├── .DS_Store ├── .github └── workflows │ └── publish.yml ├── .nojekyll ├── CNAME ├── README.md ├── _static ├── aws-jq.png └── favicon.ico ├── _templates ├── breadcrumbs.html └── footer.html ├── acm.rst ├── amplify.rst ├── apigw.rst ├── build.sh ├── ce.rst ├── cloudfront.rst ├── cloudwatch.rst ├── cognito.rst ├── conf.py ├── dynamodb.rst ├── ec2.rst ├── ecr.rst ├── efs.rst ├── eks.rst ├── elasticache.rst ├── elb.rst ├── iam.rst ├── index.rst ├── lambda.rst ├── opensearch.rst ├── rds.rst ├── requirements.txt ├── route53.rst ├── s3.rst ├── ses.rst ├── sns.rst ├── sqs.rst └── wafv2.rst /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mdminhazulhaque/aws-cli-cheatsheet/47c86151372ad4b2085d0a6f636a881ae9a5c7b9/.DS_Store -------------------------------------------------------------------------------- /.github/workflows/publish.yml: -------------------------------------------------------------------------------- 1 | name: Publish 2 | on: 3 | push: 4 | permissions: 5 | contents: read 6 | pages: write 7 | id-token: write 8 | jobs: 9 | deploy: 10 | environment: 11 | name: github-pages 12 | url: ${{ steps.deployment.outputs.page_url }} 13 | runs-on: ubuntu-latest 14 | steps: 15 | - name: Checkout 16 | uses: actions/checkout@v4 17 | - name: Setup Pages 18 | uses: actions/configure-pages@v4 19 | - name: Setup Python3 20 | uses: actions/setup-python@v2 21 | with: 22 | python-version: '3.x' 23 | - name: Install Sphinx 24 | run: | 25 | pip install -r requirements.txt 26 | - name: Build Pages 27 | run: python -msphinx . docs 28 | - name: Upload artifact 29 | uses: actions/upload-pages-artifact@v3 30 | with: 31 | path: docs 32 | - name: Deploy to GitHub Pages 33 | id: deployment 34 | uses: actions/deploy-pages@v4 35 | -------------------------------------------------------------------------------- /.nojekyll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mdminhazulhaque/aws-cli-cheatsheet/47c86151372ad4b2085d0a6f636a881ae9a5c7b9/.nojekyll -------------------------------------------------------------------------------- /CNAME: -------------------------------------------------------------------------------- 1 | aws-jq.mdminhazulhaque.io 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # AWS CLI Cheatsheet 2 | 3 | Supercharge your daily acitivities related to AWS cloud using the combination of AWS CLI and JQ. 4 | 5 | Visit [aws-cli-cheatsheet.mdminhazulhaque.io](https://aws-cli-cheatsheet.mdminhazulhaque.io) 6 | -------------------------------------------------------------------------------- /_static/aws-jq.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mdminhazulhaque/aws-cli-cheatsheet/47c86151372ad4b2085d0a6f636a881ae9a5c7b9/_static/aws-jq.png -------------------------------------------------------------------------------- /_static/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mdminhazulhaque/aws-cli-cheatsheet/47c86151372ad4b2085d0a6f636a881ae9a5c7b9/_static/favicon.ico -------------------------------------------------------------------------------- /_templates/breadcrumbs.html: -------------------------------------------------------------------------------- 1 | {%- extends "sphinx_rtd_theme/breadcrumbs.html" %} 2 | {% block breadcrumbs_aside %} 3 |
  • 4 | View on GitHub 5 |
    • 6 | {% endblock %} 7 | -------------------------------------------------------------------------------- /_templates/footer.html: -------------------------------------------------------------------------------- 1 | {%- extends "sphinx_rtd_theme/footer.html" %} 2 | 3 | {%- block contentinfo %} 4 |

    © Copyright 2025, Md Minhazul Haque

    5 | {%- endblock %} 6 | -------------------------------------------------------------------------------- /acm.rst: -------------------------------------------------------------------------------- 1 | ACM 2 | === 3 | 4 | List Certificate ARNs and DomainName 5 | ------------------------------------ 6 | 7 | .. code:: bash 8 | 9 | aws acm list-certificates | jq -r '.CertificateSummaryList[] | .CertificateArn+" "+.DomainName' 10 | 11 | .. code:: ini 12 | 13 | arn:aws:acm:ap-southeast-1:987654321:certificate/88c10c4e-a0ba-41e9-bbd4-734e0191e363 *.example.com 14 | -------------------------------------------------------------------------------- /amplify.rst: -------------------------------------------------------------------------------- 1 | Amplify 2 | ======= 3 | 4 | List of Amplify Apps and Source Repositories 5 | -------------------------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws amplify list-apps | jq -r '.apps[] | .name+" "+.defaultDomain+" "+.repository' 10 | 11 | .. code:: ini 12 | 13 | fe-vn d9d5bb1e3c281f.amplifyapp.com https://bitbucket.org/aws/frontend-vn 14 | fe-hk db64e7e9b3cc22.amplifyapp.com https://bitbucket.org/aws/frontend-hk 15 | fe-sg d5e3221cf8b921.amplifyapp.com https://bitbucket.org/aws/frontend-sg 16 | -------------------------------------------------------------------------------- /apigw.rst: -------------------------------------------------------------------------------- 1 | API Gateway 2 | =========== 3 | 4 | List of API Gateway IDs and Names 5 | --------------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws apigateway get-rest-apis | jq -r '.items[] | .id+" "+.name' 10 | 11 | .. code:: ini 12 | 13 | 5e3221cf8 backend-api 14 | 69ef7d4c8 frontend-api 15 | bb1e3c281 partner-api 16 | f99796943 internal-crm-api 17 | ee86b4cde import-data-api 18 | 19 | Delete API Gateway 20 | ------------------ 21 | 22 | .. code:: bash 23 | 24 | aws apigateway delete-rest-api --rest-api-id ee86b4cde 25 | 26 | List of API Gateway Keys 27 | ------------------------ 28 | 29 | .. code:: bash 30 | 31 | aws apigateway get-api-keys | jq -r '.items[] | .id+" "+.name' 32 | 33 | .. code:: ini 34 | 35 | ee86b4cde backend-api-key 36 | 69ef7d4c8 partner-api-key 37 | 38 | List API Gateway Domain Names 39 | ----------------------------- 40 | 41 | .. code:: bash 42 | 43 | aws apigateway get-domain-names | jq -r '.items[] | .domainName+" "+.regionalDomainName' 44 | 45 | .. code:: ini 46 | 47 | backend-api.mdminhazulhaque.io d-ee86b4cde.execute-api.ap-southeast-1.amazonaws.com 48 | frontend-api.mdminhazulhaque.io d-bb1e3c281.execute-api.ap-southeast-1.amazonaws.com 49 | 50 | List of Resources for Specific API Gateway 51 | ------------------------------------------ 52 | 53 | .. code:: bash 54 | 55 | aws apigateway get-resources --rest-api-id ee86b4cde | jq -r '.items[] | .id+" "+.path' 56 | 57 | .. code:: ini 58 | 59 | 8c2d1097e /v1/{proxy+} 60 | bb4aabda1 /v2/{proxy+} 61 | e44504cde /health 62 | 69ef7d4c8 / 63 | 64 | Find Function for Specific API Gateway Resource 65 | ----------------------------------------------- 66 | 67 | .. code:: bash 68 | 69 | aws apigateway get-integration --rest-api-id ee86b4cde --resource-id 69ef7d4c8 --http-method GET | jq -r '.uri' 70 | 71 | .. code:: ini 72 | 73 | arn:aws:lambda:ap-southeast-1:987654321:function:backend-api-function-5d4daa47fe4a2:live/invocations 74 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | rm -rf docs 4 | sphinx-build . docs 5 | -------------------------------------------------------------------------------- /ce.rst: -------------------------------------------------------------------------------- 1 | Cost Explorer 2 | ============= 3 | 4 | Get Cost by Month 5 | ----------------- 6 | 7 | .. code:: bash 8 | 9 | aws ce get-cost-and-usage --granularity MONTHLY --metrics BlendedCost \ 10 | --time-period Start=2023-10-01,End=2023-12-31 | \ 11 | jq '.ResultsByTime[]|.TimePeriod.Start+" "+.Total.BlendedCost.Amount' 12 | 13 | .. code:: ini 14 | 15 | 2023-10-01 1000.000000 16 | 2023-11-01 2000.000000 17 | 2023-12-01 3000.000000 -------------------------------------------------------------------------------- /cloudfront.rst: -------------------------------------------------------------------------------- 1 | CloudFront 2 | ========== 3 | 4 | List Distributions and Origins 5 | ------------------------------ 6 | 7 | .. code:: bash 8 | 9 | aws cloudfront list-distributions | jq -r '.DistributionList.Items[] | .DomainName+" "+.Origins.Items[0].DomainName' 10 | 11 | .. code:: ini 12 | 13 | d9d5bb1e3c281f.cloudfront.net frontend-prod-hk.s3.amazonaws.com 14 | d12b09e8a0a996.cloudfront.net frontend-prod-vn.s3.amazonaws.com 15 | db64e7e9b3cc22.cloudfront.net frontend-prod-sg.s3.amazonaws.com 16 | d5e3221cf8b921.cloudfront.net cdn.mdminhazulhaque.io 17 | 18 | Create Cache Invalidation 19 | ------------------------- 20 | 21 | .. code:: bash 22 | 23 | aws cloudfront create-invalidation --distribution-id D12B09E8A0A996 --path '/blog/*' '/blog/assets/*' | jq -r '.Invalidation.Id' 24 | 25 | .. code:: ini 26 | 27 | IALJ5AL93ZD79 28 | 29 | Check Cache Invalidation Status 30 | ------------------------------- 31 | 32 | .. code:: bash 33 | 34 | aws cloudfront get-invalidation --distribution-id D12B09E8A0A996 --id IALJ5AL93ZD79 | jq -r '.Invalidation.Status' 35 | 36 | .. code:: ini 37 | 38 | Completed 39 | -------------------------------------------------------------------------------- /cloudwatch.rst: -------------------------------------------------------------------------------- 1 | Cloudwatch 2 | ========== 3 | 4 | List Alarms and Status 5 | ---------------------- 6 | 7 | .. code:: bash 8 | 9 | aws cloudwatch describe-alarms | jq -r '.MetricAlarms[] | .AlarmName+" "+.Namespace+" "+.StateValue' 10 | 11 | .. code:: ini 12 | 13 | backend-autoscale AWS/EC2 OK 14 | backend-lb AWS/ApplicationELB OK 15 | partner-hk AWS/ECS ALARM 16 | partner-vn AWS/ECS ALARM 17 | partner-sg AWS/ECS ALARM 18 | userdata-read AWS/DynamoDB OK 19 | userdata-write AWS/DynamoDB OK 20 | 21 | Create Alarm on High CPUUtilization 22 | ----------------------------------- 23 | 24 | .. code:: bash 25 | 26 | aws cloudwatch put-metric-alarm --alarm-name high-cpu-usage --alarm-description "Alarm when CPU exceeds 70 percent" --metric-name CPUUtilization --namespace AWS/EC2 --statistic Average --period 300 --threshold 70 --comparison-operator GreaterThanThreshold --dimensions "Name=InstanceId,Value=i-123456789" --evaluation-periods 2 --alarm-actions arn:aws:sns:ap-southeast-1:987654321:System-Alerts --unit Percent 27 | 28 | Create Alarm on StatusCheckFailed_Instance 29 | ------------------------------------------ 30 | 31 | .. code:: bash 32 | 33 | aws cloudwatch put-metric-alarm --alarm-name EC2-StatusCheckFailed-AppServer --alarm-description "EC2 StatusCheckFailed for AppServer" --metric-name StatusCheckFailed_Instance --namespace AWS/EC2 --statistic Average --period 60 --threshold 0 --comparison-operator GreaterThanThreshold --dimensions "Name=InstanceId,Value=i-123456789" --evaluation-periods 3 --alarm-actions arn:aws:sns:ap-southeast-1:987654321:System-Alerts --unit Count 34 | -------------------------------------------------------------------------------- /cognito.rst: -------------------------------------------------------------------------------- 1 | Cognito 2 | ======= 3 | 4 | List User Pools and Names 5 | ------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws cognito-idp list-user-pools --max-results 60 | jq -r '.UserPools[] | .Id+" "+.Name' 10 | 11 | .. code:: ini 12 | 13 | ap-southeast-1_b6da07d35 prod-users 14 | ap-southeast-1_b6da07d34 dev-users 15 | 16 | List Phone and Email of All Users 17 | --------------------------------- 18 | 19 | .. code:: bash 20 | 21 | aws cognito-idp list-users --user-pool-id ap-southeast-1_b6da07d35 | jq -r '.Users[].Attributes | from_entries | .sub + " " + .phone_number + " " + .email' 22 | 23 | .. code:: ini 24 | 25 | 585fb96e-525c-4f9b-9d41-865d2dffde9b +601122334455 admin@mdminhazulhaque.io 26 | 71f2778c-8e21-4775-94dc-e363c77d1ae1 +601122334455 foo@bar.com 27 | 8fc1882e-e661-49db-88e6-45d370bc352a +601122334455 cli@aws.com 28 | -------------------------------------------------------------------------------- /conf.py: -------------------------------------------------------------------------------- 1 | project = 'aws-cli-cheatsheet' 2 | copyright = '2025, Md Minhazul Haque' 3 | author = 'Md Minhazul Haque' 4 | 5 | extensions = [ 6 | 'sphinx_rtd_theme', 7 | 'sphinxemoji.sphinxemoji', 8 | 'sphinxext.opengraph', 9 | 'sphinx_favicon', 10 | ] 11 | 12 | templates_path = ['_templates'] 13 | exclude_patterns = ['build.sh', '.github/*', 'env/*', 'requirements.txt'] 14 | 15 | html_theme = 'sphinx_rtd_theme' 16 | html_static_path = ['_static'] 17 | html_extra_path = ['CNAME', '.nojekyll'] 18 | 19 | favicons = [ 20 | {"href": "favicon.ico"}, 21 | ] 22 | 23 | ogp_image = "/_static/aws-jq.png" 24 | -------------------------------------------------------------------------------- /dynamodb.rst: -------------------------------------------------------------------------------- 1 | DynamoDB 2 | ======== 3 | 4 | List Tables 5 | ----------- 6 | 7 | .. code:: bash 8 | 9 | aws dynamodb list-tables | jq -r .TableNames[] 10 | 11 | .. code:: ini 12 | 13 | userdata_hk 14 | userdata_vn 15 | userdata_sg 16 | providers 17 | events 18 | 19 | Get All Items from a Table 20 | -------------------------- 21 | 22 | |:warning:| This command will stream ALL items untill SIGINT is sent 23 | 24 | .. code:: bash 25 | 26 | aws dynamodb scan --table-name events 27 | 28 | Get Item Count from a Table 29 | --------------------------- 30 | 31 | .. code:: bash 32 | 33 | aws dynamodb scan --table-name events --select COUNT | jq .ScannedCount 34 | 35 | .. code:: ini 36 | 37 | 726119 38 | 39 | Get Item using Key 40 | ------------------ 41 | 42 | .. code:: bash 43 | 44 | aws dynamodb get-item --table-name events --key '{"email": {"S": "admin@mdminhazulhaque.io"}}' 45 | 46 | .. code:: json 47 | 48 | { 49 | "Item": { 50 | "email": { 51 | "S": "admin@mdminhazulhaque.io" 52 | }, 53 | "created_at": { 54 | "N": "1554780667296" 55 | }, 56 | "event_type": { 57 | "S": "DISPATCHED" 58 | } 59 | } 60 | } 61 | 62 | Get Specific Fields from an Item 63 | -------------------------------- 64 | 65 | .. code:: bash 66 | 67 | aws dynamodb get-item --table-name events --key '{"email": {"S": "admin@mdminhazulhaque.io"}}' --attributes-to-get event_type 68 | 69 | .. code:: json 70 | 71 | { 72 | "Item": { 73 | "event_type": { 74 | "S": "DISPATCHED" 75 | } 76 | } 77 | } 78 | 79 | Delete Item using Key 80 | --------------------- 81 | 82 | .. code:: bash 83 | 84 | aws dynamodb delete-item --table-name events --key '{"email": {"S": "admin@mdminhazulhaque.io"}}' -------------------------------------------------------------------------------- /ec2.rst: -------------------------------------------------------------------------------- 1 | EC2 2 | === 3 | 4 | List Instance ID, Type and Name 5 | ------------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws ec2 describe-instances | jq -r '.Reservations[].Instances[]|.InstanceId+" "+.InstanceType+" "+(.Tags[] | select(.Key == "Name").Value)' 10 | 11 | .. code:: ini 12 | 13 | i-0f112d652ecf13dac c3.xlarge fisher.com 14 | i-0b3b5128445a332db t2.nano robinson.com 15 | i-0d1c1cf4e980ac593 t2.micro nolan.com 16 | i-004ee6b792c3b6914 t2.nano grimes-green.net 17 | i-00f11e8e33c971058 t2.nano garrett.com 18 | 19 | List Instances with Public IP Address and Name 20 | ---------------------------------------------- 21 | 22 | |:arrow_right:| Tip: You can directly put this into your ``/etc/hosts`` 23 | 24 | .. code:: bash 25 | 26 | aws ec2 describe-instances --query 'Reservations[*].Instances[?not_null(PublicIpAddress)]' | jq -r '.[][]|.PublicIpAddress+" "+(.Tags[]|select(.Key=="Name").Value)' 27 | 28 | .. code:: ini 29 | 30 | 223.64.72.64 fisher.com 31 | 198.82.207.161 robinson.com 32 | 182.139.20.233 nolan.com 33 | 153.134.83.44 grimes-green.net 34 | 202.32.63.121 garrett.com 35 | 36 | List Instances with Specific Tag 37 | -------------------------------- 38 | 39 | .. code:: bash 40 | 41 | aws ec2 describe-instances | jq -r '.Reservations[].Instances[] | select(.Tags[] | .Value == "my-project-name") | .InstanceId' 42 | 43 | .. code:: ini 44 | 45 | i-0f112d652ecf13dac 46 | i-0b3b5128445a332db 47 | i-0d1c1cf4e980ac593 48 | 49 | Tag Instances 50 | ------------- 51 | 52 | .. code:: bash 53 | 54 | aws ec2 create-tags --resources i-0f112d652ecf13dac --tags Key=environment,Value=prod 55 | 56 | List VPCs with CIDR IP Block 57 | ---------------------------- 58 | 59 | .. code:: bash 60 | 61 | aws ec2 describe-vpcs | jq -r '.Vpcs[]|.VpcId+" "+(.Tags[]|select(.Key=="Name").Value)+" "+.CidrBlock' 62 | 63 | .. code:: ini 64 | 65 | vpc-0d1c1cf4e980ac593 frontend-vpc 10.0.0.0/16 66 | vpc-00f11e8e33c971058 backend-vpc 172.31.0.0/16 67 | 68 | List Subnets under a VPC 69 | ------------------------ 70 | 71 | .. code:: bash 72 | 73 | aws ec2 describe-subnets --filter Name=vpc-id,Values=vpc-0d1c1cf4e980ac593 | jq -r '.Subnets[]|.SubnetId+" "+.CidrBlock+" "+(.Tags[]|select(.Key=="Name").Value)' 74 | 75 | .. code:: ini 76 | 77 | subnet-0dae5d4daa47fe4a2 10.0.128.0/20 Public Subnet 1 78 | subnet-0641a25faccb01f0f 10.0.32.0/19 Private Subnet 2 79 | subnet-09fb8038641f1f36f 10.0.0.0/19 Private Subnet 1 80 | subnet-02a63c67684d8deed 10.0.144.0/20 Public Subnet 2 81 | 82 | List Security Groups 83 | ----------------------- 84 | 85 | .. code:: bash 86 | 87 | aws ec2 describe-security-groups | jq -r '.SecurityGroups[]|.GroupId+" "+.GroupName' 88 | 89 | .. code:: ini 90 | 91 | sg-02a63c67684d8deed backend-db 92 | sg-0dae5d4daa47fe4a2 backend-redis 93 | sg-0a56bff7b12264282 frontend-lb 94 | sg-0641a25faccb01f0f frontend-https 95 | sg-09fb8038641f1f36f internal-ssh 96 | 97 | List Security Groups for an Instance 98 | ------------------------------------ 99 | 100 | .. code:: bash 101 | 102 | aws ec2 describe-instances --instance-ids i-0dae5d4daa47fe4a2 | jq -r '.Reservations[].Instances[].SecurityGroups[]|.GroupId+" "+.GroupName' 103 | 104 | .. code:: ini 105 | 106 | sg-02a63c67684d8deed backend-db 107 | sg-0dae5d4daa47fe4a2 backend-redis 108 | 109 | Assign Security Groups to an Instance 110 | ------------------------------------- 111 | 112 | |:arrow_right:| You have to provide existing Security Group IDs as well 113 | 114 | .. code:: bash 115 | 116 | aws ec2 modify-instance-attribute --instance-id i-0dae5d4daa47fe4a2 --groups sg-02a63c67684d8deed sg-0dae5d4daa47fe4a2 117 | 118 | List Security Group Rules in FromAddress/ToPort Format 119 | ------------------------------------------------------ 120 | 121 | .. code:: bash 122 | 123 | aws ec2 describe-security-groups --group-ids sg-02a63c67684d8deed | jq -r '.SecurityGroups[].IpPermissions[]|. as $parent|(.IpRanges[].CidrIp+" "+($parent.ToPort|tostring))' 124 | 125 | .. code:: ini 126 | 127 | 223.64.72.64/32 3306 128 | 198.82.207.161/32 3306 129 | 168.244.58.160/32 3306 130 | 202.0.149.202/32 3306 131 | 212.143.80.102/32 3306 132 | 133 | Add Rule to Security Group 134 | -------------------------- 135 | 136 | .. code:: bash 137 | 138 | aws ec2 authorize-security-group-ingress --group-id sg-02a63c67684d8deed --protocol tcp --port 443 --cidr 35.0.0.1/24 139 | 140 | Remove Rule from Security Group 141 | ------------------------------- 142 | 143 | .. code:: bash 144 | 145 | aws ec2 revoke-security-group-ingress --group-id sg-02a63c67684d8deed --protocol tcp --port 443 --cidr 35.0.0.1/24 146 | 147 | Modify Rules of Security Group 148 | ------------------------------ 149 | 150 | |:arrow_right:| You have to provide All previous rules as well 151 | 152 | .. code:: bash 153 | 154 | aws ec2 update-security-group-rule-descriptions-ingress --group-id sg-02a63c67684d8deed --ip-permissions 'ToPort=443,IpProtocol=tcp,IpRanges=[{CidrIp=202.171.186.133/32,Description=Home}]' 155 | 156 | Delete Security Group 157 | --------------------- 158 | 159 | .. code:: bash 160 | 161 | aws ec2 delete-security-group --group-id sg-02a63c67684d8deed 162 | 163 | -------------------------------------------------------------------------------- /ecr.rst: -------------------------------------------------------------------------------- 1 | ECR 2 | === 3 | 4 | List Repositories 5 | ----------------- 6 | 7 | .. code:: bash 8 | 9 | aws ecr describe-repositories | jq -r '.repositories[] | .repositoryName' 10 | 11 | .. code:: ini 12 | 13 | prod-web-api 14 | prod-frontend 15 | 16 | List Images from a Repository 17 | ----------------------------- 18 | 19 | .. code:: bash 20 | 21 | aws ecr list-images --repository prod-web-api | jq -r '.imageIds[] | .imageTag' 22 | 23 | .. code:: ini 24 | 25 | prod-api:v101 26 | prod-api:v102 27 | prod-api:v103 28 | prod-api:v104 29 | prod-api:v105 -------------------------------------------------------------------------------- /efs.rst: -------------------------------------------------------------------------------- 1 | EFS 2 | === 3 | 4 | List of Filesystems 5 | ------------------- 6 | 7 | .. code:: bash 8 | 9 | aws efs describe-file-systems | jq -r '.FileSystems[] | .FileSystemId + " " + .Name' 10 | 11 | .. code:: ini 12 | 13 | fs-1894c355 production-images 14 | fs-964dc315 production-docs 15 | fs-257dc779 production-export 16 | -------------------------------------------------------------------------------- /eks.rst: -------------------------------------------------------------------------------- 1 | EKS 2 | === 3 | 4 | List Clusters 5 | ------------- 6 | 7 | .. code:: bash 8 | 9 | aws eks list-clusters | jq -r .clusters[] 10 | 11 | .. code:: ini 12 | 13 | devtest 14 | mobileapi-prod 15 | usermanagement-prod 16 | 17 | Generate KUBECONFIG for Cluster 18 | ------------------------------- 19 | 20 | .. code:: bash 21 | 22 | aws eks update-kubeconfig --name devtest 23 | 24 | .. code:: ini 25 | 26 | Updated context arn:aws:eks:ap-southeast-1:987654321:cluster/devtest in /home/mdminhazulhaque/.kube/config 27 | 28 | List NodeGroups for Cluster 29 | --------------------------- 30 | 31 | .. code:: bash 32 | 33 | aws eks list-nodegroups --cluster-name devtest 34 | 35 | .. code:: ini 36 | 37 | nodegroups: 38 | - dev-nodes 39 | - test-nodes 40 | - argocd-nodes 41 | 42 | Modify NodeGroups for Cluster 43 | ----------------------------- 44 | 45 | .. code:: bash 46 | 47 | aws eks update-nodegroup-config --cluster-name devtest --nodegroup-name dev-nodes --scaling-config minSize=1,desiredSize=5,maxSize=10 48 | 49 | Refresh EKS AutoScalingGroup Instances 50 | -------------------------------------- 51 | 52 | .. code:: bash 53 | 54 | aws autoscaling start-instance-refresh --auto-scaling-group-name eks-mycluster-20241119081040239300000001-fcc9a1bc-a1ef-54d4-d72f-b171eb5b0062 55 | -------------------------------------------------------------------------------- /elasticache.rst: -------------------------------------------------------------------------------- 1 | ElastiCache 2 | =========== 3 | 4 | List Machine Type and Name 5 | -------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws elasticache describe-cache-clusters | jq -r '.CacheClusters[] | .CacheNodeType+" "+.CacheClusterId' 10 | 11 | .. code:: ini 12 | 13 | cache.t2.micro backend-login-hk 14 | cache.m5.large backend-login-vn 15 | cache.t3.small backend-login-sg 16 | 17 | List Replication Groups 18 | ----------------------- 19 | 20 | .. code:: bash 21 | 22 | aws elasticache describe-replication-groups | jq -r '.ReplicationGroups[] | .ReplicationGroupId+" "+.NodeGroups[].PrimaryEndpoint.Address' 23 | 24 | .. code:: ini 25 | 26 | backend-login-hk backend-login-hk.6da35.ng.0001.apse1.cache.amazonaws.com 27 | backend-login-vn backend-login-vn.6da35.ng.0001.apse1.cache.amazonaws.com 28 | backend-login-sg backend-login-sg.6da35.ng.0001.apse1.cache.amazonaws.com 29 | 30 | List Snapshots 31 | -------------- 32 | 33 | .. code:: bash 34 | 35 | aws elasticache describe-snapshots | jq -r '.Snapshots[] | .SnapshotName' 36 | 37 | .. code:: ini 38 | 39 | automatic.backend-login-hk-2020-02-27-00-27 40 | automatic.backend-login-vn-2020-02-27-00-27 41 | automatic.backend-login-sg-2020-02-27-00-27 42 | 43 | Create a Snapshot 44 | ----------------- 45 | 46 | .. code:: bash 47 | 48 | aws elasticache create-snapshot --snapshot-name backend-login-hk-snap-0001 --replication-group-id backend-login-hk --cache-cluster-id backend-login-hk 49 | 50 | Delete a Snapshot 51 | ----------------- 52 | 53 | .. code:: bash 54 | 55 | aws elasticache delete-snapshot --snapshot-name backend-login-hk-snap-0001 56 | 57 | Scale Up/Down a Replica 58 | ----------------------- 59 | 60 | .. code:: bash 61 | 62 | aws elasticache increase-replica-count --replication-group-id backend-login-hk --apply-immediately 63 | aws elasticache decrease-replica-count --replication-group-id backend-login-hk --apply-immediately 64 | 65 | -------------------------------------------------------------------------------- /elb.rst: -------------------------------------------------------------------------------- 1 | ELB 2 | === 3 | 4 | Create an ALB 5 | ------------- 6 | 7 | .. code:: bash 8 | 9 | aws elbv2 create-load-balancer --name lb-my-app --subnets subnet-006283cc641883340 subnet-0f824d8944b903079 subnet-0b6976fef09a3ed00 | jq -r .LoadBalancers[0].LoadBalancerArn 10 | 11 | .. code:: ini 12 | 13 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:loadbalancer/app/lb-my-app/a1ecf6e769562994 14 | 15 | Create a Target Group 16 | --------------------- 17 | 18 | .. code:: bash 19 | 20 | aws elbv2 create-target-group --name tg-my-app --protocol HTTP --port 8000 --target-type instance --vpc-id vpc-0ae29454e100df108 | jq -r .TargetGroups[0].TargetGroupArn 21 | 22 | .. code:: ini 23 | 24 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/tg-my-app/a7d3e159ca722a4d 25 | 26 | Register EC2 to a Target Group 27 | ------------------------------ 28 | 29 | .. code:: bash 30 | 31 | aws elbv2 register-targets --target-group-arn arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/tg-my-app/a7d3e159ca722a4d --targets Id=i-00a8e8746f02bdf29 32 | 33 | Create Listener and forward to a Target Group 34 | --------------------------------------------- 35 | 36 | .. code:: bash 37 | 38 | aws elbv2 create-listener --load-balancer-arn arn:aws:elasticloadbalancing:ap-southeast-1:987654321:loadbalancer/app/lb-my-app/a1ecf6e769562994 --port 80 --protocol HTTP --default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/tg-my-app/a7d3e159ca722a4d | jq -r .Listeners[0].ListenerArn 39 | 40 | .. code:: ini 41 | 42 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:listener/app/lb-my-app/a1ecf6e769562994/d77331a1038731de 43 | 44 | Create HTTPS Listener with Host Based Rule 45 | ------------------------------------------ 46 | 47 | .. code:: bash 48 | 49 | aws elbv2 create-listener --load-balancer-arn arn:aws:elasticloadbalancing:ap-southeast-1:987654321:loadbalancer/app/lb-my-app/a1ecf6e769562994 --port 443 --protocol HTTPS --default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/tg-my-app/a7d3e159ca722a4d --certificates CertificateArn=arn:aws:acm:ap-southeast-1:987654321:certificate/88c10c4e-a0ba-41e9-bbd4-734e0191e363 50 | 51 | .. code:: bash 52 | 53 | aws elbv2 create-rule --listener-arn arn:aws:elasticloadbalancing:ap-southeast-1:987654321:listener/app/lb-my-app/a1ecf6e769562994/d77331a1038731de --priority 1 --conditions Field=host-header,HostHeaderConfig={Values=app.example.com} --actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/tg-my-app/a7d3e159ca722a4d 54 | 55 | List LoadBalancer DNS Names 56 | ------------------------------ 57 | 58 | .. code:: bash 59 | 60 | aws elbv2 describe-load-balancers --query 'LoadBalancers[*].DNSName' | jq -r 'to_entries[] | .value' 61 | 62 | .. code:: ini 63 | 64 | frontend-lb-1220186848339.ap-southeast-1.elb.amazonaws.com 65 | backend-lb-6208709163457.ap-southeast-1.elb.amazonaws.com 66 | 67 | List LoadBalancer ARNs 68 | ------------------------- 69 | 70 | .. code:: bash 71 | 72 | aws elbv2 describe-load-balancers | jq -r '.LoadBalancers[] | .LoadBalancerArn' 73 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:loadbalancer/app/frontend-lb/1220186848339 74 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:loadbalancer/app/backend-lb/6208709163457 75 | 76 | List Target Group ARNs 77 | ------------------------- 78 | 79 | .. code:: bash 80 | 81 | aws elbv2 describe-target-groups | jq -r '.TargetGroups[] | .TargetGroupArn' 82 | 83 | .. code:: ini 84 | 85 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/frontend/b6da07d35 86 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/backend/97ad3b13c 87 | 88 | Find Instances for a Target Group 89 | --------------------------------- 90 | 91 | .. code:: bash 92 | 93 | aws elbv2 describe-target-health --target-group-arn arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/wordpress-ph/88f517d6b5326a26 | jq -r '.TargetHealthDescriptions[] | .Target.Id' 94 | 95 | .. code:: ini 96 | 97 | i-0b3b5128445a332db 98 | i-0d1c1cf4e980ac593 99 | i-00f11e8e33c971058 100 | 101 | -------------------------------------------------------------------------------- /iam.rst: -------------------------------------------------------------------------------- 1 | IAM 2 | === 3 | 4 | List UserId and UserName 5 | ------------------------ 6 | 7 | .. code:: bash 8 | 9 | aws iam list-users | jq -r '.Users[]|.UserId+" "+.UserName' 10 | 11 | .. code:: ini 12 | 13 | AIDAZBWIOJIQFOLNBXXCVSUQ kaiser 14 | AIDAZCTWYVXYOKSHVWXPYPLR thornton 15 | AIDAZUYALCGFQJENBCZFJTVX maldonado 16 | AIDAZKQAFIGQJWOKKSKRBLGE key 17 | AIDAZXUDGQVQCEWBFGIJOWWY nelson 18 | 19 | Get a Single User 20 | ----------------- 21 | 22 | .. code:: bash 23 | 24 | aws iam get-user --user-name kaiser 25 | 26 | Add a User 27 | ---------- 28 | 29 | .. code:: bash 30 | 31 | aws iam create-user --user-name audit-temp 32 | 33 | Delete a User 34 | ------------- 35 | 36 | .. code:: bash 37 | 38 | aws iam delete-user --user-name audit-temp 39 | 40 | List Access Keys for a User 41 | --------------------------- 42 | 43 | .. code:: bash 44 | 45 | aws iam list-access-keys --user-name audit-temp | jq -r .AccessKeyMetadata[].AccessKeyId 46 | 47 | .. code:: ini 48 | 49 | AKIABWIOJIQFOLNBXXCVSUQ 50 | AKIACTWYVXYOKSHVWXPYPLR 51 | 52 | Delete Access Key for a User 53 | ---------------------------- 54 | 55 | .. code:: bash 56 | 57 | aws iam delete-access-key --user-name audit-temp --access-key-id AKIABWIOJIQFOLNBXXCVSUQ 58 | 59 | Activate/Deactivate Access Key for a User 60 | ----------------------------------------- 61 | 62 | .. code:: bash 63 | 64 | aws iam update-access-key --status Inactive --user-name audit-temp --access-key-id AKIABWIOJIQFOLNBXXCVSUQ 65 | aws iam update-access-key --status Active --user-name audit-temp --access-key-id AKIABWIOJIQFOLNBXXCVSUQ 66 | 67 | Generate New Access Key for a User 68 | ---------------------------------- 69 | 70 | .. code:: bash 71 | 72 | aws iam create-access-key --user-name audit-temp | jq -r '.AccessKey | .AccessKeyId+" "+.SecretAccessKey' 73 | 74 | .. code:: ini 75 | 76 | AKIABWIOJIQFOLNBXXCVSUQ p9ge02ebLX9jobdQKmfikRqCiEw3HBylwHyXq0z 77 | 78 | Change Console Password for a User 79 | ---------------------------------- 80 | 81 | .. code:: bash 82 | 83 | aws iam update-login-profile --user-name bob-marketing --password '5tr0nGp@$$w0rD' 84 | 85 | List Groups 86 | ----------- 87 | 88 | .. code:: bash 89 | 90 | aws iam list-groups | jq -r .Groups[].GroupName 91 | 92 | .. code:: ini 93 | 94 | developers 95 | administrators 96 | testers 97 | marketing-ro 98 | 99 | Add/Delete Groups 100 | ----------------- 101 | 102 | .. code:: bash 103 | 104 | aws iam create-group --group-name business-ro 105 | aws iam delete-group --group-name business-ro 106 | 107 | List Policies and ARNs 108 | ---------------------- 109 | 110 | .. code:: bash 111 | 112 | aws iam list-policies | jq -r '.Policies[]|.PolicyName+" "+.Arn' 113 | aws iam list-policies --scope AWS | jq -r '.Policies[]|.PolicyName+" "+.Arn' 114 | aws iam list-policies --scope Local | jq -r '.Policies[]|.PolicyName+" "+.Arn' 115 | 116 | List User/Group/Roles for a Policy 117 | ---------------------------------- 118 | 119 | .. code:: bash 120 | 121 | aws iam list-entities-for-policy --policy-arn arn:aws:iam::987654321:policy/Marketing-ReadOnly 122 | 123 | List Policies for a Group 124 | ------------------------- 125 | 126 | .. code:: bash 127 | 128 | aws iam list-attached-group-policies --group-name business-ro 129 | 130 | Add Policy to a Group 131 | --------------------- 132 | 133 | .. code:: bash 134 | 135 | aws iam attach-group-policy --group-name business-ro --policy-arn arn:aws:iam::aws:policy/DynamoDBReadOnlyAccess 136 | 137 | Add User to a Group 138 | ------------------- 139 | 140 | .. code:: bash 141 | 142 | aws iam add-user-to-group --group-name business-ro --user-name marketing-michael 143 | 144 | Remove User from a Group 145 | ------------------------ 146 | 147 | .. code:: bash 148 | 149 | aws iam remove-user-from-group --group-name business-ro --user-name marketing-alice 150 | 151 | List Users in a Group 152 | --------------------- 153 | 154 | .. code:: bash 155 | 156 | aws iam get-group --group-name business-ro 157 | 158 | List Groups for a User 159 | ---------------------- 160 | 161 | .. code:: bash 162 | 163 | aws iam list-groups-for-user --user-name qa-bob 164 | 165 | Attach/Detach Policy to a Group 166 | ------------------------------- 167 | 168 | .. code:: bash 169 | 170 | aws iam detach-group-policy --group-name business-ro --policy-arn arn:aws:iam::aws:policy/DynamoDBFullAccess 171 | aws iam attach-group-policy --group-name business-ro --policy-arn arn:aws:iam::aws:policy/DynamoDBFullAccess 172 | -------------------------------------------------------------------------------- /index.rst: -------------------------------------------------------------------------------- 1 | AWS CLI Cheatsheet 2 | ================== 3 | 4 | Supercharge your daily acitivities related to AWS cloud using the combination of AWS CLI and JQ. 5 | 6 | Prerequisites 7 | ------------- 8 | 9 | - `aws-cli `__ 10 | - `jq `__ 11 | 12 | |:warning:| Disclaimer: All Resource, Account, ARN, Hostname etc are 13 | generated using `Faker `__. They 14 | should not match any real user data. 15 | 16 | |:arrow_right:| If you have multiple AWS Accounts, you can use bash aliases 17 | like the following. So you no longer need to pass ``--profile`` to 18 | ``aws`` tool repeatedly. 19 | 20 | .. code:: bash 21 | 22 | alias aws-prod="aws --profile work-prod" 23 | alias aws-dev="aws --profile work-dev" 24 | alias aws-self="aws --profile personal" 25 | alias aws="aws --profile work-dev" 26 | 27 | |:arrow_right:| To format ``aws`` command output into pretty tables, you can pipe the output to ``column -t``. 28 | 29 | :: 30 | 31 | # aws ec2 describe-instances | jq ... 32 | i-0f112d652ecf13dac c3.x2large fisher.com 33 | i-0b3b5128445a332db t2.nano robinson.com 34 | 35 | # aws ec2 describe-instances | jq ... | column -t 36 | i-0f112d652ecf13dac c3.x2large fisher.com 37 | i-0b3b5128445a332db t2.nano robinson.com 38 | 39 | .. toctree:: 40 | :caption: AWS Services 41 | :maxdepth: 100 42 | :hidden: 43 | 44 | acm 45 | amplify 46 | apigw 47 | ce 48 | cloudfront 49 | cloudwatch 50 | cognito 51 | dynamodb 52 | ec2 53 | ecr 54 | efs 55 | eks 56 | elasticache 57 | elb 58 | iam 59 | lambda 60 | opensearch 61 | rds 62 | route53 63 | s3 64 | ses 65 | sns 66 | sqs 67 | wafv2 68 | -------------------------------------------------------------------------------- /lambda.rst: -------------------------------------------------------------------------------- 1 | Lambda 2 | ====== 3 | 4 | List Lambda Functions, Runtime and Memory 5 | ----------------------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws lambda list-functions | jq -r '.Functions[] | .FunctionName+" "+.Runtime+" "+(.MemorySize|tostring)' 10 | 11 | .. code:: ini 12 | 13 | backend-api-function nodejs8.10 512 14 | backend-signup-email-function nodejs10.x 128 15 | partner-api-8XJAP1VVLYA7 python3.7 128 16 | marketing-promo-sqs-function nodejs10.x 128 17 | 18 | List Lambda Environment Variables 19 | --------------------------------- 20 | 21 | .. code:: bash 22 | 23 | aws lambda get-function --function-name my-app-production | jq -r .Configuration.Environment.Variables 24 | 25 | .. code:: ini 26 | 27 | ... 28 | "FILESYSTEM_DRIVER": "s3", 29 | "APP_ENV": "production", 30 | "CACHE_STORE": "dynamodb", 31 | "QUEUE_TIMEOUT": "69", 32 | ... 33 | 34 | List Lambda Layers 35 | ------------------ 36 | 37 | .. code:: bash 38 | 39 | aws lambda list-layers | jq -r '.Layers[] | .LayerName' 40 | 41 | .. code:: ini 42 | 43 | imagemagik-layer 44 | django-layer 45 | nodejs-extra-layer 46 | 47 | List of Source Event for Lambda 48 | ------------------------------- 49 | 50 | .. code:: bash 51 | 52 | aws lambda list-event-source-mappings | jq -r '.EventSourceMappings[] | .FunctionArn+" "+.EventSourceArn' 53 | 54 | .. code:: ini 55 | 56 | arn:aws:lambda:function:backend-api-function arn:aws:dynamodb:table/prod-user-list/stream 57 | arn:aws:lambda:function:backend-signup-email-function arn:aws:dynamodb:table/prod-user-email/stream 58 | arn:aws:lambda:function:partner-api-8XJAP1VVLYA7 arn:aws:sqs:partner-input-msg-queue 59 | arn:aws:lambda:function:marketing-promo-sqs-function arn:aws:sqs:promo-input-msg-queue 60 | 61 | Download Lambda Code 62 | -------------------- 63 | 64 | .. code:: bash 65 | 66 | aws lambda get-function --function-name DynamoToSQS | jq -r .Code.Location 67 | 68 | .. code:: ini 69 | 70 | https://awslambda-ap-se-1-tasks.s3.ap-southeast-1.amazonaws.com/snapshots/987654321/backend-api-function-1fda0de7-a751-4586-bf64-5601a410c170 71 | 72 | -------------------------------------------------------------------------------- /opensearch.rst: -------------------------------------------------------------------------------- 1 | OpenSearch 2 | ========== 3 | 4 | List Domains 5 | ------------ 6 | 7 | .. code:: bash 8 | 9 | aws opensearch list-domain-names --output json | jq -r '.DomainNames[]|.DomainName' 10 | 11 | .. code:: ini 12 | 13 | prod-orders 14 | prod-products 15 | prod-metadata -------------------------------------------------------------------------------- /rds.rst: -------------------------------------------------------------------------------- 1 | RDS 2 | === 3 | 4 | List DB Clusters 5 | ---------------- 6 | 7 | .. code:: bash 8 | 9 | aws rds describe-db-clusters | jq -r '.DBClusters[] | .DBClusterIdentifier+" "+.Endpoint' 10 | 11 | .. code:: ini 12 | 13 | backend-prod backend-prod.cluster-b6da07d35.ap-southeast-1.rds.amazonaws.com 14 | internal-prod internal-dev.cluster-b6da07d35.ap-southeast-1.rds.amazonaws.com 15 | 16 | List DB Instances 17 | ----------------- 18 | 19 | .. code:: bash 20 | 21 | aws rds describe-db-instances | jq -r '.DBInstances[] | .DBInstanceIdentifier+" "+.DBInstanceClass+" "+.Endpoint.Address' 22 | 23 | .. code:: ini 24 | 25 | backend-dev db.t3.medium backend-prod.b6da07d35.ap-southeast-1.rds.amazonaws.com 26 | internal-dev db.t2.micro internal-dev.b6da07d35.ap-southeast-1.rds.amazonaws.com 27 | 28 | Take DB Instance Snapshot 29 | ------------------------- 30 | 31 | .. code:: bash 32 | 33 | aws rds create-db-snapshot --db-snapshot-identifier backend-dev-snapshot-0001 --db-instance-identifier backend-dev 34 | aws rds describe-db-snapshots --db-snapshot-identifier backend-dev-snapshot-0001 --db-instance-identifier general 35 | 36 | Take DB Cluster Snapshot 37 | ------------------------ 38 | 39 | .. code:: bash 40 | 41 | aws rds create-db-cluster-snapshot --db-cluster-snapshot-identifier backend-prod-snapshot-0002 --db-cluster-identifier backend-prod 42 | aws rds describe-db-cluster-snapshots --db-cluster-snapshot-identifier backend-prod-snapshot-0002 --db-cluster-identifier backend-prod 43 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | alabaster==0.7.13 2 | Babel==2.14.0 3 | certifi==2023.11.17 4 | charset-normalizer==3.3.2 5 | docutils==0.20.1 6 | idna==3.6 7 | imagesize==1.4.1 8 | Jinja2==3.1.2 9 | MarkupSafe==2.1.3 10 | packaging==23.2 11 | Pygments==2.17.2 12 | requests==2.31.0 13 | setuptools==75.1.0 14 | snowballstemmer==2.2.0 15 | Sphinx==7.2.6 16 | sphinx-favicon==1.0.1 17 | sphinx-rtd-theme==2.0.0 18 | sphinxcontrib-applehelp==1.0.7 19 | sphinxcontrib-devhelp==1.0.5 20 | sphinxcontrib-htmlhelp==2.0.4 21 | sphinxcontrib-jquery==4.1 22 | sphinxcontrib-jsmath==1.0.1 23 | sphinxcontrib-qthelp==1.0.6 24 | sphinxcontrib-serializinghtml==1.1.9 25 | sphinxemoji==0.2.0 26 | sphinxext-opengraph==0.9.1 27 | urllib3==2.1.0 28 | -------------------------------------------------------------------------------- /route53.rst: -------------------------------------------------------------------------------- 1 | Route53 2 | ======= 3 | 4 | List Domains 5 | ------------ 6 | 7 | .. code:: bash 8 | 9 | aws route53 list-hosted-zones | jq -r '.HostedZones[]|.Id+" "+.Name' 10 | 11 | .. code:: ini 12 | 13 | /hostedzone/ZEB1PAH4U mysite.com. 14 | /hostedzone/ZQUOHGH3G yoursite.com. 15 | /hostedzone/ZEADEA0CO staywith.us. 16 | 17 | List Records for a Domain (Zone) 18 | -------------------------------- 19 | 20 | .. code:: bash 21 | 22 | aws route53 list-resource-record-sets --hosted-zone-id /hostedzone/ZEB1PAH4U | jq -r '.ResourceRecordSets[]| if (.AliasTarget!=null) then .Type+" "+.Name+" "+.AliasTarget.DNSName else .Type+" "+.Name+" "+.ResourceRecords[].Value end' 23 | 24 | .. code:: ini 25 | 26 | A mysite.com. dualstack.mysite-lb-967522168.ap-southeast-1.elb.amazonaws.com. 27 | A mysite.com. 11.22.33.44 28 | TXT _amazonses.mysite.com. 6c6d761371f0480bbe60de0df275b550 29 | A test.mysite.com. 55.66.77.88 30 | CNAME www.mysite.com. mysite.com 31 | -------------------------------------------------------------------------------- /s3.rst: -------------------------------------------------------------------------------- 1 | S3 2 | == 3 | 4 | List Buckets 5 | ------------ 6 | 7 | .. code:: bash 8 | 9 | aws s3 ls 10 | 11 | .. code:: ini 12 | 13 | 2020-01-28 18:49:50 customer-data-primary 14 | 2020-01-28 18:50:22 customer-data-backup 15 | 2020-01-28 18:50:54 wordpress-cdn 16 | 2020-01-28 18:52:25 backend-artifacts-20200220-deployment 17 | 18 | List Files in a Bucket 19 | ---------------------- 20 | 21 | .. code:: bash 22 | 23 | aws s3 ls wordpress-cdn/wp-content/uploads/2019/10/04/ 24 | 25 | .. code:: ini 26 | 27 | 2019-10-04 15:02:02 133557 amazing-content.jpg 28 | 2019-10-04 15:02:02 2986 amazing-content-103x50.jpg 29 | 2019-10-04 15:02:02 5640 amazing-content-120x120.jpg 30 | 2019-10-04 15:02:02 7924 amazing-content-150x150.jpg 31 | 32 | Create a Bucket 33 | --------------- 34 | 35 | .. code:: bash 36 | 37 | aws s3 mb s3://my-awesome-new-bucket 38 | make_bucket: my-awesome-new-bucket 39 | 40 | Delete a Bucket 41 | --------------- 42 | 43 | .. code:: bash 44 | 45 | aws s3 rb s3://my-awesome-new-bucket --force 46 | 47 | Download an S3 Object to Local 48 | ------------------------------ 49 | 50 | .. code:: bash 51 | 52 | aws s3 cp s3://my-awesome-new-bucket . 53 | 54 | .. code:: ini 55 | 56 | download: ./backup.tar from s3://my-awesome-new-bucket/backup.tar 57 | 58 | Upload Local File as a S3 Object 59 | -------------------------------- 60 | 61 | .. code:: bash 62 | 63 | aws s3 cp backup.tar s3://my-awesome-new-bucket 64 | 65 | .. code:: ini 66 | 67 | upload: ./backup.tar to s3://my-awesome-new-bucket/backup.tar 68 | 69 | Delete an S3 Object 70 | ------------------- 71 | 72 | .. code:: bash 73 | 74 | aws s3 rm s3://my-awesome-new-bucket/secret-file.gz 75 | 76 | .. code:: ini 77 | 78 | delete: s3://my-awesome-new-bucket/secret-file.gz 79 | 80 | Download Bucket to Local 81 | ------------------------ 82 | 83 | .. code:: bash 84 | 85 | aws s3 sync s3://my-awesome-new-bucket/ /media/Passport-Ultra/Backup 86 | 87 | Upload Local Directory to Bucket 88 | -------------------------------- 89 | 90 | .. code:: bash 91 | 92 | aws s3 sync /home/minhaz/Downloads s3://my-awesome-new-bucket/ 93 | 94 | Share S3 Object without Presigned URL 95 | ------------------------------------- 96 | 97 | .. code:: bash 98 | 99 | aws s3 presign s3://my-awesome-new-bucket/business-reports.pdf --expires-in 3600 100 | 101 | .. code:: ini 102 | 103 | https://my-awesome-new-bucket.s3.amazonaws.com/business-reports.pdf?AWSAccessKeyId=AKISUENSAKSIEUAA&Expires=1582876994&Signature=kizOEA93kaIHw7uv25wSFIKLmAx 104 | 105 | -------------------------------------------------------------------------------- /ses.rst: -------------------------------------------------------------------------------- 1 | SES 2 | === 3 | 4 | Send Mail 5 | --------- 6 | 7 | .. code:: bash 8 | 9 | aws ses send-email \ 10 | --to user@example.com \ 11 | --subject Howdy \ 12 | --html '

    Hello, Mate!

    ' \ 13 | --from noreply@example.com 14 | 15 | List Identities 16 | --------------- 17 | 18 | .. code:: bash 19 | 20 | aws ses list-identities | jq -r '.Identities[]' 21 | 22 | .. code:: ini 23 | 24 | mdminhazulhaque.io 25 | test.com 26 | example.com 27 | google.com 28 | 29 | Get DKIM Verification Status 30 | ---------------------------- 31 | 32 | .. code:: bash 33 | 34 | aws ses get-identity-dkim-attributes --identities example.com 35 | 36 | .. code:: ini 37 | 38 | ... 39 | "DkimEnabled": true, 40 | ... 41 | 42 | Tag identity 43 | ------------ 44 | 45 | .. code:: bash 46 | 47 | aws sesv2 tag-resource --resource-arn arn:aws:ses:us-west-2:987654321:identity/example.com \ 48 | --tags Key=environment,Value=prod Key=team/backend 49 | -------------------------------------------------------------------------------- /sns.rst: -------------------------------------------------------------------------------- 1 | SNS 2 | === 3 | 4 | List SNS Topics 5 | --------------- 6 | 7 | .. code:: bash 8 | 9 | aws sns list-topics | jq -r '.Topics[] | .TopicArn' 10 | 11 | .. code:: ini 12 | 13 | arn:aws:sns:ap-southeast-1:987654321:backend-api-monitoring 14 | arn:aws:sns:ap-southeast-1:987654321:dynamodb-count-check 15 | arn:aws:sns:ap-southeast-1:987654321:partner-integration-check 16 | arn:aws:sns:ap-southeast-1:987654321:autoscale-notifications 17 | 18 | List SNS Topic and related Subscriptions 19 | ---------------------------------------- 20 | 21 | .. code:: bash 22 | 23 | aws sns list-subscriptions | jq -r '.Subscriptions[] | .TopicArn+" "+.Protocol+" "+.Endpoint' 24 | 25 | .. code:: ini 26 | 27 | arn:aws:sns:ap-southeast-1:autoscale-notifications lambda arn:aws:lambda:function:autoscale-function 28 | arn:aws:sns:ap-southeast-1:backend-api-monitoring email alert@mdminhazulhaque.io 29 | arn:aws:sns:ap-southeast-1:dynamodb-count-check email alert@mdminhazulhaque.io 30 | arn:aws:sns:ap-southeast-1:partner-integration-check lambda arn:aws:lambda:function:partner-function 31 | arn:aws:sns:ap-southeast-1:autoscale-notifications lambda arn:aws:lambda:function:autoscale-function 32 | 33 | Publish to SNS Topic 34 | -------------------- 35 | 36 | .. code:: bash 37 | 38 | aws sns publish --topic-arn arn:aws:sns:ap-southeast-1:987654321:backend-api-monitoring \ 39 | --message "Panic!!!" \ 40 | --subject "The API is down!!!" 41 | -------------------------------------------------------------------------------- /sqs.rst: -------------------------------------------------------------------------------- 1 | SQS 2 | === 3 | 4 | List Queues 5 | ----------- 6 | 7 | .. code:: bash 8 | 9 | aws sqs list-queues | jq -r '.QueueUrls[]' 10 | 11 | .. code:: ini 12 | 13 | https://ap-southeast-1.queue.amazonaws.com/987654321/public-events.fifo 14 | https://ap-southeast-1.queue.amazonaws.com/987654321/user-signup 15 | 16 | Create a Queue 17 | -------------- 18 | 19 | .. code:: bash 20 | 21 | aws sqs create-queue --queue-name public-events.fifo | jq -r .QueueUrl 22 | 23 | .. code:: ini 24 | 25 | https://ap-southeast-1.queue.amazonaws.com/987654321/public-events.fifo 26 | 27 | Count Messages in a Queue 28 | ------------------------- 29 | 30 | .. code:: bash 31 | 32 | aws sqs get-queue-attributes --queue-url https://ap-southeast-1.queue.amazonaws.com/987654321/public-events.fifo | jq -r '.Attributes | .QueueArn + " " + .ApproximateNumberOfMessages' 33 | 34 | .. code:: ini 35 | 36 | arn:aws:sqs:ap-southeast-1:987654321:events.fifo 42 37 | arn:aws:sqs:ap-southeast-1:987654321:uploads 1036 38 | 39 | Send Message to a Queue 40 | ----------------------- 41 | 42 | .. code:: bash 43 | 44 | aws sqs send-message --queue-url https://ap-southeast-1.queue.amazonaws.com/987654321/public-events.fifo --message-body Hello 45 | 46 | .. code:: json 47 | 48 | { 49 | "MD5OfMessageBody": "37b51d194a7513e45b56f6524f2d51f2", 50 | "MessageId": "4226398e-bab0-4bee-bf5a-8e7ae18c855a" 51 | } 52 | 53 | Receive Message from a Queue 54 | ---------------------------- 55 | 56 | .. code:: bash 57 | 58 | aws sqs receive-message --queue-url https://ap-southeast-1.queue.amazonaws.com/987654321/public-events.fifo | jq -r '.Messages[] | .Body' 59 | 60 | .. code:: ini 61 | 62 | Hello I am a Message 63 | 64 | Delete a Message from a Queue 65 | ----------------------------- 66 | 67 | .. code:: bash 68 | 69 | aws sqs delete-message --queue-url https://ap-southeast-1.queue.amazonaws.com/987654321/public-events.fifo --receipt-handle "AQEBpqKLxNb8rIOn9ykSeCkKebNzn0BrEJ3Cg1RS6MwID2t1oYHCnMP06GnuVZGzt7kpWXZ5ieLQ==" 70 | 71 | Purge a Queue 72 | ------------- 73 | 74 | .. code:: bash 75 | 76 | aws sqs purge-queue --queue-url https://ap-southeast-1.queue.amazonaws.com/987654321/public-events.fifo 77 | 78 | Delete a Queue 79 | -------------- 80 | 81 | .. code:: bash 82 | 83 | aws sqs delete-queue --queue-url https://ap-southeast-1.queue.amazonaws.com/987654321/public-events.fifo 84 | 85 | Query Message Count in a Queue 86 | ------------------------------ 87 | 88 | .. code:: bash 89 | 90 | aws sqs get-queue-attributes --attribute-names ApproximateNumberOfMessages --queue-url https://ap-southeast-1.queue.amazonaws.com/987654321/public-events.fifo -------------------------------------------------------------------------------- /wafv2.rst: -------------------------------------------------------------------------------- 1 | WAF 2 | === 3 | 4 | List Web ACLs 5 | ------------- 6 | 7 | .. code:: bash 8 | 9 | aws wafv2 list-web-acls --scope REGIONAL | jq -r '.WebACLs[]|.Name' 10 | 11 | .. code:: ini 12 | 13 | prod-api-allow 14 | prod-frontend-allow 15 | prod-bots-deny 16 | prod-testing-allow 17 | 18 | List Rules under an Web ACL 19 | --------------------------- 20 | 21 | .. code:: bash 22 | 23 | aws wafv2 get-web-acl --name prod-frontend-allow --scope REGIONAL --id 5cf184c3-d7f0-44af-8c99-f3f08aec0267 | jq -r '.WebACL.Rules[]|.Name' 24 | 25 | .. code:: ini 26 | 27 | prod-allow-ip 28 | prod-allow-build-server 29 | prod-allow-office-network 30 | 31 | List Resources for an Web ACL 32 | ----------------------------- 33 | 34 | .. code:: bash 35 | 36 | aws wafv2 list-resources-for-web-acl --web-acl-arn arn:aws:wafv2:us-east-2:123456789:regional/webacl/prod-frontend-allow/5cf184c3-d7f0-44af-8c99-f3f08aec0267 | jq -r '.ResourceArns[]|.' 37 | 38 | .. code:: ini 39 | 40 | arn:aws:elasticloadbalancing:us-east-2:123456789:loadbalancer/app/k8s-backend-5cf184c3/f3f08aec0267 41 | arn:aws:elasticloadbalancing:us-east-1:123456789:loadbalancer/app/k8s-frontend-d7f084c3/44af8aec029a 42 | 43 | List IP Sets 44 | ------------ 45 | 46 | .. code:: bash 47 | 48 | aws wafv2 list-ip-sets --scope REGIONAL | jq -r '.IPSets[]|.Name' 49 | 50 | .. code:: ini 51 | 52 | prod-api-ipv4-set 53 | prod-api-ipv6-set 54 | prod-customer-ipv4-set 55 | prod-customer-ipv6-set 56 | 57 | List IP Addresses under an IP Set 58 | --------------------------------- 59 | 60 | .. code:: bash 61 | 62 | aws wafv2 get-ip-set --scope REGIONAL --name prod-api-ipv4-set --id 7cd71356-f6df-4cef-b058-6c174eb3f23a | jq -r '.IPSet.Addresses[]|.' 63 | 64 | .. code:: ini 65 | 66 | 103.10.127.0/24 67 | 104.154.0.0/15 --------------------------------------------------------------------------------