Roy “rat” Tokeshi – Page 2

How do I list all instances in my region using AWS CLI?

by Roy "rat" Tokeshi on April 12, 2023

To list all instances in the AWS CLI, you can use the aws ec2 describe-instances command. Here’s an example:

aws ec2 describe-instances

This will return a list of all instances in your default region, along with their details such as instance ID, instance type, status, and more.

If you want to filter the results based on certain criteria, you can use various filters with the --filters option. For example, if you only want to list instances with a specific tag, you can use the following command:aws ec2 describe-instances --filters "Name=tag:Name,Values=my-instance"

This will only return instances that have a tag named “Name” with a value of “my-instance”. You can modify the filter to suit your needs.

Note that you’ll need to have the appropriate permissions to run this command. If you encounter any issues, check your IAM user’s permissions or consult with your AWS administrator.

To only get the output of just instance IDs in the AWS CLI, you can use the --query parameter with a JMESPath expression. Here’s an example command:

aws ec2 describe-instances --query 'Reservations[].Instances[].InstanceId' --output text

This command uses a JMESPath expression to query the InstanceId attribute of each instance and return only that value. The --output parameter is set to text to ensure that the output is in plain text format.

The result will be a list of instance IDs.

Remember that you can run was CLI commands at the bottom of the console by enabling CloudShell.

Uncategorized

Install Terraform on a Mac,

by Roy "rat" Tokeshi on March 17, 2023

To install Terraform on a Mac, you can follow these steps:

Option 1

Use Brew

brew tap hashicorp/tap
brew install hashicorp/tap/terraform

Option 2

Download the Terraform package: Go to the Terraform downloads page at https://www.terraform.io/downloads.html and download the package for your Mac. You can choose between a 32-bit or 64-bit version.

Unzip the package: Once you download the package, unzip it to a directory of your choice. You can use the following command in the terminal:

unzip terraform__darwin_amd64.zip

Replace with the version number of the package you downloaded.

Move the binary to a directory in your PATH: Once you unzip the package, move the Terraform binary to a directory in your PATH. You can use the following command in the terminal:

sudo mv terraform /usr/local/bin/

This will move the binary to the /usr/local/bin directory, which is usually included in the PATH environment variable.

Verify the installation: To verify that Terraform is installed correctly, open a new terminal window and run the following command:

terraform version

This should display the version number of the Terraform binary you installed.

That’s it! You have now installed Terraform on your Mac and are ready to use it to manage your infrastructure.

Amazon WorkSpaces

Use the AWS CLI to get what user we assign to what Amazon WorkSpaces instance

by Roy "rat" Tokeshi on February 15, 2023

To use the AWS CLI to get what user we assign to what Amazon WorkSpaces, you can use the describe-workspaces command and filter the output to show the username for each workspace. Here is an example command that you can use:

aws workspaces describe-workspaces --query “Workspaces[*].[WorkspaceId, UserName]“ --output text

This command uses the describe-workspaces command to get information about all workspaces in your AWS account. The --query option is used to filter the output to only show the WorkspaceId and UserName for each WorkSpace, and the --output option is set to text to display the output in a simple text format.

The output of this command will be a list of WorkSpace IDs and their assigned usernames, separated by tabs. You can redirect the output to a file or pipe it to another command to process the data further. For example, you could use the grep command to filter the output to show only the workspaces assigned to a particular user:

aws workspaces describe-workspaces --query “Workspaces[*].[WorkspaceId, UserName]“ --output text | grep john.doe

This command will filter the output to show only the workspaces assigned to the user with the username “john.doe”. You can replace “john.doe” with the username of the user you want to find.

Terraform

How do I use Terraform to enable local zones in AWS?

by Roy "rat" Tokeshi on February 15, 2023

To enable AWS Local Zones using Terraform, you can use the “aws_local_zone” resource type in Terraform. The following is an example of how to declare this resource in Terraform configuration file:

resource "aws_local_zone" "example" {
  name = "example-local-zone"
}

In the above example, the aws_local_zone resource type creates a new Local Zone with the name “example-local-zone”.

You can also specify other parameters such as the parent region for the Local Zone and the provider for the resource.

provider "aws" {
  region = "us-west-2"
}

resource "aws_local_zone" "example" {
  name    = "example-local-zone"
  parent_region = "us-west-2"
}

Once you have declared the resource in Terraform configuration, you can run terraform apply to create the Local Zone. You can also use terraform plan to preview the changes that will be made before applying.

Note: Before using Terraform to enable Local Zones, you need to have the necessary permissions and resources available in your AWS account.

Amazon Web Services (AWS)

What if I have deleted my Default VPC in AWS?

by Roy "rat" Tokeshi on February 13, 2023

If you have deleted your default VPC in AWS, you can create a new default VPC. A default VPC is a VPC that is automatically created for your AWS account when you create an AWS account. It is the VPC that is automatically selected for new instances and other AWS resources that you launch.

To create a new default VPC, follow these steps:

Sign in to the AWS Management Console and navigate to the VPC dashboard.
In the navigation pane, choose VPCs, and then choose Create VPC.
In the Create VPC dialog box, enter a name and CIDR block for the VPC. The CIDR block is the range of IP addresses that are available for use in the VPC.
Choose the region in which to create the VPC.
Choose the Enable DNS hostnames option to enable instances in the VPC to resolve hostnames to IP addresses.
Choose the Create VPC button.
Wait for the VPC to be created and for its status to become available.

Once the VPC is created, you can use it as your default VPC for new instances and other AWS resources that you launch. You can also create subnets, security groups, and other network resources as needed to support your applications.

Amazon Web Services (AWS)

How Can I Create A Gateway Endpoints For Amazon S3 using BASH

by Roy "rat" Tokeshi on February 13, 2023

You can create a gateway endpoint for Amazon S3 using the AWS CLI. Here’s an example of a bash script that creates a gateway endpoint for S3:

#!/bin/bash

# Set the AWS CLI region
aws configure set default.region us-west-2

# Define the VPC ID and the subnet IDs
vpc_id="vpc-12345678"
subnet_ids="subnet-12345678 subnet-23456789"

# Create the gateway endpoint for Amazon S3
aws ec2 create-vpc-endpoint \
    --vpc-id vpc-1a2b3c4d \
    --service-name com.amazonaws.us-east-1.s3 \
    --route-table-ids rtb-11aa22bb

In this example, replace vpc-12345678 with the ID of the VPC in which you want to create the endpoint, replace subnet-12345678 and subnet-23456789 with the IDs of the subnets in which to create the endpoint, and replace sg-12345678 with the ID of the security group to associate with the endpoint.

The aws ec2 create-vpc-endpoint command creates the gateway endpoint for Amazon S3, using the specified VPC ID, subnet IDs, security group ID, and endpoint type. Once the endpoint is created, you can use it to access Amazon S3 resources from instances within your VPC without using the public internet.

Note: You will need to have the necessary IAM permissions to create VPC endpoints in order to run this script. You can find more information on the necessary IAM permissions in the AWS documentation.

Amazon Web Services (AWS)

How Can I Create A Gateway Endpoints For Amazon S3 In the AWS Console

by Roy "rat" Tokeshi on February 13, 2023

To create a gateway endpoint for Amazon S3 in the AWS Management Console, follow these steps:

Sign in to the AWS Management Console and navigate to the VPC dashboard.
In the navigation pane, choose Endpoints, and then choose Create Endpoint.
In the Create Endpoint dialog box, choose the VPC in which you want to create the endpoint.
Choose the Service category as Amazon S3, and then choose the S3 service.
Choose the VPC subnets in which you want to create the endpoint. You can choose one or more subnets.
Choose the security group you want to associate with the endpoint. You can use an existing security group or create a new one.
Choose the type of endpoint you want to create. For a gateway endpoint, choose Gateway.
Choose Create endpoint.
Wait for the endpoint to be created and for its status to become available.

Once the endpoint is created and available, you can use it to access Amazon S3 resources from instances within your VPC without using the public internet. This can help improve security, performance, and reliability for your S3 access.

Amazon Web Services (AWS)

How can I create a Gateway endpoints for Amazon S3 in CloudFormation

by Roy "rat" Tokeshi on February 12, 2023

You can create a VPC endpoint for Amazon S3 in AWS CloudFormation using the AWS::EC2::VPCEndpoint resource type. Here’s an example of a CloudFormation template that creates a VPC endpoint for S3:

---
AWSTemplateFormatVersion: '2010-09-09'
Resources:
  S3VPCEndpoint:
    Type: AWS::EC2::VPCEndpoint
    Properties:
      VpcId: !Ref VPC
      ServiceName: com.amazonaws.us-west-2.s3
      RouteTableIds:
        - !Ref PublicRouteTable
      SubnetIds:
        - !Ref PublicSubnet1
        - !Ref PublicSubnet2
      SecurityGroupIds:
        - !Ref SecurityGroup
      PolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Action: '*'
            Effect: Allow
            Principal: '*'
            Resource: '*'
      VpcEndpointType: Interface

Parameters:
  VPC:
    Type: AWS::EC2::VPC::Id
  PublicRouteTable:
    Type: AWS::EC2::RouteTable::Id
  PublicSubnet1:
    Type: AWS::EC2::Subnet::Id
  PublicSubnet2:
    Type: AWS::EC2::Subnet::Id
  SecurityGroup:
    Type: AWS::EC2::SecurityGroup::Id

In this example, the AWS::EC2::VPCEndpoint resource creates the VPC endpoint for Amazon S3, using the specified VPC ID, subnet IDs, security group ID, and endpoint type. The RouteTableIds, SubnetIds, and SecurityGroupIds properties define the network resources to associate with the endpoint. The PolicyDocument property defines the permissions for the endpoint.

Note: You will need to have the necessary IAM permissions to create VPC endpoints and CloudFormation templates in order to use this CloudFormation template. You can find more information on the necessary IAM permissions in the AWS documentation.

Amazon Web Services (AWS)

How do I create a CloudFormation template to enable local zones?

by Roy "rat" Tokeshi on February 12, 2023

Here is an example of a CloudFormation template that enables a specific Local Zone in an AWS region:

AWSTemplateFormatVersion: '2010-09-09'
Resources:
     LocalZone:
          Type: AWS::EC2::AvailabilityZoneGroup
          Properties:
               GroupName: LocalZoneGroup
               SupportedPlatforms:
                    - add:
                         - "zone_name"

In this example, replace “zone_name” with the name of the Local Zone you want to enable. This CloudFormation template creates an availability zone group named “LocalZoneGroup” and adds the specified Local Zone to the group. Once this CloudFormation stack has been created, the specified Local Zone will be enabled for use in your AWS environment.

You can also modify this CloudFormation template to enable multiple Local Zones by adding additional elements to the SupportedPlatforms list. Use the AWS CLI or the AWS Management Console to manage and configure the Local Zones that have been enabled using this CloudFormation template.

Amazon Web Services (AWS)

Write A Script To Enable All Active Directories For Amazon WorkSpaces

by Roy "rat" Tokeshi on February 12, 2023

Here’s an example of a bash script that enables all active directories in an AWS account for use with Amazon WorkSpaces using the AWS CLI:

#!/bin/bash

# Set the AWS CLI region
aws configure set default.region us-west-2

# Get a list of all the active directories in the AWS account
active_directories=$(aws ds list-directories --query 'DirectoryDescriptions[].DirectoryId' --output text)

# Loop through the list of active directories
for directory in $active_directories; do
  # Enable the directory for use with Amazon WorkSpaces
  aws workspaces enable-workspace-directory --directory-id $directory

  # Confirm that the directory has been enabled
  enabled_directories=$(aws workspaces describe-workspace-directories --directory-ids $directory --query 'Directories[].DirectoryId' --output text)
  if [ $enabled_directories == $directory ]; then
    echo "Success: Directory $directory has been enabled for use with Amazon WorkSpaces."
  else
    echo "Error: Directory $directory could not be enabled for use with Amazon WorkSpaces."
  fi
done

In this example, the AWS CLI is used to retrieve a list of all the active directories in the AWS account, and the bash script loops through that list, enabling each directory for use with Amazon WorkSpaces. The script then confirms that each directory has been successfully enabled by checking the list of enabled directories. If a directory has been successfully enabled, the script will print a success message, and if not, it will print an error message.

This script enables all the active directories in the AWS account for use with Amazon WorkSpaces. You can modify this script to fit your specific needs, such as filtering the list of active directories based on certain criteria.

The register-workspace-directory command is used to register a directory in Amazon WorkSpaces, which enables you to use Amazon WorkSpaces with your existing directory.

Here’s an example of how you can use the register-workspace-directory command in the AWS CLI:

aws workspaces register-workspace-directory --directory-id d-1234567890 --subnet-ids subnet-1234567890 subnet-2345678901 --enable-work-docs true --enable-self-service true

In this example, d-1234567890 is the ID of the directory you want to register, subnet-1234567890 and subnet-2345678901 are the IDs of the subnets in which to launch Amazon WorkSpaces, --enable-work-docs true enables Amazon WorkDocs for the directory, and --enable-self-service true enables self-service capabilities for your users.

You can also specify other optional parameters when using the register-workspace-directory command, such as the default organizational unit (OU) for your WorkSpaces and the default security group for your WorkSpaces. You can find more information on these parameters and the register-workspace-directory command in the Amazon WorkSpaces documentation.