diff --git a/.vscode/settings.json b/.vscode/settings.json
index 40777eb..0875e01 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -67,6 +67,8 @@
"autoscaler",
"autoscalers",
"awscli",
+ "awscurl",
+ "awskms",
"bitwarden",
"boinc",
"boinccmd",
@@ -196,6 +198,7 @@
"polkit",
"portsnap",
"posix",
+ "postgis",
"poweroff",
"powersave",
"psql",
diff --git a/knowledge base/cloud computing/aws/README.md b/knowledge base/cloud computing/aws/README.md
index 4df7799..3a31a6b 100644
--- a/knowledge base/cloud computing/aws/README.md
+++ b/knowledge base/cloud computing/aws/README.md
@@ -53,6 +53,7 @@ One can can rapidly remapping addresses to other instances in one's account and
| [Detective] | FIXME |
| [EC2] | Virtual machines |
| [ECR] | Container registry |
+| [ECS] | Containers as a service |
| [EKS] | Kubernetes clusters |
| [EventBridge] | FIXME |
| [GuardDuty] | Threat detection |
@@ -265,6 +266,7 @@ Examples:
- [Best Practices for Tagging AWS Resources]
- [Automating DNS-challenge based LetsEncrypt certificates with AWS Route 53]
- [Working with DB instance read replicas]
+- AWS' [CLI]
### Sources
@@ -291,11 +293,14 @@ Examples:
[eventbridge]: #eventbridge
[guardduty]: #guardduty
[inspector]: #inspector
+[rds]: #rds
[security hub]: #security-hub
+[cli]: cli.md
[ec2]: ec2.md
[ecr]: ecr.md
+[ecs]: ecs.md
[eks]: eks.md
[s3]: s3.md
[sagemaker]: sagemaker.md
diff --git a/knowledge base/cloud computing/aws/awscurl.md b/knowledge base/cloud computing/aws/awscurl.md
index 7e9ca6a..0bcc6d7 100644
--- a/knowledge base/cloud computing/aws/awscurl.md
+++ b/knowledge base/cloud computing/aws/awscurl.md
@@ -1,4 +1,4 @@
-# awscurl
+# `awscurl`
[`curl`][curl]-like tool with AWS Signature Version 4 request signing.
@@ -45,6 +45,7 @@ docker run --rm -it 'okigan/awscurl' \
## Further readings
+- [Amazon Web Services]
- [Github]
### Sources
@@ -56,6 +57,7 @@ docker run --rm -it 'okigan/awscurl' \
-->
+[amazon web services]: README.md
[curl]: ../../curl.md
diff --git a/knowledge base/cloud computing/aws/cli.md b/knowledge base/cloud computing/aws/cli.md
index f06b060..36f6c0b 100644
--- a/knowledge base/cloud computing/aws/cli.md
+++ b/knowledge base/cloud computing/aws/cli.md
@@ -53,12 +53,6 @@ aws deploy get-deployment-group --application-name 'batman' \
--deployment-group-name 'production'
-# Access shells on containers in ECS.
-aws ecs execute-command \
- --cluster 'clusterName' --task 'taskId' --container 'containerName' \
- --interactive --command '/bin/bash'
-
-
# Get information about the current user.
aws sts get-caller-identity
@@ -228,7 +222,7 @@ aws ssm start-session --target 'i-0123456789abcdef0'
## Further readings
-- [AWS]
+- [Amazon Web Services]
- CLI [quickstart]
- [Configure profiles] in the CLI
- [How do I assume an IAM role using the AWS CLI?]
@@ -244,7 +238,7 @@ aws ssm start-session --target 'i-0123456789abcdef0'
-->
-[aws]: README.md
+[amazon web services]: README.md
[ebs tldr]: ebs.md#tldr
[ec2 tldr]: ec2.md#tldr
[ecr tldr]: ecr.md#tldr
diff --git a/knowledge base/cloud computing/aws/ebs.md b/knowledge base/cloud computing/aws/ebs.md
index 0c4ddf5..38f7608 100644
--- a/knowledge base/cloud computing/aws/ebs.md
+++ b/knowledge base/cloud computing/aws/ebs.md
@@ -22,7 +22,9 @@ aws ec2 describe-volumes --output 'text' \
## Further readings
+- [Amazon Web Services]
- [What is block storage?]
+- AWS' [CLI]
### Sources
@@ -36,6 +38,8 @@ aws ec2 describe-volumes --output 'text' \
-->
+[amazon web services]: README.md
+[cli]: cli.md
[ec2]: ec2.md
diff --git a/knowledge base/cloud computing/aws/ec2.md b/knowledge base/cloud computing/aws/ec2.md
index 9a76dd9..ca067e3 100644
--- a/knowledge base/cloud computing/aws/ec2.md
+++ b/knowledge base/cloud computing/aws/ec2.md
@@ -1,4 +1,4 @@
-# Title
+# Elastic Compute Cloud
1. [TL;DR](#tldr)
1. [Disks](#disks)
@@ -36,6 +36,14 @@ aws ec2 describe-images --filters \
'Name=owner-alias,Values=["amazon"]' \
'Name=architecture,Values=["arm64","x86_64"]' \
'Name=block-device-mapping.volume-type,Values=["gp3"]'
+
+
+# Describe security groups.
+aws ec2 describe-security-groups --group-names 'pulumi-workshop'
+
+# Delete security groups.
+aws ec2 delete-security-group --group-name 'pulumi-workshop'
+aws ec2 delete-security-group --group-id 'sg-0773aa724d0c2dd51'
```
@@ -46,8 +54,10 @@ See [EBS].
## Further readings
+- [Amazon Web Services]
- [AWS EC2 Instance pricing comparison]
- [EC2Instances.info on vantage.sh]
+- AWS' [CLI]
- [SSM]
- [Connect to your instances without requiring a public IPv4 address using EC2 Instance Connect Endpoint]
@@ -63,6 +73,8 @@ See [EBS].
+[amazon web services]: README.md
+[cli]: cli.md
[ebs]: ebs.md
[ssm]: ssm.md
diff --git a/knowledge base/cloud computing/aws/ecr.md b/knowledge base/cloud computing/aws/ecr.md
index 7eb4613..f10d676 100644
--- a/knowledge base/cloud computing/aws/ecr.md
+++ b/knowledge base/cloud computing/aws/ecr.md
@@ -69,6 +69,7 @@ aws ecr describe-repositories --repository-names 'docker-tools/image-builder' \
## Further readings
+- [Amazon Web Services]
- AWS' [CLI]
### Sources
@@ -83,6 +84,7 @@ aws ecr describe-repositories --repository-names 'docker-tools/image-builder' \
+[amazon web services]: README.md
[cli]: cli.md
diff --git a/knowledge base/cloud computing/aws/ecs.md b/knowledge base/cloud computing/aws/ecs.md
new file mode 100644
index 0000000..b235407
--- /dev/null
+++ b/knowledge base/cloud computing/aws/ecs.md
@@ -0,0 +1,114 @@
+# Elastic Container Service
+
+1. [TL;DR](#tldr)
+1. [Further readings](#further-readings)
+ 1. [Sources](#sources)
+
+## TL;DR
+
+
+ Usage
+
+```sh
+# List services.
+aws ecs list-services --cluster 'clusterName'
+
+# Scale services.
+aws ecs update-service --cluster 'clusterName' --service 'serviceName' --desired-count '0'
+aws ecs update-service --cluster 'clusterName' --service 'serviceName' --desired-count '10'
+
+# Wait for services to be running.
+aws ecs wait services-stable --cluster 'clusterName' --services 'serviceName' …
+
+# Delete services.
+# Cannot really be deleted if scaled above 0.
+aws ecs delete-service --cluster 'clusterName' --service 'serviceName'
+aws ecs delete-service --cluster 'clusterName' --service 'serviceName' --force
+
+# List task definitions.
+aws ecs list-task-definitions --family-prefix 'familyPrefix'
+
+# Deregister task definitions.
+aws ecs deregister-task-definition --task-definition 'taskDefinitionArn'
+
+# Delete task definitions.
+# The task definition must be deregistered.
+aws ecs delete-task-definitions --task-definitions 'taskDefinitionArn' …
+
+# List tasks.
+aws ecs list-tasks --cluster 'clusterName'
+aws ecs list-tasks --cluster 'clusterName' --service-name 'serviceName'
+
+# Get information about tasks.
+aws ecs describe-tasks --cluster 'clusterName' --tasks 'taskIdOrArn' …
+
+# Wait for tasks to be running.
+aws ecs wait tasks-running --cluster 'clusterName' --tasks 'taskIdOrArn' …
+
+# Access shells on containers in ECS.
+aws ecs execute-command \
+ --cluster 'clusterName' --task 'taskId' --container 'containerName' \
+ --interactive --command '/bin/bash'
+```
+
+
+
+
+ Real world use cases
+
+```sh
+# Get the ARNs of tasks for specific services.
+aws ecs list-tasks --cluster 'testCluster' --service-name 'testService' --query 'taskArns' --output 'text'
+
+# Get the private IP Address of containers.
+aws ecs describe-tasks --output 'text' \
+ --cluster 'testCluster' --tasks 'testTask' \
+ --query "tasks[].attachments[].details[?(name=='privateDnsName')].value"
+
+# Connect to the private DNS name of containers in ECS.
+curl -fs "http://$(\
+ aws ecs describe-tasks --cluster 'testCluster' --tasks "$(\
+ aws ecs list-tasks --cluster 'testCluster' --service-name 'testService' --query 'taskArns' --output 'text' \
+ )" --query "tasks[].attachments[].details[?(name=='privateDnsName')].value" --output 'text' \
+):8080"
+
+# Delete services.
+aws ecs delete-service --cluster 'testCluster' --service 'testService' --force
+
+# Delete task definitions.
+aws ecs list-task-definitions --family-prefix 'testService' --output 'text' --query 'taskDefinitionArns' \
+| xargs -n '1' aws ecs deregister-task-definition --task-definition
+
+# Wait for tasks to be running.
+aws ecs list-tasks --cluster 'testCluster' --family 'testService' --output 'text' --query 'taskArns' \
+| xargs -p aws ecs wait tasks-running --cluster 'testCluster' --tasks
+while [[ $(aws ecs list-tasks --query 'taskArns' --output 'text' --cluster 'testCluster' --service-name 'testService') == "" ]]; do sleep 1; done
+```
+
+
+
+## Further readings
+
+- [Amazon Web Services]
+- [Amazon ECS task lifecycle]
+- AWS' [CLI]
+- [Troubleshoot Amazon ECS deployment issues]
+
+### Sources
+
+
+
+
+
+[amazon web services]: README.md
+[cli]: cli.md
+
+
+
+[amazon ecs task lifecycle]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-lifecycle-explanation.html
+[troubleshoot amazon ecs deployment issues]: https://docs.aws.amazon.com/codedeploy/latest/userguide/troubleshooting-ecs.html
+
+
diff --git a/knowledge base/cloud computing/aws/eks.md b/knowledge base/cloud computing/aws/eks.md
index a30f863..37e7a2d 100644
--- a/knowledge base/cloud computing/aws/eks.md
+++ b/knowledge base/cloud computing/aws/eks.md
@@ -678,10 +678,12 @@ Debug: see [Identify common issues].
## Further readings
+- [Amazon Web Services]
- [Kubernetes]
- [EKS Workshop]
- [Pulumi]
- [Terraform]
+- AWS' [CLI]
- [How can I get my worker nodes to join my Amazon EKS cluster?]
- [Enabling IAM principal access to your cluster]
- [Allowing IAM roles or users access to Kubernetes objects on your Amazon EKS cluster]
@@ -721,6 +723,8 @@ Debug: see [Identify common issues].
[secrets encryption through kms]: #secrets-encryption-through-kms
+[amazon web services]: README.md
+[cli]: cli.md
[kubernetes]: ../../kubernetes/README.md
[pulumi]: ../../pulumi.md
[terraform]: ../../pulumi.md
diff --git a/knowledge base/cloud computing/aws/s3.md b/knowledge base/cloud computing/aws/s3.md
index aa5f382..52769a4 100644
--- a/knowledge base/cloud computing/aws/s3.md
+++ b/knowledge base/cloud computing/aws/s3.md
@@ -52,6 +52,9 @@ aws s3 cp - 's3://my-bucket/stream.txt'
aws s3 cp - 's3://my-bucket/stream.txt' --expected-size '54760833024'
aws s3 cp 's3://my-bucket/stream.txt' -
+# Remove objects.
+aws s3 rm 's3://my-bucket/prefix-name' --recursive --dryrun
+
# Sync buckets.
aws s3 sync '.' 's3://my-bucket'
aws s3 sync 's3://my-bucket' '.' --delete
@@ -122,6 +125,7 @@ Examples: [1][lifecycle configuration examples], [2][s3 lifecycle rules example
## Further readings
+- [Amazon Web Services]
- [Configure notification for lifecycle rules][lifecycle configure notification]
- AWS' [CLI]
- [Expiring Amazon S3 objects based on last accessed date to decrease costs]
@@ -140,6 +144,7 @@ Examples: [1][lifecycle configuration examples], [2][s3 lifecycle rules example
+[amazon web services]: README.md
[cli]: cli.md
diff --git a/knowledge base/cloud computing/aws/sagemaker.md b/knowledge base/cloud computing/aws/sagemaker.md
index 42354d3..c775985 100644
--- a/knowledge base/cloud computing/aws/sagemaker.md
+++ b/knowledge base/cloud computing/aws/sagemaker.md
@@ -13,6 +13,8 @@
## Further readings
+- [Amazon Web Services]
+
### Sources
+[amazon web services]: README.md
+
diff --git a/knowledge base/cloud computing/aws/ssm.md b/knowledge base/cloud computing/aws/ssm.md
index 912a7b5..1e9b144 100644
--- a/knowledge base/cloud computing/aws/ssm.md
+++ b/knowledge base/cloud computing/aws/ssm.md
@@ -1,4 +1,4 @@
-# SSM
+# AWS Systems Manager
1. [TL;DR](#tldr)
1. [Requirements](#requirements)
@@ -238,6 +238,8 @@ $ sudo ssm-cli get-diagnostics --output 'table'
## Further readings
+- [Amazon Web Services]
+- AWS' [CLI]
- [Ansible]
- [EC2]
@@ -261,6 +263,8 @@ $ sudo ssm-cli get-diagnostics --output 'table'
[ansible]: ../../ansible.md
+[amazon web services]: README.md
+[cli]: cli.md
[ec2]: ec2.md
diff --git a/snippets/aws.fish b/snippets/aws.fish
index 4839f1b..d04d75e 100644
--- a/snippets/aws.fish
+++ b/snippets/aws.fish
@@ -25,3 +25,18 @@ alias aws-ssm-gitlabAutoscalingManager-ita-b "aws ec2 describe-instances --outpu
'Name=tag:Name,Values=Gitlab Autoscaling Manager' \
--query 'Reservations[].Instances[0].InstanceId' \
| xargs -ot aws ssm start-session --target"
+
+aws s3 rm 's3://bucket-name/prefix' --recursive --dry-run
+
+aws ecs list-tasks --cluster 'testCluster' --family 'testService' --output 'text' --query 'taskArns' \
+| xargs -p aws ecs wait tasks-running --cluster 'testCluster' --tasks
+while [[ $$(aws ecs list-tasks --query 'taskArns' --output 'text' --cluster 'testCluster' --service-name 'testService') == "" ]]; do sleep 1; done
+
+@aws ecs list-task-definitions --family-prefix 'testService' --output 'text' --query 'taskDefinitionArns' \
+| xargs -pn '1' aws ecs deregister-task-definition --task-definition
+
+aws ecs list-tasks --query 'taskArns' --output 'text' --cluster 'testCluster' --service-name 'testService' \
+| tee \
+| xargs -t aws ecs describe-tasks --query "tasks[].attachments[].details[?(name=='privateIPv4Address')].value" --output 'text' --cluster 'testCluster' --tasks \
+| tee \
+| xargs -I{} curl -fs "http://{}:8080"