chore(aws): revise and improve commands, add ecs

.vscode/settings.json

@@ -67,6 +67,8 @@
         "autoscaler",
         "autoscalers",
         "awscli",
+        "awscurl",
+        "awskms",
         "bitwarden",
         "boinc",
         "boinccmd",
@@ -196,6 +198,7 @@
         "polkit",
         "portsnap",
         "posix",
+        "postgis",
         "poweroff",
         "powersave",
         "psql",

knowledge base/cloud computing/aws/README.md

@@ -53,6 +53,7 @@ One can can rapidly remapping addresses to other instances in one's account and
 | [Detective]    | FIXME                                         |
 | [EC2]          | Virtual machines                              |
 | [ECR]          | Container registry                            |
+| [ECS]          | Containers as a service                       |
 | [EKS]          | Kubernetes clusters                           |
 | [EventBridge]  | FIXME                                         |
 | [GuardDuty]    | Threat detection                              |
@@ -265,6 +266,7 @@ Examples:
 - [Best Practices for Tagging AWS Resources]
 - [Automating DNS-challenge based LetsEncrypt certificates with AWS Route 53]
 - [Working with DB instance read replicas]
+- AWS' [CLI]
 
 ### Sources
 
@@ -291,11 +293,14 @@ Examples:
 [eventbridge]: #eventbridge
 [guardduty]: #guardduty
 [inspector]: #inspector
+[rds]: #rds
 [security hub]: #security-hub
 
 <!-- Knowledge base -->
+[cli]: cli.md
 [ec2]: ec2.md
 [ecr]: ecr.md
+[ecs]: ecs.md
 [eks]: eks.md
 [s3]: s3.md
 [sagemaker]: sagemaker.md

knowledge base/cloud computing/aws/awscurl.md

@@ -1,4 +1,4 @@
-# awscurl
+# `awscurl`
 
 [`curl`][curl]-like tool with AWS Signature Version 4 request signing.
 
@@ -45,6 +45,7 @@ docker run --rm -it 'okigan/awscurl' \
 
 ## Further readings
 
+- [Amazon Web Services]
 - [Github]
 
 ### Sources
@@ -56,6 +57,7 @@ docker run --rm -it 'okigan/awscurl' \
   -->
 
 <!-- Knowledge base -->
+[amazon web services]: README.md
 [curl]: ../../curl.md
 
 <!-- Upstream -->

knowledge base/cloud computing/aws/cli.md

@@ -53,12 +53,6 @@ aws deploy get-deployment-group --application-name 'batman' \
   --deployment-group-name 'production'
 
 
-# Access shells on containers in ECS.
-aws ecs execute-command \
-  --cluster 'clusterName' --task 'taskId' --container 'containerName' \
-  --interactive --command '/bin/bash'
-
-
 # Get information about the current user.
 aws sts get-caller-identity
 
@@ -228,7 +222,7 @@ aws ssm start-session --target 'i-0123456789abcdef0'
 
 ## Further readings
 
-- [AWS]
+- [Amazon Web Services]
 - CLI [quickstart]
 - [Configure profiles] in the CLI
 - [How do I assume an IAM role using the AWS CLI?]
@@ -244,7 +238,7 @@ aws ssm start-session --target 'i-0123456789abcdef0'
   -->
 
 <!-- Knowledge base -->
-[aws]: README.md
+[amazon web services]: README.md
 [ebs tldr]: ebs.md#tldr
 [ec2 tldr]: ec2.md#tldr
 [ecr tldr]: ecr.md#tldr

knowledge base/cloud computing/aws/ebs.md

@@ -22,7 +22,9 @@ aws ec2 describe-volumes --output 'text' \
 
 ## Further readings
 
+- [Amazon Web Services]
 - [What is block storage?]
+- AWS' [CLI]
 
 ### Sources
 
@@ -36,6 +38,8 @@ aws ec2 describe-volumes --output 'text' \
   -->
 
 <!-- Knowledge base -->
+[amazon web services]: README.md
+[cli]: cli.md
 [ec2]: ec2.md
 
 <!-- Upstream -->

knowledge base/cloud computing/aws/ec2.md

@@ -1,4 +1,4 @@
-# Title
+# Elastic Compute Cloud
 
 1. [TL;DR](#tldr)
 1. [Disks](#disks)
@@ -36,6 +36,14 @@ aws ec2 describe-images --filters \
   'Name=owner-alias,Values=["amazon"]' \
   'Name=architecture,Values=["arm64","x86_64"]' \
   'Name=block-device-mapping.volume-type,Values=["gp3"]'
+
+
+# Describe security groups.
+aws ec2 describe-security-groups --group-names 'pulumi-workshop'
+
+# Delete security groups.
+aws ec2 delete-security-group --group-name 'pulumi-workshop'
+aws ec2 delete-security-group --group-id 'sg-0773aa724d0c2dd51'
 ```
 
 </details>
@@ -46,8 +54,10 @@ See [EBS].
 
 ## Further readings
 
+- [Amazon Web Services]
 - [AWS EC2 Instance pricing comparison]
 - [EC2Instances.info on vantage.sh]
+- AWS' [CLI]
 - [SSM]
 - [Connect to your instances without requiring a public IPv4 address using EC2 Instance Connect Endpoint]
 
@@ -63,6 +73,8 @@ See [EBS].
 
 <!-- In-article sections -->
 <!-- Knowledge base -->
+[amazon web services]: README.md
+[cli]: cli.md
 [ebs]: ebs.md
 [ssm]: ssm.md
 

knowledge base/cloud computing/aws/ecr.md

@@ -69,6 +69,7 @@ aws ecr describe-repositories --repository-names 'docker-tools/image-builder' \
 
 ## Further readings
 
+- [Amazon Web Services]
 - AWS' [CLI]
 
 ### Sources
@@ -83,6 +84,7 @@ aws ecr describe-repositories --repository-names 'docker-tools/image-builder' \
 
 <!-- In-article sections -->
 <!-- Knowledge base -->
+[amazon web services]: README.md
 [cli]: cli.md
 
 <!-- Files -->

knowledge base/cloud computing/aws/ecs.md

@@ -0,0 +1,114 @@
+# Elastic Container Service
+
+1. [TL;DR](#tldr)
+1. [Further readings](#further-readings)
+   1. [Sources](#sources)
+
+## TL;DR
+
+<details>
+  <summary>Usage</summary>
+
+```sh
+# List services.
+aws ecs list-services --cluster 'clusterName'
+
+# Scale services.
+aws ecs update-service --cluster 'clusterName' --service 'serviceName' --desired-count '0'
+aws ecs update-service --cluster 'clusterName' --service 'serviceName' --desired-count '10'
+
+# Wait for services to be running.
+aws ecs wait services-stable --cluster 'clusterName' --services 'serviceName' …
+
+# Delete services.
+# Cannot really be deleted if scaled above 0.
+aws ecs delete-service --cluster 'clusterName' --service 'serviceName'
+aws ecs delete-service --cluster 'clusterName' --service 'serviceName' --force
+
+# List task definitions.
+aws ecs list-task-definitions --family-prefix 'familyPrefix'
+
+# Deregister task definitions.
+aws ecs deregister-task-definition --task-definition 'taskDefinitionArn'
+
+# Delete task definitions.
+# The task definition must be deregistered.
+aws ecs delete-task-definitions --task-definitions 'taskDefinitionArn' …
+
+# List tasks.
+aws ecs list-tasks --cluster 'clusterName'
+aws ecs list-tasks --cluster 'clusterName' --service-name 'serviceName'
+
+# Get information about tasks.
+aws ecs describe-tasks --cluster 'clusterName' --tasks 'taskIdOrArn' …
+
+# Wait for tasks to be running.
+aws ecs wait tasks-running --cluster 'clusterName' --tasks 'taskIdOrArn' …
+
+# Access shells on containers in ECS.
+aws ecs execute-command \
+  --cluster 'clusterName' --task 'taskId' --container 'containerName' \
+  --interactive --command '/bin/bash'
+```
+
+</details>
+
+<details>
+  <summary>Real world use cases</summary>
+
+```sh
+# Get the ARNs of tasks for specific services.
+aws ecs list-tasks --cluster 'testCluster' --service-name 'testService' --query 'taskArns' --output 'text'
+
+# Get the private IP Address of containers.
+aws ecs describe-tasks --output 'text' \
+  --cluster 'testCluster' --tasks 'testTask' \
+  --query "tasks[].attachments[].details[?(name=='privateDnsName')].value"
+
+# Connect to the private DNS name of containers in ECS.
+curl -fs "http://$(\
+  aws ecs describe-tasks --cluster 'testCluster' --tasks "$(\
+      aws ecs list-tasks --cluster 'testCluster' --service-name 'testService' --query 'taskArns' --output 'text' \
+  )" --query "tasks[].attachments[].details[?(name=='privateDnsName')].value" --output 'text' \
+):8080"
+
+# Delete services.
+aws ecs delete-service --cluster 'testCluster' --service 'testService' --force
+
+# Delete task definitions.
+aws ecs list-task-definitions --family-prefix 'testService' --output 'text' --query 'taskDefinitionArns' \
+| xargs -n '1' aws ecs deregister-task-definition --task-definition
+
+# Wait for tasks to be running.
+aws ecs list-tasks --cluster 'testCluster' --family 'testService' --output 'text' --query 'taskArns' \
+| xargs -p aws ecs wait tasks-running --cluster 'testCluster' --tasks
+while [[ $(aws ecs list-tasks --query 'taskArns' --output 'text' --cluster 'testCluster' --service-name 'testService') == "" ]]; do sleep 1; done
+```
+
+</details>
+
+## Further readings
+
+- [Amazon Web Services]
+- [Amazon ECS task lifecycle]
+- AWS' [CLI]
+- [Troubleshoot Amazon ECS deployment issues]
+
+### Sources
+
+<!--
+  Reference
+  ═╬═Time══
+  -->
+
+<!-- In-article sections -->
+<!-- Knowledge base -->
+[amazon web services]: README.md
+[cli]: cli.md
+
+<!-- Files -->
+<!-- Upstream -->
+[amazon ecs task lifecycle]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-lifecycle-explanation.html
+[troubleshoot amazon ecs deployment issues]: https://docs.aws.amazon.com/codedeploy/latest/userguide/troubleshooting-ecs.html
+
+<!-- Others -->

knowledge base/cloud computing/aws/eks.md

@@ -678,10 +678,12 @@ Debug: see [Identify common issues].
 
 ## Further readings
 
+- [Amazon Web Services]
 - [Kubernetes]
 - [EKS Workshop]
 - [Pulumi]
 - [Terraform]
+- AWS' [CLI]
 - [How can I get my worker nodes to join my Amazon EKS cluster?]
 - [Enabling IAM principal access to your cluster]
 - [Allowing IAM roles or users access to Kubernetes objects on your Amazon EKS cluster]
@@ -721,6 +723,8 @@ Debug: see [Identify common issues].
 [secrets encryption through kms]: #secrets-encryption-through-kms
 
 <!-- Knowledge base -->
+[amazon web services]: README.md
+[cli]: cli.md
 [kubernetes]: ../../kubernetes/README.md
 [pulumi]: ../../pulumi.md
 [terraform]: ../../pulumi.md

knowledge base/cloud computing/aws/s3.md

@@ -52,6 +52,9 @@ aws s3 cp - 's3://my-bucket/stream.txt'
 aws s3 cp - 's3://my-bucket/stream.txt' --expected-size '54760833024'
 aws s3 cp 's3://my-bucket/stream.txt' -
 
+# Remove objects.
+aws s3 rm 's3://my-bucket/prefix-name' --recursive --dryrun
+
 # Sync buckets.
 aws s3 sync '.' 's3://my-bucket'
 aws s3 sync 's3://my-bucket' '.' --delete
@@ -122,6 +125,7 @@ Examples: [1][lifecycle  configuration examples], [2][s3 lifecycle rules example
 
 ## Further readings
 
+- [Amazon Web Services]
 - [Configure notification for lifecycle rules][lifecycle  configure notification]
 - AWS' [CLI]
 - [Expiring Amazon S3 objects based on last accessed date to decrease costs]
@@ -140,6 +144,7 @@ Examples: [1][lifecycle  configuration examples], [2][s3 lifecycle rules example
 
 <!-- In-article sections -->
 <!-- Knowledge base -->
+[amazon web services]: README.md
 [cli]: cli.md
 
 <!-- Files -->

knowledge base/cloud computing/aws/sagemaker.md

@@ -13,6 +13,8 @@
 
 ## Further readings
 
+- [Amazon Web Services]
+
 ### Sources
 
 <!--
@@ -21,6 +23,8 @@
 
 <!-- In-article sections -->
 <!-- Knowledge base -->
+[amazon web services]: README.md
+
 <!-- Files -->
 <!-- Upstream -->
 <!-- Others -->

knowledge base/cloud computing/aws/ssm.md

@@ -1,4 +1,4 @@
-# SSM
+# AWS Systems Manager
 
 1. [TL;DR](#tldr)
 1. [Requirements](#requirements)
@@ -238,6 +238,8 @@ $ sudo ssm-cli get-diagnostics --output 'table'
 
 ## Further readings
 
+- [Amazon Web Services]
+- AWS' [CLI]
 - [Ansible]
 - [EC2]
 
@@ -261,6 +263,8 @@ $ sudo ssm-cli get-diagnostics --output 'table'
 
 <!-- Knowledge base -->
 [ansible]: ../../ansible.md
+[amazon web services]: README.md
+[cli]: cli.md
 [ec2]: ec2.md
 
 <!-- Upstream -->

snippets/aws.fish

@@ -25,3 +25,18 @@ alias aws-ssm-gitlabAutoscalingManager-ita-b "aws ec2 describe-instances --outpu
 		'Name=tag:Name,Values=Gitlab Autoscaling Manager' \
 	--query 'Reservations[].Instances[0].InstanceId' \
 | xargs -ot aws ssm start-session --target"
+
+aws s3 rm 's3://bucket-name/prefix' --recursive --dry-run
+
+aws ecs list-tasks --cluster 'testCluster' --family 'testService' --output 'text' --query 'taskArns' \
+| xargs -p aws ecs wait tasks-running --cluster 'testCluster' --tasks
+while [[ $$(aws ecs list-tasks --query 'taskArns' --output 'text' --cluster 'testCluster' --service-name 'testService') == "" ]]; do sleep 1; done
+
+@aws ecs list-task-definitions --family-prefix 'testService' --output 'text' --query 'taskDefinitionArns' \
+| xargs -pn '1' aws ecs deregister-task-definition --task-definition
+
+aws ecs list-tasks --query 'taskArns' --output 'text' --cluster 'testCluster' --service-name 'testService' \
+| tee \
+| xargs -t aws ecs describe-tasks --query "tasks[].attachments[].details[?(name=='privateIPv4Address')].value" --output 'text' --cluster 'testCluster' --tasks \
+| tee \
+| xargs -I{} curl -fs "http://{}:8080"