How do I start AWS EC2 instance using awscli interface? - amazon-web-services

Am trying to start my AWS EC2 instance using the awscli interface without any luck. This is my command:
aws ec2 start-instances --instance-ids <my-instance-id>
I get the following error:
An error occurred (InvalidInstanceID.NotFound) when calling the StopInstances operation: The instance ID '<my-instance-id>' does not exist
Am getting the same error when I use the boto3 library.
What am I missing?

The AWS Command-Line Interface (CLI) syntax is:
aws ec2 start-instances --instance-ids i-abcd1234 --region us-west-2
(If you have a default region defined, then you don't need --region.)
Doing via boto3:
import boto3
ec2 = boto3.client('ec2', region_name = 'us-west-2')
ec2.start_instances(InstanceIds=['i-abcd1234'])

Related

How to terminate multiple EC2 instances in AWS via CLI?

I'm looking for terminating multiple EC2 instances via AWS CLI. Yes, can able to terminate an EC2 instance by executing the below command.
Syntax:
aws ec2 terminate-instances --instance-ids <intance id> --profile <profile name>
Example:
aws ec2 terminate-instances --instance-ids <i-...> --profile xxx
But I have a big list of instances that I need to terminate so I'm searching for a solution to terminating a batch of EC2 instances by providing the list of instance ids. I tried with multiple instance ids as below but those not working.
aws ec2 terminate-instances --instance-ids ("instance-id1", "intance-id2") --profile xxx
aws ec2 terminate-instances --instance-ids ("instance-id1intance-id2") --profile xxx
aws ec2 terminate-instances --instance-ids (instance-id1,intance-id2) --profile xxx
Kindly let me know if there is any possibility to terminate a batch of instances.
I can able to achieve this by following the below command as recommended by luk2302
aws ec2 terminate-instances --instance-ids instance-id1 instance-id2 --profile xxx
Also as recommended by Alex Bailey, we can try with the shell script (.sh) or batch (.bat) which will make our job easier.
Instead of running all the instance ID's through at once I would create a loop in a shell script to do this.
Assuming you have each instance ID on a separate line in a text file you could do something like:
#!/usr/bin/env bash
while read ins_id; do
aws ec2 terminate-instances --instance-ids $ins_id --profile <profile name> || echo "error terminating ${ins_id}"
done < instance_ids.txt
That's not tested and I'm not great with shell scripting so if you try using it just try with one or two instances first and see what happens.

InvalidClientTokenId when calling get-caller-identity on an AWS EC2 instance with instance profile

We're having an issue where we're on a CentOS EC2 instance that is using a role through an attached instance profile. When we're on the console after SSHing in, we run the python awscli command line tool to get our identity:
$ aws sts get-caller-identity
we're getting
An error occurred (InvalidClientTokenId) when calling the GetCallerIdentity operation: The security token included in the request is invalid
other commands, such as aws ec2 describe-instances work and are allowed by the instance profile.
From reading the AWS documentation, no permissions should be required to get-caller-identity and there's no explicit deny set on the role associated with instance.
We checked and there's no .aws/credentials file and no env variables set, so access should be entirely managed through the metadata service on the EC2 instance.
Is there something missing in our setup or invocation of the awscli that might cause the permission to fail?
Just documenting the fix for anyone that runs into this issue.
All calls to the awscli should probably include a --region <region> parameter.
E.g.
$ aws sts get-caller-identity --region us-east-2
We were prompted for the region on our aws ec2 describe-instances call but on the aws sts get-caller-identity call, it just failed.
Additionally, we found that the AWS_REGION environment variable didn't seem to affect calls: we still needed to include the --region <region> parameter.

How can I get the RDS endpoint for use in Userdata

I am trying to get the RDS endpoint to use in user data with cli but unable to figure it out.
I need to get the RDS endpoint to inject into a php file but when I try the following I get:
Unable to locate credentials. You can configure credentials by running "aws configure".
I am building the ec2 and vpc using CLI and need to be able to get RDS endpoint as part of the Userdata.
I tried the following on the EC2 instance itself and I get the above error.
aws rds --region ca-central-1 describe-db-instances --query "DBInstances[*].Endpoint.Address"
Even if I am able to resolve that, I need to be able to get the endpoint to pass as part of the userdata. Is that even possible?
The Unable to locate credentials error says that the AWS Command-Line Interface (CLI) does not have any credentials to call the AWS APIs.
You should assign a role to the EC2 instance with sufficient permission to call describe-db-instances on RDS. See: IAM Roles for Amazon EC2
Then, your User Data can include something like:
#!
RDS=`aws rds --region ca-central-1 describe-db-instances --query "DBInstances[*].Endpoint.Address"`
echo >file $RDS
Or pass it as a parameter:
php $RDS
I have it working with this -
mac=curl -s http://169.254.169.254/latest/meta-data/mac
VPC_ID=curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/$mac/vpc-id
aws rds describe-db-instances --region us-east-2 | jq -r --arg VPC_ID "VPC_ID" '.DBInstances[] |select (.DBSubnetGroup.VpcId=="'$VPC_ID'") | .Endpoint.Address'

AWS ec2 describe Instance not working

aws ec2 describe-instance-status --instance-id "*****"
This cli command works only for the region where you run this command, If i want to check Instance state of other location, unable to identify instance ID
Error: An error occurred (InvalidInstanceID.NotFound) when calling the DescribeInstanceStatus operation: The instance ID '***********' does not exist
If you wish to run the query in another region, simply define this when running the command:
For example, to run in us-west-2:
aws --region us-west-2 ec2 describe-instances --instance-ids <ids>

Amazon web services CLI Error

Could not connect to the endpoint URL: "https://ec2.ec2-east.amazonaws.com/" is throwing
You do not use a valid region (ec2-east)
For ec2 regions, please refer to http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
Your command should be aws ec2 describe-instances --region xxx where xxx is in the list from http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region like aws ec2 describe-instances --region us-east-1