AWS Commands

# region and codes:

	https://awsregion.info/

configure my region?
aws configure
	$ aws configure
	AWS Access Key ID [****************CQU6]:
	AWS Secret Access Key [****************dmOQ]:
	Default region name [ap-south-1]:
	Default output format [json]:

aws config location
vi ~/.aws/config

verify
cat ~/.aws/config

Get my CLI version
aws --version
aws-cli/2.0.4 Python/3.7.4 Darwin/17.7.0 botocore/2.0.0dev8
aws-cli/1.16.260 Python/2.7.16 Darwin/17.7.0 botocore/1.12.250

How to uninstall AWS and install updated version?
which aws
    /usr/local/bin/aws

ls -l /usr/local/bin/aws

sudo rm /usr/local/bin/aws
sudo rm /usr/local/bin/aws_completer
sudo rm -rf /usr/local/aws-cli
    
    https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html#cliv2-mac-remove
    https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html#cliv2-mac-install-confirm

How to install AWS?

curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
sudo installer -pkg AWSCLIV2.pkg -target /

verify
aws-cli/2.0.4 Python/3.7.4 Darwin/17.7.0 botocore/2.0.0dev8

    https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html#cliv2-mac-remove

Get My region
aws configure get region

aws ecr get-login --region us-west-2 --no-include-email

aws ecr get-login --region ca-central-1 --no-include-email

Create VPCs
aws ec2 create-default-vpc

Describe VPCs
aws ec2 describe-vpcs

Create task-definition:
aws ecs register-task-definition --cli-input-json file://task-definition.json

Create security Group:
aws ec2 authorize-security-group-ingress --group-name circleci-flask-demo-sg --protocol tcp --port 1-65535 --source-group circleci-flask-demo-elb-sg

aws ecs register-task-definition --cli-input-json file://task-definition.json

aws ec2 describe-regions

aws ecs describe-task-definition --task-definition dev-kde20-rabbitmq:2
    https://docs.aws.amazon.com/cli/latest/reference/ecs/describe-task-definition.html

aws ecr describe-repositories

aws ecr describe-repositories --repository-name 943339394358.dkr.ecr.us-west-2.amazonaws.com/dev/kde2.0-api

aws ecr describe-images --repository-name amazonlinux
    https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-pull-ecr-image.html

aws configure get region
    https://stackoverflow.com/questions/31331788/using-aws-cli-what-is-best-way-to-determine-the-current-region

list ecs clusters
aws ecs list-clusters

delete cluster
aws ecs delete-cluster --cluster khemistry

more:
https://docs.aws.amazon.com/cli/latest/reference/ecr/index.html

aws ssm get-parameter-history

aws ssm get-parameters \
    --names "/KDE/Dev/Api/CENSHARE_CDN_BUCKET_NAME"
	
	Would get:
	{
	    "Parameters": [
	        {
	            "Name": "/KDE/Dev/Api/CENSHARE_CDN_BUCKET_NAME",
	            "Type": "String",
	            "Value": "kwikee",
	            "Version": 1,
	            "LastModifiedDate": "2020-04-15T12:18:19.234000-04:00",
	            "ARN": "arn:aws:ssm:us-east-1:943339394358:parameter/KDE/Dev/Api/CENSHARE_CDN_BUCKET_NAME"
	        }
	    ],
	    "InvalidParameters": []
	}



https://docs.aws.amazon.com/cli/latest/reference/ssm/get-parameters.html

# s3 commands

# download s3 file
aws s3api get-object --bucket scrapercentral-dev --key cache/armitage/20211015/00/0a/40/4a/0b/c7/a2/e6/af/0f/ce/c9/33/40/cd/44/000a404a0bc7a2e6af0fcec93340cd44.dar.gz abc.dar.gz

# copy s3 file to local
aws s3 cp s3://scrapercentral-dev/cache/armitage/20211015/00/0a/40/4a/0b/c7/a2/e6/af/0f/ce/c9/33/40/cd/44/000a404a0bc7a2e6af0fcec93340cd44.dar.gz a.gz

aws s3 cp s3://amazon-reviews-pds/tsv/amazon_reviews_us_Digital_Software_v1_00.tsv.gz .

#
Get My region
aws configure get region

#
Create task-definition:
aws ecs register-task-definition --cli-input-json file://task-definition.json

#
Create security Group:
aws ec2 authorize-security-group-ingress --group-name circleci-flask-demo-sg --protocol tcp --port 1-65535 --source-group circleci-flask-demo-elb-sg

aws configure list

      Name                    Value             Type    Location
      ----                    -----             ----    --------
   profile                <not set>             None    None
access_key     ****************QY5R shared-credentials-file
secret_key     ****************DHM1 shared-credentials-file
    region                us-east-2      config-file    ~/.aws/config

ec2-describe-instance

aws s3 ls
2022-04-26 09:50:06 scrapercentral-dev
2022-04-27 16:51:22 scrapercentral-external
2021-10-24 23:24:26 scrapercentral-frontend-dev
2021-10-24 23:24:42 scrapercentral-frontend-prod
2021-09-04 16:50:14 scrapercentral-prod

Give ec2 control as a policy

https://stackoverflow.com/questions/66172211/grant-read-only-iam-permission-to-ec2-resources-based-on-tag-using-custom-policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ec2-instance-connect:SendSSHPublicKey"
            ],
            "Resource": "arn:aws:ec2:*:7352673452763:instance/*",
            "Condition": {
                "StringEquals": {
                    "aws:ResourceTag/Project": "TestProject"
                }
            }
        },
        {
            "Effect": "Allow",
            "Action": "ec2:Describe*",
            "Resource": "*"
        }
    ]
}

When I upgraded my DB, it creates a new IP address

How to get the IP of DB?

ping <db_url>

dig A sc-aurora-dev-cluster.cluster-cdep7wseru0n.us-east-2.rds.amazonaws.com +short

Automation pending:

https://github.com/rajasgs/aws-cli-grep

aws --version
aws-cli/2.9.0 Python/3.9.11 Darwin/18.7.0 exe/x86_64 prompt/off

which aws
/usr/local/bin/aws

Run AWS Image pipeline:
    https://awscli.amazonaws.com/v2/documentation/api/latest/reference/imagebuilder/start-image-pipeline-execution.html

    aws imagebuilder start-image-pipeline-execution \
    --image-pipeline-arn arn:aws:imagebuilder:ca-central-1:723675304964:image-pipeline/rajalinuximagepipeline

        {
            "requestId": "a24daa7b-bb1c-4b25-92a7-26505eb86c00",
            "clientToken": "96dcbea7-9ffb-446b-b092-a4007f299514",
            "imageBuildVersionArn": "arn:aws:imagebuilder:ca-central-1:723675304964:image/rj-linux-image-recipe/1.0.0/4"
        }

List AWS EC2 Image pipelines
    aws imagebuilder list-image-pipelines

        {
            "requestId": "4204bee5-95ba-4f64-ab49-f399363b8c94",
            "imagePipelineList": [
                {
                    "arn": "arn:aws:imagebuilder:ca-central-1:723675304964:image-pipeline/rajalinuximagepipeline",
                    "name": "RajaLinuxImagePipeline",
                    "description": "Raja Linux Image Pipeline",
                    "platform": "Linux",
                    "enhancedImageMetadataEnabled": true,
                    "imageRecipeArn": "arn:aws:imagebuilder:ca-central-1:723675304964:image-recipe/rj-linux-image-recipe/1.0.0",
                    "infrastructureConfigurationArn": "arn:aws:imagebuilder:ca-central-1:723675304964:infrastructure-configuration/rj-linux-image-builder-8fb08f31-e6cf-4bfd-bef5-57a93236ebee",
                    "distributionConfigurationArn": "arn:aws:imagebuilder:ca-central-1:723675304964:distribution-configuration/rj-linux-image-builder-8fb08f31-e6cf-4bfd-bef5-57a93236ebee",
                    "imageTestsConfiguration": {
                        "imageTestsEnabled": true,
                        "timeoutMinutes": 720
                    },
                    "status": "ENABLED",
                    "dateCreated": "2022-11-22T02:11:04.820Z",
                    "dateUpdated": "2022-11-22T02:11:04.820Z",
                    "tags": {}
                }
            ]
        }

List image recipe:
    aws imagebuilder list-image-recipes
        {
            "requestId": "1e4d9be1-0267-4305-8a31-d1e30cad1f0f",
            "imageRecipeSummaryList": [
                {
                    "arn": "arn:aws:imagebuilder:ca-central-1:723675304964:image-recipe/rj-linux-image-recipe/1.0.0",
                    "name": "RJ-Linux-Image-Recipe",
                    "platform": "Linux",
                    "owner": "723675304964",
                    "parentImage": "arn:aws:imagebuilder:ca-central-1:aws:image/ubuntu-server-20-lts-x86/x.x.x",
                    "dateCreated": "2022-11-21T17:59:02.810Z",
                    "tags": {}
                }
            ]
        }

list images:
    aws imagebuilder list-images
        {
            "requestId": "a4e22ed2-9659-451e-8580-6e78407647c6",
            "imageVersionList": [
                {
                    "arn": "arn:aws:imagebuilder:ca-central-1:723675304964:image/rj-linux-image-recipe/1.0.0",
                    "name": "RJ-Linux-Image-Recipe",
                    "type": "AMI",
                    "version": "1.0.0",
                    "platform": "Linux",
                    "osVersion": "Ubuntu 20",
                    "owner": "723675304964",
                    "dateCreated": "2022-11-22T10:55:17.929Z",
                    "buildType": "USER_INITIATED"
                },
                {
                    "arn": "arn:aws:imagebuilder:ca-central-1:723675304964:image/rj-scraper-image-recipe/1.0.0",
                    "name": "rj-scraper-image-recipe",
                    "type": "AMI",
                    "version": "1.0.0",
                    "platform": "Linux",
                    "osVersion": "Amazon Linux 2",
                    "owner": "723675304964",
                    "dateCreated": "2022-11-21T10:37:08.369Z",
                    "buildType": "USER_INITIATED"
                }
            ]
        }

list keypairs
    aws ec2 describe-key-pairs
        {
            "KeyPairs": [
                {
                    "KeyPairId": "key-0838e6463d83e96f3",
                    "KeyFingerprint": "41:fb:9f:a2:02:4a:08:a8:1a:1d:38:47:20:7b:00:9e:5e:db:c2:39",
                    "KeyName": "rj-tester-key",
                    "KeyType": "rsa",
                    "Tags": [],
                    "CreateTime": "2022-08-25T01:20:24+00:00"
                }
            ]
        }

list security group ids
    aws ec2 describe-security-groups

        {
            "SecurityGroups": [
                {
                    "Description": "launch-wizard-1 created 2022-11-21T17:21:38.416Z",
                    "GroupName": "launch-wizard-1",
                    "IpPermissions": [
                        {
                            "FromPort": 22,
                            "IpProtocol": "tcp",
                            "IpRanges": [
                                {
                                    "CidrIp": "52.3.141.123/32"
                                }
                            ],
                            "Ipv6Ranges": [],
                            "PrefixListIds": [],
                            "ToPort": 22,
                            "UserIdGroupPairs": []
                        }
                    ],
                    "OwnerId": "723675304964",
                    "GroupId": "sg-0049271e54bfd052e",
                    "IpPermissionsEgress": [
                        {
                            "IpProtocol": "-1",
                            "IpRanges": [
                                {
                                    "CidrIp": "0.0.0.0/0"
                                }
                            ],
                            "Ipv6Ranges": [],
                            "PrefixListIds": [],
                            "UserIdGroupPairs": []
                        }
                    ],
                    "VpcId": "vpc-4ec5c326"
                },
                {
                    "Description": "RJ Tester SG",
                    "GroupName": "rj-tester-sg",
                    "IpPermissions": [
                        {
                            "FromPort": 22,
                            "IpProtocol": "tcp",
                            "IpRanges": [
                                {
                                    "CidrIp": "52.3.141.123/32"
                                }
                            ],
                            "Ipv6Ranges": [],
                            "PrefixListIds": [],
                            "ToPort": 22,
                            "UserIdGroupPairs": []
                        }
                    ],
                    "OwnerId": "723675304964",
                    "GroupId": "sg-0ed5b9b7488b55819",
                    "IpPermissionsEgress": [
                        {
                            "IpProtocol": "-1",
                            "IpRanges": [
                                {
                                    "CidrIp": "0.0.0.0/0"
                                }
                            ],
                            "Ipv6Ranges": [],
                            "PrefixListIds": [],
                            "UserIdGroupPairs": []
                        }
                    ],
                    "VpcId": "vpc-4ec5c326"
                }
            ]
        }



aws ec2 run-instances --image-id ami-04d38256e475591da --count 1 \
    --instance-type t2.micro --key-name rj-tester-key \
    --security-group-ids sg-0ed5b9b7488b55819

    https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/index.html

        {
            "Groups": [],
            "Instances": [
                {
                    "AmiLaunchIndex": 0,
                    "ImageId": "ami-04d38256e475591da",
                    "InstanceId": "i-00a0fe6eaf35227d6",
                    "InstanceType": "t2.micro",
                    "KeyName": "rj-tester-key",
                    "LaunchTime": "2022-11-22T12:01:03+00:00",
                    "Monitoring": {
                        "State": "disabled"
                    },
                    "Placement": {
                        "AvailabilityZone": "ca-central-1a",
                        "GroupName": "",
                        "Tenancy": "default"
                    },
                    "PrivateDnsName": "ip-172-31-20-125.ca-central-1.compute.internal",
                    "PrivateIpAddress": "172.31.20.125",
                    "ProductCodes": [],
                    "PublicDnsName": "",
                    "State": {
                        "Code": 0,
                        "Name": "pending"
                    },
                    "StateTransitionReason": "",
                    "SubnetId": "subnet-27ccf84f",
                    "VpcId": "vpc-4ec5c326",
                                "Architecture": "x86_64",
                    "BlockDeviceMappings": [],
                    "ClientToken": "5c82ad2a-4dbd-4002-9f41-3bde1962dbe2",
                    "EbsOptimized": false,
                    "EnaSupport": true,
                    "Hypervisor": "xen",
                    "NetworkInterfaces": [
                        {
                            "Attachment": {
                                "AttachTime": "2022-11-22T12:01:03+00:00",
                                "AttachmentId": "eni-attach-0c73ba1a2bf25278d",
                                "DeleteOnTermination": true,
                                "DeviceIndex": 0,
                                "Status": "attaching",
                                "NetworkCardIndex": 0
                            },
                            "Description": "",
                            "Groups": [
                                {
                                    "GroupName": "rj-tester-sg",
                                    "GroupId": "sg-0ed5b9b7488b55819"
                                }
                            ],
                            "Ipv6Addresses": [],
                            "MacAddress": "02:5b:25:ce:a2:54",
                            "NetworkInterfaceId": "eni-078b2e3a21136e959",
                            "OwnerId": "723675304964",
                            "PrivateDnsName": "ip-172-31-20-125.ca-central-1.compute.internal",
                            "PrivateIpAddress": "172.31.20.125",
                            "PrivateIpAddresses": [
                                {
                                    "Primary": true,
                                    "PrivateDnsName": "ip-172-31-20-125.ca-central-1.compute.internal",
                                    "PrivateIpAddress": "172.31.20.125"
                                }
                            ],
                            "SourceDestCheck": true,
                            "Status": "in-use",
                            "SubnetId": "subnet-27ccf84f",
                            "VpcId": "vpc-4ec5c326",
                            "InterfaceType": "interface"
                        }
                    ],
                    "RootDeviceName": "/dev/sda1",
                    "RootDeviceType": "ebs",
                    "SecurityGroups": [
                        {
                            "GroupName": "rj-tester-sg",
                            "GroupId": "sg-0ed5b9b7488b55819"
                        }
                    ],
                    "SourceDestCheck": true,
                    "StateReason": {
                        "Code": "pending",
                        "Message": "pending"
                    },
                    "VirtualizationType": "hvm",
                     "CpuOptions": {
                        "CoreCount": 1,
                        "ThreadsPerCore": 1
                    },
                    "CapacityReservationSpecification": {
                        "CapacityReservationPreference": "open"
                    },
                    "MetadataOptions": {
                        "State": "pending",
                        "HttpTokens": "optional",
                        "HttpPutResponseHopLimit": 1,
                        "HttpEndpoint": "enabled",
                        "HttpProtocolIpv6": "disabled",
                        "InstanceMetadataTags": "disabled"
                    },
                    "EnclaveOptions": {
                        "Enabled": false
                    },
                    "PrivateDnsNameOptions": {
                        "HostnameType": "ip-name",
                        "EnableResourceNameDnsARecord": false,
                        "EnableResourceNameDnsAAAARecord": false
                    },
                    "MaintenanceOptions": {
                        "AutoRecovery": "default"
                    }
                }
            ],
            "OwnerId": "723675304964",
            "ReservationId": "r-090762edd42cef59e"
        }

aws ec2 run-instances --image-id ami-04d38256e475591da --count 1 \
    --instance-type t2.micro --key-name rj-tester-key \
    --security-group-ids sg-0ed5b9b7488b55819
    --user-data file://my_script.txt

ssh -i "~/.ssh/rj-tester-key.pem" ubuntu@ec2-99-79-62-107.ca-central-1.compute.amazonaws.com

docker -v
Docker version 20.10.21, build baeda1f

Application Load Balancer

The Application Load Balancer distributes incoming HTTP and HTTPS traffic across multiple targets such as Amazon EC2 instances, microservices, and containers, based on request attributes. When the load balancer receives a connection request, it evaluates the listener rules in priority order to determine which rule to apply, and if applicable, it selects a target from the target group for the rule action.



Your client makes a request to your application.
The listeners in your load balancer receive requests matching the protocol and port that you configure.
The receiving listener evaluates the incoming request against the rules you specify, and if applicable, routes the request to the appropriate target group. You can use an HTTPS listener to offload the work of TLS encryption and decryption to your load balancer.
Healthy targets in one or more target groups receive traffic based on the load balancing algorithm, and the routing rules you specify in the listener.

https://stackoverflow.com/questions/31331788/using-aws-cli-what-is-best-way-to-determine-the-current-region

aws configure get region

aws ec2 describe-availability-zones


echo $AWS_DEFAULT_REGION

export AWS_DEFAULT_REGION=us-east-2

PreviousDevOps Tasks NextAWS IAM Policies

Last updated 1 year ago

Was this helpful?