refactor(aws): move commands to their section for clarity when looking them up

2026-02-09 05:44:23 +00:00 · 2024-09-21 15:00:52 +02:00
parent 79ddaed45a
commit 89a8d5e979
1 changed files with 156 additions and 73 deletions
--- a/snippets/aws/commands.fish
+++ b/snippets/aws/commands.fish
@@ -1,5 +1,10 @@
 #!/usr/bin/env fish
 ###
 # CLI config
 # ------------------
 ###
 aws configure list-profiles
 aws configure --profile 'engineer'
@@ -11,26 +16,35 @@ aws --profile 'eng' sts assume-role --role-arn 'arn:aws:iam::012345678901:role/S
 aws sts get-caller-identity
 AWS_PROFILE='engineer' aws sts get-caller-identity
-aws s3 rm 's3://bucket-name/prefix' --recursive --dry-run
+docker run --rm -ti -v "$HOME/.aws:/root/.aws:ro" 'amazon/aws-cli:2.17.16' autoscaling describe-auto-scaling-groups
 aws s3 cp 's3://my-first-bucket/test.txt' 's3://my-other-bucket/'
 aws s3api list-objects-v2 --bucket 'backup'
 aws s3api list-objects-v2 --bucket 'backup' --query "Contents[?LastModified>='2022-01-05T08:05:37+00:00'].Key"
-aws ecs list-tasks --cluster 'testCluster' --family 'testService' --output 'text' --query 'taskArns' \
+###
-| xargs -p aws ecs wait tasks-running --cluster 'testCluster' --tasks
+# ACM
-while [[ $$(aws ecs list-tasks --query 'taskArns' --output 'text' --cluster 'testCluster' --service-name 'testService') == "" ]]; do sleep 1; done
+# ------------------
 ###
-@aws ecs list-task-definitions --family-prefix 'testService' --output 'text' --query 'taskDefinitionArns' \
+aws acm get-certificate --certificate-arn 'arn:aws:acm:eu-west-1:012345678901:certificate/abcdef01-2345-6789-abcd-ef0123456789'
 | xargs -pn '1' aws ecs deregister-task-definition --task-definition
 aws ecs list-tasks --query 'taskArns' --output 'text' --cluster 'testCluster' --service-name 'testService' \
 | tee \
 | xargs -t aws ecs describe-tasks --query "tasks[].attachments[].details[?(name=='privateIPv4Address')].value" --output 'text' --cluster 'testCluster' --tasks \
 | tee \
 | xargs -I{} curl -fs "http://{}:8080"
-aws ecr delete-repository --repository-name 'bananaslug'
+###
 # Autoscaling Groups
 # ------------------
 ###
 aws autoscaling describe-auto-scaling-groups
 aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names 'ProductionServers'
 aws autoscaling start-instance-refresh --auto-scaling-group-name 'ProductionServers'
 aws autoscaling describe-instance-refreshes \
 	--auto-scaling-group-name 'ProductionServers' --instance-refresh-ids '01234567-89ab-cdef-0123-456789abcdef'
 aws autoscaling cancel-instance-refresh --auto-scaling-group-name 'ProductionServers'
 aws autoscaling rollback-instance-refresh --auto-scaling-group-name 'ProductionServers'
 ###
 # EC2
 # ------------------
 ###
 # Get Name and Description of all AMIs by Amazon for arm64 that are in the 'available' state
 # and which name starts for 'al2023-ami-'
@@ -47,10 +61,10 @@ aws ec2 describe-images --output 'yaml' \
 aws iam list-instance-profiles | grep -i 'ssm'
 sudo ssm-cli get-diagnostics --output 'table'
 # Check instances are available for use with SSM
 aws ssm get-connection-status --query "Status=='connected'" --output 'text' --target "i-0915612ff82914822"
 # From the instance
 sudo ssm-cli get-diagnostics --output 'table'
 # Connect to instances if they are available
 instance_id='i-08fc83ad07487d72f' \
@@ -72,50 +86,14 @@ set instance_id 'i-0915612f182914822' \
 && aws ssm get-command-invocation --command-id "$command_id" --instance-id "$instance_id" \
 	--query '{"status": Status, "rc": ResponseCode, "stdout": StandardOutputContent, "stderr": StandardErrorContent}'
-aws imagebuilder list-image-recipes
+aws ec2 describe-images --image-ids 'ami-01234567890abcdef'
-aws imagebuilder get-image-recipe --image-recipe-arn 'arn:aws:imagebuilder:eu-west-1:012345678901:image-recipe/my-custom-image/1.0.12'
+aws ec2 describe-images --image-ids 'ami-01234567890abcdef' --query 'Images[].Description'
 aws rds start-export-task \
 	--export-task-identifier 'db-finalSnapshot-2024' \
 	--source-arn 'arn:aws:rds:eu-west-1:012345678901:snapshot:db-prod-final-2024' \
 	--s3-bucket-name 'backups' --s3-prefix 'rds' \
 	--iam-role-arn 'arn:aws:iam::012345678901:role/CustomRdsS3Exporter' \
 	--kms-key-id 'arn:aws:kms:eu-west-1:012345678901:key/abcdef01-2345-6789-abcd-ef0123456789'
 # Max 5 running at any given time, RDS cannot queue
 echo {1..5} | xargs -p -n '1' -I '{}' aws rds start-export-task …
 aws rds describe-export-tasks --query 'ExportTasks[].WarningMessage' --output 'json'
 aws rds restore-db-instance-to-point-in-time \
 	--source-db-instance-identifier 'awx' --target-db-instance-identifier 'awx-pitred' \
 	--restore-time '2024-07-31T09:29:40+00:00' \
 	--allocated-storage '20'
 aws rds restore-db-instance-from-db-snapshot \
 	--db-instance-identifier 'awx-pitr-snapshot' \
 	--db-snapshot-identifier 'rds:awx-2024-07-30-14-15'
 aws rds delete-db-instance --skip-final-snapshot --db-instance-identifier 'awx'
 aws s3api list-buckets --output 'text' --query 'Buckets[].Name' | xargs -pn '1' aws s3api list-multipart-uploads --bucket
 # Delete unused volumes older than some date
 aws ec2 describe-volumes --output 'text' --filters 'Name=status,Values=available' \
 	--query "Volumes[?CreateTime<'2018-03-31'].VolumeId" \
 | xargs -pn '1' aws ec2 delete-volume --volume-id
 aws rds describe-db-parameters --db-parameter-group-name 'default.postgres15'
 aws rds describe-db-parameters --db-parameter-group-name 'default.postgres15' \
 	--query "Parameters[?ParameterName=='shared_preload_libraries']" --output 'table'
 aws rds describe-db-parameters --db-parameter-group-name 'default.postgres15' \
 	--query "Parameters[?ParameterName=='shared_preload_libraries'].ApplyMethod" --output 'text'
 aws rds describe-db-parameters --db-parameter-group-name 'default.postgres15' --output 'json' --query "Parameters[?ApplyType!='dynamic']"
 aws kms get-key-policy --output 'text' --key-id '01234567-89ab-cdef-0123-456789abcdef'
 aws ec2 describe-images --image-ids 'ami-01234567890abcdef'
 aws ec2 describe-images --image-ids 'ami-01234567890abcdef' --query 'Images[].Description'
 # Get volume IDs of EC2 instances
 aws ec2 describe-instances --output 'text' \
 	--filters 'Name=tag:Name,Values=Prometheus' 'Name=instance-state-name,Values=running' \
@@ -142,22 +120,40 @@ aws ec2 describe-instances --output 'text' \
 	--volume-id \
 | xargs -t aws ec2 wait snapshot-completed --snapshot-ids
-aws autoscaling describe-auto-scaling-groups
+watch -n '1' aws ec2 describe-instances --instance-ids 'i-0123456789abcdef0' --query 'Reservations[].Instances[].[State,StateTransitionReason]'
 aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names 'ProductionServers'
 aws autoscaling start-instance-refresh --auto-scaling-group-name 'ProductionServers'
 aws autoscaling describe-instance-refreshes \
 	--auto-scaling-group-name 'ProductionServers' --instance-refresh-ids '01234567-89ab-cdef-0123-456789abcdef'
 aws autoscaling cancel-instance-refresh --auto-scaling-group-name 'ProductionServers'
 aws autoscaling rollback-instance-refresh --auto-scaling-group-name 'ProductionServers'
-aws kms create-key
+
-aws kms encrypt --key-id '01234567-89ab-cdef-0123-456789abcdef' --plaintext 'My Test String'
+###
-aws kms encrypt --key-id '01234567-89ab-cdef-0123-456789abcdef' --plaintext 'My Test String' \
+# ECR
-	--query 'CiphertextBlob' --output 'text' \
+# ------------------
-| base64 --decode > 'ciphertext.dat'
+###
-aws kms decrypt --ciphertext-blob 'fileb://ciphertext.dat'
+
-aws kms decrypt --ciphertext-blob 'fileb://ciphertext.dat' --query 'Plaintext' --output 'text' \
+aws ecr delete-repository --repository-name 'bananaslug'
-| base64 --decode
+
 ###
 # ECS
 # ------------------
 ###
 aws ecs list-tasks --cluster 'testCluster' --family 'testService' --output 'text' --query 'taskArns' \
 | xargs -p aws ecs wait tasks-running --cluster 'testCluster' --tasks
 while [[ $$(aws ecs list-tasks --query 'taskArns' --output 'text' --cluster 'testCluster' --service-name 'testService') == "" ]]; do sleep 1; done
@aws ecs list-task-definitions --family-prefix 'testService' --output 'text' --query 'taskDefinitionArns' \
 | xargs -pn '1' aws ecs deregister-task-definition --task-definition
 aws ecs list-tasks --query 'taskArns' --output 'text' --cluster 'testCluster' --service-name 'testService' \
 | tee \
 | xargs -t aws ecs describe-tasks --query "tasks[].attachments[].details[?(name=='privateIPv4Address')].value" --output 'text' --cluster 'testCluster' --tasks \
 | tee \
 | xargs -I{} curl -fs "http://{}:8080"
 ###
 # EKS
 # ------------------
 ###
 aws eks --region 'eu-west-1' update-kubeconfig --name 'oneForAll'
 aws eks --region 'eu-west-1' update-kubeconfig --name 'oneForAll' --profile 'dev-user'
@@ -182,7 +178,11 @@ aws eks describe-addon-configuration --addon-name 'aws-ebs-csi-driver' --addon-v
 aws eks describe-addon-configuration --addon-name 'aws-ebs-csi-driver' --addon-version 'v1.32.0-eksbuild.1' \
 	--query 'configurationSchema' --output 'text' | jq -sr
-docker run --rm -ti -v "$HOME/.aws:/root/.aws:ro" 'amazon/aws-cli:2.17.16' autoscaling describe-auto-scaling-groups
+
 ###
 # IAM
 # ------------------
 ###
 # Get all users' access keys
 aws iam list-users --no-cli-pager --query 'Users[].UserName' --output 'text' \
@@ -199,4 +199,87 @@ aws iam list-users --no-cli-pager --query 'Users[].UserName' --output 'text' \
 aws iam --no-cli-pager list-access-keys
 aws iam --no-cli-pager list-access-keys --user-name 'mark'
-watch -n '1' aws ec2 describe-instances --instance-ids 'i-0123456789abcdef0' --query 'Reservations[].Instances[].[State,StateTransitionReason]'
+
 ###
 # Image Builder
 # ------------------
 ###
 aws imagebuilder list-image-recipes
 aws imagebuilder get-image-recipe --image-recipe-arn 'arn:aws:imagebuilder:eu-west-1:012345678901:image-recipe/my-custom-image/1.0.12'
 ###
 # KMS
 # ------------------
 ###
 aws kms get-key-policy --output 'text' --key-id '01234567-89ab-cdef-0123-456789abcdef'
 aws kms create-key
 aws kms encrypt --key-id '01234567-89ab-cdef-0123-456789abcdef' --plaintext 'My Test String'
 aws kms encrypt --key-id '01234567-89ab-cdef-0123-456789abcdef' --plaintext 'My Test String' \
 	--query 'CiphertextBlob' --output 'text' \
 | base64 --decode > 'ciphertext.dat'
 aws kms decrypt --ciphertext-blob 'fileb://ciphertext.dat'
 aws kms decrypt --ciphertext-blob 'fileb://ciphertext.dat' --query 'Plaintext' --output 'text' \
 | base64 --decode
 ###
 # RDS
 # ------------------
 ###
 aws rds start-export-task \
 	--export-task-identifier 'db-finalSnapshot-2024' \
 	--source-arn 'arn:aws:rds:eu-west-1:012345678901:snapshot:db-prod-final-2024' \
 	--s3-bucket-name 'backups' --s3-prefix 'rds' \
 	--iam-role-arn 'arn:aws:iam::012345678901:role/CustomRdsS3Exporter' \
 	--kms-key-id 'arn:aws:kms:eu-west-1:012345678901:key/abcdef01-2345-6789-abcd-ef0123456789'
 # Max 5 running at any given time, RDS cannot queue
 echo {1..5} | xargs -p -n '1' -I '{}' aws rds start-export-task …
 aws rds describe-export-tasks --query 'ExportTasks[].WarningMessage' --output 'json'
 aws rds restore-db-instance-to-point-in-time \
 	--source-db-instance-identifier 'awx' --target-db-instance-identifier 'awx-pitred' \
 	--restore-time '2024-07-31T09:29:40+00:00' \
 	--allocated-storage '20'
 aws rds restore-db-instance-from-db-snapshot \
 	--db-instance-identifier 'awx-pitr-snapshot' \
 	--db-snapshot-identifier 'rds:awx-2024-07-30-14-15'
 aws rds delete-db-instance --skip-final-snapshot --db-instance-identifier 'awx'
 aws rds describe-db-parameters --db-parameter-group-name 'default.postgres15'
 aws rds describe-db-parameters --db-parameter-group-name 'default.postgres15' \
 	--query "Parameters[?ParameterName=='shared_preload_libraries']" --output 'table'
 aws rds describe-db-parameters --db-parameter-group-name 'default.postgres15' \
 	--query "Parameters[?ParameterName=='shared_preload_libraries'].ApplyMethod" --output 'text'
 aws rds describe-db-parameters --db-parameter-group-name 'default.postgres15' --output 'json' --query "Parameters[?ApplyType!='dynamic']"
 ###
 # Route53
 # ------------------
 ###
 aws route53 list-hosted-zones
 aws route53 list-resource-record-sets --hosted-zone-id 'ABC012DEF345GH'
 ###
 # S3
 # ------------------
 ###
 aws s3 rm 's3://bucket-name/prefix' --recursive --dry-run
 aws s3 cp 's3://my-first-bucket/test.txt' 's3://my-other-bucket/'
 aws s3api list-objects-v2 --bucket 'backup'
 aws s3api list-objects-v2 --bucket 'backup' --query "Contents[?LastModified>='2022-01-05T08:05:37+00:00'].Key"
 aws s3api list-buckets --output 'text' --query 'Buckets[].Name' | xargs -pn '1' aws s3api list-multipart-uploads --bucket