Questions tagged [aws-cli]
aws-cli is the Amazon Web Services Command Line Interface
388
questions
398
votes
27
answers
487k
views
How can I get the size of an Amazon S3 bucket?
I'd like to graph the size (in bytes, and # of items) of an Amazon S3 bucket and am looking for an efficient way to get the data.
The s3cmd tools provide a way to get the total file size using s3cmd ...
71
votes
3
answers
69k
views
Search ec2 instance by its name from aws command line tool
I have an instance named dev-server-03. Now how can I search all dev-server-* instances from command line?
I am using aws cli tool.
64
votes
8
answers
278k
views
What is causing Access Denied when using the aws cli to download from Amazon S3?
I'm really flailing around in AWS trying to figure out what I'm missing here. I'd like to make it so that an IAM user can download files from an S3 bucket - without just making the files totally ...
63
votes
4
answers
92k
views
Download SSL certificate from aws certificate manager
I am using aws certificate manager for managing SSL. Recently I purchased a wildcard ssl *.example-private.com Now I need that SSL certificate to deploy on enterprise git instance on aws.
How can i ...
28
votes
5
answers
15k
views
How to list all VPC dependencies in AWS CLI?
I want to delete VPC through CLI. But get an error:
A client error (DependencyViolation) occurred when calling the DeleteVpc operation: The vpc 'vpc-xxx' has dependencies and cannot be deleted.
How ...
26
votes
2
answers
50k
views
Deleting S3 files with a given prefix only
We have a bucket with more than 500,000 objects in it.
I'm assigned a job where I've to delete files which have a specific prefix. There are around 300,000 files with the given prefix in the bucket.
...
23
votes
6
answers
70k
views
How would you go about listing instances using aws cli in certain VPC with the Tag Name, private IP address of instance and instance id?
The closest I have get is using the following commands.
This command manage to lists all name of instances.
aws ec2 describe-instances --filters Name=vpc-id,Values=vpc-e2f17e8b --query 'Reservations[...
21
votes
3
answers
42k
views
How to find out an ec2 instance's private and public IP via aws cli?
Answers I found so far (e.g. Find out public ip address of the EC2 server) suggest using wget or curl to reach the server.
They are not useful for me because my ec2 instances are not reachable from ...
18
votes
5
answers
35k
views
Is it possible to get aws ec2 instance id based on its IP address
I have list of IP addressed, I want to find if instances associated with the IP address are still running or terminated. I am launching and terminating lot of instances on daily basis, just want to ...
18
votes
1
answer
26k
views
Elastic Beanstalk stuck for more than 12 hrs
I have an EB application that is stuck with this error: Failed Environment update activity. Reason: Internal Failure. I can not abort anything and I cannot change any configuration.. I dont know what ...
18
votes
1
answer
22k
views
2 ELBs (ALBs) to 1 target group, possible?
I have the following scheme:
Internet <-> elb1external <-> varnish <-> elb2internal <-> targetgroupofwebnodes
But some /static/* & /media/* are routed to targetgroupofwebnodes from ...
17
votes
4
answers
16k
views
Recursively changing the content-type for files of a given extension on Amazon S3
I have a large S3 bucket with a nested "folder" structure containing (among other things) static .json and .md files. Theses files are being served by S3 as text/plain rather than the correct ...
17
votes
3
answers
25k
views
How to add a Tag when launching an ec2 instance using aws clis
I am trying to create an instance in ec2 using CLI.
Is there anyway to specify tags to the instance when using CLI to create instances?
aws ec2 run-instances --image-id $ami_id --key-name $...
17
votes
1
answer
32k
views
How to “switch role” in aws-cli?
I'm contracting for a company that has multiple aws accounts. They gave me access to the Login account and I "Switch Role" in the web console to the Project account I work on. In the web gui it works. ...
16
votes
5
answers
33k
views
Download EBS volume or snapshot to file
Is there any way to dump/save EBS volume/snapshot to file or mount it to local Linux file-system?
I found only this old thread and this script which intends to save it via S3 and doesn't seem very ...
15
votes
2
answers
42k
views
Is there any way of viewing, in AWS, what ips in a subnet have been allocated?
Is there any way of seeing what ip addresses AWS thinks have been allocated in a subnet? I've run a ping scan, and I've checked our internal ip management software, and there should be more than 8 ips ...
14
votes
2
answers
13k
views
How to set a binary secret value from the CLI for AWS Secrets Manager
How do I set a binary value on a secret in AWS Secrets Manager using the CLI?
The docs say:
--secret-binary (blob)
(Optional) Specifies binary data that you want to encrypt and store in the ...
13
votes
1
answer
21k
views
Filtering AMI by name using aws-cli
Is there a way to filter public AMIs that contain a particular string (say abcd)?
The command:
aws ec2 describe-images --filters Name=name,Values=abcd
returns only those AMIs that exactly match ...
13
votes
3
answers
17k
views
How to find out when an EC2 instance was shutdown?
I have hundreds of instances in the EC2 web console.
Some are shutdown. I can see that they were created many months or years ago. They seem abandoned and forgotten for a while but it's hard to tell ...
12
votes
2
answers
6k
views
Updating AWS CLI on Ubuntu 14.04
I installed awscli on my EC2 instance using apt-get install.
The version is still aws-cli/1.2.9 and no longer updates if I use apt-get upgrade awscli. The latest release from what I Googled is 1.10....
11
votes
4
answers
29k
views
What is the proper way to log in to ECR?
Currently, I have this command in my bash script for building & pushing an image to Amazon ECR
docker login -u AWS -p "$(aws ecr get-login-password)" "https://$(aws sts get-caller-identity --...
11
votes
4
answers
12k
views
How to update AWS CLI tools on AWS Linux?
I am running "Amazon Linux AMI release 2010.11.2". I noticed that the AWS CLI tools are outdated.
I have tried to use yum update and yum upgrade but it's telling me that the packages are already at ...
11
votes
5
answers
39k
views
The config profile (adminuser) could not be found
I have an IAM user adminuser which is in the Administrators group (having AdministratorAccess).
I have used aws configure to set up the settings.
~/.aws/config
[default]
region = us-east-1
output = ...
11
votes
1
answer
13k
views
AWS CLI throws "Unable to locate credentials", the second time it's run
I'm trying to download some files from S3 to an EC2 instance using the AWS CLI (1.8.7) on startup using a User-Data Script. This instance has a IAM Role & Instance Profile with the appropriate ...
10
votes
2
answers
6k
views
How to set name in command line when running `aws ec2 run-instances
How to give Name in command line when running aws ec2 run-instances ?
I don't find it in the official docs
10
votes
4
answers
16k
views
fetch autoscaling group name in AWS
Folks,
I am writing a script that will export the tags for a running instance as environment variables.
Problem with autoscaling groups, is that these tags are not available to the instance.
How ...
9
votes
4
answers
21k
views
Why can't I capture AWS EC2 CLI Output in Bash?
I am trying to capture the output of an aws ec2 delete-snapshot in a Bash script command but I cannot get anything to capture the output. I have tried result=$(command), result=`command` etc. but when ...
9
votes
1
answer
11k
views
Refreshing AWS temporary credentials
We use an authentication process for AWS whereby you authenticate, do an MFA step, and are then granted credentials that are valid for an hour. Usually these are then put in ~/.aws/credentials. ...
8
votes
2
answers
12k
views
aws-cli describe-instances, find by date range
Using the aws-cli client (https://github.com/aws/aws-cli), is there a way to find instances using a date range filter? Or using an "earlier than X date" or "last X days" filter?
It seems that the ...
8
votes
4
answers
17k
views
Which IAM permissions are needed for ec2-create-image?
I looked through the official docs and couldn't seem to find any reference as to which permissions the IAM user needs in order to be able to use this command.
I want the IAM user to only be able to ...
8
votes
1
answer
15k
views
How to check via aws cli if a specific rds instance exists?
I want my bash script to detect, if an AWS RDS instance with a specific name exists already.
This is what I tried:
#!/usr/bin/env bash
DBINSTANCEIDENTIFIER=greatdb
EXISTINGINSTANCE=$(aws rds ...
8
votes
2
answers
13k
views
I'm trying to use "aws s3 sync" on my EC2 instance. Is the '--exclude' option broken?
I'm trying to backup my EC2 instance to S3 using Amazon's official tools that come preinstalled on the EC2 instance. I'm having difficulty getting the sync command to exclude directories from the sync....
7
votes
1
answer
16k
views
Access Denied when syncing between s3 buckets on different AWS accounts
I'm trying to setup sync between two buckets on different AWS accounts.
I got cp working with:
@ubuntu:~$ s3cmd cp -v s3://src/dir/ s3://dest/folder --recursive
I am the user who owns /src/dir and ...
7
votes
2
answers
6k
views
Is there a way to retrieve all contents from a versioned Amazon S3 bucket as of a particular datetime
Is it possible via the AWS CLI or via some third-party tool to easily download all contents of a versioned bucket as it was on a particular datetime?
I.E. I would like to retrieve the version of each ...
7
votes
5
answers
10k
views
Do AWS Servers need fail2ban?
I saw that while I was creating my AWS instance I opted for only my IP address being able to access my server. Also There is a RSA key that is configured for you. In this case do I really need ...
7
votes
1
answer
5k
views
How to set up IAM Role Permissions for VPC CloudWatch logs?
I am trying to allow aws to start my log service, and I have my log streams, and log groups added already.
When i got to my VPC dashboard, the status of the Flow Log I'm interested in says:
Access ...
7
votes
1
answer
5k
views
AWS - VPC creation date
Could you possibly let me know how I can check when the VPC has been created? Or how to check in cloudtrail who created vpc via cli?
I've tried to use cloudtrail and search in event name for CreateVpc ...
6
votes
10
answers
26k
views
AWS EKS update-kubeconfig does not respect --role-arn flag
Whenever I run the following command with the role that that was used to create the eks cluster...
aws eks update-kubeconfig --name eks-cluster --role-arn arn:aws:iam::999999999999:role/...
6
votes
2
answers
10k
views
python boto3 allow ingress security groups
I am developing a simple python script to add rules to securitygroups, and I am wondering what is the difference between the two methods available within boto3: authorize_security_group_ingress(**...
6
votes
1
answer
7k
views
Does AWS cli do a data integrity check on sync with s3? [closed]
I've been looking into using AWS cli for data integrity checks to verify a backup has been transferred from a Linux file server correctly to AWS s3. Likewise, I would like to verify when restoring a ...
6
votes
1
answer
3k
views
start-instances working from console but not from AWS CLI
My team and I have recently experienced an odd issue regarding the AWS CLI.
We are trying to use the CLI to start and stop several EC2 instances. While testing commands on single instances we have ...
6
votes
2
answers
11k
views
Where to get proper `region name` and `output format` for AWS configuration?
I'm trying to get log events via my aws server. I log into the server as usual, and then I enter the following command:
sudo aws logs get-log-events --log-group-name <myLogs> --log-stream-...
6
votes
3
answers
7k
views
Why is terraform erring with 'SignatureDoesNotMatch: Signature expired'?
I started getting the following when running terraform commands:
$ terraform refresh
Error refreshing state: 1 error(s) occurred:
* SignatureDoesNotMatch: Signature expired: 20170226T035111Z is now ...
6
votes
2
answers
3k
views
AWS Root volume Encryption
In my scenario, I have some old EBS volumes that are not encrypted. To satisfy new corporate security measures, all data needs to be encrypted so I need to compile a plan to encrypt the unencrypted ...
6
votes
1
answer
18k
views
Access denied copying files using S3 CLI
Attempting to pull down the contents of an S3 bucket using the AWS CLI, I'm getting the following:
aws s3 cp --region us-east-1 s3://s3.amazonaws.com/my-bucket . --recursive
A client error (...
6
votes
2
answers
5k
views
AWS-CLI - Find ELB by Name tag
I'm trying to find a load balancer that has a Name tag with some value.
aws elb describe-load-balancers --query 'LoadBalancerDescriptions[*].LoadBalancerName'
I'm iterating over the results and ...
6
votes
2
answers
5k
views
Access Denied when calling the CreateInvalidation operation on AWS CLI
I am attempting to create a command that will invalidate CloudFront distribution when pushing out new code. This is an attempt to fix the issue that new HTML pushed out doesn't take up to 24 hours to ...
6
votes
2
answers
7k
views
I can't upload server certificate on AWS IAM
I got AWS iam working on my server, and trying to upload some certificates:
aws iam upload-server-certificate --server-certificate-name domain2014
--certificate-body file:///var/www/html/certificate....
5
votes
2
answers
310
views
Can SSH to EC2 But Forgot Account
I have an EC2 micro instance that has been running for years. I can still SSH into it, but I've completely forgotten the email address I used to create it.
I had been moving from email to email every ...
5
votes
2
answers
3k
views
get a list of instances on ec2 without termination protection?
I want to get a list of instances on ec2 without termination protection.
Before I code something to do this, is there something hidden in the aws cli for this ?