close

Roy "rat" Tokeshi

Amazon WorkSpaces

Use the AWS CLI to get what user we assign to what Amazon WorkSpaces instance

by Roy "rat" Tokeshi on

To use the AWS CLI to get what user we assign to what Amazon WorkSpaces, you can use the describe-workspaces command and filter the output to show the username for each workspace. Here is an example command that you can use:

aws workspaces describe-workspaces --query “Workspaces[*].[WorkspaceId, UserName]“ --output text

This command uses the describe-workspaces command to get information about all workspaces in your AWS account. The --query option is used to filter the output to only show the WorkspaceId and UserName for each WorkSpace, and the --output option is set to text to display the output in a simple text format.

The output of this command will be a list of WorkSpace IDs and their assigned usernames, separated by tabs. You can redirect the output to a file or pipe it to another command to process the data further. For example, you could use the grep command to filter the output to show only the workspaces assigned to a particular user:

aws workspaces describe-workspaces --query “Workspaces[*].[WorkspaceId, UserName]“ --output text | grep john.doe

This command will filter the output to show only the workspaces assigned to the user with the username “john.doe”. You can replace “john.doe” with the username of the user you want to find.

read more
Terraform

How do I use Terraform to enable local zones in AWS?

by Roy "rat" Tokeshi on

To enable AWS Local Zones using Terraform, you can use the “aws_local_zone” resource type in Terraform. The following is an example of how to declare this resource in Terraform configuration file:

resource "aws_local_zone" "example" {
  name = "example-local-zone"
}

In the above example, the aws_local_zone resource type creates a new Local Zone with the name “example-local-zone”.

You can also specify other parameters such as the parent region for the Local Zone and the provider for the resource.

provider "aws" {
  region = "us-west-2"
}

resource "aws_local_zone" "example" {
  name    = "example-local-zone"
  parent_region = "us-west-2"
}

Once you have declared the resource in Terraform configuration, you can run terraform apply to create the Local Zone. You can also use terraform plan to preview the changes that will be made before applying.

Note: Before using Terraform to enable Local Zones, you need to have the necessary permissions and resources available in your AWS account.

read more
Amazon Web Services (AWS)

What if I have deleted my Default VPC in AWS?

by Roy "rat" Tokeshi on

If you have deleted your default VPC in AWS, you can create a new default VPC. A default VPC is a VPC that is automatically created for your AWS account when you create an AWS account. It is the VPC that is automatically selected for new instances and other AWS resources that you launch.

To create a new default VPC, follow these steps:

  1. Sign in to the AWS Management Console and navigate to the VPC dashboard.
  2. In the navigation pane, choose VPCs, and then choose Create VPC.
  3. In the Create VPC dialog box, enter a name and CIDR block for the VPC. The CIDR block is the range of IP addresses that are available for use in the VPC.
  4. Choose the region in which to create the VPC.
  5. Choose the Enable DNS hostnames option to enable instances in the VPC to resolve hostnames to IP addresses.
  6. Choose the Create VPC button.
  7. Wait for the VPC to be created and for its status to become available.

Once the VPC is created, you can use it as your default VPC for new instances and other AWS resources that you launch. You can also create subnets, security groups, and other network resources as needed to support your applications.

read more
Amazon Web Services (AWS)

How Can I Create A Gateway Endpoints For Amazon S3 using BASH

by Roy "rat" Tokeshi on

You can create a gateway endpoint for Amazon S3 using the AWS CLI. Here’s an example of a bash script that creates a gateway endpoint for S3:

#!/bin/bash

# Set the AWS CLI region
aws configure set default.region us-west-2

# Define the VPC ID and the subnet IDs
vpc_id="vpc-12345678"
subnet_ids="subnet-12345678 subnet-23456789"

# Create the gateway endpoint for Amazon S3
aws ec2 create-vpc-endpoint \
    --vpc-id vpc-1a2b3c4d \
    --service-name com.amazonaws.us-east-1.s3 \
    --route-table-ids rtb-11aa22bb

In this example, replace vpc-12345678 with the ID of the VPC in which you want to create the endpoint, replace subnet-12345678 and subnet-23456789 with the IDs of the subnets in which to create the endpoint, and replace sg-12345678 with the ID of the security group to associate with the endpoint.

The aws ec2 create-vpc-endpoint command creates the gateway endpoint for Amazon S3, using the specified VPC ID, subnet IDs, security group ID, and endpoint type. Once the endpoint is created, you can use it to access Amazon S3 resources from instances within your VPC without using the public internet.

Note: You will need to have the necessary IAM permissions to create VPC endpoints in order to run this script. You can find more information on the necessary IAM permissions in the AWS documentation.

read more
Amazon Web Services (AWS)

How Can I Create A Gateway Endpoints For Amazon S3 In the AWS Console

by Roy "rat" Tokeshi on

To create a gateway endpoint for Amazon S3 in the AWS Management Console, follow these steps:

  1. Sign in to the AWS Management Console and navigate to the VPC dashboard.
  2. In the navigation pane, choose Endpoints, and then choose Create Endpoint.
  3. In the Create Endpoint dialog box, choose the VPC in which you want to create the endpoint.
  4. Choose the Service category as Amazon S3, and then choose the S3 service.
  5. Choose the VPC subnets in which you want to create the endpoint. You can choose one or more subnets.
  6. Choose the security group you want to associate with the endpoint. You can use an existing security group or create a new one.
  7. Choose the type of endpoint you want to create. For a gateway endpoint, choose Gateway.
  8. Choose Create endpoint.
  9. Wait for the endpoint to be created and for its status to become available.

Once the endpoint is created and available, you can use it to access Amazon S3 resources from instances within your VPC without using the public internet. This can help improve security, performance, and reliability for your S3 access.

read more
Amazon Web Services (AWS)

How can I create a Gateway endpoints for Amazon S3 in CloudFormation

by Roy "rat" Tokeshi on

You can create a VPC endpoint for Amazon S3 in AWS CloudFormation using the AWS::EC2::VPCEndpoint resource type. Here’s an example of a CloudFormation template that creates a VPC endpoint for S3:

---
AWSTemplateFormatVersion: '2010-09-09'
Resources:
  S3VPCEndpoint:
    Type: AWS::EC2::VPCEndpoint
    Properties:
      VpcId: !Ref VPC
      ServiceName: com.amazonaws.us-west-2.s3
      RouteTableIds:
        - !Ref PublicRouteTable
      SubnetIds:
        - !Ref PublicSubnet1
        - !Ref PublicSubnet2
      SecurityGroupIds:
        - !Ref SecurityGroup
      PolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Action: '*'
            Effect: Allow
            Principal: '*'
            Resource: '*'
      VpcEndpointType: Interface

Parameters:
  VPC:
    Type: AWS::EC2::VPC::Id
  PublicRouteTable:
    Type: AWS::EC2::RouteTable::Id
  PublicSubnet1:
    Type: AWS::EC2::Subnet::Id
  PublicSubnet2:
    Type: AWS::EC2::Subnet::Id
  SecurityGroup:
    Type: AWS::EC2::SecurityGroup::Id

In this example, the AWS::EC2::VPCEndpoint resource creates the VPC endpoint for Amazon S3, using the specified VPC ID, subnet IDs, security group ID, and endpoint type. The RouteTableIds, SubnetIds, and SecurityGroupIds properties define the network resources to associate with the endpoint. The PolicyDocument property defines the permissions for the endpoint.

Note: You will need to have the necessary IAM permissions to create VPC endpoints and CloudFormation templates in order to use this CloudFormation template. You can find more information on the necessary IAM permissions in the AWS documentation.

read more
Amazon Web Services (AWS)

How do I create a CloudFormation template to enable local zones?

by Roy "rat" Tokeshi on

Here is an example of a CloudFormation template that enables a specific Local Zone in an AWS region:

AWSTemplateFormatVersion: '2010-09-09'
Resources:
     LocalZone:
          Type: AWS::EC2::AvailabilityZoneGroup
          Properties:
               GroupName: LocalZoneGroup
               SupportedPlatforms:
                    - add:
                         - "zone_name"

In this example, replace “zone_name” with the name of the Local Zone you want to enable. This CloudFormation template creates an availability zone group named “LocalZoneGroup” and adds the specified Local Zone to the group. Once this CloudFormation stack has been created, the specified Local Zone will be enabled for use in your AWS environment.

You can also modify this CloudFormation template to enable multiple Local Zones by adding additional elements to the SupportedPlatforms list. Use the AWS CLI or the AWS Management Console to manage and configure the Local Zones that have been enabled using this CloudFormation template.

read more
Amazon Web Services (AWS)

Write A Script To Enable All Active Directories For Amazon WorkSpaces

by Roy "rat" Tokeshi on

Here’s an example of a bash script that enables all active directories in an AWS account for use with Amazon WorkSpaces using the AWS CLI:

#!/bin/bash

# Set the AWS CLI region
aws configure set default.region us-west-2

# Get a list of all the active directories in the AWS account
active_directories=$(aws ds list-directories --query 'DirectoryDescriptions[].DirectoryId' --output text)

# Loop through the list of active directories
for directory in $active_directories; do
  # Enable the directory for use with Amazon WorkSpaces
  aws workspaces enable-workspace-directory --directory-id $directory

  # Confirm that the directory has been enabled
  enabled_directories=$(aws workspaces describe-workspace-directories --directory-ids $directory --query 'Directories[].DirectoryId' --output text)
  if [ $enabled_directories == $directory ]; then
    echo "Success: Directory $directory has been enabled for use with Amazon WorkSpaces."
  else
    echo "Error: Directory $directory could not be enabled for use with Amazon WorkSpaces."
  fi
done

In this example, the AWS CLI is used to retrieve a list of all the active directories in the AWS account, and the bash script loops through that list, enabling each directory for use with Amazon WorkSpaces. The script then confirms that each directory has been successfully enabled by checking the list of enabled directories. If a directory has been successfully enabled, the script will print a success message, and if not, it will print an error message.

This script enables all the active directories in the AWS account for use with Amazon WorkSpaces. You can modify this script to fit your specific needs, such as filtering the list of active directories based on certain criteria.

The register-workspace-directory command is used to register a directory in Amazon WorkSpaces, which enables you to use Amazon WorkSpaces with your existing directory.

Here’s an example of how you can use the register-workspace-directory command in the AWS CLI:

aws workspaces register-workspace-directory --directory-id d-1234567890 --subnet-ids subnet-1234567890 subnet-2345678901 --enable-work-docs true --enable-self-service true

In this example, d-1234567890 is the ID of the directory you want to register, subnet-1234567890 and subnet-2345678901 are the IDs of the subnets in which to launch Amazon WorkSpaces, --enable-work-docs true enables Amazon WorkDocs for the directory, and --enable-self-service true enables self-service capabilities for your users.

You can also specify other optional parameters when using the register-workspace-directory command, such as the default organizational unit (OU) for your WorkSpaces and the default security group for your WorkSpaces. You can find more information on these parameters and the register-workspace-directory command in the Amazon WorkSpaces documentation.

read more
Amazon Web Services (AWS)

Write a script to enable an Active Directory for Amazon WorkSpaces

by Roy "rat" Tokeshi on

Here’s an example of a bash script that enables a specific AWS Directory for use with Amazon Workspaces using the AWS CLI:

#!/bin/bash

# Set the AWS CLI region
aws configure set default.region us-west-2

# Specify the directory ID and the directory name
directory_id="d-1234567890"
directory_name="example-directory"

# Enable the directory for use with Amazon Workspaces
aws workspaces enable-workspace-directory --directory-id $directory_id

# Confirm that the directory has been enabled
enabled_directories=$(aws workspaces describe-workspace-directories --directory-ids $directory_id --query 'Directories[].DirectoryId' --output text)
if [ $enabled_directories == $directory_id ]; then
  echo "Success: $directory_name has been enabled for use with Amazon Workspaces."
else
  echo "Error: $directory_name could not be enabled for use with Amazon Workspaces."
fi

In this example, replace d-1234567890 with the actual ID of the directory you want to enable for use with Amazon Workspaces. This bash script uses the AWS CLI to enable the specified directory for use with Amazon Workspaces, and then confirms that the directory has been successfully enabled by checking the list of enabled directories. If the directory has been successfully enabled, the script will print a success message, and if not, it will print an error message.

read more
Amazon Web Services (AWS)

Write a script to list active directories in AWS

by Roy "rat" Tokeshi on

Here’s an example of a bash script that lists the active directories in an AWS account using the AWS CLI:

#!/bin/bash

# Set the AWS CLI region
aws configure set default.region us-west-2

# Get a list of all the active directories in the AWS account
active_directories=$(aws ds describe-directories --query 'DirectoryDescriptions[].Name' --output text)

# Loop through the list of active directories
for directory in $active_directories; do
  # Print the name of each active directory
  echo $directory
done

In this example, the AWS CLI is used to retrieve a list of all the active directories in the AWS account, and the bash script loops through that list, printing the name of each active directory. You can modify this script to fit your specific needs, such as filtering the list of active directories based on certain criteria.

read more
1 2 3 4 6
Page 2 of 6