Skip to content

Instantly share code, notes, and snippets.

@an00byss

an00byss/awscli-cheatsheet.md

Forked from davidmoremad/awscli-cheatsheet.md
Created April 16, 2021 20:52
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save an00byss/b5e796468c205fa91bd71ff3c4aa447d to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save an00byss/b5e796468c205fa91bd71ff3c4aa447d to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. @davidmoremad davidmoremad revised this gist Jun 4, 2019. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion awscli-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,4 +1,4 @@
    # AWS Cheatsheet
    # AWS-CLI Cheatsheet

    ## Table of content

  2. @davidmoremad davidmoremad renamed this gist Jun 3, 2019. 1 changed file with 0 additions and 0 deletions.
    0 aws-cheatsheet.md → awscli-cheatsheet.md
    View file
    File renamed without changes.
  3. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 4 additions and 4 deletions.
    8 changes: 4 additions & 4 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -3,7 +3,7 @@
    ## Table of content

    * [Installation](#installation)
    * EC2
    * [EC2](#ec2)
    * [UTIL: List all instances](#EC2-UTIL-List-all-instances)
    * [UTIL: List specific fields of all instances](#EC2-UTIL-List-specific-fields-of-all-instances)
    * [UTIL: List all instances of a product](#EC2-UTIL-List-all-instances-of-a-product)
    @@ -12,21 +12,21 @@
    * [UTIL: List all snapshots in the date specified](#EC2-UTIL-List-all-snapshots-in-the-date-specified)
    * [SEC: List all snapshots without encryption](#EC2-SEC-List-all-snapshots-without-encryption)
    * [SEC: List SecurityGroups with SSH open to Internet](#EC2-SEC-List-SecurityGroups-with-SSH-open-to-Internet)
    * IAM
    * [IAM](#iam)
    * [UTIL: List certificates](#IAM-UTIL-List-certificates)
    * [UTIL: List policies](#IAM-UTIL-List-policies)
    * [UTIL: List policies attached to a group](#IAM-UTIL-List-policies-attached-to-a-group)
    * [UTIL: List users of a group](#IAM-UTIL-List-users-of-a-group)
    * [UTIL: List groups of a user](#IAM-UTIL-List-groups-of-a-user)
    * [SEC: Access Keys Rotation](#IAM-SEC-Access-Keys-Rotation)
    * [SEC: User with MFA enabled ](#IAM-SEC-User-with-MFA-enabled)
    * S3
    * [S3](#s3)
    * [UTIL: List buckets](#S3-UTIL-List-buckets)
    * [UTIL: List bucket objects](#S3-UTIL-List-bucket-objects)
    * [SEC: Bucket with public READ access](#S3-SEC-Bucket-with-public-READ-access)
    * [SEC: Bucket with public WRITE access](#S3-SEC-Bucket-with-public-WRITE-access)
    * [SEC: Bucket with public FULL_CONTROL access](#S3-SEC-Bucket-with-public-FULL_CONTROL-access)
    * RDS
    * [RDS](#rds)
    * [UTIL: List databases](#RDS-UTIL-List-databases)
    * [SEC: List Databases without DeletionProtection enabled](#RDS-SEC-List-Databases-without-DeletionProtection-enabled)
    * [SEC: List Public Databases](#RDS-SEC-List-Public-Databases)
  4. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 2 additions and 0 deletions.
    2 changes: 2 additions & 0 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -35,6 +35,8 @@

    ## Installation

    Ref: https://docs.aws.amazon.com/es_es/cli/latest/userguide/cli-chap-welcome.html

    | Function | Command |
    |---------------------------|---------------------------------------|
    | Install awscli | `pip3 install awscli --upgrade --user` |
  5. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -202,5 +202,5 @@ aws rds describe-db-instances \
    #### RDS-SEC: List Public Databases
    ```
    aws rds describe-db-instances \
    --query 'DBInstances[?PubliclyAccessible==`true`].[DBInstanceIdentifier,Endpoint.Address]`'
    --query 'DBInstances[?PubliclyAccessible=="true"].[DBInstanceIdentifier,Endpoint.Address]'
    ```
  6. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 6 additions and 6 deletions.
    12 changes: 6 additions & 6 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,6 +1,6 @@
    # AWS Cheatsheet

    # Table of content
    ## Table of content

    * [Installation](#installation)
    * EC2
    @@ -33,7 +33,7 @@

    ---

    # Installation
    ## Installation

    | Function | Command |
    |---------------------------|---------------------------------------|
    @@ -42,7 +42,7 @@

    ---

    # EC2
    ## EC2

    #### EC2-UTIL: List all instances
    ```
    @@ -97,7 +97,7 @@ aws ec2 describe-security-groups \

    ---

    # IAM
    ## IAM

    #### IAM-UTIL: List certificates
    ```
    @@ -142,7 +142,7 @@ if [[ $(aws iam list-mfa-devices --user-name root --output text) ]]; then echo "

    ---

    # S3
    ## S3

    #### S3-UTIL: List buckets
    ```
    @@ -183,7 +183,7 @@ aws s3api list-buckets \

    ---

    # RDS
    ## RDS

    #### RDS-UTIL: List databases
    ```
  7. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 8 additions and 1 deletion.
    9 changes: 8 additions & 1 deletion aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -33,7 +33,7 @@

    ---

    #### Installation
    # Installation

    | Function | Command |
    |---------------------------|---------------------------------------|
    @@ -42,6 +42,8 @@

    ---

    # EC2

    #### EC2-UTIL: List all instances
    ```
    aws ec2 describe-instances
    @@ -95,6 +97,8 @@ aws ec2 describe-security-groups \

    ---

    # IAM

    #### IAM-UTIL: List certificates
    ```
    aws iam list-server-certificates
    @@ -138,6 +142,7 @@ if [[ $(aws iam list-mfa-devices --user-name root --output text) ]]; then echo "

    ---

    # S3

    #### S3-UTIL: List buckets
    ```
    @@ -178,6 +183,8 @@ aws s3api list-buckets \

    ---

    # RDS

    #### RDS-UTIL: List databases
    ```
    aws rds describe-db-instances \
  8. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 11 additions and 6 deletions.
    17 changes: 11 additions & 6 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,11 +1,8 @@
    # AWS CLI

    | Function | Command |
    |---------------------------|---------------------------------------|
    | Install awscli | `pip3 install awscli --upgrade --user` |
    | Configuring awscli | `aws configure` |
    # AWS Cheatsheet

    # Table of content

    * [Installation](#installation)
    * EC2
    * [UTIL: List all instances](#EC2-UTIL-List-all-instances)
    * [UTIL: List specific fields of all instances](#EC2-UTIL-List-specific-fields-of-all-instances)
    @@ -36,6 +33,14 @@

    ---

    #### Installation

    | Function | Command |
    |---------------------------|---------------------------------------|
    | Install awscli | `pip3 install awscli --upgrade --user` |
    | Configuring awscli | `aws configure` |

    ---

    #### EC2-UTIL: List all instances
    ```
  9. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 23 additions and 23 deletions.
    46 changes: 23 additions & 23 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -7,32 +7,32 @@


    * EC2
    * [UTIL: List all instances](#EC2-UTIL:-List-all-instances)
    * [UTIL: List specific fields of all instances](#EC2-UTIL:-List-specific-fields-of-all-instances)
    * [UTIL: List all instances of a product](#EC2-UTIL:-List-all-instances-of-a-product)
    * [UTIL: List all stopped instances](#EC2-UTIL:-List-all-stopped-instances)
    * [UTIL: List all stopped instances with ElasticIP](#EC2-UTIL:-List-all-stopped-instances-with-ElasticIP)
    * [UTIL: List all snapshots in the date specified](#EC2-UTIL:-List-all-snapshots-in-the-date-specified)
    * [SEC: List all snapshots without encryption](#EC2-SEC:-List-all-snapshots-without-encryption)
    * [SEC: List SecurityGroups with SSH open to Internet](#EC2-SEC:-List-SecurityGroups-with-SSH-open-to-Internet)
    * [UTIL: List all instances](#EC2-UTIL-List-all-instances)
    * [UTIL: List specific fields of all instances](#EC2-UTIL-List-specific-fields-of-all-instances)
    * [UTIL: List all instances of a product](#EC2-UTIL-List-all-instances-of-a-product)
    * [UTIL: List all stopped instances](#EC2-UTIL-List-all-stopped-instances)
    * [UTIL: List all stopped instances with ElasticIP](#EC2-UTIL-List-all-stopped-instances-with-ElasticIP)
    * [UTIL: List all snapshots in the date specified](#EC2-UTIL-List-all-snapshots-in-the-date-specified)
    * [SEC: List all snapshots without encryption](#EC2-SEC-List-all-snapshots-without-encryption)
    * [SEC: List SecurityGroups with SSH open to Internet](#EC2-SEC-List-SecurityGroups-with-SSH-open-to-Internet)
    * IAM
    * [UTIL: List certificates](#IAM-UTIL:-List-certificates)
    * [UTIL: List policies](#IAM-UTIL:-List-policies)
    * [UTIL: List policies attached to a group](#IAM-UTIL:-List-policies-attached-to-a-group)
    * [UTIL: List users of a group](#IAM-UTIL:-List-users-of-a-group)
    * [UTIL: List groups of a user](#IAM-UTIL:-List-groups-of-a-user)
    * [SEC: Access Keys Rotation](#IAM-SEC:-Access-Keys-Rotation)
    * [SEC: User with MFA enabled ](#IAM-SEC:-User-with-MFA-enabled)
    * [UTIL: List certificates](#IAM-UTIL-List-certificates)
    * [UTIL: List policies](#IAM-UTIL-List-policies)
    * [UTIL: List policies attached to a group](#IAM-UTIL-List-policies-attached-to-a-group)
    * [UTIL: List users of a group](#IAM-UTIL-List-users-of-a-group)
    * [UTIL: List groups of a user](#IAM-UTIL-List-groups-of-a-user)
    * [SEC: Access Keys Rotation](#IAM-SEC-Access-Keys-Rotation)
    * [SEC: User with MFA enabled ](#IAM-SEC-User-with-MFA-enabled)
    * S3
    * [UTIL: List buckets](#S3-UTIL:-List-buckets)
    * [UTIL: List bucket objects](#S3-UTIL:-List-bucket-objects)
    * [SEC: Bucket with public READ access](#S3-SEC:-Bucket-with-public-READ-access)
    * [SEC: Bucket with public WRITE access](#S3-SEC:-Bucket-with-public-WRITE-access)
    * [SEC: Bucket with public FULL_CONTROL access](#S3-SEC:-Bucket-with-public-FULL_CONTROL-access)
    * [UTIL: List buckets](#S3-UTIL-List-buckets)
    * [UTIL: List bucket objects](#S3-UTIL-List-bucket-objects)
    * [SEC: Bucket with public READ access](#S3-SEC-Bucket-with-public-READ-access)
    * [SEC: Bucket with public WRITE access](#S3-SEC-Bucket-with-public-WRITE-access)
    * [SEC: Bucket with public FULL_CONTROL access](#S3-SEC-Bucket-with-public-FULL_CONTROL-access)
    * RDS
    * [UTIL: List databases](#RDS-UTIL:-List-databases)
    * [SEC: List Databases without DeletionProtection enabled](#RDS-SEC:-List-Databases-without-DeletionProtection-enabled)
    * [SEC: List Public Databases](#RDS-SEC:-List-Public-Databases)
    * [UTIL: List databases](#RDS-UTIL-List-databases)
    * [SEC: List Databases without DeletionProtection enabled](#RDS-SEC-List-Databases-without-DeletionProtection-enabled)
    * [SEC: List Public Databases](#RDS-SEC-List-Public-Databases)

    ---

  10. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 23 additions and 23 deletions.
    46 changes: 23 additions & 23 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -7,32 +7,32 @@


    * EC2
    * EC2-UTIL: List all instances
    * EC2-UTIL: List specific fields of all instances
    * EC2-UTIL: List all instances of a product
    * EC2-UTIL: List all stopped instances
    * EC2-UTIL: List all stopped instances with ElasticIP
    * EC2-UTIL: List all snapshots in the date specified
    * EC2-SEC: List all snapshots without encryption
    * EC2-SEC: List SecurityGroups with SSH open to Internet
    * [UTIL: List all instances](#EC2-UTIL:-List-all-instances)
    * [UTIL: List specific fields of all instances](#EC2-UTIL:-List-specific-fields-of-all-instances)
    * [UTIL: List all instances of a product](#EC2-UTIL:-List-all-instances-of-a-product)
    * [UTIL: List all stopped instances](#EC2-UTIL:-List-all-stopped-instances)
    * [UTIL: List all stopped instances with ElasticIP](#EC2-UTIL:-List-all-stopped-instances-with-ElasticIP)
    * [UTIL: List all snapshots in the date specified](#EC2-UTIL:-List-all-snapshots-in-the-date-specified)
    * [SEC: List all snapshots without encryption](#EC2-SEC:-List-all-snapshots-without-encryption)
    * [SEC: List SecurityGroups with SSH open to Internet](#EC2-SEC:-List-SecurityGroups-with-SSH-open-to-Internet)
    * IAM
    * IAM-UTIL: List certificates
    * IAM-UTIL: List policies
    * IAM-UTIL: List policies attached to a group
    * IAM-UTIL: List users of a group
    * IAM-UTIL: List groups of a user
    * IAM-SEC: Access Keys Rotation
    * IAM-SEC: User with MFA enabled
    * [UTIL: List certificates](#IAM-UTIL:-List-certificates)
    * [UTIL: List policies](#IAM-UTIL:-List-policies)
    * [UTIL: List policies attached to a group](#IAM-UTIL:-List-policies-attached-to-a-group)
    * [UTIL: List users of a group](#IAM-UTIL:-List-users-of-a-group)
    * [UTIL: List groups of a user](#IAM-UTIL:-List-groups-of-a-user)
    * [SEC: Access Keys Rotation](#IAM-SEC:-Access-Keys-Rotation)
    * [SEC: User with MFA enabled ](#IAM-SEC:-User-with-MFA-enabled)
    * S3
    * S3-UTIL: List buckets
    * S3-UTIL: List bucket objects
    * S3-SEC: Bucket with public READ access
    * S3-SEC: Bucket with public WRITE access
    * S3-SEC: Bucket with public FULL_CONTROL access
    * [UTIL: List buckets](#S3-UTIL:-List-buckets)
    * [UTIL: List bucket objects](#S3-UTIL:-List-bucket-objects)
    * [SEC: Bucket with public READ access](#S3-SEC:-Bucket-with-public-READ-access)
    * [SEC: Bucket with public WRITE access](#S3-SEC:-Bucket-with-public-WRITE-access)
    * [SEC: Bucket with public FULL_CONTROL access](#S3-SEC:-Bucket-with-public-FULL_CONTROL-access)
    * RDS
    * RDS-UTIL: List databases
    * RDS-SEC: List Databases without DeletionProtection enabled
    * RDS-SEC: List Public Databases
    * [UTIL: List databases](#RDS-UTIL:-List-databases)
    * [SEC: List Databases without DeletionProtection enabled](#RDS-SEC:-List-Databases-without-DeletionProtection-enabled)
    * [SEC: List Public Databases](#RDS-SEC:-List-Public-Databases)

    ---

  11. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 27 additions and 0 deletions.
    27 changes: 27 additions & 0 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -6,6 +6,33 @@
    | Configuring awscli | `aws configure` |


    * EC2
    * EC2-UTIL: List all instances
    * EC2-UTIL: List specific fields of all instances
    * EC2-UTIL: List all instances of a product
    * EC2-UTIL: List all stopped instances
    * EC2-UTIL: List all stopped instances with ElasticIP
    * EC2-UTIL: List all snapshots in the date specified
    * EC2-SEC: List all snapshots without encryption
    * EC2-SEC: List SecurityGroups with SSH open to Internet
    * IAM
    * IAM-UTIL: List certificates
    * IAM-UTIL: List policies
    * IAM-UTIL: List policies attached to a group
    * IAM-UTIL: List users of a group
    * IAM-UTIL: List groups of a user
    * IAM-SEC: Access Keys Rotation
    * IAM-SEC: User with MFA enabled
    * S3
    * S3-UTIL: List buckets
    * S3-UTIL: List bucket objects
    * S3-SEC: Bucket with public READ access
    * S3-SEC: Bucket with public WRITE access
    * S3-SEC: Bucket with public FULL_CONTROL access
    * RDS
    * RDS-UTIL: List databases
    * RDS-SEC: List Databases without DeletionProtection enabled
    * RDS-SEC: List Public Databases

    ---

  12. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 68 additions and 54 deletions.
    122 changes: 68 additions & 54 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -6,63 +6,54 @@
    | Configuring awscli | `aws configure` |


    # EC2

    * [UTIL - List all instances](#UTIL---List-all-instances)
    * [UTIL - List specific fields of all instances](#UTIL---List-specific-fields-of-all-instances)
    * [UTIL - List all instances of a product](#UTIL---List-all-instances-of-a-product)
    * [UTIL - List all stopped instances](#UTIL---List-all-stopped-instances)
    * [UTIL - List all stopped instances with ElasticIP](#UTIL---List-all-stopped-instances-with-ElasticIP)
    * [UTIL - List all snapshots in the date specified](#UTIL---List-all-snapshots-in-the-date-specified)
    * [SEC - List all snapshots without encryption](#SEC---List-all-snapshots-without-encryption)
    * [SEC - List SecurityGroups with SSH open to Internet](#SEC---List-SecurityGroups-with-SSH-open-to-Internet)

    ---


    #### UTIL - List all instances
    #### EC2-UTIL: List all instances
    ```
    aws ec2 describe-instances
    ```

    #### UTIL - List specific fields of all instances
    #### EC2-UTIL: List specific fields of all instances
    ```
    aws ec2 describe-instances \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```

    #### UTIL - List all instances of a product
    #### EC2-UTIL: List all instances of a product
    ```
    aws ec2 describe-instances \
    --filter "Name=tag:Name,Values=latch*" \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```

    #### UTIL - List all stopped instances
    #### EC2-UTIL: List all stopped instances
    ```
    aws ec2 describe-instances \
    --filters Name=instance-state-name,Values=stopped
    ```

    #### UTIL - List all stopped instances with ElasticIP
    #### EC2-UTIL: List all stopped instances with ElasticIP
    ```
    aws ec2 describe-instances \
    --query "Reservations[*].Instances[*].PublicIpAddress" \
    --filters Name=instance-state-name,Values=stopped
    ```

    #### UTIL - List all snapshots in the date specified
    #### EC2-UTIL: List all snapshots in the date specified
    ```
    aws ec2 describe-snapshots \
    --filters Name=start-time,Values=2019-01-05*
    ```

    #### SEC - List all snapshots without encryption
    #### EC2-SEC: List all snapshots without encryption
    ```
    aws ec2 describe-snapshots \
    --filters "Name=encrypted,Values=false"
    ```

    #### SEC - List SecurityGroups with SSH open to Internet
    #### EC2-SEC: List SecurityGroups with SSH open to Internet
    ```
    aws ec2 describe-security-groups \
    --filters Name=ip-permission.from-port,Values=22 Name=ip-permission.to-port,Values=22 Name=ip-permission.cidr,Values='0.0.0.0/0' \
    @@ -72,82 +63,105 @@ aws ec2 describe-security-groups \

    ---


    # IAM

    * [UTIL - List certificates](#UTIL---List-certificates-)
    * [UTIL - List policies](#UTIL---List-policies-)
    * [UTIL - List policies attached to a group](#UTIL---List-policies-attached-to-a-group-)
    * [UTIL - List users of a group](#UTIL---List-users-of-a-group-)
    * [UTIL - List groups of a user](#UTIL---List-groups-of-a-user-)
    * [SEC - Access Keys Rotation](#SEC---Access-Keys-Rotation-)
    * [SEC - User with MFA enabled](#SEC---User-with-MFA-enabled-)

    #### UTIL - List certificates
    #### IAM-UTIL: List certificates
    ```
    aws iam list-server-certificates
    ```

    #### UTIL - List policies
    #### IAM-UTIL: List policies
    ```
    aws iam list-policies
    ```

    #### UTIL - List policies attached to a group
    #### IAM-UTIL: List policies attached to a group
    ```
    aws iam list-attached-group-policies \
    --group-name ec2-Users
    ```

    #### UTIL - List users of a group
    #### IAM-UTIL: List users of a group
    ```
    aws iam get-group \
    --group-name ec2-users \
    --query "Users[]"
    ```

    #### UTIL - List groups of a user
    #### IAM-UTIL: List groups of a user
    ```
    aws iam list-groups-for-user \
    --user-name aws-admin2
    ```

    #### SEC - Access Keys Rotation
    #### IAM-SEC: Access Keys Rotation
    ```
    aws iam list-access-keys \
    --user-name aws-admin2 \
    --query 'AccessKeyMetadata[?Status=="Active"].[CreateDate]'
    ```

    #### SEC - User with MFA enabled
    #### IAM-SEC: User with MFA enabled
    ```
    if [[ $(aws iam list-mfa-devices --user-name root --output text) ]]; then echo "MFA Enabled"; else echo "MFA Disabled";fi
    ```

    ---


    ## S3

    ## Util
    #### S3-UTIL: List buckets
    ```
    aws s3 ls
    ```

    | Function | Command |
    |---------------------------------------------------|---------------------------------------------------|
    | List all s3 buckets | `aws s3 ls` |
    #### S3-UTIL: List bucket objects
    ```
    aws s3api list-objects \
    --bucket pre-cdo-web-resources \
    --query 'Contents[].{Key: Key, Size: Size}' \
    --output text
    ```

    ## Security
    #### S3-SEC: Bucket with public READ access
    ```
    aws s3api list-buckets \
    --query 'Buckets[*].[Name]' \
    --output text \
    |xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`READ`]'"'"' --output text) ]]; then echo {} ; fi'
    ```

    #### S3-SEC: Bucket with public WRITE access
    ```
    aws s3api list-buckets \
    --query 'Buckets[*].[Name]' \
    --output text \
    |xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`WRITE`]'"'"' --output text) ]]; then echo {} ; fi'
    ```

    | Function | Command |
    |---------------------------------------------------|---------------------------------------------------|
    | Check for public READ s3 buckets | `aws s3api list-buckets --query 'Buckets[*].[Name]' --output text | xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`READ`]'"'"' --output text) ]]; then echo {} ; fi'` |
    | Check for public WRITE s3 buckets | `aws s3api list-buckets --query 'Buckets[*].[Name]' --output text | xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`WRITE`]'"'"' --output text) ]]; then echo {} ; fi'` |
    | Check for public FULL_CONTROL s3 buckets | `aws s3api list-buckets --query 'Buckets[*].[Name]' --output text | xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`READ`]'"'"' --output text) ]]; then echo {} ; fi'` |
    #### S3-SEC: Bucket with public FULL_CONTROL access
    ```
    aws s3api list-buckets \
    --query 'Buckets[*].[Name]' \
    --output text \
    | xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`READ`]'"'"' --output text) ]]; then echo {} ; fi'
    ```

    ---

    ## RDS
    #### RDS-UTIL: List databases
    ```
    aws rds describe-db-instances \
    --query 'DBInstances[].DBInstanceIdentifier'
    ```

    ## Security
    #### RDS-SEC: List Databases without DeletionProtection enabled
    ```
    aws rds describe-db-instances \
    --query 'DBInstances[*].[DBInstanceIdentifier]' \
    --output text \
    | xargs -I {} bash -c 'if [[ $(aws rds describe-db-instances --db-instance-identifier {} --query '"'"'DBInstances[*].DeletionProtection'"'"' --output text) == False ]]; then echo {} ; fi'
    ```

    | Function | Command |
    |---------------------------------------------------|---------------------------------------------------|
    | List Databases without DeletionProtection enabled | `aws rds describe-db-instances --query 'DBInstances[*].[DBInstanceIdentifier]' --output text | xargs -I {} bash -c 'if [[ $(aws rds describe-db-instances --db-instance-identifier {} --query '"'"'DBInstances[*].DeletionProtection'"'"' --output text) == False ]]; then echo {} ; fi'` |
    | List Public Databases | `aws rds describe-db-instances --query 'DBInstances[?PubliclyAccessible==`true`].[DBInstanceIdentifier,Endpoint.Address]`'`
    #### RDS-SEC: List Public Databases
    ```
    aws rds describe-db-instances \
    --query 'DBInstances[?PubliclyAccessible==`true`].[DBInstanceIdentifier,Endpoint.Address]`'
    ```
  13. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 11 additions and 10 deletions.
    21 changes: 11 additions & 10 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -75,13 +75,13 @@ aws ec2 describe-security-groups \

    # IAM

    * [UTIL - List certificates](#)
    * [UTIL - List policies](#)
    * [UTIL - List policies attached to a group](#)
    * [UTIL - List users of a group](#)
    * [UTIL - List groups of a user](#)
    * [SEC - Rotate Keys. Created date of an AccessKey](#)
    * [SEC - Check if user has MFA enabled](#)
    * [UTIL - List certificates](#UTIL---List-certificates-)
    * [UTIL - List policies](#UTIL---List-policies-)
    * [UTIL - List policies attached to a group](#UTIL---List-policies-attached-to-a-group-)
    * [UTIL - List users of a group](#UTIL---List-users-of-a-group-)
    * [UTIL - List groups of a user](#UTIL---List-groups-of-a-user-)
    * [SEC - Access Keys Rotation](#SEC---Access-Keys-Rotation-)
    * [SEC - User with MFA enabled](#SEC---User-with-MFA-enabled-)

    #### UTIL - List certificates
    ```
    @@ -108,17 +108,18 @@ aws iam get-group \

    #### UTIL - List groups of a user
    ```
    aws iam list-groups-for-user --user-name aws-admin2
    aws iam list-groups-for-user \
    --user-name aws-admin2
    ```

    #### SEC - Rotate Keys. Created date of an AccessKey
    #### SEC - Access Keys Rotation
    ```
    aws iam list-access-keys \
    --user-name aws-admin2 \
    --query 'AccessKeyMetadata[?Status=="Active"].[CreateDate]'
    ```

    #### SEC - Check if user has MFA enabled
    #### SEC - User with MFA enabled
    ```
    if [[ $(aws iam list-mfa-devices --user-name root --output text) ]]; then echo "MFA Enabled"; else echo "MFA Disabled";fi
    ```
  14. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 7 additions and 4 deletions.
    11 changes: 7 additions & 4 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -79,7 +79,7 @@ aws ec2 describe-security-groups \
    * [UTIL - List policies](#)
    * [UTIL - List policies attached to a group](#)
    * [UTIL - List users of a group](#)
    * [UTIL - List groups for a given user](#)
    * [UTIL - List groups of a user](#)
    * [SEC - Rotate Keys. Created date of an AccessKey](#)
    * [SEC - Check if user has MFA enabled](#)

    @@ -95,7 +95,8 @@ aws iam list-policies

    #### UTIL - List policies attached to a group
    ```
    aws iam list-attached-group-policies --group-name ec2-Users
    aws iam list-attached-group-policies \
    --group-name ec2-Users
    ```

    #### UTIL - List users of a group
    @@ -105,14 +106,16 @@ aws iam get-group \
    --query "Users[]"
    ```

    #### UTIL - List groups for a given user
    #### UTIL - List groups of a user
    ```
    aws iam list-groups-for-user --user-name aws-admin2
    ```

    #### SEC - Rotate Keys. Created date of an AccessKey
    ```
    aws iam list-access-keys --user-name aws-admin2 --query 'AccessKeyMetadata[?Status==```Active```].[CreateDate]' --output text
    aws iam list-access-keys \
    --user-name aws-admin2 \
    --query 'AccessKeyMetadata[?Status=="Active"].[CreateDate]'
    ```

    #### SEC - Check if user has MFA enabled
  15. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 59 additions and 28 deletions.
    87 changes: 59 additions & 28 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -8,49 +8,49 @@

    # EC2

    * [UTILS - List all instances](#UTILS---List-all-instances)
    * [UTILS - List specific fields of all instances](#UTILS---List-specific-fields-of-all-instances)
    * [UTILS - List all instances of a product](#UTILS---List-all-instances-of-a-product)
    * [UTILS - List all stopped instances](#UTILS---List-all-stopped-instances)
    * [UTILS - List all stopped instances with ElasticIP](#UTILS---List-all-stopped-instances-with-ElasticIP)
    * [UTILS - List all snapshots in the date specified](#UTILS---List-all-snapshots-in-the-date-specified)
    * [UTIL - List all instances](#UTIL---List-all-instances)
    * [UTIL - List specific fields of all instances](#UTIL---List-specific-fields-of-all-instances)
    * [UTIL - List all instances of a product](#UTIL---List-all-instances-of-a-product)
    * [UTIL - List all stopped instances](#UTIL---List-all-stopped-instances)
    * [UTIL - List all stopped instances with ElasticIP](#UTIL---List-all-stopped-instances-with-ElasticIP)
    * [UTIL - List all snapshots in the date specified](#UTIL---List-all-snapshots-in-the-date-specified)
    * [SEC - List all snapshots without encryption](#SEC---List-all-snapshots-without-encryption)
    * [SEC - List SecurityGroups with SSH open to Internet](#SEC---List-SecurityGroups-with-SSH-open-to-Internet)



    #### UTILS - List all instances
    #### UTIL - List all instances
    ```
    aws ec2 describe-instances \
    aws ec2 describe-instances
    ```

    #### UTILS - List specific fields of all instances
    #### UTIL - List specific fields of all instances
    ```
    aws ec2 describe-instances \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```

    #### UTILS - List all instances of a product
    #### UTIL - List all instances of a product
    ```
    aws ec2 describe-instances \
    --filter "Name=tag:Name,Values=latch*" \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```

    #### UTILS - List all stopped instances
    #### UTIL - List all stopped instances
    ```
    aws ec2 describe-instances \
    --filters Name=instance-state-name,Values=stopped
    ```

    #### UTILS - List all stopped instances with ElasticIP
    #### UTIL - List all stopped instances with ElasticIP
    ```
    aws ec2 describe-instances \
    --query "Reservations[*].Instances[*].PublicIpAddress" \
    --filters Name=instance-state-name,Values=stopped
    ```

    #### UTILS - List all snapshots in the date specified
    #### UTIL - List all snapshots in the date specified
    ```
    aws ec2 describe-snapshots \
    --filters Name=start-time,Values=2019-01-05*
    @@ -75,25 +75,56 @@ aws ec2 describe-security-groups \

    # IAM

    ## Utils
    * [UTIL - List certificates](#)
    * [UTIL - List policies](#)
    * [UTIL - List policies attached to a group](#)
    * [UTIL - List users of a group](#)
    * [UTIL - List groups for a given user](#)
    * [SEC - Rotate Keys. Created date of an AccessKey](#)
    * [SEC - Check if user has MFA enabled](#)

    #### UTIL - List certificates
    ```
    aws iam list-server-certificates
    ```

    #### UTIL - List policies
    ```
    aws iam list-policies
    ```

    #### UTIL - List policies attached to a group
    ```
    aws iam list-attached-group-policies --group-name ec2-Users
    ```

    #### UTIL - List users of a group
    ```
    aws iam get-group \
    --group-name ec2-users \
    --query "Users[]"
    ```

    #### UTIL - List groups for a given user
    ```
    aws iam list-groups-for-user --user-name aws-admin2
    ```

    #### SEC - Rotate Keys. Created date of an AccessKey
    ```
    aws iam list-access-keys --user-name aws-admin2 --query 'AccessKeyMetadata[?Status==```Active```].[CreateDate]' --output text
    ```

    #### SEC - Check if user has MFA enabled
    ```
    if [[ $(aws iam list-mfa-devices --user-name root --output text) ]]; then echo "MFA Enabled"; else echo "MFA Disabled";fi
    ```


    | Function | Command |
    |---------------------------------------------------|---------------------------------------------------|
    | List all server certificates | `aws iam list-server-certificates` |
    | List all policies | `aws iam list-policies` |
    | List all groups | `aws iam list-groups` |
    | List all policies for a given group | `aws iam list-attached-group-policies --group-name ec2-Users` |
    | Get users for a specified for a given group | `aws iam get-group --group-name ec2-users` |
    | List groups for a given user | `aws iam list-groups-for-user --user-name aws-admin2` |
    ## Security

    | Function | Command |
    |---------------------------------------------------|---------------------------------------------------|
    | Rotate Keys. Created date of an AccessKey | `aws iam list-access-keys --user-name aws-admin2 --query 'AccessKeyMetadata[?Status==`Active`].[CreateDate]' --output text` |
    | Check if user has MFA enabled | if [[ $(aws iam list-mfa-devices --user-name root --output text) ]]; then echo "MFA Enabled"; else echo "MFA Disabled";fi |
    ## S3

    ## Utils
    ## Util

    | Function | Command |
    |---------------------------------------------------|---------------------------------------------------|
  16. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 7 additions and 7 deletions.
    14 changes: 7 additions & 7 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -27,33 +27,33 @@ aws ec2 describe-instances \
    #### UTILS - List specific fields of all instances
    ```
    aws ec2 describe-instances \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```

    #### UTILS - List all instances of a product
    ```
    aws ec2 describe-instances \
    --filter "Name=tag:Name,Values=latch*" \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    --filter "Name=tag:Name,Values=latch*" \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```

    #### UTILS - List all stopped instances
    ```
    aws ec2 describe-instances \
    --filters Name=instance-state-name,Values=stopped
    --filters Name=instance-state-name,Values=stopped
    ```

    #### UTILS - List all stopped instances with ElasticIP
    ```
    aws ec2 describe-instances \
    --query "Reservations[*].Instances[*].PublicIpAddress" \
    --filters Name=instance-state-name,Values=stopped
    --query "Reservations[*].Instances[*].PublicIpAddress" \
    --filters Name=instance-state-name,Values=stopped
    ```

    #### UTILS - List all snapshots in the date specified
    ```
    aws ec2 describe-snapshots \
    --filters Name=start-time,Values=2019-01-05*
    --filters Name=start-time,Values=2019-01-05*
    ```

    #### SEC - List all snapshots without encryption
  17. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 0 additions and 11 deletions.
    11 changes: 0 additions & 11 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -25,55 +25,44 @@ aws ec2 describe-instances \
    ```

    #### UTILS - List specific fields of all instances

    ```
    aws ec2 describe-instances \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```


    #### UTILS - List all instances of a product

    ```
    aws ec2 describe-instances \
    --filter "Name=tag:Name,Values=latch*" \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```


    #### UTILS - List all stopped instances

    ```
    aws ec2 describe-instances \
    --filters Name=instance-state-name,Values=stopped
    ```


    #### UTILS - List all stopped instances with ElasticIP

    ```
    aws ec2 describe-instances \
    --query "Reservations[*].Instances[*].PublicIpAddress" \
    --filters Name=instance-state-name,Values=stopped
    ```


    #### UTILS - List all snapshots in the date specified

    ```
    aws ec2 describe-snapshots \
    --filters Name=start-time,Values=2019-01-05*
    ```

    #### SEC - List all snapshots without encryption

    ```
    aws ec2 describe-snapshots \
    --filters "Name=encrypted,Values=false"
    ```

    #### SEC - List SecurityGroups with SSH open to Internet

    ```
    aws ec2 describe-security-groups \
    --filters Name=ip-permission.from-port,Values=22 Name=ip-permission.to-port,Values=22 Name=ip-permission.cidr,Values='0.0.0.0/0' \
  18. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 0 additions and 1 deletion.
    1 change: 0 additions & 1 deletion aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -20,7 +20,6 @@


    #### UTILS - List all instances

    ```
    aws ec2 describe-instances \
    ```
  19. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 5 additions and 4 deletions.
    9 changes: 5 additions & 4 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -8,14 +8,15 @@

    # EC2

    * [UTILS - List all instances](#utils---list-all-instances)
    * [UTILS - List all instances](#UTILS---List-all-instances)
    * [UTILS - List specific fields of all instances](#UTILS---List-specific-fields-of-all-instances)
    * [UTILS - List all instances of a product](#UTILS---List-all-instances-filtered-by-product)
    * [UTILS - List all instances of a product](#UTILS---List-all-instances-of-a-product)
    * [UTILS - List all stopped instances](#UTILS---List-all-stopped-instances)
    * [UTILS - List all stopped instances with ElasticIP](#UTILS---List-all-stopped-instances-with-ElasticIP)
    * [UTILS - List all snapshots in the date specified](#UTILS---List-all-snapshots-in-the-date-specified)
    * [SEC - List all snapshots without encryption](#SEC---List-all-snapshots-without-encryption-in-a-date)
    * [SEC - List SecurityGroups with SSH open to Internet](#SEC---List-SecurityGroups-with-SSH-(22)-open-to-Internet)
    * [SEC - List all snapshots without encryption](#SEC---List-all-snapshots-without-encryption)
    * [SEC - List SecurityGroups with SSH open to Internet](#SEC---List-SecurityGroups-with-SSH-open-to-Internet)



    #### UTILS - List all instances
  20. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 4 additions and 4 deletions.
    8 changes: 4 additions & 4 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -65,17 +65,14 @@ aws ec2 describe-snapshots \
    --filters Name=start-time,Values=2019-01-05*
    ```


    ## Security

    #### SEC - List all snapshots without encryption

    ```
    aws ec2 describe-snapshots \
    --filters "Name=encrypted,Values=false"
    ```

    #### SEC - List SecurityGroups with SSH (22) open to Internet
    #### SEC - List SecurityGroups with SSH open to Internet

    ```
    aws ec2 describe-security-groups \
    @@ -84,6 +81,9 @@ aws ec2 describe-security-groups \
    --output table
    ```

    ---


    # IAM

    ## Utils
  21. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 10 additions and 9 deletions.
    19 changes: 10 additions & 9 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -5,16 +5,17 @@
    | Install awscli | `pip3 install awscli --upgrade --user` |
    | Configuring awscli | `aws configure` |


    # EC2

    * [UTILS - List all instances](#utils---list-all-instances)
    * [UTILS - List specific fields of all instances](#UTILS---List-specific-fields-of-all-instances)
    * [UTILS - List all instances filtered by product (i.e. Latch)](#UTILS---List-all-instances-filtered-by-product-(i.e.-Latch))
    * [UTILS - List all instances of a product](#UTILS---List-all-instances-filtered-by-product)
    * [UTILS - List all stopped instances](#UTILS---List-all-stopped-instances)
    * [UTILS - List all stopped instances with ElasticIP](#UTILS---List-all-stopped-instances-with-ElasticIP)
    * [UTILS - List all snapshots in the date specified](#UTILS---List-all-snapshots-in-the-date-specified)
    * [SEC - List all snapshots without encryption in a date](#SEC---List-all-snapshots-without-encryption-in-a-date)
    * [SEC - List SecurityGroups with SSH (22) open to Internet](#SEC---List-SecurityGroups-with-SSH-(22)-open-to-Internet)
    * [SEC - List all snapshots without encryption](#SEC---List-all-snapshots-without-encryption-in-a-date)
    * [SEC - List SecurityGroups with SSH open to Internet](#SEC---List-SecurityGroups-with-SSH-(22)-open-to-Internet)


    #### UTILS - List all instances
    @@ -31,7 +32,7 @@ aws ec2 describe-instances \
    ```


    #### UTILS - List all instances filtered by product (i.e. Latch)
    #### UTILS - List all instances of a product

    ```
    aws ec2 describe-instances \
    @@ -67,20 +68,20 @@ aws ec2 describe-snapshots \

    ## Security

    #### SEC - List all snapshots without encryption in a date
    #### SEC - List all snapshots without encryption

    ```
    aws ec2 describe-snapshots \
    --filters Name=encrypted,Values=false Name=start-time,Values=2019-01-05*
    --filters "Name=encrypted,Values=false"
    ```

    #### SEC - List SecurityGroups with SSH (22) open to Internet

    ```
    aws ec2 describe-security-groups \
    --filters Name=ip-permission.from-port,Values=22 Name=ip-permission.to-port,Values=22 Name=ip-permission.cidr,Values='0.0.0.0/0' \
    --query 'SecurityGroups[*].{Name:GroupName}' \
    --output table
    --filters Name=ip-permission.from-port,Values=22 Name=ip-permission.to-port,Values=22 Name=ip-permission.cidr,Values='0.0.0.0/0' \
    --query 'SecurityGroups[*].{Name:GroupName}' \
    --output table
    ```

    # IAM
  22. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 2 additions and 2 deletions.
    4 changes: 2 additions & 2 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -13,8 +13,8 @@
    * [UTILS - List all stopped instances](#UTILS---List-all-stopped-instances)
    * [UTILS - List all stopped instances with ElasticIP](#UTILS---List-all-stopped-instances-with-ElasticIP)
    * [UTILS - List all snapshots in the date specified](#UTILS---List-all-snapshots-in-the-date-specified)
    * [USEC - List all snapshots without encryption in a date](#USEC---List-all-snapshots-without-encryption-in-a-date)
    * [USEC - List SecurityGroups with SSH (22) open to Internet](#USEC---List-SecurityGroups-with-SSH-(22)-open-to-Internet)
    * [SEC - List all snapshots without encryption in a date](#SEC---List-all-snapshots-without-encryption-in-a-date)
    * [SEC - List SecurityGroups with SSH (22) open to Internet](#SEC---List-SecurityGroups-with-SSH-(22)-open-to-Internet)


    #### UTILS - List all instances
  23. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 11 additions and 11 deletions.
    22 changes: 11 additions & 11 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -8,34 +8,34 @@
    # EC2

    * [UTILS - List all instances](#utils---list-all-instances)
    * UTILS - List all instances of a product (Latch)
    * UTILS - List all instances (ID, PublicIp & Name)
    * UTILS - List all stopped instances
    * UTILS - List all stopped instances with ElasticIP
    * UTILS - List all snapshots in the date specified
    * SEC - List all snapshots without encryption in a date
    * SEC - List SecurityGroups with SSH (22) open to Internet
    * [UTILS - List specific fields of all instances](#UTILS---List-specific-fields-of-all-instances)
    * [UTILS - List all instances filtered by product (i.e. Latch)](#UTILS---List-all-instances-filtered-by-product-(i.e.-Latch))
    * [UTILS - List all stopped instances](#UTILS---List-all-stopped-instances)
    * [UTILS - List all stopped instances with ElasticIP](#UTILS---List-all-stopped-instances-with-ElasticIP)
    * [UTILS - List all snapshots in the date specified](#UTILS---List-all-snapshots-in-the-date-specified)
    * [USEC - List all snapshots without encryption in a date](#USEC---List-all-snapshots-without-encryption-in-a-date)
    * [USEC - List SecurityGroups with SSH (22) open to Internet](#USEC---List-SecurityGroups-with-SSH-(22)-open-to-Internet)


    #### UTILS - List all instances

    ```
    aws ec2 describe-instances \
    ```


    #### UTILS - List all instances of a product (Latch)
    #### UTILS - List specific fields of all instances

    ```
    aws ec2 describe-instances \
    --filter "Name=tag:Name,Values=latch*" \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```


    #### UTILS - List all instances (ID, PublicIp & Name)
    #### UTILS - List all instances filtered by product (i.e. Latch)

    ```
    aws ec2 describe-instances \
    --filter "Name=tag:Name,Values=latch*" \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```

  24. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -7,7 +7,7 @@

    # EC2

    * [UTILS - List all instances](#UTILS - List all instances)
    * [UTILS - List all instances](#utils---list-all-instances)
    * UTILS - List all instances of a product (Latch)
    * UTILS - List all instances (ID, PublicIp & Name)
    * UTILS - List all stopped instances
  25. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -7,7 +7,7 @@

    # EC2

    * UTILS - List all instances
    * [UTILS - List all instances](#UTILS - List all instances)
    * UTILS - List all instances of a product (Latch)
    * UTILS - List all instances (ID, PublicIp & Name)
    * UTILS - List all stopped instances
  26. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 8 additions and 8 deletions.
    16 changes: 8 additions & 8 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -16,14 +16,14 @@
    * SEC - List all snapshots without encryption in a date
    * SEC - List SecurityGroups with SSH (22) open to Internet

    ### UTILS - List all instances
    #### UTILS - List all instances

    ```
    aws ec2 describe-instances \
    ```


    ### UTILS - List all instances of a product (Latch)
    #### UTILS - List all instances of a product (Latch)

    ```
    aws ec2 describe-instances \
    @@ -32,23 +32,23 @@ aws ec2 describe-instances \
    ```


    ### UTILS - List all instances (ID, PublicIp & Name)
    #### UTILS - List all instances (ID, PublicIp & Name)

    ```
    aws ec2 describe-instances \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```


    ### UTILS - List all stopped instances
    #### UTILS - List all stopped instances

    ```
    aws ec2 describe-instances \
    --filters Name=instance-state-name,Values=stopped
    ```


    ### UTILS - List all stopped instances with ElasticIP
    #### UTILS - List all stopped instances with ElasticIP

    ```
    aws ec2 describe-instances \
    @@ -57,7 +57,7 @@ aws ec2 describe-instances \
    ```


    ### UTILS - List all snapshots in the date specified
    #### UTILS - List all snapshots in the date specified

    ```
    aws ec2 describe-snapshots \
    @@ -67,14 +67,14 @@ aws ec2 describe-snapshots \

    ## Security

    ### SEC - List all snapshots without encryption in a date
    #### SEC - List all snapshots without encryption in a date

    ```
    aws ec2 describe-snapshots \
    --filters Name=encrypted,Values=false Name=start-time,Values=2019-01-05*
    ```

    ### SEC - List SecurityGroups with SSH (22) open to Internet
    #### SEC - List SecurityGroups with SSH (22) open to Internet

    ```
    aws ec2 describe-security-groups \
  27. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 8 additions and 8 deletions.
    16 changes: 8 additions & 8 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -16,14 +16,14 @@
    * SEC - List all snapshots without encryption in a date
    * SEC - List SecurityGroups with SSH (22) open to Internet

    ###UTILS - List all instances
    ### UTILS - List all instances

    ```
    aws ec2 describe-instances \
    ```


    ###UTILS - List all instances of a product (Latch)
    ### UTILS - List all instances of a product (Latch)

    ```
    aws ec2 describe-instances \
    @@ -32,23 +32,23 @@ aws ec2 describe-instances \
    ```


    ###UTILS - List all instances (ID, PublicIp & Name)
    ### UTILS - List all instances (ID, PublicIp & Name)

    ```
    aws ec2 describe-instances \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```


    ###UTILS - List all stopped instances
    ### UTILS - List all stopped instances

    ```
    aws ec2 describe-instances \
    --filters Name=instance-state-name,Values=stopped
    ```


    ###UTILS - List all stopped instances with ElasticIP
    ### UTILS - List all stopped instances with ElasticIP

    ```
    aws ec2 describe-instances \
    @@ -57,7 +57,7 @@ aws ec2 describe-instances \
    ```


    ###UTILS - List all snapshots in the date specified
    ### UTILS - List all snapshots in the date specified

    ```
    aws ec2 describe-snapshots \
    @@ -67,14 +67,14 @@ aws ec2 describe-snapshots \

    ## Security

    ###SEC - List all snapshots without encryption in a date
    ### SEC - List all snapshots without encryption in a date

    ```
    aws ec2 describe-snapshots \
    --filters Name=encrypted,Values=false Name=start-time,Values=2019-01-05*
    ```

    ###SEC - List SecurityGroups with SSH (22) open to Internet
    ### SEC - List SecurityGroups with SSH (22) open to Internet

    ```
    aws ec2 describe-security-groups \
  28. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 8 additions and 8 deletions.
    16 changes: 8 additions & 8 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -16,14 +16,14 @@
    * SEC - List all snapshots without encryption in a date
    * SEC - List SecurityGroups with SSH (22) open to Internet

    ### UTILS - List all instances
    ###UTILS - List all instances

    ```
    aws ec2 describe-instances \
    ```


    ### UTILS - List all instances of a product (Latch)
    ###UTILS - List all instances of a product (Latch)

    ```
    aws ec2 describe-instances \
    @@ -32,23 +32,23 @@ aws ec2 describe-instances \
    ```


    ### UTILS - List all instances (ID, PublicIp & Name)
    ###UTILS - List all instances (ID, PublicIp & Name)

    ```
    aws ec2 describe-instances \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```


    ### UTILS - List all stopped instances
    ###UTILS - List all stopped instances

    ```
    aws ec2 describe-instances \
    --filters Name=instance-state-name,Values=stopped
    ```


    ### UTILS - List all stopped instances with ElasticIP
    ###UTILS - List all stopped instances with ElasticIP

    ```
    aws ec2 describe-instances \
    @@ -57,7 +57,7 @@ aws ec2 describe-instances \
    ```


    ### UTILS - List all snapshots in the date specified
    ###UTILS - List all snapshots in the date specified

    ```
    aws ec2 describe-snapshots \
    @@ -67,14 +67,14 @@ aws ec2 describe-snapshots \

    ## Security

    ### SEC - List all snapshots without encryption in a date
    ###SEC - List all snapshots without encryption in a date

    ```
    aws ec2 describe-snapshots \
    --filters Name=encrypted,Values=false Name=start-time,Values=2019-01-05*
    ```

    ### SEC - List SecurityGroups with SSH (22) open to Internet
    ###SEC - List SecurityGroups with SSH (22) open to Internet

    ```
    aws ec2 describe-security-groups \
  29. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 8 additions and 8 deletions.
    16 changes: 8 additions & 8 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -16,14 +16,14 @@
    * SEC - List all snapshots without encryption in a date
    * SEC - List SecurityGroups with SSH (22) open to Internet

    #### UTILS - List all instances
    ### UTILS - List all instances

    ```
    aws ec2 describe-instances \
    ```


    #### UTILS - List all instances of a product (Latch)
    ### UTILS - List all instances of a product (Latch)

    ```
    aws ec2 describe-instances \
    @@ -32,23 +32,23 @@ aws ec2 describe-instances \
    ```


    #### UTILS - List all instances (ID, PublicIp & Name)
    ### UTILS - List all instances (ID, PublicIp & Name)

    ```
    aws ec2 describe-instances \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```


    #### UTILS - List all stopped instances
    ### UTILS - List all stopped instances

    ```
    aws ec2 describe-instances \
    --filters Name=instance-state-name,Values=stopped
    ```


    #### UTILS - List all stopped instances with ElasticIP
    ### UTILS - List all stopped instances with ElasticIP

    ```
    aws ec2 describe-instances \
    @@ -57,7 +57,7 @@ aws ec2 describe-instances \
    ```


    #### UTILS - List all snapshots in the date specified
    ### UTILS - List all snapshots in the date specified

    ```
    aws ec2 describe-snapshots \
    @@ -67,14 +67,14 @@ aws ec2 describe-snapshots \

    ## Security

    #### SEC - List all snapshots without encryption in a date
    ### SEC - List all snapshots without encryption in a date

    ```
    aws ec2 describe-snapshots \
    --filters Name=encrypted,Values=false Name=start-time,Values=2019-01-05*
    ```

    #### SEC - List SecurityGroups with SSH (22) open to Internet
    ### SEC - List SecurityGroups with SSH (22) open to Internet

    ```
    aws ec2 describe-security-groups \
  30. @davidmoremad davidmoremad revised this gist Jun 3, 2019. 1 changed file with 8 additions and 0 deletions.
    8 changes: 8 additions & 0 deletions aws-cheatsheet.md
    View file
    Original file line number Diff line number Diff line change
    @@ -17,12 +17,14 @@
    * SEC - List SecurityGroups with SSH (22) open to Internet

    #### UTILS - List all instances

    ```
    aws ec2 describe-instances \
    ```


    #### UTILS - List all instances of a product (Latch)

    ```
    aws ec2 describe-instances \
    --filter "Name=tag:Name,Values=latch*" \
    @@ -31,20 +33,23 @@ aws ec2 describe-instances \


    #### UTILS - List all instances (ID, PublicIp & Name)

    ```
    aws ec2 describe-instances \
    --query "Reservations[].Instances[].[InstanceId, PublicIpAddress, Tags[?Key=='Name']|[0].Value]"
    ```


    #### UTILS - List all stopped instances

    ```
    aws ec2 describe-instances \
    --filters Name=instance-state-name,Values=stopped
    ```


    #### UTILS - List all stopped instances with ElasticIP

    ```
    aws ec2 describe-instances \
    --query "Reservations[*].Instances[*].PublicIpAddress" \
    @@ -53,6 +58,7 @@ aws ec2 describe-instances \


    #### UTILS - List all snapshots in the date specified

    ```
    aws ec2 describe-snapshots \
    --filters Name=start-time,Values=2019-01-05*
    @@ -62,12 +68,14 @@ aws ec2 describe-snapshots \
    ## Security

    #### SEC - List all snapshots without encryption in a date

    ```
    aws ec2 describe-snapshots \
    --filters Name=encrypted,Values=false Name=start-time,Values=2019-01-05*
    ```

    #### SEC - List SecurityGroups with SSH (22) open to Internet

    ```
    aws ec2 describe-security-groups \
    --filters Name=ip-permission.from-port,Values=22 Name=ip-permission.to-port,Values=22 Name=ip-permission.cidr,Values='0.0.0.0/0' \