Comenzi utile AWS-CLI

AWS CLI configurare profile multiple

Exemplul de config de mai jos ( ~/.aws/config ) contine 3 profile diferite (qa, stage si prod), utilizand un cont (admin@linuxtm.ro) cu acces de a schimba rolul de IAM (allow-admin) si 2 factor authentication activ pentru contul respectiv.

[default]
region = eu-central-1
output = text

[profile qa]
role_arn = arn:aws:iam::888888999990:role/allow-admin
mfa_serial = arn:aws:iam::111111222222:mfa/admin@linuxtm.ro
source_profile = default

[profile stage]
role_arn = arn:aws:iam::888888999991:role/allow-admin
mfa_serial = arn:aws:iam::111111222222:mfa/admin@linuxtm.ro
source_profile = default

[profile prod]
role_arn = arn:aws:iam::888888999992:role/allow-admin
mfa_serial = arn:aws:iam::111111222222:mfa/admin@linuxtm.ro
source_profile = default

ECR get-login folosind un profil

aws --profile qa ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin 444444455555.dkr.ecr.eu-central-1.amazonaws.com

aws --profile stage ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin 444444455555.dkr.ecr.eu-central-1.amazonaws.com

Copiere fisier local intr-un bucket

aws s3 cp test.txt s3://mybucket/test2.txt

Copiere fisier local intr-un bucket cu o data de expirare

aws s3 cp test.txt s3://mybucket/test2.txt --expires 2014-10-01T20:30:00Z

Copiere fisier din S3 pe local in directorul curent

aws s3 cp s3://mybucket/test.txt .

Copiere recursiva de fisiere de pe local in S3

aws s3 cp myDir s3://mybucket/ --recursive --exclude "*.jpg"

Copiere fisier din S3 in S3

aws s3 cp s3://mybucket/test.txt s3://mybucket/test2.txt

Diverse

Obtinere detalii conectare Elasticache (Redis) - cluster id, apoi endpoint si port:

aws elasticache describe-cache-clusters --output text --query 'CacheClusters[].CacheClusterId')

aws elasticache describe-cache-clusters --cache-cluster-id clusterul-tau-aici --show-cache-node-info --output text --query 'CacheClusters[].CacheNodes[].Endpoint[].Address')

aws elasticache describe-cache-clusters --cache-cluster-id clusterul-tau-aici --show-cache-node-info --output text --query 'CacheClusters[].CacheNodes[].Endpoint[].Port')

Obtinere cheie SSH din Secrets Manager

aws secretsmanager get-secret-value --region eu-west-1 --secret-id NUME_CHEIE --output=text --query 'SecretString' | sed 's/"//g' | cut -d ':' -f 2 | tr -d '{}' | awk '{$1=$1};1'

Stergere DEFINER pentru import in RDS

sed -i 's/DEFINER=[^*]*\*/\*/g' mydatabase.sql