==== AWS ==== Function: Login with SFT Usage: sft ssh --via $pbast --via bastion-id ec2-instance-id Function: AWS Check IP Usage: curl checkip.amazonaws.com Function: AWS Check Hostname Usage: dig -x $(curl -s checkip.amazonaws.com) +short ==== AWS CLI Discovery ==== Ty @Sheppy Function: Check Tenancy of all EC2 Instances Usage: aws ec2 describe-instances --query 'sort_by(Reservations, &Instances[0].Tags[?Key==`Name`]|[0].Value || `none`)[*].Instances[*].{Tenancy:Placement.Tenancy, InstanceId:InstanceId, Name:Tags[?Key==`Name`]|[0].Value, Environment:Tags[?Key==`Environment`]|[0].Value}' --output table --region REGION-ID Function: Check Encryption of all EBS Volumes Usage: aws ec2 describe-volumes --query 'Volumes[*].{VolumeId:VolumeId, Encrypted:Encrypted, InstanceId:Attachments[*].InstanceId|[0],Environment:Tags[?Key==`Environment`]|[0].Value}' --output table --region REGION-ID Function: List VPCs Usage: aws ec2 describe-vpcs --query 'Vpcs[*].{VpcId:VpcId, Name:Tags[?Key==`Name`].Value|[0], Environment:Tags[?Key==`Environment`].Value|[0], Cidr:CidrBlock, Default:((IsDefault && `Default`)||`NotDefault`)}' --output table --region REGION-ID Function: List Subnets Usage: aws ec2 describe-subnets --query 'sort_by(Subnets, &Tags[?Key == `Name`].Value|[0] || `none`)[*].{AZ:AvailabilityZone, SubnetId:SubnetId, VpcId:VpcId, Cidr:CidrBlock, Environment:Tags[?Key==`Environment`].Value|[0], Name:Tags[?Key==`Name`].Value|[0], Public:MapPublicIpOnLaunch}' --output table --region REGION-ID Function: List VPNs Usage: aws ec2 describe-vpn-gateways --query 'VpnGateways[*].[Tags[?Key==`Name`].Value|[0], VpnGatewayId, Type, State, VpcAttachments[*].[`" "`, VpcId, State]]' --output text --region REGION-ID Function: List NAT Gateways Usage: aws ec2 describe-nat-gateways --query 'NatGateways[*].[NatGatewayId, VpcId, [` `, NatGatewayAddresses[?PublicIp].PublicIp|[0] ,NatGatewayAddresses[?PrivateIp].PrivateIp|[0]]]' --output text --region REGION-ID Function: List ASGs Usage: aws autoscaling describe-auto-scaling-groups --query 'sort_by(AutoScalingGroups,&AutoScalingGroupName || `none`)[*].[join(`:`, [to_string(MinSize), to_string(MaxSize), to_string(DesiredCapacity)]), Tags[?Key==`aws:cloudformation:logical-id`].Value|[0], AutoScalingGroupName, Instances[*].[`" "`, AvailabilityZone, InstanceId, HealthStatus, LifecycleState], Tags[?Key==`Environment`].Value|[0]]' --output text --region REGION-ID Function: List EC2 Instances Usage: aws ec2 describe-instances --query 'sort_by(Reservations, &(Instances[0].Tags[?Key == `Name`] | [0].Value || `none`))[*].Instances[*].{InstanceId:InstanceId, Platform:Platform, Type:InstanceType, AMI:ImageId, RootType:RootDeviceType, State:State.Name, EbsOpt:EbsOptimized, AZ:Placement.AvailabilityZone, VPC:VpcId, Subnet:SubnetId, Name:Tags[?Key==`Name`]|[0].Value,Tenancy:Placement.Tenancy,Env:Tags[?Key==`Environment`]|[0].Value,Backup:Tags[?Key==`Backup`]|[0].Value}' --output table --region REGION-ID Function: List Volumes Usage: aws ec2 describe-volumes --query 'sort_by(Volumes, &(Attachments[?State==`attached`].InstanceId|[0] || `none`) )[*].{VolumeId:VolumeId, Type:VolumeType, Size:Size, Iops:Iops, State:State, AZ:AvailabilityZone, Encrypted:Encrypted, Instance:Attachments[?State==`attached`].InstanceId|[0]}' --output table --region REGION-ID Function: List SSM Usage: aws ssm describe-instance-information --query 'InstanceInformationList[*].[PingStatus,InstanceId,PlatformName,PlatformType,((IsLatestVersion&&`IsLatestVersion`)||`NotLatestVersion`)]' --output text --region REGION-ID Function: List Reserved Instances Usage: aws ec2 describe-reserved-instances --region REGION-ID Function: List RDS Clusters Usage: aws rds describe-db-clusters --query 'DBClusters[*].[Engine, EngineVersion,Status,join(`" "`, [to_string(BackupRetentionPeriod),`days`]), ((StorageEncrypted && `Encrypted`) || `UnEncrypted`), Port, DBClusterMembers[*].[`" "`,DBInstanceIdentifier,DBClusterParameterGroupStatus,((IsClusterWriter && `Writer`)||`Reader`)]]' --output text --region REGION-ID Function: List RDS Instances Usage: aws rds describe-db-instances --query 'DBInstances[*].{Name:DBInstanceIdentifier, Public:PubliclyAccessible, EngineVersion:EngineVersion, Engine:Engine, InstanceClass:DBInstanceClass, BackupDays:BackupRetentionPeriod, VolEncrypted:StorageEncrypted, VolType:StorageType, VolSize:AllocatedStorage, Status:DBInstanceStatus, Zones:((MultiAZ && `MultiAZ`)||join(`" "`, [to_string(length(DBSubnetGroup.Subnets)), `zones`])), ZonePrimary:AvailabilityZone, ZoneSecondary:SecondaryAvailabilityZone}' --output table --region REGION-ID Function: List Cache Clusters Usage: aws elasticache describe-cache-clusters --query 'sort_by(CacheClusters, &ReplicationGroupId || `none`)[*].{Engine:Engine, NodeType:CacheNodeType, EngineVersion:EngineVersion, CacheNodes:NumCacheNodes, Status:CacheClusterStatus, ClusterId:CacheClusterId,PrefAZ:PreferredAvailabilityZone, ReplicationGroup:ReplicationGroupId}' --output table --region REGION-ID Function: List all Security Groups - Until I discover a better way ¯\_(ツ)_/¯ Usage: aws ec2 describe-security-groups --query 'SecurityGroups[*].{Name:GroupName,ID:GroupId,VPC:VpcId}' --region us-east-1 --output table --region REGION-ID Usage2 aws ec2 describe-security-groups --query 'SecurityGroups[*].{Name:GroupName,ID:GroupId,VPC:VpcId,ports:IpPermissions[*].{from:FromPort,to:ToPort,cidr:IpRanges[0].CidrIp,protocol:IpProtocol}}' --region REGION-ID --output table | grep -A 10 SG-ID ==== AWS CLI CloudFormation ==== Route53_Backup CloudFormation Template (Serverless - Lambda/S3) https://hoshisato.com/tools/code/route53_backup.json Function: Create Stacks Usage: aws cloudformation create-stack --stack-name BaseNetworkStack \ --template-body file://base_network.template \ --region us-east-2 Usage: aws cloudformation create-stack --stack-name SecurityGroupStack \ --template-body file://securitygroup.template \ --parameters ParameterKey=VPCID,ParameterValue=vpc-idstring \ --region us-east-2 Usage: aws cloudformation create-stack --stack-name MariaDB --template-body file://rds_mariadb.template \ --region us-east-1 \ --parameters \ ParameterKey=VPCSecurityGroupIds,ParameterValue=sg-ID \ ParameterKey=RDSSubnets,ParameterValue=\'subnet-privateAZ1-ID,subnet-privateAZ2-ID,subnet-privateAZ3\' \ ParameterKey=MasterUsername,ParameterValue=admin \ ParameterKey=MasterUserPassword,ParameterValue=sup3r5ecretPa5sw0rd \ ParameterKey=DBName,ParameterValue=MariaDBapp \ ParameterKey=DBInstanceClass,ParameterValue=db.t2.micro \ ParameterKey=DBInstanceIdentifier,ParameterValue=MyMariaDB \ ParameterKey=Environment,ParameterValue=Staging Function: Describe a Stack & Extract a query Usage: aws cloudformation describe-stacks --region us-east-2 --stack-name Auto-Scale-Stack \ --query "Stacks[0].Parameters" > Auto-Scale-Stack.Parameters Function: Create a ChangeSet Usage: aws cloudformation create-change-set --stack-name Auto-Scale-Stack \ --change-set-name maxec2update --use-previous-template \ --parameters file://Auto-Scale-Stack.Parameters \ --region us-east-2 \ --capabilities CAPABILITY_IAM Function: Execute a ChangeSet Usage: aws cloudformation execute-change-set --stack-name Auto-Scale-Stack \ --change-set-name maxec2update \ --region us-east-2 Function: Validate Template Usage: aws cloudformation validate-template --region us-east-1 \ --template-url https://s3.amazonaws.com/path/nameof.template === AWS CLI CODEDEPLOY === http://docs.aws.amazon.com/codedeploy/latest/APIReference/Welcome.html Function: AWS DEPLOY PUSH Usage: aws deploy push --application-name HelloWorld \ --s3-location s3://m yawsbucket/HelloWorld \ --source . \ --region us-west-1 Function: Usage: Function: Usage: Function: Usage: