[AWS] These are the helpful commands in AWS – awscli

Posted on By nim No Comments on [AWS] These are the helpful commands in AWS – awscli

Install aws cli

apt update -y
apt install unzip -y

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip > /dev/null 2>&1
sudo ./aws/install > /dev/null 2>&1

vì nếu chạy bằng script thì tạo nhiều log ở stdout nền bạn có thể sử dụng /dev/null 2>&1 ở cuối command.
https://askubuntu.com/questions/474556/hiding-output-of-a-command

No such file or directory: ‘less’: ‘less’

[Errno 2] No such file or directory: 'less': 'less'
Exited with code exit status 255

https://github.com/aws/aws-cli/issues/5038#issue-575848470

sudo apt-get update && sudo apt-get install -yy less

aws ….

Mình sẽ note command hay sài trên aws:

>>>>>
>>>>>
>>>>>

aws configure --profile <profile-name>

aws configure list-profiles

aws sts get-caller-identity --profile <profile-name>

aws eks --region <region_name> update-kubeconfig --name <eks_cluster_name> --profile <profile-name>

aws eks list-clusters --region <region_name> --profile <profile_name>

aws eks --region <region-code> update-kubeconfig --name <cluster_name>
aws eks --region us-east-1 update-kubeconfig --name SAP-dev-eksdemo
grep -rH "text" /folder

Security Group for Inbound Connection

#https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-security-group-rules.html
aws ec2 describe-security-group-rules \
    --filter Name="group-id",Values="sg-0ead082eb96a4cfd8" \
    --profile dev-mdcl-nimtechnology-engines

aws ec2 describe-security-groups --group-ids sg-0ead082eb96a4cfd8 --profile dev-mdcl-nimtechnology-engines

aws ec2 authorize-security-group-ingress --group-id sg-0ead082eb96a4cfd8 --protocol tcp --port 443 --cidr 0.0.0.0/0 --profile dev-mdcl-nimtechnology-engines

####delete Rule in SecGroup
aws ec2 revoke-security-group-ingress --group-id sg-0ead082eb96a4cfd8 --security-group-rule-ids sgr-xxxxx --profile dev-mdcl-nimtechnology-engines --region us-west-2

AWS Configure Bash One Liner

https://stackoverflow.com/questions/34839449/aws-configure-bash-one-liner

aws configure set aws_access_key_id "AKIAI44QH8DHBEXAMPLE" --profile user2 \
&& aws configure set aws_secret_access_key "je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY" --profile user2 \
&& aws configure set region "us-east-1" --profile user2 \
&& aws configure set output "text" --profile user2

>>>>using environment
aws configure set aws_access_key_id "$AWS_ACCESS_KEY_ID" --profile user2 \
&& aws configure set aws_secret_access_key "$AWS_ACCESS_KEY_SECRET" --profile user2 \
&& aws configure set region "$AWS_REGION" --profile user2 \
&& aws configure set output "text" --profile user2

IAM

EC2

s3

https://github.com/rishabkumar7/cloud-cheat-sheets

Secrets Manager.

https://www.learnaws.org/2022/08/28/aws-cli-secrets-manager/#how-to-list-all-secrets

ECR

Retagging an image: https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-retag.html

You can retag without pulling or pushing the image with Docker.

Mình có tìm được 1 script của 1 anh trai:

Để chạy được script trên thì:

chmod +x ecr_add_tag.sh

Source the Script: You can source the script into your shell so that you can use the ecr-add-tag function directly:

source ecr_add_tag.sh

How to Use the Function
After sourcing the script, you can use the function ecr-add-tag in your terminal as follows:

ecr-add-tag ECR_REPO_NAME TAG_TO_FIND TAG_TO_ADD [AWS_PROFILE]
  • ECR_REPO_NAME: The name of the ECR repository.
  • TAG_TO_FIND: The existing tag of the image you want to re-tag.
  • TAG_TO_ADD: The new tag you want to add to the image.
  • [AWS_PROFILE]: (Optional) The AWS profile to use. If not provided, the default profile is used.

Example:

ecr-add-tag my-ecr-repo 1.0.0 1.0.1 my-aws-profile

Script to be easier

#!/usr/bin/env bash

# Disable AWS CLI pager
export AWS_PAGER=""

# Check for the correct number of arguments
if (( $# < 3 )); then
  echo "Wrong number of arguments. Usage: $0 ECR_REPO_NAME TAG_TO_FIND TAG_TO_ADD [AWS_PROFILE]"
  exit 1
fi

# Parse the arguments
repo_name=$1
existing_tag=$2
new_tag=$3
profile=$4

# If a profile is provided, format it correctly
[[ ! -z "$profile" ]] && profile="--profile ${profile}"

# Fetch the existing image manifest
manifest=$(aws ecr batch-get-image ${profile} \
                    --repository-name $repo_name \
                    --image-ids imageTag=$existing_tag \
                    --query 'images[].imageManifest' \
                    --output text)

# Add the new tag to the image
aws ecr put-image ${profile} \
                  --repository-name $repo_name \
                  --image-tag $new_tag \
                  --image-manifest "${manifest}"

Sau đó bạn run:

bash ecr-add-tag.sh alpine/terragrunt 1.1.7-eks 1.1.7-eks.v6 nim-dev
AWS - Amazon Web Service

More Related Articles

[AWS] Solutions Architect Professional: Lesson 1 – Identity & Federation AWS - Amazon Web Service
[EKS] Adjusting things to migrate EKS legacy to new versions. AWS - Amazon Web Service
[Kaniko/Bitbucket/ECR] Accomplish the workflow: CI by bitbucket pipeline, Kaniko build image and push image to ECR AWS - Amazon Web Service
[Terraform] Solve “Redundant ignore_changes element” on EKSmodule AWS - Amazon Web Service
[Terraform] Error: InvalidPermission.Duplicate: the specified rule AWS - Amazon Web Service
[AWS] View Windows AMIs that have faster launching enabled AWS - Amazon Web Service

Leave a Reply

Your email address will not be published. Required fields are marked *