aws cloudformation describe-stack-resources query by LogicalResourceId - amazon-web-services

I am attempt to retrieve a stack PhysicalResourceId using the aws command line.
$ aws cloudformation describe-stack-resources \
--stack-name test-app-prometheus \
--query 'StackResources[?LogicalResourceId=="PrometheusAutoScalingGroup"]'
I was expecting this to return:
[
{
"ResourceStatus": "...",
"LogicalResourceId": "...",
"StackName": "test-app-prometheus",
"StackId": "...",
"PhysicalResourceId": "test-app-prometheus-PrometheusAutoScalingGroup-...",
"ResourceType": "AWS::AutoScaling::AutoScalingGroup",
"Timestamp": "2016-11-08T15:17:23.567Z"
}
]
However instead it is returning an empty array.
[]
Running the command without the query and I can see the resource. Running the command:
$ aws cloudformation describe-stack-resources \
--stack-name test-app-prometheus \
--query 'StackResources[*].LogicalResourceId' \
| grep PrometheusAutoScalingGroup
"PrometheusAutoScalingGroup",
suggests that the resource exists.

How about:
$ aws cloudformation describe-stack-resources \
--stack-name test-app-prometheus \
--logical-resource-id PrometheusAutoScalingGroup
CloudFormation and the New AWS CLI

Related

Attempting to update AWS secret isn't saving in AWS

I’m on Mac Monterrey. Using the AWS CLI, I want to update a secret's value, so I did this
aws secretsmanager update-secret --secret-id 'development/database' --description '{"adapter": "mysql2", "encoding": "utf8", "host": "host.docker.internal"}'
And I get back
{
"ARN": "arn:aws:secretsmanager:us-east-1:1234678901234:secret:development/database-4walfE",
"Name": "development/database"
}
However, when I go to see the value of my secret, it is unchanged
$ aws secretsmanager get-secret-value --secret-id 'development/database'
{
"ARN": "arn:aws:secretsmanager:us-east-1:1234678901234:secret:development/database-4abcdE",
"Name": "development/database",
"VersionId": "378861d2-c5f0-48a4-a965-13877321da62",
"SecretString": "{\"adapter\": \"mysql2\", \"encoding\": \"utf8\", \"host\": \"127.0.0.1\"}",
"VersionStages": [
"AWSCURRENT"
],
"CreatedDate": "2022-04-11T12:00:43.029000-05:00"
}
What gives? What am I missing?
If you're updating the value of the secret, you should use --secret-string
aws secretsmanager update-secret --secret-id 'development/database' --secret-string '{"adapter": "mysql2", "encoding": "utf8", "host": "host.docker.internal"}'

Retrieve only one parameter value from aws ssm get-parameter command?

How can I print only the value of Value attribute from the below output of the following command
aws ssm get-parameter --name "/test/ip/cidr" --profile test
{
"Parameter": {
"Name": "/test/ip/cidr",
"Type": "String",
"Value": "172.18.0.0/20",
"Version": 1,
"LastModifiedDate": 1585251360.78,
"ARN": "arn:aws:ssm:us-east-1:123233:parameter/test/ip/cidr",
"DataType": "text"
}
}
Tried running the below command but prints like [{"Value": "172.18.0.0/20"}] but just want to see only 172.18.0.0/20
aws ssm get-parameters --names "/test/ip/cidr" --query "Parameters[*].{Value:Value}" --profile test
[
{
"Value": "172.18.0.0/20"
}
]
You can add --output text and modify your --query:
aws ssm get-parameter --name "/test/ip/cidr" --profile test \
--query "Parameter.Value" --output text

How to query AWS Stack Outputs?

My Stack Outputs:
"Outputs": [
{
"OutputKey": "InstanceId",
"OutputValue": "i-0ed2834d95ae5bb98",
"Description": "Instance Id"
},
{
"OutputKey": "PrivateIp",
"OutputValue": "10.176.66.46",
"Description": "Private IP address"
},
{
"OutputKey": "EbsVolumeId",
"OutputValue": "vol-03837489a20032881",
"Description": "EbsVolume"
}
I tried to query the PrivateIp of stack by using the command below but the command doesn't return anything.
aws cloudformation describe-stacks --stack-name my-stack-01 --query "Stacks[0].Outputs[?OutputKey=="PrivateIp"].OutputValue" --output text
What did I do wrong?
Thx in advance!
You must use single-quotes in the filter part ?OutputKey=="PrivateIp" of your query. So, change your whole query to:
aws cloudformation describe-stacks --stack-name my-stack-01 --query "Stacks[0].Outputs[?OutputKey=='PrivateIp'].OutputValue" --output text
This will work.

pipe output from aws cli as input to another aws cli command

Hi I would like to pipe an instance output to start/stop ec2 instances. Here is the beginning of the code:
aws ec2 describe-instances \
--query "Reservations[*].Instances[*].{Instance:InstanceId,Subnet:SubnetId}" \
--filters "Name=tag-value,Values=<INSTANCE NAME TAG>" \
--output text | \
How do I pipe this output to AWS ec2 start-instances command in Windows?
Output format can be JSON,YAML, TEXT or Table.It depends on your requirements.
Sample command for JSON output:
$ aws iam list-users --output json
Sample output:
{
"Users": [
{
"Path": "/",
"UserName": "Admin",
"UserId": "AIDA1111111111EXAMPLE",
"Arn": "arn:aws:iam::123456789012:user/Admin",
"CreateDate": "2014-10-16T16:03:09+00:00",
"PasswordLastUsed": "2016-06-03T18:37:29+00:00"
},
{
"Path": "/backup/",
"UserName": "backup-user",
"UserId": "AIDA2222222222EXAMPLE",
"Arn": "arn:aws:iam::123456789012:user/backup/backup-user",
"CreateDate": "2019-09-17T19:30:40+00:00"
},
{
"Path": "/",
"UserName": "cli-user",
"UserId": "AIDA3333333333EXAMPLE",
"Arn": "arn:aws:iam::123456789012:user/cli-user",
"CreateDate": "2019-09-17T19:11:39+00:00"
}
]
}
Now if you want to use this output for input of another command, one easy way is to read the json file, extract the value and use that as input to other command.
Please read https://www.business.com/articles/using-powershell-with-json-data/ for some details.
I found a PowerShell solution which suits my needs better:
$InstanceId = aws ec2 describe-instances --query "Reservations[*].Instances[*].{Instance:InstanceId}" --filters "Name=tag-value,Values=<INSTANCE NAME TAG>" --output text aws ec2 start-instances --instance-ids $InstanceId

How to add an AWS-Lambda-based trigger on S3-Bucket with CLI

I'm curious if we could create a trigger on a AWS S3 Bucket programmatically?
Given is a S3-Bucket and a AWS Lambda function.
The AWS Lambda function was created per CLI and can be updated/recreated at any time with CLI-based commands.
aws lambda create-function \
--region us-east-1 \
--function-name encodeVideo \
--zip-file fileb:///tmp/encode_video.zip \
--role $LAMBDA_ROLE_ARN \
--handler encode_video.handler \
--runtime nodejs6.10 \
--timeout 10 \
--memory-size 1024
aws lambda add-permission \
--function-name encodeVideo \
--region us-east-1 \
--statement-id some-unique-id \
--action "lambda:InvokeFunction" \
--principal s3.amazonaws.com \
--source-arn arn:aws:s3:::**** \
--source-account ***********
Now i want to configure a S3-bucket that it will invoke the Lambda function automatically on every new object that was created.
For now i did this in AWS Console in web browser as one can see in the screenshot. But i want to be able to setup the whole scenario with CLI-commands. How can i do this?
I've figured out that it needs something like:
aws s3api put-bucket-notification-configuration --region us-east-1 \
--bucket **** \
--notification-configuration file://encodeVideoConfiguration.json
But i couldn't figure out what the content of encodeVideoConfiguration.json should be?
The document structure of --notification-configuration is described in detail at at AWS CLI docs for the same call:
{
"TopicConfigurations": [
{
"Id": "string",
"TopicArn": "string",
"Events": ["s3:ReducedRedundancyLostObject"|"s3:ObjectCreated:*"|"s3:ObjectCreated:Put"|"s3:ObjectCreated:Post"|"s3:ObjectCreated:Copy"|"s3:ObjectCreated:CompleteMultipartUpload"|"s3:ObjectRemoved:*"|"s3:ObjectRemoved:Delete"|"s3:ObjectRemoved:DeleteMarkerCreated", ...],
"Filter": {
"Key": {
"FilterRules": [
{
"Name": "prefix"|"suffix",
"Value": "string"
}
...
]
}
}
}
...
],
"QueueConfigurations": [
{
"Id": "string",
"QueueArn": "string",
"Events": ["s3:ReducedRedundancyLostObject"|"s3:ObjectCreated:*"|"s3:ObjectCreated:Put"|"s3:ObjectCreated:Post"|"s3:ObjectCreated:Copy"|"s3:ObjectCreated:CompleteMultipartUpload"|"s3:ObjectRemoved:*"|"s3:ObjectRemoved:Delete"|"s3:ObjectRemoved:DeleteMarkerCreated", ...],
"Filter": {
"Key": {
"FilterRules": [
{
"Name": "prefix"|"suffix",
"Value": "string"
}
...
]
}
}
}
...
],
"LambdaFunctionConfigurations": [
{
"Id": "string",
"LambdaFunctionArn": "string",
"Events": ["s3:ReducedRedundancyLostObject"|"s3:ObjectCreated:*"|"s3:ObjectCreated:Put"|"s3:ObjectCreated:Post"|"s3:ObjectCreated:Copy"|"s3:ObjectCreated:CompleteMultipartUpload"|"s3:ObjectRemoved:*"|"s3:ObjectRemoved:Delete"|"s3:ObjectRemoved:DeleteMarkerCreated", ...],
"Filter": {
"Key": {
"FilterRules": [
{
"Name": "prefix"|"suffix",
"Value": "string"
}
...
]
}
}
}
...
]
}
For your case, you'd just provide the LambdaFunctionConfigurations field of JSON structure.
This is the JSON configuration you want to create.
{
"LambdaFunctionConfigurations": [
{
"Id": "s3eventtriggerslambda",
"LambdaFunctionArn": "theactualarn",
"Events": ["s3:ObjectCreated:*"],
"Filter": {
"Key": {
"FilterRules": [
{
"Name": "suffix",
"Value": "thesuffix"
},
{
"Name": "prefix",
"Value": "theprefix"
}
]
}
}
}
]
}
Copy the above json to a file named "s3triggerlambdaconfig.json"
From aws cli:
aws s3api put-bucket-notification-configuration \
--bucket bucketname \
--notification-configuration file://s3triggerlambdaconfig.json
Example lambda arn will be like this - arn:aws:lambda:us-east-1:550060223145:function:lambda-function-test
Were you ever able to get this to work? I am looking for something very similar and so far have not been able to get it to work.
I want to trigger Lambda on s3 object add/delete and want to do it from the cli with the source bucket passed as an argument.