes

Describing filtered volumes:

aws ec2 describe-volumes --filters  Name=status,Values=creating | available | in-use | deleting | deleted | error

e.g, describing all deleted volumes:

aws ec2 describe-volumes --filters  Name=status,Values=deleted

Filters can be applied to the attachment status:

aws ec2 describe-volumes --filters  Name=attachment.status,Values=attaching | attached | detaching | detached

e.g: describing all volumes with the status "attaching":

aws ec2 describe-volumes --filters  Name=attachment.status,Values=attaching

This is the generic form. Use --profile <your_profile_name> , if you have multiple AWS profiles or accounts.

aws ec2 describe-volumes --filters Name:'tag:Name',Values: ['some_values'] --profile <your_profile_name>

Describing volumes using a different aws user profile

aws ec2 describe-volumes --filters  Name=status,Values=in-use  --profile <your_profile_name>

Listing Available Volumes IDs

aws ec2 describe-volumes --filters  Name=status,Values=available |grep VolumeId|awk '{print $2}' | tr '\n|,|"' ' '

With "profile":

aws ec2 describe-volumes --filters  Name=status,Values=available  --profile <your_profile_name>|grep VolumeId|awk '{print $2}' | tr '\n|,|"' ' '

Deleting a Volume

aws ec2 delete-volume --region <region> --volume-id <volume_id>

Deleting Unused Volumes.. Think Before You Type :-)

for x in $(aws ec2 describe-volumes --filters  Name=status,Values=available  --profile <your_profile_name>|grep VolumeId|awk '{print $2}' | tr ',|"' ' '); do aws ec2 delete-volume --region <region> --volume-id $x; done

With "profile":

for x in $(aws ec2 describe-volumes --filters  Name=status,Values=available  --profile <your_profile_name>|grep VolumeId|awk '{print $2}' | tr ',|"' ' '); do aws ec2 delete-volume --region <region> --volume-id $x --profile <your_profile_name>; done

Creating a Snapshot

aws ec2 create-snapshot --volume-id <vol-id>
aws ec2 create-snapshot --volume-id <vol-id> --description "snapshot-$(date +'%Y-%m-%d_%H-%M-%S')"

Creating an Image (AMI)

aws ec2 create-image --instance-id <instance_id> --name "image-$(date +'%Y-%m-%d_%H-%M-%S')" --description "image-$(date +'%Y-%m-%d_%H-%M-%S')"

Creating AMI Without Rebooting the Machine

aws ec2 create-image --instance-id <instance_id> --name "image-$(date +'%Y-%m-%d_%H-%M-%S')" --description "image-$(date +'%Y-%m-%d_%H-%M-%S')" --no-reboot

You are free to change the AMI name image-$(date +'%Y-%m-%d_%H-%M-%S') to a name of your choice.

AMIs

Listing AMI(s)

aws ec2 describe-images

Describing AMI(s)

aws ec2 describe-images --image-ids <image_id> --profile <profile> --region <region>

e.g:

aws ec2 describe-images --image-ids ami-e24dfa9f --profile terraform --region eu-west-3

Listing Amazon AMIs

aws ec2 describe-images --owners amazon 

Using Filters

e.g: Describing Windows AMIs that are backed by Amazon EBS.

aws ec2 describe-images --filters "Name=platform,Values=windows" "Name=root-device-type,Values=ebs"

e.g: Describing Ubuntu AMIs

aws ec2 describe-images --filters "Name=name,Values=ubuntu*"

Lambda

List Functions

aws lambda list-functions

Describe a Function

aws lambda get-function --function-name  my-function

Invoke a Function

aws lambda invoke --function-name my-function --payload '{ "name": "Bob" }' response.json

Update a Function Code

aws lambda update-function-code --function-name  my-function --zip-file fileb://my-function.zip

Publish a Version

aws lambda publish-version --function-name my-function

List Layers

Let's take this example in which we want to list information of layers that are compatible with Python 3.7 runtime.

aws lambda list-layers --compatible-runtime python3.7

Possible layers runtime:

nodejs
nodejs4.3
nodejs6.10
nodejs8.10
nodejs10.x
nodejs12.x
java8
java8.al2
java11
python2.7
python3.6
python3.7
python3.8
dotnetcore1.0
dotnetcore2.0
dotnetcore2.1
dotnetcore3.1
nodejs4.3-edge
go1.x
ruby2.5
ruby2.7
provided
provided.al2

List Aliases of a Function

aws lambda list-aliases --function-name my-function

Describe an Alias

aws lambda get-alias --function-name my-function --name LIVE

Create an Alias

aws lambda create-alias --function-name my-function --description "alias description goes here" --function-version 1 --name LIVE

Delete an Alias

aws lambda delete-alias --function-name my-function --name LIVE

List Function Tags

aws lambda list-tags --resource arn:aws:lambda:eu-west-1:xxxxxxxxxxx:function:my-function

Delete a Function

aws lambda delete-function --function-name my-function

Using AWS Lambda with Scheduled Events

sid=Sid$(date +%Y%m%d%H%M%S); aws lambda add-permission --statement-id $sid --action 'lambda:InvokeFunction' --principal events.amazonaws.com --source-arn arn:aws:events:<region>:<arn>:rule/AWSLambdaBasicExecutionRole --function-name function:<awsents> --region <region>

IAM

List Users

aws iam list-users

List Policies

aws iam list-policies

List Groups

aws iam list-groups

Get Users in a Group

aws iam get-group --group-name <group_name>

Describing a Policy

aws iam get-policy --policy-arn arn:aws:iam::aws:policy/<policy_name>

List Access Keys

aws iam list-access-keys

List Keys

aws iam list-access-keys

List the Access Key IDs for an IAM User

aws iam list-access-keys --user-name <user_name>

List the SSH Public Keys for a User

aws iam list-ssh-public-keys --user-name <user_name>

S3 API

Listing Buckets

aws s3api list-buckets

Or

aws s3 ls

e.g

aws s3 ls --profile eon01

Listing Only Bucket Names

aws s3api list-buckets --query 'Buckets[].Name'

Getting a Bucket Region

aws s3api get-bucket-location --bucket <bucket_name>

e.g

aws s3api get-bucket-location --bucket practicalaws.com

Listing the Content of a Bucket

aws s3 ls s3://<bucket_name> --region <region>

e.g

aws s3 ls s3://practicalaws.com

aws s3 ls s3://practicalaws.com --region eu-west-1
 
aws s3 ls s3://practicalaws.com --region eu-west-1 --profile eon01

Syncing a Local Folder with a Bucket

aws s3 sync <local_path> s3://<bucket_name> 

e.g

aws s3 sync . s3://practicalaws.com --region eu-west-1

Copying Files

aws s3 cp <file_name> s3://<bucket_name>

Or:

aws s3 cp <file_name> s3://<bucket_name>/<folder_name>/

To copy all files from a filder, look at "Copying Folders". Or use the following example, where I copy the content of the folder "images (contains images) in the remote folder "images".

cd images
aws s3 cp . s3://saltstackfordevops.com/images --recursive --region us-east-2

Copying Folders

aws s3 cp <folder_name>/ s3://<bucket_name>/ --recursive

To exclude files:

aws s3 cp <folder_name>/ s3://<bucket_name>/ --recursive --exclude "<file_name_or_a_wildcard>" 

e.g: To only include a certain type of files (PNG) and exclude others (JPG)

aws s3 cp practicalaws.com/ s3://practicalaws-backup/  --recursive --exclude "*.jpg"  --include "*.png"

e.g: To exclude a folder

aws s3 cp practicalaws.com/ s3://practicalaws-backup/ --recursive --exclude ".git/*" 

Removing a File from a Bucket

aws s3 rm s3://<bucket_name>/<object_name>

e.g

aws s3 rm s3://practicalaws.com/temp.txt

Deleting a Bucket

aws s3 rb s3://<bucket_name> --force

If the bucket is not empty, use --force.

e.g

aws s3 rb s3://practicalaws.com --force  

Emptying a Bucket

aws s3 rm s3://<bucket_name>/<key_name> --recursive

e.g

In order to remove tempfiles/file1.txt and tempfiles/file2.txt from practicalaws.com bucket, use:

aws s3 rm s3://practicalaws.com/tempfiles --recursive

Remove all objects using:

aws s3 rm s3://practicalaws.com/tempfiles

Making a Public File Private

aws s3api put-object-acl --acl private --bucket <bucket-name> --key <file_name or file_path>

e.g:

aws s3api put-object-acl --acl private --bucket practicalaws.com --key image/logo.png

Making a Public bucket Private

aws s3 ls --recursive s3://<bucket-name> | cut -d' ' -f5- | awk '{print $NF}' | while read line; do
    echo "$line"
    aws s3api put-object-acl --acl private --bucket <bucket-name> --key "$line"
done

VPC

Creating A VPC

aws ec2 create-vpc --cidr-block <cidr_block> --regiosn <region>

e.g

aws ec2 create-vpc --cidr-block 10.0.0.0/16 --region eu-west-1

Allowing DNS hostnames

aws ec2 modify-vpc-attribute --vpc-id <vpc_id> --enable-dns-hostnames "{\"Value\":true}" --region <region>

Subnets

Creating A Subnet

aws ec2 create-subnet --vpc-id <vpc_id> --cidr-block <cidr_block> --availability-zone <availability_zone> --region <region>

Auto Assigning Public IPs To Instances In A Public Subnet

aws ec2 modify-subnet-attribute --subnet-id <subnet_id> --map-public-ip-on-launch --region <region>

Internet Gateway

Creating An IGW

aws ec2 create-internet-gateway --region <region>

Attaching An IGW to A VPC

aws ec2 attach-internet-gateway --internet-gateway-id <igw_id> --vpc-id <vpc_id> --region <region>

NAT

Setting Up A NAT Gateway

Allocate Elastic IP

aws ec2 allocate-address --domain vpc --region <region> 

then use the AllocationId to create the NAT Gateway for the public zone in

aws ec2 create-nat-gateway --subnet-id <subnet_id> --allocation-id <allocation_id> --region <region> 

Route Tables

Creating A Public Route Table

Create the Route Table:

aws ec2 create-route-table --vpc-id <vpc_id> --region <region> 

then create a route for an Internet Gateway.

Now, use the outputted Route Table ID:

aws ec2 create-route --route-table-id <route_table_id> --destination-cidr-block 0.0.0.0/0 --gateway-id <igw_id> --region <region> 

Finally, associate the public subnet with the Route Table

aws ec2 associate-route-table --route-table-id <route_table_id> --subnet-id <subnet_id> --region <region>

Creating A Private Route Tables

Create the Route Table

aws ec2 create-route-table --vpc-id <vpc_id> --region <region> 

then create a route that points to a NAT Gateway

aws ec2 create-route --route-table-id <route_table_id> --destination-cidr-block 0.0.0.0/0 --nat-gateway-id <net_gateway_id> --region <region> 

Finally, associate the subnet

aws ec2 associate-route-table --route-table-id <route_table_id> --subnet-id <subnet_id> --region <region> 

CloudFront

Listing Distributions

In some cases, you need to setup this first:

aws configure set preview.cloudfront true

Then:

aws cloudfront list-distributions

Invalidating Files From a Distribution

To invalidate index and error HTML files from the distribution with the ID Z2W2LX9VBMAPRX:

aws cloudfront create-invalidation --distribution-id Z2W2LX9VBMAPRX  --paths /index.html /error.html

To invalidate everything in the distribution:

aws cloudfront create-invalidation --distribution-id Z2W2LX9VBMAPRX  --paths '/*'

Sync a Local Folder with a CLoudFront Distribution

CloudFront is "attached" to a bucket, you need to upload your files to the bucket.

e.g.:

aws s3 sync . s3://my-bucket.com

If you should keep the files public:

aws s3 sync . s3://my-bucket.com --acl public-read

To copy a single file, you need to:

aws s3 cp file1 s3://my-bucket.com/sub-folder/ --acl <ACL>

Sync and Invalidate at the Same Time:

aws s3 sync . s3://my-bucket.com --acl public-read && aws cloudfront create-invalidation --distribution-id Z2W2LX9VBMAPRX  --paths '/*'

or in case you want to update a single file:

aws s3 cp file1 s3://my-bucket.com/sub-folder/ --acl public-read && aws cloudfront create-invalidation --distribution-id Z2W2LX9VBMAPRX  --paths '/sub-folder/file1'

RDS

List Databases

aws rds describe-db-instances

or:

aws rds describe-db-instances --query 'DBInstances[].DBInstanceIdentifier'

List Public Databases

aws rds describe-db-instances --query 'DBInstances[?PubliclyAccessible=="true"].[DBInstanceIdentifier,Endpoint.Address]'

List Non Protected Databases (DeletionProtection)

aws rds describe-db-instances \
    --query 'DBInstances[*].[DBInstanceIdentifier]' \
    --output text \
    | xargs -I {} bash -c 'if [[ $(aws rds describe-db-instances --db-instance-identifier {} --query '"'"'DBInstances[*].DeletionProtection'"'"' --output text) == False ]]; then echo {} ; fi'

Describe the Automated Backups for a DB Instance

aws rds describe-db-instance-automated-backups --db-instance-identifier database-mysql

Create a DB Cluster

aws rds create-db-cluster \
    --db-cluster-identifier mysql-cluster \
    --engine aurora-mysql \
    --engine-version 5.7.12 \
    --master-username master \
    --master-user-password xxxxxx \
    --db-subnet-group-name default \
    --vpc-security-group-ids sg-0130572b9daf3dc16

Create a DB Instance

aws rds create-db-instance \
    --db-instance-identifier mysql-instance \
    --db-instance-class db.t3.micro \
    --engine mysql \
    --master-username admin \
    --master-user-password xxxxx \
    --allocated-storage 40

Create a DB Security Group

aws rds create-db-security-group --db-security-group-name my-security-group --db-security-group-description "My Security Group"

Create a Read Replica

aws rds create-db-instance-read-replica \
    --db-instance-identifier test-instance-repl \
    --source-db-instance-identifier test-instance

Create a Custom DB Cluster Endpoint

aws rds create-db-cluster-endpoint \
    --db-cluster-endpoint-identifier mycustomendpoint \
    --endpoint-type reader \
    --db-cluster-identifier mydbcluster \
    --static-members dbinstance1 dbinstance2

Apply Tag to a DB

aws rds add-tags-to-resource \
    --resource-name arn:aws:rds:us-east-1:123456789012:db:database-mysql \
    --tags "[{\"Key\": \"Name\",\"Value\": \"MyDatabase\"},{\"Key\": \"Environment\",\"Value\": \"test\"}]"

Create a Cluster Snapshot

aws rds create-db-cluster-snapshot --db-cluster-identifier my-db-cluster --db-cluster-snapshot-identifier my-db-cluster-snapshot

Create a CloudWatch Alarm for a DB Instance

e.g.: When average CPU for latest 15 minutes is above 90%

aws cloudwatch put-metric-alarm \
    --alarm-name "my-alarm" \
    --metric-name "CPUUtilization" \
    --namespace "AWS/RDS" \
    --statistic "Average" \
    --period 300 \
    --evaluation-periods 3 \
    --threshold 90.0 \
    --comparison-operator "GreaterThanOrEqualToThreshold" \
    --dimensions "Name=DBInstanceIdentifier,Value=my-db-instance" \
    --alarm-actions "<arn of sns resource>"

This will monitor the DB instance during a period of 300 seconds (5 minutes) during 3 evaluation periods: 5*3 = 15 minutes.

If in the three periods, the average is equal or more than 90%, then the alarm will trigger the SNS resource.

You should subscribe to the SNS resource you create by email or SMS.

Connect Deeper

This work was first published in Practical AWS course.

Join our online community FAUN and subscribe to our podcast The DevOps Fauncast.

Visit our publication The Chief I/O, subscribe to the newsletter and get cloud native insights from our contributors.

More Repositories

1

DockerCheatSheet

🐋 Docker Cheat Sheet 🐋
3,652
star
2

kubernetes-workshop

⚙️ A Gentle introduction to Kubernetes with more than just the basics. 🌟 Give it a star if you like it.
Python
3,231
star
3

awesome-chatgpt

🧠 A curated list of awesome ChatGPT resources, including libraries, SDKs, APIs, and more. 🌟 Please consider supporting this project by giving it a star.
2,180
star
4

KubectlCheatSheet

The Definitive Kubectl Sheetcheat. ⭐ Give it a star if you like it. Work (always) in progress !
187
star
5

DevOpsLinks-Is-Awesome

Curated & Must Read Content For DevOps, SysAdmins & Fullstack Developers.
140
star
6

SaltStackCheatSheet

SaltStack Cheat Sheet
86
star
7

DoMonit

A Deadly Simple Docker Monitoring Wrapper For Docker API
Python
75
star
8

django-boilerplate

An opinionated Django boilerplate running Celery & Django on the same Docker container and ready to run on Docker Compose & Kubernetes.
JavaScript
37
star
9

LearnKubernetesByBuilding10Projects

Shell
34
star
10

NodeSS

NodeSS: Node.js Security Scanner : This container will scan your Nodejs code for dependency vulnerabilities, print the result and exits
23
star
11

AnsibleCheatSheet

A cheat sheet for Ansible, the automation tool.
23
star
12

PainlessDocker

Painless Docker book git repository.
17
star
13

c2jpg

A bash script to convert FROM gif, bmp, pdf, webp, pcx, pict, pct, png, tif, tiff, xcf, crw, cr2, arw, sr2 & nef TO jpg/jpeg formats.
Shell
17
star
14

d-ealer

A Docker Healer - Auto Restarting Unhealthy Containers
Python
12
star
15

60seconds

Netflix Linux Performance Analysis in 60,000 Milliseconds
Shell
11
star
16

OpenAIGPTForPythonDevelopersFiles

This repository contains the code and other resources used in OpenAI GPT for Python Developers (2nd Edition)
9
star
17

PainlessDockerV2

HTML
8
star
18

hostFilter

hostFilter: Protect your privacy, your computer and save your bandwidth.
Shell
8
star
19

TipsToLearnAWS

This is a work on progress free e-book
7
star
20

celery-rabbitmq-client-server

This is a temlplate to start programming using Celery/RabbitMQ
Python
7
star
21

SaltStackForDevOps

SaltStack For DevOps - The Book Sample
6
star
22

PracticalAWSV2

Python
6
star
23

python-weather-api-example

A simple Python weather app for educational purpose.
Python
6
star
24

urlpy2

URL parsing, cleanup, canonicalization, equivalence and tracking remover
Python
5
star
25

awesome-stars

A curated list of my GitHub stars!
5
star
26

kubernetes-grafana

Kubernetes configurations to create a Grafana cluster
3
star
27

flask_restful_sample

This is a sample Flask restful application
Python
3
star
28

TheAnsibleWorkshopFiles

This repository contains the code snippets used in The Ansible Workshop book.
3
star
29

docker-piwigo

Using Docker Compose To Run Piwigo In Production
PHP
2
star
30

dvsc

dvsc: Dangling Volume Size Calculator
Shell
2
star
31

LLMPromptEngineeringForDevelopersFiles

This repository contains the code snippets used in "LLM Prompt Engineering For Developers"
2
star
32

CloudNativeMicroservicesWithKubernetesFiles

1
star
33

flaskrestful-template

Python
1
star
34

katacoda-scenarios

Katacoda Scenarios
1
star
35

SimpleFullBackup

A simple full backup script
Shell
1
star
36

PainlessDockerCheatSheet

1
star
37

python-ci-example

Python
1
star
38

nodejs-micro-container

A micro container (13 MB) to run Node.js apps
JavaScript
1
star
39

flasklate

A Bootstrap Template To Start Flask Projects (Python3)
Python
1
star
40

docker-symfony

A development environement for Symfony3 developers. It runs Nginx and PHP7-FPM.
Nginx
1
star
41

one-click-hugo-cms-demo

CSS
1
star
42

PainlessDockerBookCode

JavaScript
1
star
43

awesome-projects

Awesome List of my own!
1
star
44

centralGo

A Multithreaded Scheduling Tool For Running Scripts And Routine Tasks.
Python
1
star