From 97df28ef466bce9e12d9bee189e08654507102de Mon Sep 17 00:00:00 2001
From: Michele Cereda <cereda.michele@gmail.com>
Date: Sun, 17 Nov 2024 21:51:12 +0100
Subject: [PATCH] refactor(snippets/aws): split ec2 into its own file

---
 snippets/aws/ec2.fish            | 115 +++++++++++++++++++++++++++++++
 snippets/aws/other commands.fish | 109 -----------------------------
 2 files changed, 115 insertions(+), 109 deletions(-)
 create mode 100644 snippets/aws/ec2.fish

diff --git a/snippets/aws/ec2.fish b/snippets/aws/ec2.fish
new file mode 100644
index 0000000..e5f47cd
--- /dev/null
+++ b/snippets/aws/ec2.fish
@@ -0,0 +1,115 @@
+#!/usr/bin/env fish
+
+# Get Name and Description of all AMIs by Amazon for arm64 that are in the 'available' state
+# and which name starts for 'al2023-ami-'
+aws ec2 describe-images --output 'yaml' \
+	--owners 'amazon' \
+	--filters \
+		'Name=architecture,Values=['arm64']' \
+		'Name=state,Values=['available']' \
+	--query '
+		Images[]
+		.{"Name":@.Name,"Description":@.Description}
+	' \
+| yq '.[]|select(.Name|test("^al2023-ami-"))' -
+
+aws iam list-instance-profiles | grep -i 'ssm'
+
+# Check instances are available for use with SSM
+aws ssm get-connection-status --query "Status=='connected'" --output 'text' --target 'i-0915612ff82914822'
+aws ssm describe-instance-associations-status --instance-id 'i-0f8b61c78622caed2'
+# From the instance
+sudo ssm-cli get-diagnostics --output 'table'
+
+# Connect to instances if they are available
+instance_id='i-08fc83ad07487d72f' \
+&& eval $(aws ssm get-connection-status --target "$instance_id" --query "Status=='connected'" --output 'text') \
+&& aws ssm start-session --target "$instance_id" \
+|| (echo "instance ${instance_id} not available" >&2 && false)
+
+aws ssm describe-instance-associations-status --instance-id 'i-08fc83ad07487d72f'
+
+# Send commands
+aws ssm send-command --instance-ids 'i-08fc83ad07487d72f' --document-name 'AWS-RunShellScript' --parameters "commands='echo hallo'"
+aws ssm wait command-executed --command-id 'e5f7ca0e-4d74-4316-84be-9ccaf3ae1f70' --instance-id 'i-08fc83ad07487d72f'
+aws ssm get-command-invocation --command-id 'e5f7ca0e-4d74-4316-84be-9ccaf3ae1f70' --instance-id 'i-08fc83ad07487d72f'
+
+# Run commands and get their output
+set instance_id 'i-0915612f182914822' \
+&& set command_id (aws ssm send-command --instance-ids "$instance_id" \
+	--document-name 'AWS-RunShellScript' --parameters 'commands="echo hallo"' \
+	--query 'Command.CommandId' --output 'text') \
+&& aws ssm wait command-executed --command-id "$command_id" --instance-id "$instance_id" \
+&& aws ssm get-command-invocation --command-id "$command_id" --instance-id "$instance_id" \
+	--query '{"status": Status, "rc": ResponseCode, "stdout": StandardOutputContent, "stderr": StandardErrorContent}'
+
+aws ec2 describe-images --image-ids 'ami-01234567890abcdef'
+aws ec2 describe-images --image-ids 'ami-01234567890abcdef' --query 'Images[].Description'
+
+# Configure the CloudWatch agent
+amazon-cloudwatch-agent-ctl -a 'status'
+/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a 'set-log-level' -l 'INFO'
+amazon-cloudwatch-agent-ctl -a 'fetch-config' -m 'ec2' -s -c 'file:/opt/aws/amazon-cloudwatch-agent/bin/config.json'
+tail -f '/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log'
+
+# Delete unused volumes older than some date
+aws ec2 describe-volumes --output 'text' --filters 'Name=status,Values=available' \
+	--query "Volumes[?CreateTime<'2018-03-31'].VolumeId" \
+| xargs -pn '1' aws ec2 delete-volume --volume-id
+
+# Get volume IDs of EC2 instances
+aws ec2 describe-instances --output 'text' \
+	--filters 'Name=tag:Name,Values=Prometheus' 'Name=instance-state-name,Values=running' \
+	--query 'Reservations[].Instances[0].BlockDeviceMappings[*].Ebs.VolumeId'
+
+# Create snapshots of EBS volumes
+aws ec2 create-snapshot --volume-id 'vol-0123456789abcdef0' --description 'Manual snapshot Pre-Update' \
+	--tag-specifications 'ResourceType=snapshot,Tags=[{Key=Name,Value=Prometheus},{Key=Team,Value=Infra}]' \
+
+# Check state of snapshots
+aws ec2 describe-snapshots --snapshot-ids 'snap-0123456789abcdef0' \
+	--query 'Snapshots[].{"State": State,"Progress": Progress}' --output 'yaml'
+
+# Wait for snapshots to finish.
+aws ec2 wait snapshot-completed --snapshot-ids 'snap-0123456789abcdef0'
+
+# Take snapshots of EC2 volumes and wait for them to finish
+aws ec2 describe-instances --output 'text' \
+	--filters 'Name=tag:Name,Values=Prometheus' 'Name=instance-state-name,Values=running' \
+	--query 'Reservations[].Instances[0].BlockDeviceMappings[0].Ebs.VolumeId' \
+| xargs -tn '1' aws ec2 create-snapshot --output 'text' --query 'SnapshotId' \
+	--description 'Manual snapshot Pre-Update' \
+	--tag-specifications 'ResourceType=snapshot,Tags=[{Key=Name,Value=Prometheus},{Key=Team,Value=Infra}]' \
+	--volume-id \
+| xargs -t aws ec2 wait snapshot-completed --snapshot-ids
+
+# Retrieve the security credentials for an IAM role named 's3access'
+# IMDSv2
+TOKEN=$(curl -X PUT 'http://169.254.169.254/latest/api/token' -H 'X-aws-ec2-metadata-token-ttl-seconds: 21600') \
+&& curl -H "X-aws-ec2-metadata-token: ${TOKEN}" 'http://169.254.169.254/latest/meta-data/iam/security-credentials/s3access'
+# IMDSv1
+curl 'http://169.254.169.254/latest/meta-data/iam/security-credentials/s3access'
+
+# Create instances
+aws ec2 run-instances --instance-type 'c6a.xlarge' --image-id 'ami-0fcc0bef51bad3cb2' \
+	--key-name 'mine' --security-group-ids 'sg-01234567890abcdef' --subnet-id 'subnet-0123456789abcdef0' \
+	--no-associate-public-ip-address --tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=TEST}]' \
+	--block-device-mappings 'Ebs={DeleteOnTermination=true,KmsKeyId=server-storage-key,Encrypted=true},DeviceName=xvda'
+
+# Check instances status
+aws ec2 describe-instances --instance-ids 'i-0123456789abcdef0' --output 'json' \
+	--query 'Reservations[].Instances[].{"State":State,"StateReason":StateReason,"StateTransitionReason":StateTransitionReason}'
+
+# Start stopped instances
+# Requires the 'ec2:StartInstances' permission for the instances
+# Also requires the 'kms:GenerateDataKeyWithoutPlaintext' and 'kms:CreateGrant' permissions for the keys used by the
+#   instances, if any.
+#   See https://docs.aws.amazon.com/ebs/latest/userguide/how-ebs-encryption-works.html#how-ebs-encryption-works-encrypted-snapshot
+aws ec2 start-instances --instance-ids 'i-0123456789abcdef0'
+
+# Stop started instances
+# Requires the 'ec2:StopInstances' permission for the instances
+aws ec2 stop-instances --instance-ids 'i-0123456789abcdef0'
+
+# Terminate instances
+aws ec2 terminate-instances --instance-ids 'i-0123456789abcdef0'
diff --git a/snippets/aws/other commands.fish b/snippets/aws/other commands.fish
index 77beafb..d17e625 100644
--- a/snippets/aws/other commands.fish	
+++ b/snippets/aws/other commands.fish	
@@ -15,115 +15,6 @@ aws autoscaling cancel-instance-refresh --auto-scaling-group-name 'ProductionSer
 aws autoscaling rollback-instance-refresh --auto-scaling-group-name 'ProductionServers'
 
 
-###
-# EC2
-# ------------------
-###
-
-# Get Name and Description of all AMIs by Amazon for arm64 that are in the 'available' state
-# and which name starts for 'al2023-ami-'
-aws ec2 describe-images --output 'yaml' \
-	--owners 'amazon' \
-	--filters \
-		'Name=architecture,Values=['arm64']' \
-		'Name=state,Values=['available']' \
-	--query '
-		Images[]
-		.{"Name":@.Name,"Description":@.Description}
-	' \
-| yq '.[]|select(.Name|test("^al2023-ami-"))' -
-
-aws iam list-instance-profiles | grep -i 'ssm'
-
-# Check instances are available for use with SSM
-aws ssm get-connection-status --query "Status=='connected'" --output 'text' --target 'i-0915612ff82914822'
-aws ssm describe-instance-associations-status --instance-id 'i-0f8b61c78622caed2'
-# From the instance
-sudo ssm-cli get-diagnostics --output 'table'
-
-# Connect to instances if they are available
-instance_id='i-08fc83ad07487d72f' \
-&& eval $(aws ssm get-connection-status --target "$instance_id" --query "Status=='connected'" --output 'text') \
-&& aws ssm start-session --target "$instance_id" \
-|| (echo "instance ${instance_id} not available" >&2 && false)
-
-aws ssm describe-instance-associations-status --instance-id 'i-08fc83ad07487d72f'
-
-# Send commands
-aws ssm send-command --instance-ids 'i-08fc83ad07487d72f' --document-name 'AWS-RunShellScript' --parameters "commands='echo hallo'"
-aws ssm wait command-executed --command-id 'e5f7ca0e-4d74-4316-84be-9ccaf3ae1f70' --instance-id 'i-08fc83ad07487d72f'
-aws ssm get-command-invocation --command-id 'e5f7ca0e-4d74-4316-84be-9ccaf3ae1f70' --instance-id 'i-08fc83ad07487d72f'
-
-# Run commands and get their output
-set instance_id 'i-0915612f182914822' \
-&& set command_id (aws ssm send-command --instance-ids "$instance_id" \
-	--document-name 'AWS-RunShellScript' --parameters 'commands="echo hallo"' \
-	--query 'Command.CommandId' --output 'text') \
-&& aws ssm wait command-executed --command-id "$command_id" --instance-id "$instance_id" \
-&& aws ssm get-command-invocation --command-id "$command_id" --instance-id "$instance_id" \
-	--query '{"status": Status, "rc": ResponseCode, "stdout": StandardOutputContent, "stderr": StandardErrorContent}'
-
-aws ec2 describe-images --image-ids 'ami-01234567890abcdef'
-aws ec2 describe-images --image-ids 'ami-01234567890abcdef' --query 'Images[].Description'
-
-# Configure the CloudWatch agent
-amazon-cloudwatch-agent-ctl -a 'status'
-/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a 'set-log-level' -l 'INFO'
-amazon-cloudwatch-agent-ctl -a 'fetch-config' -m 'ec2' -s -c 'file:/opt/aws/amazon-cloudwatch-agent/bin/config.json'
-tail -f '/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log'
-
-# Delete unused volumes older than some date
-aws ec2 describe-volumes --output 'text' --filters 'Name=status,Values=available' \
-	--query "Volumes[?CreateTime<'2018-03-31'].VolumeId" \
-| xargs -pn '1' aws ec2 delete-volume --volume-id
-
-# Get volume IDs of EC2 instances
-aws ec2 describe-instances --output 'text' \
-	--filters 'Name=tag:Name,Values=Prometheus' 'Name=instance-state-name,Values=running' \
-	--query 'Reservations[].Instances[0].BlockDeviceMappings[*].Ebs.VolumeId'
-
-# Create snapshots of EBS volumes
-aws ec2 create-snapshot --volume-id 'vol-0123456789abcdef0' --description 'Manual snapshot Pre-Update' \
-	--tag-specifications 'ResourceType=snapshot,Tags=[{Key=Name,Value=Prometheus},{Key=Team,Value=Infra}]' \
-
-# Check state of snapshots
-aws ec2 describe-snapshots --snapshot-ids 'snap-0123456789abcdef0' \
-	--query 'Snapshots[].{"State": State,"Progress": Progress}' --output 'yaml'
-
-# Wait for snapshots to finish.
-aws ec2 wait snapshot-completed --snapshot-ids 'snap-0123456789abcdef0'
-
-# Take snapshots of EC2 volumes and wait for them to finish
-aws ec2 describe-instances --output 'text' \
-	--filters 'Name=tag:Name,Values=Prometheus' 'Name=instance-state-name,Values=running' \
-	--query 'Reservations[].Instances[0].BlockDeviceMappings[0].Ebs.VolumeId' \
-| xargs -tn '1' aws ec2 create-snapshot --output 'text' --query 'SnapshotId' \
-	--description 'Manual snapshot Pre-Update' \
-	--tag-specifications 'ResourceType=snapshot,Tags=[{Key=Name,Value=Prometheus},{Key=Team,Value=Infra}]' \
-	--volume-id \
-| xargs -t aws ec2 wait snapshot-completed --snapshot-ids
-
-watch -n '1' aws ec2 describe-instances --instance-ids 'i-0123456789abcdef0' --query 'Reservations[].Instances[].[State,StateTransitionReason]'
-
-# Retrieve the security credentials for an IAM role named 's3access'
-# IMDSv2
-TOKEN=$(curl -X PUT 'http://169.254.169.254/latest/api/token' -H 'X-aws-ec2-metadata-token-ttl-seconds: 21600') \
-&& curl -H "X-aws-ec2-metadata-token: ${TOKEN}" 'http://169.254.169.254/latest/meta-data/iam/security-credentials/s3access'
-# IMDSv1
-curl 'http://169.254.169.254/latest/meta-data/iam/security-credentials/s3access'
-
-# Start stopped instances
-# Requires the 'ec2:StartInstances' permission for the instances
-# Also requires the 'kms:GenerateDataKeyWithoutPlaintext' and 'kms:CreateGrant' permissions for the keys used by the
-#   instances, if any.
-#   See https://docs.aws.amazon.com/ebs/latest/userguide/how-ebs-encryption-works.html#how-ebs-encryption-works-encrypted-snapshot
-aws ec2 start-instances --instance-ids 'i-0123456789abcdef0'
-
-# Stop started instances
-# Requires the 'ec2:StopInstances' permission for the instances
-aws ec2 stop-instances --instance-ids 'i-0123456789abcdef0'
-
-
 ###
 # ECR
 # ------------------