I am looking forward to call \File.txt using below AWS CLI , if you have exp please share it.
aws ec2 describe-instances --filters Name=network-interface.group-name,Values='\file.txt' --query 'Reservations[].Instances[].[Placement.AvailabilityZone, State.Name, InstanceId,Tags[?Key==Name].Value|[0]]'
File.txt includes Security Group Names.
Here is a way you can do it, I'm assuming Security Group Name is on a separate line.
Command:
$(cat file.txt|sed 'N;s/\n/,/')
Input: file.txt:
cat file.txt
security-group-name-1
security-group-name-2
security-group-name-3
Output:
security-group-name-1,security-group-name-2
Full command:
aws ec2 describe-instances --filters Name=network-interface.group-name,Values=$(cat file.txt|sed 'N;s/\n/,/') --query 'Reservations[].Instances[].[Placement.AvailabilityZone, State.Name, InstanceId,Tags[?Key==Name].Value|[0]]'
Related
I need to audit a large number of AWS accounts to determine which EC2 instances are missing the SSM agent. Then I need have all those instances and their tags outputted.
Running aws ssm describe-instance-information lists all the instances that have the agent installed and are running, but it doesn't list instances that are missing the agent or systems that might be turned off.
#!/bin/bash
for instance in $(aws ec2 describe-instances --query 'Reservations[*].Instances[*].[InstanceId]' --output text )
do
managed=$(aws ssm describe-instance-information --filters "Key=InstanceIds,Values=$instance" --query 'InstanceInformationList[*].[AssociationStatus]' --output text)
if [[ "$managed" != "Success" ]]; then
managed="Not Managed";
fi
aws ec2 describe-instances --instance-id $instance --output text --query 'Reservations[*].Instances[*].[InstanceId, Placement.AvailabilityZone, [Tags[?Key==`Name`].Value] [0][0], [Tags[?Key==`App`].Value] [0][0], [Tags[?Key==`Product`].Value] [0][0], [Tags[?Key==`Team`].Value] [0][0] ]'
echo "$managed"
done
Save and make the script executable, then run
script.sh > file.tsv
And finally import it into excel
This will print a list of all your instances with "success" printed beneath the ones which are managed.
for instance in $(aws ec2 describe-instances --query 'Reservations[*].Instances[*].[InstanceId]' --output text )
do;
managed=$(aws ssm describe-instance-information --filters "Key=InstanceIds,Values=$instance" --query 'InstanceInformationList[*].[AssociationStatus]' --output text)
echo "$instance $managed";
done
To add a simple but not well-formatted set of tags, replace the echo line with
if [[ "$managed" != "Success" ]]; then
managed="Fail";
fi
echo "$instance $managed"
aws --profile GC-Staging ec2 describe-instances --instance-id $instance --query 'Reservations[*].Instances[*].[Tags[*].Value]' --output text
I have multiple aws accounts and i don't remember in which aws account this EC2 instance was created, is there any optimal way to figure out in very less time?
Note: i need to know account DNS name or Alias name.(Not account number)
If you have access to the instance you could use Instance metadata API:
[ec2-user ~]$ curl http://169.254.169.254/latest/dynamic/instance-identity/document
It returns json with accountId field.
If you configure AWS CLI for all account, then you can get the Account ID, ARN and user ID.
The script does the following.
Get the list of AWS configuration profile
Loop over all profile
Get a list of All Ec2 public IP address
print account info if IP matched and exit
RUN
./script.sh 52.x.x.x
script.sh
#!/bin/bash
INSTANCE_IP="${1}"
if [ -z "${INSTANCE_IP}" ]; then
echo "pls provide instance IP"
echo "./scipt.sh 54.x.x.x"
exit 1
fi
PROFILE_LIST=$(grep -o "\\[[^]]*]" < ~/.aws/credentials | tr -d "[]")
for PROFILE in $PROFILE_LIST; do
ALL_IPS=$(aws ec2 describe-instances --profile "${PROFILE}" --query "Reservations[].Instances[][PublicIpAddress]" --output text | tr '\r\n' ' ')
echo "looking against profile ${PROFILE}"
for IP in $ALL_IPS; do
if [ "${INSTANCE_IP}" == "${IP}" ]; then
echo "Instance IP matched in below account"
aws sts get-caller-identity
exit 0
fi
done
done
echo "seems like instance not belong to these profile"
echo "${PROFILE_LIST}"
exit 1
loop over accounts
loop over regions
also be aware of lightsail!
I came up with the following and helped me. I didn't exclude the regions that did not have lightsail
for region in `aws ec2 describe-regions --output text --query 'Regions[*].[RegionName]' --region eu-west-1` ; do \
echo $region; \
aws ec2 describe-network-interfaces --output text --filters Name=addresses.private-ip-address,Values="IPv4 address" --region $region ; \
aws lightsail get-instances --region eu-west-1 --output text --query 'instances[*].[name,publicIpAddress]' --region $region; \
done
I am using the command below aws ec2 describe-instances to return list of running EC2s. The output is a TSV in 2 lines, first line being Account ID (OwnerId), and the rest of the query is displayed at the second line. I would like to make all the attributes to be flattened in one line, but due to the nature of the json output of the API calls, is there a way to manipulate the output to be in just one line?
aws ec2 describe-instances --output text --profile $account --query 'Reservations[*].[[OwnerId, Instances[*].[InstanceId, InstanceType, State.Name, Platform, Placement.AvailabilityZone, PublicIpAddress, PrivateIpAddress,[Tags[?Key==Name].Value][0][0],[Tags[?Key==Environment].Value][0][0]]]]' --filter --filters Name=instance-state-name,Values=running >> $outfile
1234567890
i-03cxxxxxxxdab t2.medium running windows ap-southeast-1a 10.0.0.0 10.10.0.10 api-abc-prod-01 PROD
desired output in one line
1234567890 i-03cxxxxxxxdab t2.medium running windows ap-southeast-1a 10.0.0.0 10.10.0.10 api-abc-prod-01 PROD
First thing, AWS cli offer to specify the output formate, so you can set the output to text then replace the new line with space. you can try
aws ec2 describe-instances --output text --profile test --query 'Reservations[*].[[OwnerId, Instances[*].[InstanceId, InstanceType, State.Name, Platform, Placement.AvailabilityZone, PublicIpAddress, PrivateIpAddress,[Tags[?Key==Name].Value][0][0],[Tags[?Key==Environment].Value][0][0]]]]' --filter --filters Name=instance-state-name,Values=running --output text | tr '\r\n' ' '
Text Output Format
The text format organizes the AWS CLI's output into tab-delimited
lines. It works well with traditional Unix text tools such as grep,
sed, and awk, as well as the text processing performed by PowerShell.
The text output format follows the basic structure shown below. The
columns are sorted alphabetically by the corresponding key names of
the underlying JSON object.
IDENTIFIER sorted-column1 sorted-column2
IDENTIFIER2 sorted-column1 sorted-column2
so you are good to go with pipe using tr '\r\n' ' '
Or you can use awk
aws ec2 describe-instances --output text --profile test --query 'Reservations[*].[[OwnerId, Instances[*].[InstanceId, InstanceType, State.Name, Platform, Placement.AvailabilityZone, PublicIpAddress, PrivateIpAddress,[Tags[?Key==Name].Value][0][0],[Tags[?Key==Environment].Value][0][0]]]]' --filter --filters Name=instance-state-name,Values=running | awk 1 ORS=' '
update:
If you want to append ownerID with each instance details then use this.
aws ec2 describe-instances --output text --query 'Reservations[*].[[OwnerId, Instances[*].[InstanceId, InstanceType, State.Name, Platform, Placement.AvailabilityZone, PublicIpAddress, PrivateIpAddress,[Tags[?Key==Name].Value][0][0],[Tags[?Key==Environment].Value][0][0]]]]' --filter --filters Name=instance-state-name,Values=running | paste -d" " - -
As recommended in the top answer in Parsing JSON with Unix tools --> you can use jq to do this https://stedolan.github.io/jq/, check the tutorial here on extracting the relevent fields... https://stedolan.github.io/jq/tutorial/
With the AWS CLI, given a PublicDnsName, how can I get the InstanceID? I tried
aws ec2 describe-instances --filters 'Name=publicdnsname,Values=ec2....
but it complains that
publicdnsname is not a valid filter
It is dns-name
aws ec2 describe-instances --filters "Name=dns-name,Values=ec2-xxxxx.compute-1.amazonaws.com" --query 'Reservations[*].Instances[*].InstanceId' --output text
Output
i-00123458ca3fa2c4f
The valid filters are listed in the docs.
To filter by public DNS name the filter name you should use is: dns-name
With this command I am getting the snapshot id but i want to get the name associated with this id [TAGS]
aws ec2 describe-snapshots --owner-ids ********** --output text | awk /vol-6ac16d63/ | grep -y "2014-02-01" | awk "/vol-6ac16d63/{print \$5}"
try describe-tags:
aws ec2 describe-tags --filters Name=resource-id,Values=snap-XXXXXXX Name=key,Values=Name --query "Tags[*].Value" --output text