AWS Elastic Compute Cloud (EC2) CLI
Key-pair Create/Delete
Begin with:
export AWS_PROFILE=default
Create the key-pair:
aws ec2 create-key-pair --key-name _name_ --key-type ed25519 \
--query "KeyMaterial" --output text > _name_.pem
then:
chmod 400 _name_.pem
To create a .pub public key from .pem:
ssh-keygen -y -f _name_.pem > _name_.pub
Delete the key-pair:
aws ec2 delete-key-pair --key-name _name_
Instances
aws ec2 describe-instances --instance-ids _id_
A more practical approach:
- Define a shell alias function:
#
# add this to you .zshprofile
#
function refresh_ec2_instances()
{
okta-aws default sts get-caller-identity > /dev/null
aws ec2 describe-instances --region=us-east-1 \
--query 'Reservations[*].Instances[*].{Id:InstanceId,Name:Tags[?Key==`Name`]|[0].Value,Image:ImageId,Type:InstanceType,VPC:VpcId,AZ:Placement.AvailabilityZone,Subnet:SubnetId,PriIP\
:PrivateIpAddress,PubIP:PublicIpAddress,IAM:IamInstanceProfile.Arn,Launched:LaunchTime,State:State.Name}' \
--output table | sed -e 's/arn:.*\///' > $HOME/.ec2instances.txt
echo "$HOME/.ec2instances.txt updated"
}
-
Call this function at shell prompt to update
~/.ec2instances.txt -
Search the
~/.ec2instances.txtfor IPs
# find IPs of instances of interest:
grep _name_ ~/.ec2instances.txt | awk -F\| '{print $8}'| sed 'H;1h;$!d;x;y/\n/,/'| sed 's/ //g'
To execute command on multiple instances, e.g. sudo docker ps -a :
pdsh -w $(grep _name_ ~/.ec2instances.txt | awk -F\| '{print $8}' | sed 'H;1h;$!d;x;y/\n/,/' | sed -e 's/ //g') 'sudo docker ps -a '
TBD
Find the instance by an IP:
aws ec2 describe-instances --filter Name=private-ip-address,Values=$ip
Find the instance by name:
aws ec2 describe-instances --filter Name=tag:Name,Values=$name
Auto Scaling Group
Special case for instance termination when the instance belongs to an ASG - use terminate-instance-in-auto-scaling-group - you also need to specify whether desired capacity should be changed.
aws autoscaling terminate-instance-in-auto-scaling-group --instance-id _id_ --should-decrement-desired-capacity
Transit Gateways
aws ec2 describe-transit-gateways
and then delete-transit-gateway
aws ec2 delete-transit-gateway --transit-gateway-id <value>
Route Tables vs Transit Gateway Route Tables
Note that describe-route-tables and describe-transit-gateway-route-tables operate on different types of objects!
aws ec2 describe-route-tables
aws ec2 describe-transit-gateway-route-tables --transit-gateway-route-table-ids _id_
Transit Gateway Attachment, VPC vs Peering
describe-transit-gateway-attachments
aws ec2 describe-transit-gateway-attachments
and then [delete-transit-gateway-vpc-attachment]
aws ec2 delete-transit-gateway-vpc-attachment --transit-gateway-attachment-id _id_
To locate attachments to a TGW by id:
aws ec2 describe-transit-gateway-attachments --filters Name=transit-gateway-id,Values=_id_
VPCs
aws ec2 describe-vpcs
then delete-vpc only after you delete all the gateways and resources associated with the VPC.
aws ec2 delete-vpc --vpc-id _id_
finding VPC dependencies see vpc-describe.sh
Subnets
aws ec2 describe-subnets
then delete-subnet
aws ec2 delete-subnet --subnet-id _id_
Find Load Balancer IP
From https://repost.aws/knowledge-center/elb-find-load-balancer-ip
aws ec2 describe-network-interfaces \
--filters Name=description,Values="ELB elb-name" \
--query 'NetworkInterfaces[*].PrivateIpAddresses[*].PrivateIpAddress' \
--output text