I'd like to delete all AMIs that my own and they are non-shared.
Eg:
$aws ec2 describe-images --executable-users 804427628951
This will list all images by user 804427628951 with explicit launch permissions. But I don't know how to list all non-shared AMI. Could you please help?
Thanks.
You can list all of your own Amazon Machine Images (AMIs) with the command:
aws ec2 describe-images --filters Name=image-type,Values=machine Name=owner-id,Values=YOUR_ACCOUNT_ID
Within the output, private images will be shown as "Public": false.
You could also show only private images:
aws ec2 describe-images --filters Name=image-type,Values=machine Name=is-public,Values=false Name=owner-id,Values=YOUR_ACCOUNT_ID
You can list AMIs that are in an account and how they are shared using a combination of aws ec2 describe-images and aws ec2 describe-image-attribute. The latter can return the launchPermission element which is a list of accounts that the AMI is shared with. Combining the two allows you to iterate over all images and count how many times they are shared as follows:
for ami in $(aws ec2 describe-images --owners self | jq -r '.Images[].ImageId')
do aws ec2 describe-image-attribute --image-id $ami --attribute 'launchPermission' | \
jq '.ImageId + " - " + ([.LaunchPermissions[]]|length|tostring)'
done
In your case you're only interested in the unshared images so you might want to do this:
for ami in $(aws ec2 describe-images --owners self | jq -r '.Images[].ImageId')
do
ct=$(aws ec2 describe-image-attribute --image-id $ami --attribute 'launchPermission' | \
jq '[.LaunchPermissions[]]|length')
if [ 0 -eq $ct ]; then echo $ami; fi
done
Related
In AWS Backup, I have created a resource assignment to a backup-plan, which targets all EC2 instances.
The ARN prefix looks like this:
arn:aws:ec2:*:*:instance/*
How can I list all instances that match an ARN prefix? Either in AWS Cloudshell or with the aws cli?
I think you can try using ec2's describe-instances cli command and run it over all AWS regions :
for region in `aws ec2 describe-regions --output text | cut -f3`
do
echo -e "\nListing Instances in region:'$region'..."
aws ec2 describe-instances --region $region
done
Using below AWS CLI command, I am able to fetch recently created AMI ID by sorting CreationDate.
aws ec2 describe-images --owners 1234567890 --filters 'Name=name,Values=*AMI*' 'Name=state,Values=available' --output json | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId'
I also wanted to get the second last AMI ID using AWS CLI. Could someone help me out on this?
You can use indices, like in python ([-2]):
aws ec2 describe-images --owners 1234567890 --filters 'Name=name,Values=*AMI*' 'Name=state,Values=available' --output json | jq -r '.Images | sort_by(.CreationDate)[-2].ImageId'
This command lists hundreds of windows servers. How do I select the most popular ones those are displayed on web console while I create a new instance?
# aws ec2 describe-images --owners amazon --filters "Name=name,Values=Windows_Server*" --query 'sort_by(Images, &CreationDate)[].Name'
[
"Windows_Server-2016-English-Full-ECS_Optimized-2017.11.24",
"Windows_Server-2016-English-Full-ECS_Optimized-2018.01.10",
"Windows_Server-2016-English-Full-ECS_Optimized-2018.02.21",
"Windows_Server-2016-English-Full-ECS_Optimized-2018.03.26",
"Windows_Server-2016-English-Nano-Base-2018.04.11",
...
...
]
I am looking for the full name and not just the ami-id.
For e.g. which one of the above is "ami-04ca2d0801450d495"?
The DescribeImages API call returns the name of the AMI along with the rest of the info. To extract just the name of the AMI, you can run the following command:
aws ec2 describe-images --image-ids $IMAGE_ID \
--output text --query 'Images[*].Name'
Details about the describe-images command can be found here.
This command will return the full name of the given ami ID
aws ssm get-parameters-by-path --path "/aws/service/ami-windows-latest" --region us-east-1 | grep -C3 '04ca2d0801450d495'
I can use the following to list all Amazon Windows EC2 instances. How do I list Linux instances?
aws ec2 describe-images --owners self amazon --filters "Name=root-device-type,Values=ebs" "Name=platform,Values!=windows"
I think you can use the below to list all instances with platform type, then filter by platform type.
for region in `aws ec2 describe-regions --output text | cut -f2|awk -F. '{print $2}'`; do echo -e "\nInstances in: '$region':"; aws ec2 describe-instances --query 'Reservations[*].Instances[*].[InstanceId,Platform]' --output text --region $region; done;
Platform type "None" indicates the Linux.
I want to run aws ec2 describe-instances looking for any instances without a VpcId property (those in ec2-classic)
How can I return ec2-classic instances using either the --query flag or JMESPath expression to get results without a VpcId?
This cli command will list all the instances which doesn't have VpcId.
aws ec2 describe-instances --region us-east-1 --query 'Reservations[*].Instances[?!not_null(VpcId)] | [].[InstanceId]' --output text
You can tweak the same to list all instances which has VpcId.
aws ec2 describe-instances --region us-east-1 --query 'Reservations[*].Instances[?not_null(VpcId)] | [].[InstanceId]' --output text
One approach is to query all instances and look for entries that do not have a SubnetId. The following CLI lists the EC2 classic instances. You can change the --query option to get the attributes you want.
aws ec2 describe-instances --query 'Reservations[].Instances[].[InstanceId, Tags[?Key==`Name`].Value | [0], State.Name, SubnetId]' --output text | grep -v subnet
Output
i-123456789abcdef01 MyClassicRunning running None
i-123456789abcdef23 MyClassicStopped stopped None