So I'm trying to pull just the image from a task-definition. I'm running:
aws ecs describe-task-definition --task-definition nameoftaskdefinition --output text
And I'm trying add in the --query option so that result will look like
VAR = $(aws ecs describe-task-definition --task-definition nameoftaskdefinition --output text)
where echo $VAR would return image
Based on the output from the docs, you'll want something like this (untested)
aws ecs describe-task-definition \
--task-definition nameoftaskdefinition \
--query 'taskDefinition.containerDefinitions[].image' \
--output text
Note that depending on your task, you may have multiple containerDefinitions, so the output from that command ($VAR in your example) could be a space separated string
Related
I have this bash script that is trying to return the stopped instance Ids of an autoscaling group.
aws ec2 describe-instances --filter "Name=tag:aws:autoscaling:groupName,Values=devASG-123" --query "Reservations[].Instances[?State.Name==stopped].InstanceId" --output text --profile dev
This keeps returning a blank value even though I have instances that are stopped
How can i fix this?
Try this:
aws --profile dev ec2 describe-instances --filters \
"Name=tag:aws:autoscaling:groupName,Values=devASG-123" \
"Name=instance-state-name,Values=stopped" \
--query "Reservations[*].Instances[*].InstanceId
or use regex
aws --profile dev ec2 describe-instances --filters \
"Name=tag:aws:autoscaling:groupName,Values=devASG-123" \
"Name=instance-state-name,Values=stopped" | \
grep -o '\"i-[0-9a-f]\\+\"' | grep -o '[^\"]\\+'
Is it possible to fetch latest image from ECR with a particular docker tag which starts from develop like developXXX?
I am able to see latest image from a repo with this:
aws ecr describe-images --repository-name reponame --output text --region eu-west-1 --query 'sort_by(imageDetails,& imagePushedAt)[*].imageTags[*]' | tr '\t' '\n' | tail -1
Matching 'develop' keyword from all fetched image and returning the latest one with tail -1.
aws ecr describe-images --repository-name reponame --output text --region eu-west-1 --query 'sort_by(imageDetails,& imagePushedAt)[*].imageTags[*]' | grep -w "develop" | tail -1
You can change logic in grep -w "develop" part which can fit to your condition
When I execute:
aws ec2 describe-network-interfaces --region=us-east-1 \
--query="NetworkInterfaces[*].[Description, NetworkInterfaceId]" \
--output text \
--filter 'Name=Description,Values=ELB*'
I get this error message:
An error occurred (InvalidParameterValue) when calling the DescribeNetworkInterfaces operation:
The filter 'Description' is invalid
I am trying to list my ENI's that have a description that starts with "ELB".
UPDATE: Thanks jordanm your suggestion has stopped the error message but I still think I doing something wrong with my filter option. If I execute:
aws ec2 describe-network-interfaces --region=us-east-1 \
--query="NetworkInterfaces[*].[Description, NetworkInterfaceId]" \
--output text | grep "^ELB"
I get results, but if I try to filter with --filter 'Name=Description,Values=ELB*' instead of | grep "^ELB" I do not get any results.
The following should get you ENI's whose description begin with 'EBS'
aws ec2 describe-network-interfaces --region=us-east-1 \
--query="NetworkInterfaces[?starts_with(Description, 'EBS')].[Description, NetworkInterfaceId]" \
--output text
You can change the literal 'EBS' to whatever value you want to check for in the description. If you want to do a check where the Description contains 'EBS' not just begins with it, you can use the following command
aws ec2 describe-network-interfaces --region=us-east-1 \
--query="NetworkInterfaces[?contains(Description, 'EBS')].[Description, NetworkInterfaceId]" \
--output text
I need to audit a large number of AWS accounts to determine which EC2 instances are missing the SSM agent. Then I need have all those instances and their tags outputted.
Running aws ssm describe-instance-information lists all the instances that have the agent installed and are running, but it doesn't list instances that are missing the agent or systems that might be turned off.
#!/bin/bash
for instance in $(aws ec2 describe-instances --query 'Reservations[*].Instances[*].[InstanceId]' --output text )
do
managed=$(aws ssm describe-instance-information --filters "Key=InstanceIds,Values=$instance" --query 'InstanceInformationList[*].[AssociationStatus]' --output text)
if [[ "$managed" != "Success" ]]; then
managed="Not Managed";
fi
aws ec2 describe-instances --instance-id $instance --output text --query 'Reservations[*].Instances[*].[InstanceId, Placement.AvailabilityZone, [Tags[?Key==`Name`].Value] [0][0], [Tags[?Key==`App`].Value] [0][0], [Tags[?Key==`Product`].Value] [0][0], [Tags[?Key==`Team`].Value] [0][0] ]'
echo "$managed"
done
Save and make the script executable, then run
script.sh > file.tsv
And finally import it into excel
This will print a list of all your instances with "success" printed beneath the ones which are managed.
for instance in $(aws ec2 describe-instances --query 'Reservations[*].Instances[*].[InstanceId]' --output text )
do;
managed=$(aws ssm describe-instance-information --filters "Key=InstanceIds,Values=$instance" --query 'InstanceInformationList[*].[AssociationStatus]' --output text)
echo "$instance $managed";
done
To add a simple but not well-formatted set of tags, replace the echo line with
if [[ "$managed" != "Success" ]]; then
managed="Fail";
fi
echo "$instance $managed"
aws --profile GC-Staging ec2 describe-instances --instance-id $instance --query 'Reservations[*].Instances[*].[Tags[*].Value]' --output text
Is there anyway to just nuke / remove all items in AWS Parameters Store?
All the command line I found are to remove it either one by one or remove it given a list of names.
I also tried using
aws ssm delete-parameters --cli-input-json test.json
with test.json file looks like this
{
"Names": [
"test1",
"test2"
]
}
still does not work..
Ideally if I can use --query and use it as is, that'd be great.
I'm using --query like so
aws ssm get-parameters-by-path --path / --max-items 2 --query 'Parameters[*].[Name]'
When you need to delete all parameters by path in AWS Systems Manager Parameter Store and there are more than 10 parameters you have to deal with pagination.
Otherwise, an the command will fail with the error:
An error occurred (ValidationException) when calling the DeleteParameters operation: 1 validation error detected: Value '[/config/application/prop1, ...]' at 'names' failed to satisfy constraint: Member must have length less than or equal to 10
The following Bash script using AWS CLI pagination options deletes any number of parameters from AWS SSM Parameter Store by path:
#!/bin/bash
path=/config/application_dev/
while : ; do
aws ssm delete-parameters --names $(aws ssm get-parameters-by-path --path "$path" --query "Parameters[*].Name" --output text --max-items 10 $starting_token | grep -v None)
next_token=$(aws ssm get-parameters-by-path --path "$path" --query NextToken --output text --max-items 10 | grep -v None)
if [ -z "$next_token" ]; then
starting_token=""
break
else
starting_token="--starting-token $next_token"
fi
done
You can combine get-parameters-by-path with delete-parameters:
aws ssm delete-parameters --names `aws ssm get-parameters-by-path --path / --query Parameters[].Name --output text`
I tested it by creating two parameters, then running the above command. It successfully deleted by parameters.
try this and execute multiple times
aws ssm delete-parameters --names `aws ssm get-parameters-by-path --path / --recursive --query Parameters[].Name --output text --max-items 9`
Adding to the above. I had to delete around 400 params from the parameter store. Ran the below in command line and it did it! (Change 45 in for loop to whatever number you like);
for ((n=0;n<**45**;n++)); do
aws ssm delete-parameters --names `aws ssm get-parameters-by-path --path / --recursive --query Parameters[].Name --output text --max-items 9`
done
This is my one line solution for this:
$ for key in $(aws ssm get-parameters-by-path --path "/" --recursive | jq -r '.Parameters[] | .Name' | tr '\r\n' ' '); do aws ssm delete-parameter --name ${key}; done
NOTE: Be careful if you copy & paste this as it will remove everything under "/"