My AWS CLI notebook

09 Oct

Some examples for AWS


Get a list of EC2 instances where we use a filter to query (tag with value PROD), only want the output of instanceId, PublicDnsName and the Name and present it in a table:

aws ec2 describe-instances --filters Name=tag-value,Values=PROD --query "Reservations[*].Instances[*].{Instance:InstanceId,PublicDnsName:PublicDnsName,Name:Tags[?Key=='Name']|[0].Value}" --output table

Delete all unused security groups (github source here):

#!/usr/bin/env bash

# lists all unused AWS security groups.
# a group is considered unused if it's not attached to any network interface.
# requires aws-cli and jq.

# all groups
aws ec2 describe-security-groups \
  | jq --raw-output '.SecurityGroups[] | [.GroupName, .GroupId] | @tsv' \
  | sort > /tmp/sg.all

# groups in use
aws ec2 describe-network-interfaces \
  | jq --raw-output '.NetworkInterfaces[].Groups[] | [.GroupName, .GroupId] | @tsv' \
  | sort \
  | uniq > /tmp/

diff /tmp/sg.all /tmp/ |grep "<" |cut -d ' ' -f2-3

Cert Manager
Get the public certificate:

aws acm get-certificate --certificate-arn arn:aws:acm:eu-central-1:XXXX:certificate/YYYYYYY &gt; output.json


Create a user and skip the force password change flow

aws cognito-idp admin-set-user-password --user-pool-id XXXXX --username YYYYY --password ZZZZZ --permanent
Leave a comment

Posted by on 09-10-2019 in AWS


Tags: ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: