├── .DS_Store ├── .github └── workflows │ └── publish.yml ├── .nojekyll ├── CNAME ├── README.md ├── _static ├── aws-jq.png └── favicon.ico ├── _templates ├── breadcrumbs.html └── footer.html ├── acm.rst ├── amplify.rst ├── apigw.rst ├── build.sh ├── ce.rst ├── cloudfront.rst ├── cloudwatch.rst ├── cognito.rst ├── conf.py ├── dynamodb.rst ├── ec2.rst ├── ecr.rst ├── efs.rst ├── eks.rst ├── elasticache.rst ├── elb.rst ├── iam.rst ├── index.rst ├── lambda.rst ├── opensearch.rst ├── rds.rst ├── requirements.txt ├── route53.rst ├── s3.rst ├── ses.rst ├── sns.rst ├── sqs.rst └── wafv2.rst /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mdminhazulhaque/aws-cli-cheatsheet/47c86151372ad4b2085d0a6f636a881ae9a5c7b9/.DS_Store -------------------------------------------------------------------------------- /.github/workflows/publish.yml: -------------------------------------------------------------------------------- 1 | name: Publish 2 | on: 3 | push: 4 | permissions: 5 | contents: read 6 | pages: write 7 | id-token: write 8 | jobs: 9 | deploy: 10 | environment: 11 | name: github-pages 12 | url: ${{ steps.deployment.outputs.page_url }} 13 | runs-on: ubuntu-latest 14 | steps: 15 | - name: Checkout 16 | uses: actions/checkout@v4 17 | - name: Setup Pages 18 | uses: actions/configure-pages@v4 19 | - name: Setup Python3 20 | uses: actions/setup-python@v2 21 | with: 22 | python-version: '3.x' 23 | - name: Install Sphinx 24 | run: | 25 | pip install -r requirements.txt 26 | - name: Build Pages 27 | run: python -msphinx . docs 28 | - name: Upload artifact 29 | uses: actions/upload-pages-artifact@v3 30 | with: 31 | path: docs 32 | - name: Deploy to GitHub Pages 33 | id: deployment 34 | uses: actions/deploy-pages@v4 35 | -------------------------------------------------------------------------------- /.nojekyll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mdminhazulhaque/aws-cli-cheatsheet/47c86151372ad4b2085d0a6f636a881ae9a5c7b9/.nojekyll -------------------------------------------------------------------------------- /CNAME: -------------------------------------------------------------------------------- 1 | aws-jq.mdminhazulhaque.io 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # AWS CLI Cheatsheet 2 | 3 | Supercharge your daily acitivities related to AWS cloud using the combination of AWS CLI and JQ. 4 | 5 | Visit [aws-cli-cheatsheet.mdminhazulhaque.io](https://aws-cli-cheatsheet.mdminhazulhaque.io) 6 | -------------------------------------------------------------------------------- /_static/aws-jq.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mdminhazulhaque/aws-cli-cheatsheet/47c86151372ad4b2085d0a6f636a881ae9a5c7b9/_static/aws-jq.png -------------------------------------------------------------------------------- /_static/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mdminhazulhaque/aws-cli-cheatsheet/47c86151372ad4b2085d0a6f636a881ae9a5c7b9/_static/favicon.ico -------------------------------------------------------------------------------- /_templates/breadcrumbs.html: -------------------------------------------------------------------------------- 1 | {%- extends "sphinx_rtd_theme/breadcrumbs.html" %} 2 | {% block breadcrumbs_aside %} 3 |
© Copyright 2025, Md Minhazul Haque
5 | {%- endblock %} 6 | -------------------------------------------------------------------------------- /acm.rst: -------------------------------------------------------------------------------- 1 | ACM 2 | === 3 | 4 | List Certificate ARNs and DomainName 5 | ------------------------------------ 6 | 7 | .. code:: bash 8 | 9 | aws acm list-certificates | jq -r '.CertificateSummaryList[] | .CertificateArn+" "+.DomainName' 10 | 11 | .. code:: ini 12 | 13 | arn:aws:acm:ap-southeast-1:987654321:certificate/88c10c4e-a0ba-41e9-bbd4-734e0191e363 *.example.com 14 | -------------------------------------------------------------------------------- /amplify.rst: -------------------------------------------------------------------------------- 1 | Amplify 2 | ======= 3 | 4 | List of Amplify Apps and Source Repositories 5 | -------------------------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws amplify list-apps | jq -r '.apps[] | .name+" "+.defaultDomain+" "+.repository' 10 | 11 | .. code:: ini 12 | 13 | fe-vn d9d5bb1e3c281f.amplifyapp.com https://bitbucket.org/aws/frontend-vn 14 | fe-hk db64e7e9b3cc22.amplifyapp.com https://bitbucket.org/aws/frontend-hk 15 | fe-sg d5e3221cf8b921.amplifyapp.com https://bitbucket.org/aws/frontend-sg 16 | -------------------------------------------------------------------------------- /apigw.rst: -------------------------------------------------------------------------------- 1 | API Gateway 2 | =========== 3 | 4 | List of API Gateway IDs and Names 5 | --------------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws apigateway get-rest-apis | jq -r '.items[] | .id+" "+.name' 10 | 11 | .. code:: ini 12 | 13 | 5e3221cf8 backend-api 14 | 69ef7d4c8 frontend-api 15 | bb1e3c281 partner-api 16 | f99796943 internal-crm-api 17 | ee86b4cde import-data-api 18 | 19 | Delete API Gateway 20 | ------------------ 21 | 22 | .. code:: bash 23 | 24 | aws apigateway delete-rest-api --rest-api-id ee86b4cde 25 | 26 | List of API Gateway Keys 27 | ------------------------ 28 | 29 | .. code:: bash 30 | 31 | aws apigateway get-api-keys | jq -r '.items[] | .id+" "+.name' 32 | 33 | .. code:: ini 34 | 35 | ee86b4cde backend-api-key 36 | 69ef7d4c8 partner-api-key 37 | 38 | List API Gateway Domain Names 39 | ----------------------------- 40 | 41 | .. code:: bash 42 | 43 | aws apigateway get-domain-names | jq -r '.items[] | .domainName+" "+.regionalDomainName' 44 | 45 | .. code:: ini 46 | 47 | backend-api.mdminhazulhaque.io d-ee86b4cde.execute-api.ap-southeast-1.amazonaws.com 48 | frontend-api.mdminhazulhaque.io d-bb1e3c281.execute-api.ap-southeast-1.amazonaws.com 49 | 50 | List of Resources for Specific API Gateway 51 | ------------------------------------------ 52 | 53 | .. code:: bash 54 | 55 | aws apigateway get-resources --rest-api-id ee86b4cde | jq -r '.items[] | .id+" "+.path' 56 | 57 | .. code:: ini 58 | 59 | 8c2d1097e /v1/{proxy+} 60 | bb4aabda1 /v2/{proxy+} 61 | e44504cde /health 62 | 69ef7d4c8 / 63 | 64 | Find Function for Specific API Gateway Resource 65 | ----------------------------------------------- 66 | 67 | .. code:: bash 68 | 69 | aws apigateway get-integration --rest-api-id ee86b4cde --resource-id 69ef7d4c8 --http-method GET | jq -r '.uri' 70 | 71 | .. code:: ini 72 | 73 | arn:aws:lambda:ap-southeast-1:987654321:function:backend-api-function-5d4daa47fe4a2:live/invocations 74 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | rm -rf docs 4 | sphinx-build . docs 5 | -------------------------------------------------------------------------------- /ce.rst: -------------------------------------------------------------------------------- 1 | Cost Explorer 2 | ============= 3 | 4 | Get Cost by Month 5 | ----------------- 6 | 7 | .. code:: bash 8 | 9 | aws ce get-cost-and-usage --granularity MONTHLY --metrics BlendedCost \ 10 | --time-period Start=2023-10-01,End=2023-12-31 | \ 11 | jq '.ResultsByTime[]|.TimePeriod.Start+" "+.Total.BlendedCost.Amount' 12 | 13 | .. code:: ini 14 | 15 | 2023-10-01 1000.000000 16 | 2023-11-01 2000.000000 17 | 2023-12-01 3000.000000 -------------------------------------------------------------------------------- /cloudfront.rst: -------------------------------------------------------------------------------- 1 | CloudFront 2 | ========== 3 | 4 | List Distributions and Origins 5 | ------------------------------ 6 | 7 | .. code:: bash 8 | 9 | aws cloudfront list-distributions | jq -r '.DistributionList.Items[] | .DomainName+" "+.Origins.Items[0].DomainName' 10 | 11 | .. code:: ini 12 | 13 | d9d5bb1e3c281f.cloudfront.net frontend-prod-hk.s3.amazonaws.com 14 | d12b09e8a0a996.cloudfront.net frontend-prod-vn.s3.amazonaws.com 15 | db64e7e9b3cc22.cloudfront.net frontend-prod-sg.s3.amazonaws.com 16 | d5e3221cf8b921.cloudfront.net cdn.mdminhazulhaque.io 17 | 18 | Create Cache Invalidation 19 | ------------------------- 20 | 21 | .. code:: bash 22 | 23 | aws cloudfront create-invalidation --distribution-id D12B09E8A0A996 --path '/blog/*' '/blog/assets/*' | jq -r '.Invalidation.Id' 24 | 25 | .. code:: ini 26 | 27 | IALJ5AL93ZD79 28 | 29 | Check Cache Invalidation Status 30 | ------------------------------- 31 | 32 | .. code:: bash 33 | 34 | aws cloudfront get-invalidation --distribution-id D12B09E8A0A996 --id IALJ5AL93ZD79 | jq -r '.Invalidation.Status' 35 | 36 | .. code:: ini 37 | 38 | Completed 39 | -------------------------------------------------------------------------------- /cloudwatch.rst: -------------------------------------------------------------------------------- 1 | Cloudwatch 2 | ========== 3 | 4 | List Alarms and Status 5 | ---------------------- 6 | 7 | .. code:: bash 8 | 9 | aws cloudwatch describe-alarms | jq -r '.MetricAlarms[] | .AlarmName+" "+.Namespace+" "+.StateValue' 10 | 11 | .. code:: ini 12 | 13 | backend-autoscale AWS/EC2 OK 14 | backend-lb AWS/ApplicationELB OK 15 | partner-hk AWS/ECS ALARM 16 | partner-vn AWS/ECS ALARM 17 | partner-sg AWS/ECS ALARM 18 | userdata-read AWS/DynamoDB OK 19 | userdata-write AWS/DynamoDB OK 20 | 21 | Create Alarm on High CPUUtilization 22 | ----------------------------------- 23 | 24 | .. code:: bash 25 | 26 | aws cloudwatch put-metric-alarm --alarm-name high-cpu-usage --alarm-description "Alarm when CPU exceeds 70 percent" --metric-name CPUUtilization --namespace AWS/EC2 --statistic Average --period 300 --threshold 70 --comparison-operator GreaterThanThreshold --dimensions "Name=InstanceId,Value=i-123456789" --evaluation-periods 2 --alarm-actions arn:aws:sns:ap-southeast-1:987654321:System-Alerts --unit Percent 27 | 28 | Create Alarm on StatusCheckFailed_Instance 29 | ------------------------------------------ 30 | 31 | .. code:: bash 32 | 33 | aws cloudwatch put-metric-alarm --alarm-name EC2-StatusCheckFailed-AppServer --alarm-description "EC2 StatusCheckFailed for AppServer" --metric-name StatusCheckFailed_Instance --namespace AWS/EC2 --statistic Average --period 60 --threshold 0 --comparison-operator GreaterThanThreshold --dimensions "Name=InstanceId,Value=i-123456789" --evaluation-periods 3 --alarm-actions arn:aws:sns:ap-southeast-1:987654321:System-Alerts --unit Count 34 | -------------------------------------------------------------------------------- /cognito.rst: -------------------------------------------------------------------------------- 1 | Cognito 2 | ======= 3 | 4 | List User Pools and Names 5 | ------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws cognito-idp list-user-pools --max-results 60 | jq -r '.UserPools[] | .Id+" "+.Name' 10 | 11 | .. code:: ini 12 | 13 | ap-southeast-1_b6da07d35 prod-users 14 | ap-southeast-1_b6da07d34 dev-users 15 | 16 | List Phone and Email of All Users 17 | --------------------------------- 18 | 19 | .. code:: bash 20 | 21 | aws cognito-idp list-users --user-pool-id ap-southeast-1_b6da07d35 | jq -r '.Users[].Attributes | from_entries | .sub + " " + .phone_number + " " + .email' 22 | 23 | .. code:: ini 24 | 25 | 585fb96e-525c-4f9b-9d41-865d2dffde9b +601122334455 admin@mdminhazulhaque.io 26 | 71f2778c-8e21-4775-94dc-e363c77d1ae1 +601122334455 foo@bar.com 27 | 8fc1882e-e661-49db-88e6-45d370bc352a +601122334455 cli@aws.com 28 | -------------------------------------------------------------------------------- /conf.py: -------------------------------------------------------------------------------- 1 | project = 'aws-cli-cheatsheet' 2 | copyright = '2025, Md Minhazul Haque' 3 | author = 'Md Minhazul Haque' 4 | 5 | extensions = [ 6 | 'sphinx_rtd_theme', 7 | 'sphinxemoji.sphinxemoji', 8 | 'sphinxext.opengraph', 9 | 'sphinx_favicon', 10 | ] 11 | 12 | templates_path = ['_templates'] 13 | exclude_patterns = ['build.sh', '.github/*', 'env/*', 'requirements.txt'] 14 | 15 | html_theme = 'sphinx_rtd_theme' 16 | html_static_path = ['_static'] 17 | html_extra_path = ['CNAME', '.nojekyll'] 18 | 19 | favicons = [ 20 | {"href": "favicon.ico"}, 21 | ] 22 | 23 | ogp_image = "/_static/aws-jq.png" 24 | -------------------------------------------------------------------------------- /dynamodb.rst: -------------------------------------------------------------------------------- 1 | DynamoDB 2 | ======== 3 | 4 | List Tables 5 | ----------- 6 | 7 | .. code:: bash 8 | 9 | aws dynamodb list-tables | jq -r .TableNames[] 10 | 11 | .. code:: ini 12 | 13 | userdata_hk 14 | userdata_vn 15 | userdata_sg 16 | providers 17 | events 18 | 19 | Get All Items from a Table 20 | -------------------------- 21 | 22 | |:warning:| This command will stream ALL items untill SIGINT is sent 23 | 24 | .. code:: bash 25 | 26 | aws dynamodb scan --table-name events 27 | 28 | Get Item Count from a Table 29 | --------------------------- 30 | 31 | .. code:: bash 32 | 33 | aws dynamodb scan --table-name events --select COUNT | jq .ScannedCount 34 | 35 | .. code:: ini 36 | 37 | 726119 38 | 39 | Get Item using Key 40 | ------------------ 41 | 42 | .. code:: bash 43 | 44 | aws dynamodb get-item --table-name events --key '{"email": {"S": "admin@mdminhazulhaque.io"}}' 45 | 46 | .. code:: json 47 | 48 | { 49 | "Item": { 50 | "email": { 51 | "S": "admin@mdminhazulhaque.io" 52 | }, 53 | "created_at": { 54 | "N": "1554780667296" 55 | }, 56 | "event_type": { 57 | "S": "DISPATCHED" 58 | } 59 | } 60 | } 61 | 62 | Get Specific Fields from an Item 63 | -------------------------------- 64 | 65 | .. code:: bash 66 | 67 | aws dynamodb get-item --table-name events --key '{"email": {"S": "admin@mdminhazulhaque.io"}}' --attributes-to-get event_type 68 | 69 | .. code:: json 70 | 71 | { 72 | "Item": { 73 | "event_type": { 74 | "S": "DISPATCHED" 75 | } 76 | } 77 | } 78 | 79 | Delete Item using Key 80 | --------------------- 81 | 82 | .. code:: bash 83 | 84 | aws dynamodb delete-item --table-name events --key '{"email": {"S": "admin@mdminhazulhaque.io"}}' -------------------------------------------------------------------------------- /ec2.rst: -------------------------------------------------------------------------------- 1 | EC2 2 | === 3 | 4 | List Instance ID, Type and Name 5 | ------------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws ec2 describe-instances | jq -r '.Reservations[].Instances[]|.InstanceId+" "+.InstanceType+" "+(.Tags[] | select(.Key == "Name").Value)' 10 | 11 | .. code:: ini 12 | 13 | i-0f112d652ecf13dac c3.xlarge fisher.com 14 | i-0b3b5128445a332db t2.nano robinson.com 15 | i-0d1c1cf4e980ac593 t2.micro nolan.com 16 | i-004ee6b792c3b6914 t2.nano grimes-green.net 17 | i-00f11e8e33c971058 t2.nano garrett.com 18 | 19 | List Instances with Public IP Address and Name 20 | ---------------------------------------------- 21 | 22 | |:arrow_right:| Tip: You can directly put this into your ``/etc/hosts`` 23 | 24 | .. code:: bash 25 | 26 | aws ec2 describe-instances --query 'Reservations[*].Instances[?not_null(PublicIpAddress)]' | jq -r '.[][]|.PublicIpAddress+" "+(.Tags[]|select(.Key=="Name").Value)' 27 | 28 | .. code:: ini 29 | 30 | 223.64.72.64 fisher.com 31 | 198.82.207.161 robinson.com 32 | 182.139.20.233 nolan.com 33 | 153.134.83.44 grimes-green.net 34 | 202.32.63.121 garrett.com 35 | 36 | List Instances with Specific Tag 37 | -------------------------------- 38 | 39 | .. code:: bash 40 | 41 | aws ec2 describe-instances | jq -r '.Reservations[].Instances[] | select(.Tags[] | .Value == "my-project-name") | .InstanceId' 42 | 43 | .. code:: ini 44 | 45 | i-0f112d652ecf13dac 46 | i-0b3b5128445a332db 47 | i-0d1c1cf4e980ac593 48 | 49 | Tag Instances 50 | ------------- 51 | 52 | .. code:: bash 53 | 54 | aws ec2 create-tags --resources i-0f112d652ecf13dac --tags Key=environment,Value=prod 55 | 56 | List VPCs with CIDR IP Block 57 | ---------------------------- 58 | 59 | .. code:: bash 60 | 61 | aws ec2 describe-vpcs | jq -r '.Vpcs[]|.VpcId+" "+(.Tags[]|select(.Key=="Name").Value)+" "+.CidrBlock' 62 | 63 | .. code:: ini 64 | 65 | vpc-0d1c1cf4e980ac593 frontend-vpc 10.0.0.0/16 66 | vpc-00f11e8e33c971058 backend-vpc 172.31.0.0/16 67 | 68 | List Subnets under a VPC 69 | ------------------------ 70 | 71 | .. code:: bash 72 | 73 | aws ec2 describe-subnets --filter Name=vpc-id,Values=vpc-0d1c1cf4e980ac593 | jq -r '.Subnets[]|.SubnetId+" "+.CidrBlock+" "+(.Tags[]|select(.Key=="Name").Value)' 74 | 75 | .. code:: ini 76 | 77 | subnet-0dae5d4daa47fe4a2 10.0.128.0/20 Public Subnet 1 78 | subnet-0641a25faccb01f0f 10.0.32.0/19 Private Subnet 2 79 | subnet-09fb8038641f1f36f 10.0.0.0/19 Private Subnet 1 80 | subnet-02a63c67684d8deed 10.0.144.0/20 Public Subnet 2 81 | 82 | List Security Groups 83 | ----------------------- 84 | 85 | .. code:: bash 86 | 87 | aws ec2 describe-security-groups | jq -r '.SecurityGroups[]|.GroupId+" "+.GroupName' 88 | 89 | .. code:: ini 90 | 91 | sg-02a63c67684d8deed backend-db 92 | sg-0dae5d4daa47fe4a2 backend-redis 93 | sg-0a56bff7b12264282 frontend-lb 94 | sg-0641a25faccb01f0f frontend-https 95 | sg-09fb8038641f1f36f internal-ssh 96 | 97 | List Security Groups for an Instance 98 | ------------------------------------ 99 | 100 | .. code:: bash 101 | 102 | aws ec2 describe-instances --instance-ids i-0dae5d4daa47fe4a2 | jq -r '.Reservations[].Instances[].SecurityGroups[]|.GroupId+" "+.GroupName' 103 | 104 | .. code:: ini 105 | 106 | sg-02a63c67684d8deed backend-db 107 | sg-0dae5d4daa47fe4a2 backend-redis 108 | 109 | Assign Security Groups to an Instance 110 | ------------------------------------- 111 | 112 | |:arrow_right:| You have to provide existing Security Group IDs as well 113 | 114 | .. code:: bash 115 | 116 | aws ec2 modify-instance-attribute --instance-id i-0dae5d4daa47fe4a2 --groups sg-02a63c67684d8deed sg-0dae5d4daa47fe4a2 117 | 118 | List Security Group Rules in FromAddress/ToPort Format 119 | ------------------------------------------------------ 120 | 121 | .. code:: bash 122 | 123 | aws ec2 describe-security-groups --group-ids sg-02a63c67684d8deed | jq -r '.SecurityGroups[].IpPermissions[]|. as $parent|(.IpRanges[].CidrIp+" "+($parent.ToPort|tostring))' 124 | 125 | .. code:: ini 126 | 127 | 223.64.72.64/32 3306 128 | 198.82.207.161/32 3306 129 | 168.244.58.160/32 3306 130 | 202.0.149.202/32 3306 131 | 212.143.80.102/32 3306 132 | 133 | Add Rule to Security Group 134 | -------------------------- 135 | 136 | .. code:: bash 137 | 138 | aws ec2 authorize-security-group-ingress --group-id sg-02a63c67684d8deed --protocol tcp --port 443 --cidr 35.0.0.1/24 139 | 140 | Remove Rule from Security Group 141 | ------------------------------- 142 | 143 | .. code:: bash 144 | 145 | aws ec2 revoke-security-group-ingress --group-id sg-02a63c67684d8deed --protocol tcp --port 443 --cidr 35.0.0.1/24 146 | 147 | Modify Rules of Security Group 148 | ------------------------------ 149 | 150 | |:arrow_right:| You have to provide All previous rules as well 151 | 152 | .. code:: bash 153 | 154 | aws ec2 update-security-group-rule-descriptions-ingress --group-id sg-02a63c67684d8deed --ip-permissions 'ToPort=443,IpProtocol=tcp,IpRanges=[{CidrIp=202.171.186.133/32,Description=Home}]' 155 | 156 | Delete Security Group 157 | --------------------- 158 | 159 | .. code:: bash 160 | 161 | aws ec2 delete-security-group --group-id sg-02a63c67684d8deed 162 | 163 | -------------------------------------------------------------------------------- /ecr.rst: -------------------------------------------------------------------------------- 1 | ECR 2 | === 3 | 4 | List Repositories 5 | ----------------- 6 | 7 | .. code:: bash 8 | 9 | aws ecr describe-repositories | jq -r '.repositories[] | .repositoryName' 10 | 11 | .. code:: ini 12 | 13 | prod-web-api 14 | prod-frontend 15 | 16 | List Images from a Repository 17 | ----------------------------- 18 | 19 | .. code:: bash 20 | 21 | aws ecr list-images --repository prod-web-api | jq -r '.imageIds[] | .imageTag' 22 | 23 | .. code:: ini 24 | 25 | prod-api:v101 26 | prod-api:v102 27 | prod-api:v103 28 | prod-api:v104 29 | prod-api:v105 -------------------------------------------------------------------------------- /efs.rst: -------------------------------------------------------------------------------- 1 | EFS 2 | === 3 | 4 | List of Filesystems 5 | ------------------- 6 | 7 | .. code:: bash 8 | 9 | aws efs describe-file-systems | jq -r '.FileSystems[] | .FileSystemId + " " + .Name' 10 | 11 | .. code:: ini 12 | 13 | fs-1894c355 production-images 14 | fs-964dc315 production-docs 15 | fs-257dc779 production-export 16 | -------------------------------------------------------------------------------- /eks.rst: -------------------------------------------------------------------------------- 1 | EKS 2 | === 3 | 4 | List Clusters 5 | ------------- 6 | 7 | .. code:: bash 8 | 9 | aws eks list-clusters | jq -r .clusters[] 10 | 11 | .. code:: ini 12 | 13 | devtest 14 | mobileapi-prod 15 | usermanagement-prod 16 | 17 | Generate KUBECONFIG for Cluster 18 | ------------------------------- 19 | 20 | .. code:: bash 21 | 22 | aws eks update-kubeconfig --name devtest 23 | 24 | .. code:: ini 25 | 26 | Updated context arn:aws:eks:ap-southeast-1:987654321:cluster/devtest in /home/mdminhazulhaque/.kube/config 27 | 28 | List NodeGroups for Cluster 29 | --------------------------- 30 | 31 | .. code:: bash 32 | 33 | aws eks list-nodegroups --cluster-name devtest 34 | 35 | .. code:: ini 36 | 37 | nodegroups: 38 | - dev-nodes 39 | - test-nodes 40 | - argocd-nodes 41 | 42 | Modify NodeGroups for Cluster 43 | ----------------------------- 44 | 45 | .. code:: bash 46 | 47 | aws eks update-nodegroup-config --cluster-name devtest --nodegroup-name dev-nodes --scaling-config minSize=1,desiredSize=5,maxSize=10 48 | 49 | Refresh EKS AutoScalingGroup Instances 50 | -------------------------------------- 51 | 52 | .. code:: bash 53 | 54 | aws autoscaling start-instance-refresh --auto-scaling-group-name eks-mycluster-20241119081040239300000001-fcc9a1bc-a1ef-54d4-d72f-b171eb5b0062 55 | -------------------------------------------------------------------------------- /elasticache.rst: -------------------------------------------------------------------------------- 1 | ElastiCache 2 | =========== 3 | 4 | List Machine Type and Name 5 | -------------------------- 6 | 7 | .. code:: bash 8 | 9 | aws elasticache describe-cache-clusters | jq -r '.CacheClusters[] | .CacheNodeType+" "+.CacheClusterId' 10 | 11 | .. code:: ini 12 | 13 | cache.t2.micro backend-login-hk 14 | cache.m5.large backend-login-vn 15 | cache.t3.small backend-login-sg 16 | 17 | List Replication Groups 18 | ----------------------- 19 | 20 | .. code:: bash 21 | 22 | aws elasticache describe-replication-groups | jq -r '.ReplicationGroups[] | .ReplicationGroupId+" "+.NodeGroups[].PrimaryEndpoint.Address' 23 | 24 | .. code:: ini 25 | 26 | backend-login-hk backend-login-hk.6da35.ng.0001.apse1.cache.amazonaws.com 27 | backend-login-vn backend-login-vn.6da35.ng.0001.apse1.cache.amazonaws.com 28 | backend-login-sg backend-login-sg.6da35.ng.0001.apse1.cache.amazonaws.com 29 | 30 | List Snapshots 31 | -------------- 32 | 33 | .. code:: bash 34 | 35 | aws elasticache describe-snapshots | jq -r '.Snapshots[] | .SnapshotName' 36 | 37 | .. code:: ini 38 | 39 | automatic.backend-login-hk-2020-02-27-00-27 40 | automatic.backend-login-vn-2020-02-27-00-27 41 | automatic.backend-login-sg-2020-02-27-00-27 42 | 43 | Create a Snapshot 44 | ----------------- 45 | 46 | .. code:: bash 47 | 48 | aws elasticache create-snapshot --snapshot-name backend-login-hk-snap-0001 --replication-group-id backend-login-hk --cache-cluster-id backend-login-hk 49 | 50 | Delete a Snapshot 51 | ----------------- 52 | 53 | .. code:: bash 54 | 55 | aws elasticache delete-snapshot --snapshot-name backend-login-hk-snap-0001 56 | 57 | Scale Up/Down a Replica 58 | ----------------------- 59 | 60 | .. code:: bash 61 | 62 | aws elasticache increase-replica-count --replication-group-id backend-login-hk --apply-immediately 63 | aws elasticache decrease-replica-count --replication-group-id backend-login-hk --apply-immediately 64 | 65 | -------------------------------------------------------------------------------- /elb.rst: -------------------------------------------------------------------------------- 1 | ELB 2 | === 3 | 4 | Create an ALB 5 | ------------- 6 | 7 | .. code:: bash 8 | 9 | aws elbv2 create-load-balancer --name lb-my-app --subnets subnet-006283cc641883340 subnet-0f824d8944b903079 subnet-0b6976fef09a3ed00 | jq -r .LoadBalancers[0].LoadBalancerArn 10 | 11 | .. code:: ini 12 | 13 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:loadbalancer/app/lb-my-app/a1ecf6e769562994 14 | 15 | Create a Target Group 16 | --------------------- 17 | 18 | .. code:: bash 19 | 20 | aws elbv2 create-target-group --name tg-my-app --protocol HTTP --port 8000 --target-type instance --vpc-id vpc-0ae29454e100df108 | jq -r .TargetGroups[0].TargetGroupArn 21 | 22 | .. code:: ini 23 | 24 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/tg-my-app/a7d3e159ca722a4d 25 | 26 | Register EC2 to a Target Group 27 | ------------------------------ 28 | 29 | .. code:: bash 30 | 31 | aws elbv2 register-targets --target-group-arn arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/tg-my-app/a7d3e159ca722a4d --targets Id=i-00a8e8746f02bdf29 32 | 33 | Create Listener and forward to a Target Group 34 | --------------------------------------------- 35 | 36 | .. code:: bash 37 | 38 | aws elbv2 create-listener --load-balancer-arn arn:aws:elasticloadbalancing:ap-southeast-1:987654321:loadbalancer/app/lb-my-app/a1ecf6e769562994 --port 80 --protocol HTTP --default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/tg-my-app/a7d3e159ca722a4d | jq -r .Listeners[0].ListenerArn 39 | 40 | .. code:: ini 41 | 42 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:listener/app/lb-my-app/a1ecf6e769562994/d77331a1038731de 43 | 44 | Create HTTPS Listener with Host Based Rule 45 | ------------------------------------------ 46 | 47 | .. code:: bash 48 | 49 | aws elbv2 create-listener --load-balancer-arn arn:aws:elasticloadbalancing:ap-southeast-1:987654321:loadbalancer/app/lb-my-app/a1ecf6e769562994 --port 443 --protocol HTTPS --default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/tg-my-app/a7d3e159ca722a4d --certificates CertificateArn=arn:aws:acm:ap-southeast-1:987654321:certificate/88c10c4e-a0ba-41e9-bbd4-734e0191e363 50 | 51 | .. code:: bash 52 | 53 | aws elbv2 create-rule --listener-arn arn:aws:elasticloadbalancing:ap-southeast-1:987654321:listener/app/lb-my-app/a1ecf6e769562994/d77331a1038731de --priority 1 --conditions Field=host-header,HostHeaderConfig={Values=app.example.com} --actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/tg-my-app/a7d3e159ca722a4d 54 | 55 | List LoadBalancer DNS Names 56 | ------------------------------ 57 | 58 | .. code:: bash 59 | 60 | aws elbv2 describe-load-balancers --query 'LoadBalancers[*].DNSName' | jq -r 'to_entries[] | .value' 61 | 62 | .. code:: ini 63 | 64 | frontend-lb-1220186848339.ap-southeast-1.elb.amazonaws.com 65 | backend-lb-6208709163457.ap-southeast-1.elb.amazonaws.com 66 | 67 | List LoadBalancer ARNs 68 | ------------------------- 69 | 70 | .. code:: bash 71 | 72 | aws elbv2 describe-load-balancers | jq -r '.LoadBalancers[] | .LoadBalancerArn' 73 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:loadbalancer/app/frontend-lb/1220186848339 74 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:loadbalancer/app/backend-lb/6208709163457 75 | 76 | List Target Group ARNs 77 | ------------------------- 78 | 79 | .. code:: bash 80 | 81 | aws elbv2 describe-target-groups | jq -r '.TargetGroups[] | .TargetGroupArn' 82 | 83 | .. code:: ini 84 | 85 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/frontend/b6da07d35 86 | arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/backend/97ad3b13c 87 | 88 | Find Instances for a Target Group 89 | --------------------------------- 90 | 91 | .. code:: bash 92 | 93 | aws elbv2 describe-target-health --target-group-arn arn:aws:elasticloadbalancing:ap-southeast-1:987654321:targetgroup/wordpress-ph/88f517d6b5326a26 | jq -r '.TargetHealthDescriptions[] | .Target.Id' 94 | 95 | .. code:: ini 96 | 97 | i-0b3b5128445a332db 98 | i-0d1c1cf4e980ac593 99 | i-00f11e8e33c971058 100 | 101 | -------------------------------------------------------------------------------- /iam.rst: -------------------------------------------------------------------------------- 1 | IAM 2 | === 3 | 4 | List UserId and UserName 5 | ------------------------ 6 | 7 | .. code:: bash 8 | 9 | aws iam list-users | jq -r '.Users[]|.UserId+" "+.UserName' 10 | 11 | .. code:: ini 12 | 13 | AIDAZBWIOJIQFOLNBXXCVSUQ kaiser 14 | AIDAZCTWYVXYOKSHVWXPYPLR thornton 15 | AIDAZUYALCGFQJENBCZFJTVX maldonado 16 | AIDAZKQAFIGQJWOKKSKRBLGE key 17 | AIDAZXUDGQVQCEWBFGIJOWWY nelson 18 | 19 | Get a Single User 20 | ----------------- 21 | 22 | .. code:: bash 23 | 24 | aws iam get-user --user-name kaiser 25 | 26 | Add a User 27 | ---------- 28 | 29 | .. code:: bash 30 | 31 | aws iam create-user --user-name audit-temp 32 | 33 | Delete a User 34 | ------------- 35 | 36 | .. code:: bash 37 | 38 | aws iam delete-user --user-name audit-temp 39 | 40 | List Access Keys for a User 41 | --------------------------- 42 | 43 | .. code:: bash 44 | 45 | aws iam list-access-keys --user-name audit-temp | jq -r .AccessKeyMetadata[].AccessKeyId 46 | 47 | .. code:: ini 48 | 49 | AKIABWIOJIQFOLNBXXCVSUQ 50 | AKIACTWYVXYOKSHVWXPYPLR 51 | 52 | Delete Access Key for a User 53 | ---------------------------- 54 | 55 | .. code:: bash 56 | 57 | aws iam delete-access-key --user-name audit-temp --access-key-id AKIABWIOJIQFOLNBXXCVSUQ 58 | 59 | Activate/Deactivate Access Key for a User 60 | ----------------------------------------- 61 | 62 | .. code:: bash 63 | 64 | aws iam update-access-key --status Inactive --user-name audit-temp --access-key-id AKIABWIOJIQFOLNBXXCVSUQ 65 | aws iam update-access-key --status Active --user-name audit-temp --access-key-id AKIABWIOJIQFOLNBXXCVSUQ 66 | 67 | Generate New Access Key for a User 68 | ---------------------------------- 69 | 70 | .. code:: bash 71 | 72 | aws iam create-access-key --user-name audit-temp | jq -r '.AccessKey | .AccessKeyId+" "+.SecretAccessKey' 73 | 74 | .. code:: ini 75 | 76 | AKIABWIOJIQFOLNBXXCVSUQ p9ge02ebLX9jobdQKmfikRqCiEw3HBylwHyXq0z 77 | 78 | Change Console Password for a User 79 | ---------------------------------- 80 | 81 | .. code:: bash 82 | 83 | aws iam update-login-profile --user-name bob-marketing --password '5tr0nGp@$$w0rD' 84 | 85 | List Groups 86 | ----------- 87 | 88 | .. code:: bash 89 | 90 | aws iam list-groups | jq -r .Groups[].GroupName 91 | 92 | .. code:: ini 93 | 94 | developers 95 | administrators 96 | testers 97 | marketing-ro 98 | 99 | Add/Delete Groups 100 | ----------------- 101 | 102 | .. code:: bash 103 | 104 | aws iam create-group --group-name business-ro 105 | aws iam delete-group --group-name business-ro 106 | 107 | List Policies and ARNs 108 | ---------------------- 109 | 110 | .. code:: bash 111 | 112 | aws iam list-policies | jq -r '.Policies[]|.PolicyName+" "+.Arn' 113 | aws iam list-policies --scope AWS | jq -r '.Policies[]|.PolicyName+" "+.Arn' 114 | aws iam list-policies --scope Local | jq -r '.Policies[]|.PolicyName+" "+.Arn' 115 | 116 | List User/Group/Roles for a Policy 117 | ---------------------------------- 118 | 119 | .. code:: bash 120 | 121 | aws iam list-entities-for-policy --policy-arn arn:aws:iam::987654321:policy/Marketing-ReadOnly 122 | 123 | List Policies for a Group 124 | ------------------------- 125 | 126 | .. code:: bash 127 | 128 | aws iam list-attached-group-policies --group-name business-ro 129 | 130 | Add Policy to a Group 131 | --------------------- 132 | 133 | .. code:: bash 134 | 135 | aws iam attach-group-policy --group-name business-ro --policy-arn arn:aws:iam::aws:policy/DynamoDBReadOnlyAccess 136 | 137 | Add User to a Group 138 | ------------------- 139 | 140 | .. code:: bash 141 | 142 | aws iam add-user-to-group --group-name business-ro --user-name marketing-michael 143 | 144 | Remove User from a Group 145 | ------------------------ 146 | 147 | .. code:: bash 148 | 149 | aws iam remove-user-from-group --group-name business-ro --user-name marketing-alice 150 | 151 | List Users in a Group 152 | --------------------- 153 | 154 | .. code:: bash 155 | 156 | aws iam get-group --group-name business-ro 157 | 158 | List Groups for a User 159 | ---------------------- 160 | 161 | .. code:: bash 162 | 163 | aws iam list-groups-for-user --user-name qa-bob 164 | 165 | Attach/Detach Policy to a Group 166 | ------------------------------- 167 | 168 | .. code:: bash 169 | 170 | aws iam detach-group-policy --group-name business-ro --policy-arn arn:aws:iam::aws:policy/DynamoDBFullAccess 171 | aws iam attach-group-policy --group-name business-ro --policy-arn arn:aws:iam::aws:policy/DynamoDBFullAccess 172 | -------------------------------------------------------------------------------- /index.rst: -------------------------------------------------------------------------------- 1 | AWS CLI Cheatsheet 2 | ================== 3 | 4 | Supercharge your daily acitivities related to AWS cloud using the combination of AWS CLI and JQ. 5 | 6 | Prerequisites 7 | ------------- 8 | 9 | - `aws-cli