aws --version
aws configure
aws configure --profile "testfile"
aws configure output format jason
Specify your AWS Region
aws configure region "name"
AWS RUN Command
Create EC2 instance
ws ec2 run-instances \
--image-id ami-name \
--instance-type t2.micro \
--key-name MyKeyPair
--security-group-ids sg-007e43f80a1958f29 \
--subnet-id subnet-name \
aws s3 ls --profile "name"
CloudFront
List CloudFront distributions and origins
aws cloudfront list-distributions
CloudWatch
List information about an alarm
aws cloudwatch describe-alarms
aws cloudwatch delete-alarms --alarm-names "name"
DynamoDB
List DynamoDB tables
aws dynamodb list-tables
aws dynamodb scan --table-name events
aws dynamodb scan --table-name events --select
aws ebs complete-snapshot "ID"
Start a Snapshot
aws ebs start-snapshot --volume-size 100G
List VPCs and CIDR IP Bloc
aws ec2 describe-vpcs | jq -r '.Vpcs[]|.VpcId+" "+(.Tags[]|select(.Key=="Name").Value)+" "+.CidrBlock'
List Subnets for a VPC
aws ec2 describe-subnets --filter Name=vpc-id,Values=vpc-0d1c1cf4e980ac593 | jq -r '.Subnets[]|.SubnetId+" "+.CidrBlock+" "+(.Tags[]|select(.Key=="Name").Value)'
List Security Groups
aws ec2 describe-security-groups | jq -r '.SecurityGroups[]|.GroupId+" "+.GroupName'
Edit Security Groups of an Instance
aws ec2 modify-instance-attribute --instance-id i-0dae5d4daa47fe4a2 --groups ID
Add Rule to Security Group
aws ec2 authorize-security-group-ingress --group-id "name" --protocol tcp --port 443 --cidr 10.0.0.1
Delete Rule from Security Group
aws ec2 revoke-security-group-ingress --group-id name --protocol tcp --port 443 --cidr 10.0.0.1
Edit Rules of Security Group
aws ec2 update-security-group-rule-descriptions-ingress --group-id sg-02a63c67684d8deed --ip-permissions 'ToPort=443,IpProtocol=tcp,IpRanges=[{CidrIp=102.171.186.133/32,Description=name}]'
Delete Security Group
aws ec2 delete-security-group --group-id name
aws ecs create-cluster --cluster-name=NAME --generate-cli-skeleton
Create an ECS service
aws ecs create-service
EKS
Create a cluster
aws eks create-cluster --name
Delete a cluster
aws eks delete-cluster --name
aws eks tag-resource --resource-arn --tags name
Untag a resource
aws eks untag-resource --resource-arn (resource_ARN) --tag-keys name
aws iam list-groups | jq -r .Groups[ ].GroupName
Add/Delete groups
aws iam create-group --group-name (groupName)
Add policy to a group
aws iam attach-group-policy --group-name (groupname) --policy-arn arn:aws:iam::aws:policy/name
Add user to a group
aws iam add-user-to-group --group-name (groupname) --user-name (username)
Remove user from a group
aws iam remove-user-from-group --group-name (groupname) --user-name (username)
List users in a group
aws iam get-group --group-name (groupname)
List groups for a user
aws iam list-groups-for-user --user-name (username)
Attach/detach policy to a group
aws iam attach-group-policy --group-name (groupname) --policy-arn arn:aws:iam::aws:policy/DynamoDBFullAccess
aws iam detach-group-policy --group-name (groupname) --policy-arn arn:aws:iam::aws:policy/DynamoDBFullAccess
IAM User
List userId and UserName
aws iam list-users | jq -r ‘.Users[ ]|.UserId+” “+.UserName’
Get single user
aws iam get-user --user-name
Add user
aws iam create-user --user-name
Delete user
aws iam delete-user --user-name (username)
Route53
Create hosted zone
aws route53 create-hosted-zone --name xxx.com
Delete hosted zone
aws route53 delete-hosted-zone --id
Get hosted zone
aws route53 get-hosted-zone --id
List hosted zones
aws route53 list-hosted-zones
Create a record set
To do this you’ll first need to create a JSON file with a list of change items in the body and use the CREATE action. For example the JSON file would look like this.
{
"Comment": "CREATE/DELETE/UPSERT a record",
"Changes": [{
"Action": "CREATE",
"ResourceRecordSet":{
"Name": "a.example.com",
"Type": "A",
"TTL": 300,
"ResourceRecords":[{"Value":"1.4.4.4"}]
}}]
}
Update a record set
To do this you’ll first need to create a JSON file with a list of change items in the body and use the UPSERT action. This will either create a new record set with the specified value, or updates a record set if it already exists. For example the JSON file would look like this.
{
"Comment": "CREATE/DELETE/UPSERT a record",
"Changes": [{
"Action": "UPSERT",
"ResourceRecordSet":{
"Name": "a.example.com",
"Type": "A",
"TTL": 300,
"ResourceRecords": [{"Value":"1.1.1.1"}]
}}]
}
Once you have a JSON file with the correct information like above you will be able to enter the command
aws route53 change-resource-record-sets --hosted-zone-id (zone-id) --change-batch file://exampleabove.json
Delete a record set
To do this you’ll first need to create a JSON file with a list of the record set values you want to delete in the body and use the DELETE action. For example the JSON file would look like this.
{
"Comment": "CREATE/DELETE/UPSERT a record",
"Changes": [{
"Action": "DELETE",
"ResourceRecordSet": {
"Name": "a.example.com",
"Type": "A",
"TTL": 300,
"ResourceRecords": [{"Value":"1.1.1.1"}]
}}]
aws route53 change-resource-record-sets --hosted-zone-id (zone-id) --change-batch file://example.json
S3
List Buckets
aws s3 ls
aws s3 mb s3://bucket-name
make_bucket: bucket-name
Delete Bucket
aws s3 rb s3://bucket-name --force
Download S3 object to local
aws s3 cp s3://bucket-name
download: ./backup.tar from s3://bucket-name/backup.tar
Upload local file as S3 object
aws s3 cp backup.tar s3://bucket-name
upload: ./backup.tar to s3://bucket-name/backup.tar
Delete S3 object
aws s3 rm s3://bucket-name/file.gz .
delete: s3://bucket-name/file.gz
Download bucket to local
aws s3 sync s3://bucket-name/ /media/pasport-ultra/backup
Upload local directory to bucket
aws s3 sync (directory) s3://bucket-name/
Share S3 object without public access
aws s3 presign s3://bucket-name/file-name --expires-in (time value)
https://bucket-name.s3.amazonaws.com/file-name.pdf?AWSAccessKeyId=(key)&Expires=(value)&Signature=(value)