pol · April 12, 2019 16:31 · Oct 22, 2018 · Sep 2, 2018 · Feb 16, 2018 · Feb 1, 2018
diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -478,10 +478,11 @@ aws ec2 describe-instance-status
 aws ec2 describe-instance-status \
     --instance-ids <instance_id>
 
-# list instance IP addresses
+# list all running instance, Name tag and Public IP Address
 aws ec2 describe-instances \
-  --query "Reservations[*].Instances[*].PublicIpAddress" \
-  --output=text
+  --filters Name=instance-state-name,Values=running \
+  --query 'Reservations[].Instances[].[PublicIpAddress, Tags[?Key==`Name`].Value | [0] ]' \
+  --output text | sort -k2
 ```
 
 

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -439,6 +439,9 @@ aws ec2 describe-images --filter "Name=is-public,Values=false" \
     --query 'Images[].[ImageId, Name]' \
     --output text | sort -k2
 
+# delete an AMI, by ImageId
+aws ec2 deregister-image --image-id ami-00000000
+
 ```
 
 

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -309,6 +309,40 @@ aws iam delete-group \
 
 
 
+## S3
+
+https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html#cli-aws-s3api
+
+```shell
+# list existing S3 buckets
+aws s3 ls
+
+# create a bucket name, using the current date timestamp
+bucket_name=test_$(date "+%Y-%m-%d_%H-%M-%S")
+echo $bucket_name
+
+# create a public facing bucket
+aws s3api create-bucket --acl "public-read-write" --bucket $bucket_name
+
+# verify bucket was created
+aws s3 ls | grep $bucket_name
+
+# check for public facing s3 buckets (should show the bucket name you created)
+
+aws s3api list-buckets --query 'Buckets[*].[Name]' --output text | xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`READ`]'"'"' --output text) ]]; then echo {} ; fi'
+
+# check for public facing s3 buckets, updated them to be private
+
+aws s3api list-buckets --query 'Buckets[*].[Name]' --output text | xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`READ`]'"'"' --output text) ]]; then aws s3api put-bucket-acl --acl "private" --bucket {} ; fi'
+
+# check for public facing s3 buckets (should be empty)
+
+aws s3api list-buckets --query 'Buckets[*].[Name]' --output text | xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`READ`]'"'"' --output text) ]]; then echo {} ; fi'
+```
+
+
+
+
 
 ## EC2
 

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -324,10 +324,10 @@ aws ec2 describe-key-pairs
 # create a keypair
 # http://docs.aws.amazon.com/cli/latest/reference/ec2/create-key-pair.html
 aws ec2 create-key-pair \
-    --key-name <value>
+    --key-name <value> --output text
 
-# create a new private / public keypair, using RSA 2048-bit
-ssh-keygen -t rsa -b 2048
+# create a new local private / public keypair, using RSA 4096-bit
+ssh-keygen -t rsa -b 4096
 
 # import an existing keypair
 # http://docs.aws.amazon.com/cli/latest/reference/ec2/import-key-pair.html

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -394,6 +394,20 @@ aws ec2 delete-security-group \
 
 
 
+
+## Images
+
+https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-images.html
+
+```shell
+# list all private AMI's, ImageId and Name tags
+aws ec2 describe-images --filter "Name=is-public,Values=false" \
+    --query 'Images[].[ImageId, Name]' \
+    --output text | sort -k2
+
+```
+
+
 ## Instances
 
 http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -426,6 +426,11 @@ aws ec2 describe-instance-status
 # list status of a specific instance
 aws ec2 describe-instance-status \
     --instance-ids <instance_id>
+
+# list instance IP addresses
+aws ec2 describe-instances \
+  --query "Reservations[*].Instances[*].PublicIpAddress" \
+  --output=text
 ```
 
 

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -403,6 +403,9 @@ http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html
 # http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html
 aws ec2 describe-instances
 
+# list all instances running
+aws ec2 describe-instances --filters Name=instance-state-name,Values=running
+
 # create a new instance
 # http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
 aws ec2 run-instances \

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -74,10 +74,11 @@ join # combine rows of text, by initial column value
 
 
 ## Cloudtrail - Logging and Auditing
-```shell
-# http://docs.aws.amazon.com/cli/latest/reference/cloudtrail/
-# 5 Trails total, does support resource level permissions
 
+http://docs.aws.amazon.com/cli/latest/reference/cloudtrail/
+5 Trails total, with support for resource level permissions
+
+```shell
 # list all trails
 aws cloudtrail describe-trails
 
@@ -126,14 +127,13 @@ aws cloudtrail remove-tags \
 ## IAM
 
 ### Users
-http://docs.aws.amazon.com/cli/latest/reference/iam/index.html
 
 https://blogs.aws.amazon.com/security/post/Tx15CIT22V4J8RP/How-to-rotate-access-keys-for-IAM-users
-
 http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html
-
 Limits = 5000 users, 100 group, 250 roles, 2 access keys / user
 
+http://docs.aws.amazon.com/cli/latest/reference/iam/index.html
+
 ```shell
 # list all user's info
 aws iam list-users
@@ -182,13 +182,14 @@ done
 
 ### Password policy
 
-```shell
-# http://docs.aws.amazon.com/cli/latest/reference/iam/delete-account-password-policy.html
-aws iam delete-account-password-policy
+http://docs.aws.amazon.com/cli/latest/reference/iam/
 
+```shell
+# list policy
 # http://docs.aws.amazon.com/cli/latest/reference/iam/get-account-password-policy.html
 aws iam get-account-password-policy
 
+# set policy
 # http://docs.aws.amazon.com/cli/latest/reference/iam/update-account-password-policy.html
 aws iam update-account-password-policy \
 	--minimum-password-length 12 \
@@ -197,11 +198,18 @@ aws iam update-account-password-policy \
 	--require-uppercase-characters \
 	--require-lowercase-characters \
 	--allow-users-to-change-password
+
+# delete policy
+# http://docs.aws.amazon.com/cli/latest/reference/iam/delete-account-password-policy.html
+aws iam delete-account-password-policy
 ```
 
 
 
 ### Access Keys
+
+http://docs.aws.amazon.com/cli/latest/reference/iam/
+
 ```shell
 # list all access keys
 aws iam list-access-keys
@@ -234,9 +242,11 @@ aws iam delete-access-key \
 
 
 ### Groups, Policies, Managed Policies
-```shell
-# http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
 
+http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
+http://docs.aws.amazon.com/cli/latest/reference/iam/
+
+```shell
 # list all groups
 aws iam list-groups
 
@@ -307,26 +317,26 @@ aws iam delete-group \
 http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
 
 ```shell
-# http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-key-pairs.html
 # list all keypairs
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-key-pairs.html
 aws ec2 describe-key-pairs
 
-# http://docs.aws.amazon.com/cli/latest/reference/ec2/create-key-pair.html
 # create a keypair
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/create-key-pair.html
 aws ec2 create-key-pair \
     --key-name <value>
 
 # create a new private / public keypair, using RSA 2048-bit
 ssh-keygen -t rsa -b 2048
 
-# http://docs.aws.amazon.com/cli/latest/reference/ec2/import-key-pair.html
 # import an existing keypair
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/import-key-pair.html
 aws ec2 import-key-pair \
     --key-name keyname_test \
     --public-key-material file:///home/apollo/id_rsa.pub
 
-# http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-key-pair.html
 # delete a keypair
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-key-pair.html
 aws ec2 delete-key-pair \
     --key-name <value>
 ```
@@ -335,6 +345,9 @@ aws ec2 delete-key-pair \
 
 
 ### Security Groups
+
+http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html
+
 ```shell
 # list all security groups
 aws ec2 describe-security-groups
@@ -382,41 +395,52 @@ aws ec2 delete-security-group \
 
 
 ## Instances
-```shell
-# http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html#cli-aws-ec2
-# http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
 
+http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html
+
+```shell
 # list all instances (running, and not running)
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html
 aws ec2 describe-instances
 
 # create a new instance
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
 aws ec2 run-instances \
     --image-id ami-f0e7d19a \	
     --instance-type t2.micro \
     --security-group-ids sg-00000000 \
     --dry-run
 
 # stop an instance
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/terminate-instances.html
 aws ec2 terminate-instances \
     --instance-ids <instance_id>
 
-# list details of an instance
-aws ec2 describe-instances
+# list status of all instances
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instance-status.html
+aws ec2 describe-instance-status
+
+# list status of a specific instance
+aws ec2 describe-instance-status \
+    --instance-ids <instance_id>
 ```
 
 
 
 ### Tags
 ```shell
 # list the tags of an instance
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-tags.html
 aws ec2 describe-tags
 
 # add a tag to an instance
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/create-tags.html
 aws ec2 create-tags \
     --resources "ami-1a2b3c4d" \
     --tags Key=name,Value=debian
 
 # delete a tag on an instance
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-tags.html
 aws ec2 delete-tags \
     --resources "ami-1a2b3c4d" \
     --tags Key=Name,Value=

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -434,45 +434,53 @@ aws ec2 delete-tags \
 http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatchLogs.html
 http://docs.aws.amazon.com/cli/latest/reference/logs/index.html#cli-aws-logs
 
+##### create a group
+http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-group.html
 ```shell
-# http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-group.html
 aws logs create-log-group \
 	--log-group-name "DefaultGroup"
+```
 
-# http://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-groups.html
+##### list all log groups
+http://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-groups.html
+```shell
 aws logs describe-log-groups
 
 aws logs describe-log-groups \
 	--log-group-name-prefix "Default"
+```
 
-# http://docs.aws.amazon.com/cli/latest/reference/logs/delete-log-group.html
+##### delete a group
+http://docs.aws.amazon.com/cli/latest/reference/logs/delete-log-group.html
+```shell
 aws logs delete-log-group \
 	--log-group-name "DefaultGroup"
 ```
 
 
+
 ### Log Streams
 ```shell
-# http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-stream.html
 
 # Log group names can be between 1 and 512 characters long. Allowed
 # characters include a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen),
 # '/' (forward slash), and '.' (period).
 
+# create a log stream
+# http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-stream.html
 aws logs create-log-stream \
 	--log-group-name "DefaultGroup" \
 	--log-stream-name "syslog"
 
+# list details on a log stream
 # http://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-streams.html
-
-aws logs describe-log-streams
-
 aws logs describe-log-streams \
 	--log-group-name "syslog"
 
 aws logs describe-log-streams \
 	--log-stream-name-prefix "syslog"
 
+# delete a log stream
 # http://docs.aws.amazon.com/cli/latest/reference/logs/delete-log-stream.html
 aws logs delete-log-stream \
 	--log-group-name "DefaultGroup" \
@@ -483,4 +491,3 @@ aws logs delete-log-stream \
 
 ## Cloudwatch - Monitoring
 http://docs.aws.amazon.com/cli/latest/reference/cloudwatch/index.html
-
diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -381,7 +381,7 @@ aws ec2 delete-security-group \
 
 
 
-## Instances, Tags
+## Instances
 ```shell
 # http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html#cli-aws-ec2
 # http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
@@ -402,7 +402,12 @@ aws ec2 terminate-instances \
 
 # list details of an instance
 aws ec2 describe-instances
+```
+
 
+
+### Tags
+```shell
 # list the tags of an instance
 aws ec2 describe-tags
 
@@ -422,7 +427,10 @@ aws ec2 delete-tags \
 
 
 
-## Cloudwatch - Logs
+## Cloudwatch
+
+
+### Log Groups
 http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatchLogs.html
 http://docs.aws.amazon.com/cli/latest/reference/logs/index.html#cli-aws-logs
 
@@ -475,3 +483,4 @@ aws logs delete-log-stream \
 
 ## Cloudwatch - Monitoring
 http://docs.aws.amazon.com/cli/latest/reference/cloudwatch/index.html
+
diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -200,6 +200,7 @@ aws iam update-account-password-policy \
 ```
 
 
+
 ### Access Keys
 ```shell
 # list all access keys
@@ -232,8 +233,6 @@ aws iam delete-access-key \
 
 
 
-
-
 ### Groups, Policies, Managed Policies
 ```shell
 # http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
@@ -382,8 +381,7 @@ aws ec2 delete-security-group \
 
 
 
-
-## EC2 - Instances, Tags
+## Instances, Tags
 ```shell
 # http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html#cli-aws-ec2
 # http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
@@ -418,14 +416,11 @@ aws ec2 delete-tags \
     --resources "ami-1a2b3c4d" \
     --tags Key=Name,Value=
 ```
+<br/><br/><br/>
 
 
 
 
-## Cloudwatch - Monitoring
-http://docs.aws.amazon.com/cli/latest/reference/cloudwatch/index.html
-
-
 
 ## Cloudwatch - Logs
 http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatchLogs.html
@@ -445,9 +440,11 @@ aws logs describe-log-groups \
 # http://docs.aws.amazon.com/cli/latest/reference/logs/delete-log-group.html
 aws logs delete-log-group \
 	--log-group-name "DefaultGroup"
+```
 
 
-
+### Log Streams
+```shell
 # http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-stream.html
 
 # Log group names can be between 1 and 512 characters long. Allowed
@@ -472,4 +469,9 @@ aws logs describe-log-streams \
 aws logs delete-log-stream \
 	--log-group-name "DefaultGroup" \
 	--log-stream-name "Default Stream"
-```
+```
+
+
+
+## Cloudwatch - Monitoring
+http://docs.aws.amazon.com/cli/latest/reference/cloudwatch/index.html
diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -6,6 +6,9 @@ https://www.youtube.com/watch?v=_wiGpBQGCjU
 
 
 
+
+## Setup
+
 ### Overview
 - Virtualbox
 - Ubuntu 14.04 LTS VM, 64-bit
@@ -23,7 +26,6 @@ http://releases.ubuntu.com/14.04/ubuntu-14.04.4-desktop-amd64.iso
 - boot
 - install
 
-
 ### install Virtualbox Guest Additions, passwordless sudo
 ```shell
 echo $USER
@@ -448,7 +450,9 @@ aws logs delete-log-group \
 
 # http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-stream.html
 
-# Log group names can be between 1 and 512 characters long. Allowed characters include a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), '/' (forward slash), and '.' (period).
+# Log group names can be between 1 and 512 characters long. Allowed
+# characters include a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen),
+# '/' (forward slash), and '.' (period).
 
 aws logs create-log-stream \
 	--log-group-name "DefaultGroup" \

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -6,23 +6,24 @@ https://www.youtube.com/watch?v=_wiGpBQGCjU
 
 
 
-
+### Overview
 - Virtualbox
 - Ubuntu 14.04 LTS VM, 64-bit
 http://releases.ubuntu.com/14.04/ubuntu-14.04.4-desktop-amd64.iso
 - create new machine, settings
-   System / Processor
-      Enable PAE/NX
-   System / Acceleration
-      Paravirtualization Interface: Default
-      Enable VT-x/AMD-V
-      Enable Nested Paging
-   Display / Screen
-      Video Memory: 128MB
-      Acceleration: Enable 3D Acceleration
+  - System / Processor
+    - Enable PAE/NX
+  - System / Acceleration
+    - Paravirtualization Interface: Default
+    - Enable VT-x/AMD-V
+    - Enable Nested Paging
+  - Display / Screen
+    - Video Memory: 128MB
+    - Acceleration: Enable 3D Acceleration
 - boot
 - install
 
+
 ### install Virtualbox Guest Additions, passwordless sudo
 ```shell
 echo $USER

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -7,20 +7,19 @@ https://www.youtube.com/watch?v=_wiGpBQGCjU
 
 
 
-### Overview
 - Virtualbox
 - Ubuntu 14.04 LTS VM, 64-bit
 http://releases.ubuntu.com/14.04/ubuntu-14.04.4-desktop-amd64.iso
 - create new machine, settings
--- System / Processor
---- Enable PAE/NX
--- System / Acceleration
---- Paravirtualization Interface: Default
---- Enable VT-x/AMD-V
---- Enable Nested Paging
--- Display / Screen
---- Video Memory: 128MB
---- Acceleration: Enable 3D Acceleration
+   System / Processor
+      Enable PAE/NX
+   System / Acceleration
+      Paravirtualization Interface: Default
+      Enable VT-x/AMD-V
+      Enable Nested Paging
+   Display / Screen
+      Video Memory: 128MB
+      Acceleration: Enable 3D Acceleration
 - boot
 - install
 

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -7,20 +7,20 @@ https://www.youtube.com/watch?v=_wiGpBQGCjU
 
 
 
-## Setup
+### Overview
 - Virtualbox
 - Ubuntu 14.04 LTS VM, 64-bit
 http://releases.ubuntu.com/14.04/ubuntu-14.04.4-desktop-amd64.iso
 - create new machine, settings
-	System / Processor
-		Enable PAE/NX
-	System / Acceleration
-		Paravirtualization Interface: Default
-		Enable VT-x/AMD-V
-		Enable Nested Paging
-	Display / Screen
-		Video Memory: 128MB
-		Acceleration: Enable 3D Acceleration
+-- System / Processor
+--- Enable PAE/NX
+-- System / Acceleration
+--- Paravirtualization Interface: Default
+--- Enable VT-x/AMD-V
+--- Enable Nested Paging
+-- Display / Screen
+--- Video Memory: 128MB
+--- Acceleration: Enable 3D Acceleration
 - boot
 - install
 

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -76,32 +76,41 @@ join # combine rows of text, by initial column value
 # http://docs.aws.amazon.com/cli/latest/reference/cloudtrail/
 # 5 Trails total, does support resource level permissions
 
+# list all trails
 aws cloudtrail describe-trails
 
+# list all S3 buckets
 aws s3 ls
 
+# create a new trail
 aws cloudtrail create-subscription \
     --name awslog \
     --s3-new-bucket awslog2016
 
+# list the names of all trails
 aws cloudtrail describe-trails --output text | cut -f 8
 
+# get the status of a trail
 aws cloudtrail get-trail-status \
     --name awslog
 
+# delete a trail
 aws cloudtrail delete-trail \
     --name awslog
 
+# delete the S3 bucket of a trail
 aws s3 rb s3://awslog2016 --force
 
-# add up to 10 tags
+# add tags to a trail, up to 10 tags
 aws cloudtrail add-tags \
     --resource-id awslog \
     --tags-list "Key=log-type,Value=all"
 
+# list the tags of a trail
 aws cloudtrail list-tags \
     --resource-id-list 
 
+# remove a tag from a trail
 aws cloudtrail remove-tags \
     --resource-id awslog \
     --tags-list "Key=log-type,Value=all"
@@ -173,15 +182,12 @@ done
 
 ```shell
 # http://docs.aws.amazon.com/cli/latest/reference/iam/delete-account-password-policy.html
-
 aws iam delete-account-password-policy
 
 # http://docs.aws.amazon.com/cli/latest/reference/iam/get-account-password-policy.html
-
 aws iam get-account-password-policy
 
 # http://docs.aws.amazon.com/cli/latest/reference/iam/update-account-password-policy.html
-
 aws iam update-account-password-policy \
 	--minimum-password-length 12 \
 	--require-symbols \
@@ -296,22 +302,29 @@ aws iam delete-group \
 ## EC2
 
 ### keypairs
-```shell
-# http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
 
+http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
+
+```shell
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-key-pairs.html
+# list all keypairs
 aws ec2 describe-key-pairs
 
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/create-key-pair.html
+# create a keypair
 aws ec2 create-key-pair \
     --key-name <value>
 
 # create a new private / public keypair, using RSA 2048-bit
 ssh-keygen -t rsa -b 2048
 
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/import-key-pair.html
 # import an existing keypair
 aws ec2 import-key-pair \
     --key-name keyname_test \
     --public-key-material file:///home/apollo/id_rsa.pub
 
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-key-pair.html
 # delete a keypair
 aws ec2 delete-key-pair \
     --key-name <value>

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -73,9 +73,8 @@ join # combine rows of text, by initial column value
 
 ## Cloudtrail - Logging and Auditing
 ```shell
-http://docs.aws.amazon.com/cli/latest/reference/cloudtrail/
-
-5 Trails total, does support resource level permissions
+# http://docs.aws.amazon.com/cli/latest/reference/cloudtrail/
+# 5 Trails total, does support resource level permissions
 
 aws cloudtrail describe-trails
 
@@ -173,15 +172,15 @@ done
 ### Password policy
 
 ```shell
-http://docs.aws.amazon.com/cli/latest/reference/iam/delete-account-password-policy.html
+# http://docs.aws.amazon.com/cli/latest/reference/iam/delete-account-password-policy.html
 
 aws iam delete-account-password-policy
 
-http://docs.aws.amazon.com/cli/latest/reference/iam/get-account-password-policy.html
+# http://docs.aws.amazon.com/cli/latest/reference/iam/get-account-password-policy.html
 
 aws iam get-account-password-policy
 
-http://docs.aws.amazon.com/cli/latest/reference/iam/update-account-password-policy.html
+# http://docs.aws.amazon.com/cli/latest/reference/iam/update-account-password-policy.html
 
 aws iam update-account-password-policy \
 	--minimum-password-length 12 \
@@ -195,23 +194,29 @@ aws iam update-account-password-policy \
 
 ### Access Keys
 ```shell
+# list all access keys
 aws iam list-access-keys
 
+# list access keys of a specific user
 aws iam list-access-keys \
     --user-name aws-admin2
 
+# create a new access key
 aws iam create-access-key \
     --user-name aws-admin2 \
     --output text | tee aws-admin2.txt
 
+# list last access time of an access key
 aws iam get-access-key-last-used \
     --access-key-id AKIAINA6AJZY4EXAMPLE
 
+# deactivate an acccss key
 aws iam update-access-key \
     --access-key-id AKIAI44QH8DHBEXAMPLE \
     --status Inactive \
     --user-name aws-admin2
 
+# delete an access key
 aws iam delete-access-key \
     --access-key-id AKIAI44QH8DHBEXAMPLE \
     --user-name aws-admin2
@@ -223,17 +228,22 @@ aws iam delete-access-key \
 
 ### Groups, Policies, Managed Policies
 ```shell
-http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
+# http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
 
+# list all groups
 aws iam list-groups
 
+# create a group
 aws iam create-group --group-name FullAdmins
 
+# delete a group
 aws iam delete-group \
     --group-name FullAdmins
 
+# list all policies
 aws iam list-policies
 
+# get a specific policy
 aws iam get-policy \
     --policy-arn <value>
 
@@ -245,10 +255,12 @@ aws iam list-entities-for-policy \
 aws iam list-attached-group-policies \
     --group-name FullAdmins
 
+# add a policy to a group
 aws iam attach-group-policy \
     --group-name FullAdmins \
     --policy-arn arn:aws:iam::aws:policy/AdministratorAccess
 
+# add a user to a group
 aws iam add-user-to-group \
     --group-name FullAdmins \
     --user-name aws-admin2
@@ -261,14 +273,17 @@ aws iam get-group \
 aws iam list-groups-for-user \
     --user-name aws-admin2
 
+# remove a user from a group
 aws iam remove-user-from-group \
     --group-name FullAdmins \
     --user-name aws-admin2
 
+# remove a policy from a group
 aws iam detach-group-policy \
     --group-name FullAdmins \
     --policy-arn arn:aws:iam::aws:policy/AdministratorAccess
 
+# delete a group
 aws iam delete-group \
     --group-name FullAdmins
 ```
@@ -282,7 +297,7 @@ aws iam delete-group \
 
 ### keypairs
 ```shell
-http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
+# http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
 
 aws ec2 describe-key-pairs
 
@@ -292,10 +307,12 @@ aws ec2 create-key-pair \
 # create a new private / public keypair, using RSA 2048-bit
 ssh-keygen -t rsa -b 2048
 
+# import an existing keypair
 aws ec2 import-key-pair \
     --key-name keyname_test \
     --public-key-material file:///home/apollo/id_rsa.pub
 
+# delete a keypair
 aws ec2 delete-key-pair \
     --key-name <value>
 ```
@@ -305,13 +322,16 @@ aws ec2 delete-key-pair \
 
 ### Security Groups
 ```shell
+# list all security groups
 aws ec2 describe-security-groups
 
+# create a security group
 aws ec2 create-security-group \
     --vpc-id vpc-1a2b3c4d \
     --group-name web-access \
     --description "web access"
 
+# list details about a securty group
 aws ec2 describe-security-groups \
     --group-id sg-0000000
 
@@ -333,12 +353,14 @@ aws ec2 authorize-security-group-ingress \
     --port 80 \
     --cidr $my_ip/24
 
+# remove a firewall rule from a group
 aws ec2 revoke-security-group-ingress \
     --group-id sg-0000000 \
     --protocol tcp \
     --port 80 \
     --cidr 0.0.0.0/24
 
+# delete a security group
 aws ec2 delete-security-group \
     --group-id sg-00000000
 ```
@@ -348,28 +370,35 @@ aws ec2 delete-security-group \
 
 ## EC2 - Instances, Tags
 ```shell
-http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html#cli-aws-ec2
-http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html#cli-aws-ec2
+# http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
 
+# list all instances (running, and not running)
 aws ec2 describe-instances
 
+# create a new instance
 aws ec2 run-instances \
     --image-id ami-f0e7d19a \	
     --instance-type t2.micro \
     --security-group-ids sg-00000000 \
     --dry-run
 
+# stop an instance
 aws ec2 terminate-instances \
     --instance-ids <instance_id>
 
+# list details of an instance
 aws ec2 describe-instances
 
+# list the tags of an instance
 aws ec2 describe-tags
 
+# add a tag to an instance
 aws ec2 create-tags \
     --resources "ami-1a2b3c4d" \
     --tags Key=name,Value=debian
 
+# delete a tag on an instance
 aws ec2 delete-tags \
     --resources "ami-1a2b3c4d" \
     --tags Key=Name,Value=
@@ -388,17 +417,17 @@ http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWat
 http://docs.aws.amazon.com/cli/latest/reference/logs/index.html#cli-aws-logs
 
 ```shell
-http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-group.html
+# http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-group.html
 aws logs create-log-group \
 	--log-group-name "DefaultGroup"
 
-http://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-groups.html
+# http://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-groups.html
 aws logs describe-log-groups
 
 aws logs describe-log-groups \
 	--log-group-name-prefix "Default"
 
-http://docs.aws.amazon.com/cli/latest/reference/logs/delete-log-group.html
+# http://docs.aws.amazon.com/cli/latest/reference/logs/delete-log-group.html
 aws logs delete-log-group \
 	--log-group-name "DefaultGroup"
 

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -45,7 +45,7 @@ aws configure
 ```
 
 ### Bash one-liners
-``shell
+```shell
 cat <file> # output a file
 tee # split output into a file
 cut -f 2 # print the 2nd column, per line

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -24,7 +24,8 @@ http://releases.ubuntu.com/14.04/ubuntu-14.04.4-desktop-amd64.iso
 - boot
 - install
 
-# install Virtualbox Guest Additions, passwordless sudo
+### install Virtualbox Guest Additions, passwordless sudo
+```shell
 echo $USER
 sudo echo "$USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers
 sudo su
@@ -33,14 +34,18 @@ apt-get install -y build-essential dkms linux-headers-$(uname -r)
 cd /media/aws-admin/
 sh ./VBoxLinuxAdditions.run
 shutdown now
+```
 
-# install AWS CLI
+### install AWS CLI
+```shell
 sudo apt-get install -y python-dev python-pip
 sudo pip install awscli
 aws --version
 aws configure
+```
 
-# Bash one-liners
+### Bash one-liners
+``shell
 cat <file> # output a file
 tee # split output into a file
 cut -f 2 # print the 2nd column, per line
@@ -59,12 +64,15 @@ sort # sort data
 uniq # show only unique entries
 paste # combine rows of text, by line
 join # combine rows of text, by initial column value
+```
+<br/><br/><br/>
 
 
 
 
 
 ## Cloudtrail - Logging and Auditing
+```shell
 http://docs.aws.amazon.com/cli/latest/reference/cloudtrail/
 
 5 Trails total, does support resource level permissions
@@ -98,12 +106,16 @@ aws cloudtrail list-tags \
 aws cloudtrail remove-tags \
     --resource-id awslog \
     --tags-list "Key=log-type,Value=all"
+```
+<br/><br/><br/>
 
 
 
 
 
-## IAM - Users
+## IAM
+
+### Users
 http://docs.aws.amazon.com/cli/latest/reference/iam/index.html
 
 https://blogs.aws.amazon.com/security/post/Tx15CIT22V4J8RP/How-to-rotate-access-keys-for-IAM-users
@@ -112,6 +124,7 @@ http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html
 
 Limits = 5000 users, 100 group, 250 roles, 2 access keys / user
 
+```shell
 # list all user's info
 aws iam list-users
 
@@ -153,12 +166,13 @@ for userName in $allUsers; do
     aws iam delete-user \
         --user-name $userName
 done
+```
 
 
 
+### Password policy
 
-## IAM - Password policy
-
+```shell
 http://docs.aws.amazon.com/cli/latest/reference/iam/delete-account-password-policy.html
 
 aws iam delete-account-password-policy
@@ -176,11 +190,11 @@ aws iam update-account-password-policy \
 	--require-uppercase-characters \
 	--require-lowercase-characters \
 	--allow-users-to-change-password
+```
 
 
-
-## IAM - Access Keys
-
+### Access Keys
+```shell
 aws iam list-access-keys
 
 aws iam list-access-keys \
@@ -201,13 +215,14 @@ aws iam update-access-key \
 aws iam delete-access-key \
     --access-key-id AKIAI44QH8DHBEXAMPLE \
     --user-name aws-admin2
+```
 
 
 
 
 
-## IAM - Groups, Policies, Managed Policies
-
+### Groups, Policies, Managed Policies
+```shell
 http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
 
 aws iam list-groups
@@ -256,12 +271,17 @@ aws iam detach-group-policy \
 
 aws iam delete-group \
     --group-name FullAdmins
+```
+<br/><br/><br/>
 
 
 
 
 
-## EC2 - Keypairs
+## EC2
+
+### keypairs
+```shell
 http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
 
 aws ec2 describe-key-pairs
@@ -278,12 +298,13 @@ aws ec2 import-key-pair \
 
 aws ec2 delete-key-pair \
     --key-name <value>
+```
 
 
 
 
-
-## EC2 - Security Groups
+### Security Groups
+```shell
 aws ec2 describe-security-groups
 
 aws ec2 create-security-group \
@@ -320,12 +341,13 @@ aws ec2 revoke-security-group-ingress \
 
 aws ec2 delete-security-group \
     --group-id sg-00000000
-
+```
 
 
 
 
 ## EC2 - Instances, Tags
+```shell
 http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html#cli-aws-ec2
 http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
 
@@ -351,7 +373,7 @@ aws ec2 create-tags \
 aws ec2 delete-tags \
     --resources "ami-1a2b3c4d" \
     --tags Key=Name,Value=
-
+```
 
 
 
@@ -365,6 +387,7 @@ http://docs.aws.amazon.com/cli/latest/reference/cloudwatch/index.html
 http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatchLogs.html
 http://docs.aws.amazon.com/cli/latest/reference/logs/index.html#cli-aws-logs
 
+```shell
 http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-group.html
 aws logs create-log-group \
 	--log-group-name "DefaultGroup"
@@ -381,15 +404,15 @@ aws logs delete-log-group \
 
 
 
-http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-stream.html
+# http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-stream.html
 
-Log group names can be between 1 and 512 characters long. Allowed characters include a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), '/' (forward slash), and '.' (period).
+# Log group names can be between 1 and 512 characters long. Allowed characters include a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), '/' (forward slash), and '.' (period).
 
 aws logs create-log-stream \
 	--log-group-name "DefaultGroup" \
 	--log-stream-name "syslog"
 
-http://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-streams.html
+# http://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-streams.html
 
 aws logs describe-log-streams
 
@@ -399,7 +422,8 @@ aws logs describe-log-streams \
 aws logs describe-log-streams \
 	--log-stream-name-prefix "syslog"
 
-http://docs.aws.amazon.com/cli/latest/reference/logs/delete-log-stream.html
+# http://docs.aws.amazon.com/cli/latest/reference/logs/delete-log-stream.html
 aws logs delete-log-stream \
 	--log-group-name "DefaultGroup" \
-	--log-stream-name "Default Stream"
+	--log-stream-name "Default Stream"
+```
diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -1,4 +1,5 @@
-# AWS Best Practices
+# AWS CLI Cheatsheet
+
 http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
 https://www.youtube.com/watch?v=_wiGpBQGCjU
 

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -1,67 +1,404 @@
-# AWS CLI Cheatsheet
+# AWS Best Practices
+http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
+https://www.youtube.com/watch?v=_wiGpBQGCjU
 
-@see http://docs.aws.amazon.com/cli/latest/reference/
-@see https://github.com/toddm92/aws/wiki/AWS-CLI-Cheat-Sheet
 
 
 
 
-## EC2
-@see http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html
+## Setup
+- Virtualbox
+- Ubuntu 14.04 LTS VM, 64-bit
+http://releases.ubuntu.com/14.04/ubuntu-14.04.4-desktop-amd64.iso
+- create new machine, settings
+	System / Processor
+		Enable PAE/NX
+	System / Acceleration
+		Paravirtualization Interface: Default
+		Enable VT-x/AMD-V
+		Enable Nested Paging
+	Display / Screen
+		Video Memory: 128MB
+		Acceleration: Enable 3D Acceleration
+- boot
+- install
 
-##### describe instances
-@see http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html
+# install Virtualbox Guest Additions, passwordless sudo
+echo $USER
+sudo echo "$USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers
+sudo su
+apt-get update
+apt-get install -y build-essential dkms linux-headers-$(uname -r)
+cd /media/aws-admin/
+sh ./VBoxLinuxAdditions.run
+shutdown now
 
-##### list all instances
-```shell
-SERVER_LIST=$(aws ec2 describe-instances);
-```
+# install AWS CLI
+sudo apt-get install -y python-dev python-pip
+sudo pip install awscli
+aws --version
+aws configure
 
-##### list instances, that are running, having tag
-```shell
-SERVER_LIST=$(aws ec2 describe-instances \
-  --filters "Name=tag:<tag_name>" \
-  "Name=instance-state-name,Values=running");
-```
+# Bash one-liners
+cat <file> # output a file
+tee # split output into a file
+cut -f 2 # print the 2nd column, per line
+sed -n '5{p;q}' # print the 5th line in a file
+sed 1d # print all lines, except the first
+tail -n +2 # print all lines, starting on the 2nd
+head -n 5 # print the first 5 lines
+tail -n 5 # print the last 5 lines
 
-##### list instances, that are running, having tag and value
-```shell
-SERVER_LIST=$(aws ec2 describe-instances \
-  --filters "Name=tag:<tag_name>,Values=<tag_value>" \
-  "Name=instance-state-name,Values=running");
-```
+expand # convert tabs to 4 spaces
+unexpand -a # convert 4 spaces to tabs
+wc # word count
+tr ' ' \\t # translate / convert characters to other characters
 
-##### filter results, retrieve Public DNS, using jq
-```shell
-SERVER_LIST_DNS=$( echo $SERVER_LIST | jq '.Reservations[].Instances[].PublicDnsName'  | tr -d '"');
-```
+sort # sort data
+uniq # show only unique entries
+paste # combine rows of text, by line
+join # combine rows of text, by initial column value
 
-##### filter results, retrieve Public IP Address, using jq
-```shell
-SERVER_LIST_IP=$( echo $SERVER_LIST | jq '.Reservations[].Instances[].PublicIpAddress'  | tr -d '"');
-```
 
-##### create instances
-@see http://docs.aws.amazon.com/cli/latest/reference/ec2/create-image.html
 
-##### terminate instances
-@see http://docs.aws.amazon.com/cli/latest/reference/ec2/terminate-instances.html
 
-##### delete volume
-@see http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-volume.html
-<br/><br/><br/>
 
+## Cloudtrail - Logging and Auditing
+http://docs.aws.amazon.com/cli/latest/reference/cloudtrail/
 
+5 Trails total, does support resource level permissions
 
+aws cloudtrail describe-trails
 
+aws s3 ls
 
-## IAM
+aws cloudtrail create-subscription \
+    --name awslog \
+    --s3-new-bucket awslog2016
 
-[How to Rotate Access Keys for IAM Users](http://blogs.aws.amazon.com//security/post/Tx15CIT22V4J8RP/How-to-rotate-access-keys-for-IAM-users)
+aws cloudtrail describe-trails --output text | cut -f 8
 
-##### list the age of all keys
-[AWS Security Best Practice #6: Rotate all the Keys Regularly](https://evidentio.squarespace.com/blog/2015/3/20/top-10-aws-security-best-practices-6-rotate-all-the-keys-regularly)
-```shell
-aws iam get-credential-report --output text | awk '{print $1}' | base64 -D | \
-    awk -F, '{printf("%-15s %-25s %-25s %-25s %-25s\n",$1,$9,$10,$11,$12)}';
-```
+aws cloudtrail get-trail-status \
+    --name awslog
+
+aws cloudtrail delete-trail \
+    --name awslog
+
+aws s3 rb s3://awslog2016 --force
+
+# add up to 10 tags
+aws cloudtrail add-tags \
+    --resource-id awslog \
+    --tags-list "Key=log-type,Value=all"
+
+aws cloudtrail list-tags \
+    --resource-id-list 
+
+aws cloudtrail remove-tags \
+    --resource-id awslog \
+    --tags-list "Key=log-type,Value=all"
+
+
+
+
+
+## IAM - Users
+http://docs.aws.amazon.com/cli/latest/reference/iam/index.html
+
+https://blogs.aws.amazon.com/security/post/Tx15CIT22V4J8RP/How-to-rotate-access-keys-for-IAM-users
+
+http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html
+
+Limits = 5000 users, 100 group, 250 roles, 2 access keys / user
+
+# list all user's info
+aws iam list-users
+
+# list all user's usernames
+aws iam list-users --output text | cut -f 6
+
+# list current user's info
+aws iam get-user
+
+# list current user's access keys
+aws iam list-access-keys
+
+# crate new user
+aws iam create-user \
+    --user-name aws-admin2
+
+# create multiple new users, from a file
+allUsers=$(cat ./user-names.txt)
+for userName in $allUsers; do
+    aws iam create-user \
+        --user-name $userName
+done
+
+# list all users
+aws iam list-users --no-paginate
+
+# get a specific user's info
+aws iam get-user \
+    --user-name aws-admin2
+
+# delete one user
+aws iam delete-user \
+    --user-name aws-admin2
+
+# delete all users
+# allUsers=$(aws iam list-users --output text | cut -f 6);
+allUsers=$(cat ./user-names.txt)
+for userName in $allUsers; do
+    aws iam delete-user \
+        --user-name $userName
+done
+
+
+
+
+## IAM - Password policy
+
+http://docs.aws.amazon.com/cli/latest/reference/iam/delete-account-password-policy.html
+
+aws iam delete-account-password-policy
+
+http://docs.aws.amazon.com/cli/latest/reference/iam/get-account-password-policy.html
+
+aws iam get-account-password-policy
+
+http://docs.aws.amazon.com/cli/latest/reference/iam/update-account-password-policy.html
+
+aws iam update-account-password-policy \
+	--minimum-password-length 12 \
+	--require-symbols \
+	--require-numbers \
+	--require-uppercase-characters \
+	--require-lowercase-characters \
+	--allow-users-to-change-password
+
+
+
+## IAM - Access Keys
+
+aws iam list-access-keys
+
+aws iam list-access-keys \
+    --user-name aws-admin2
+
+aws iam create-access-key \
+    --user-name aws-admin2 \
+    --output text | tee aws-admin2.txt
+
+aws iam get-access-key-last-used \
+    --access-key-id AKIAINA6AJZY4EXAMPLE
+
+aws iam update-access-key \
+    --access-key-id AKIAI44QH8DHBEXAMPLE \
+    --status Inactive \
+    --user-name aws-admin2
+
+aws iam delete-access-key \
+    --access-key-id AKIAI44QH8DHBEXAMPLE \
+    --user-name aws-admin2
+
+
+
+
+
+## IAM - Groups, Policies, Managed Policies
+
+http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
+
+aws iam list-groups
+
+aws iam create-group --group-name FullAdmins
+
+aws iam delete-group \
+    --group-name FullAdmins
+
+aws iam list-policies
+
+aws iam get-policy \
+    --policy-arn <value>
+
+# list all users, groups, and roles, for a given policy
+aws iam list-entities-for-policy \
+    --policy-arn <value>
+
+# list policies, for a given group
+aws iam list-attached-group-policies \
+    --group-name FullAdmins
+
+aws iam attach-group-policy \
+    --group-name FullAdmins \
+    --policy-arn arn:aws:iam::aws:policy/AdministratorAccess
+
+aws iam add-user-to-group \
+    --group-name FullAdmins \
+    --user-name aws-admin2
+
+# list users, for a given group
+aws iam get-group \
+    --group-name FullAdmins
+
+# list groups, for a given user
+aws iam list-groups-for-user \
+    --user-name aws-admin2
+
+aws iam remove-user-from-group \
+    --group-name FullAdmins \
+    --user-name aws-admin2
+
+aws iam detach-group-policy \
+    --group-name FullAdmins \
+    --policy-arn arn:aws:iam::aws:policy/AdministratorAccess
+
+aws iam delete-group \
+    --group-name FullAdmins
+
+
+
+
+
+## EC2 - Keypairs
+http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
+
+aws ec2 describe-key-pairs
+
+aws ec2 create-key-pair \
+    --key-name <value>
+
+# create a new private / public keypair, using RSA 2048-bit
+ssh-keygen -t rsa -b 2048
+
+aws ec2 import-key-pair \
+    --key-name keyname_test \
+    --public-key-material file:///home/apollo/id_rsa.pub
+
+aws ec2 delete-key-pair \
+    --key-name <value>
+
+
+
+
+
+## EC2 - Security Groups
+aws ec2 describe-security-groups
+
+aws ec2 create-security-group \
+    --vpc-id vpc-1a2b3c4d \
+    --group-name web-access \
+    --description "web access"
+
+aws ec2 describe-security-groups \
+    --group-id sg-0000000
+
+# open port 80, for everyone
+aws ec2 authorize-security-group-ingress \
+    --group-id sg-0000000 \
+    --protocol tcp \
+    --port 80 \
+    --cidr 0.0.0.0/24
+
+# get my public ip
+my_ip=$(dig +short myip.opendns.com @resolver1.opendns.com);
+echo $my_ip
+
+# open port 22, just for my ip
+aws ec2 authorize-security-group-ingress \
+    --group-id sg-0000000 \
+    --protocol tcp \
+    --port 80 \
+    --cidr $my_ip/24
+
+aws ec2 revoke-security-group-ingress \
+    --group-id sg-0000000 \
+    --protocol tcp \
+    --port 80 \
+    --cidr 0.0.0.0/24
+
+aws ec2 delete-security-group \
+    --group-id sg-00000000
+
+
+
+
+
+## EC2 - Instances, Tags
+http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html#cli-aws-ec2
+http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
+
+aws ec2 describe-instances
+
+aws ec2 run-instances \
+    --image-id ami-f0e7d19a \	
+    --instance-type t2.micro \
+    --security-group-ids sg-00000000 \
+    --dry-run
+
+aws ec2 terminate-instances \
+    --instance-ids <instance_id>
+
+aws ec2 describe-instances
+
+aws ec2 describe-tags
+
+aws ec2 create-tags \
+    --resources "ami-1a2b3c4d" \
+    --tags Key=name,Value=debian
+
+aws ec2 delete-tags \
+    --resources "ami-1a2b3c4d" \
+    --tags Key=Name,Value=
+
+
+
+
+
+## Cloudwatch - Monitoring
+http://docs.aws.amazon.com/cli/latest/reference/cloudwatch/index.html
+
+
+
+## Cloudwatch - Logs
+http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatchLogs.html
+http://docs.aws.amazon.com/cli/latest/reference/logs/index.html#cli-aws-logs
+
+http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-group.html
+aws logs create-log-group \
+	--log-group-name "DefaultGroup"
+
+http://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-groups.html
+aws logs describe-log-groups
+
+aws logs describe-log-groups \
+	--log-group-name-prefix "Default"
+
+http://docs.aws.amazon.com/cli/latest/reference/logs/delete-log-group.html
+aws logs delete-log-group \
+	--log-group-name "DefaultGroup"
+
+
+
+http://docs.aws.amazon.com/cli/latest/reference/logs/create-log-stream.html
+
+Log group names can be between 1 and 512 characters long. Allowed characters include a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), '/' (forward slash), and '.' (period).
+
+aws logs create-log-stream \
+	--log-group-name "DefaultGroup" \
+	--log-stream-name "syslog"
+
+http://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-streams.html
+
+aws logs describe-log-streams
+
+aws logs describe-log-streams \
+	--log-group-name "syslog"
+
+aws logs describe-log-streams \
+	--log-stream-name-prefix "syslog"
+
+http://docs.aws.amazon.com/cli/latest/reference/logs/delete-log-stream.html
+aws logs delete-log-stream \
+	--log-group-name "DefaultGroup" \
+	--log-stream-name "Default Stream"
diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -57,10 +57,10 @@ SERVER_LIST_IP=$( echo $SERVER_LIST | jq '.Reservations[].Instances[].PublicIpAd
 
 ## IAM
 
-[Rotate Keys](http://blogs.aws.amazon.com//security/post/Tx15CIT22V4J8RP/How-to-rotate-access-keys-for-IAM-users)
+[How to Rotate Access Keys for IAM Users](http://blogs.aws.amazon.com//security/post/Tx15CIT22V4J8RP/How-to-rotate-access-keys-for-IAM-users)
 
 ##### list the age of all keys
-[Top 10 AWS Security Best Practices - #6 Rorate All Keys Regularly](https://evidentio.squarespace.com/blog/2015/3/20/top-10-aws-security-best-practices-6-rotate-all-the-keys-regularly)
+[AWS Security Best Practice #6: Rotate all the Keys Regularly](https://evidentio.squarespace.com/blog/2015/3/20/top-10-aws-security-best-practices-6-rotate-all-the-keys-regularly)
 ```shell
 aws iam get-credential-report --output text | awk '{print $1}' | base64 -D | \
     awk -F, '{printf("%-15s %-25s %-25s %-25s %-25s\n",$1,$9,$10,$11,$12)}';

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -57,8 +57,10 @@ SERVER_LIST_IP=$( echo $SERVER_LIST | jq '.Reservations[].Instances[].PublicIpAd
 
 ## IAM
 
+[Rotate Keys](http://blogs.aws.amazon.com//security/post/Tx15CIT22V4J8RP/How-to-rotate-access-keys-for-IAM-users)
+
 ##### list the age of all keys
-[source](https://evidentio.squarespace.com/blog/2015/3/20/top-10-aws-security-best-practices-6-rotate-all-the-keys-regularly)
+[Top 10 AWS Security Best Practices - #6 Rorate All Keys Regularly](https://evidentio.squarespace.com/blog/2015/3/20/top-10-aws-security-best-practices-6-rotate-all-the-keys-regularly)
 ```shell
 aws iam get-credential-report --output text | awk '{print $1}' | base64 -D | \
     awk -F, '{printf("%-15s %-25s %-25s %-25s %-25s\n",$1,$9,$10,$11,$12)}';

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -60,6 +60,6 @@ SERVER_LIST_IP=$( echo $SERVER_LIST | jq '.Reservations[].Instances[].PublicIpAd
 ##### list the age of all keys
 [source](https://evidentio.squarespace.com/blog/2015/3/20/top-10-aws-security-best-practices-6-rotate-all-the-keys-regularly)
 ```shell
-aws iam get-credential-report --output text | awk '{print $1}' | base64 -D |
+aws iam get-credential-report --output text | awk '{print $1}' | base64 -D | \
     awk -F, '{printf("%-15s %-25s %-25s %-25s %-25s\n",$1,$9,$10,$11,$12)}';
 ```
diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -60,5 +60,6 @@ SERVER_LIST_IP=$( echo $SERVER_LIST | jq '.Reservations[].Instances[].PublicIpAd
 ##### list the age of all keys
 [source](https://evidentio.squarespace.com/blog/2015/3/20/top-10-aws-security-best-practices-6-rotate-all-the-keys-regularly)
 ```shell
-aws iam get-credential-report --output text | awk '{print $1}' | base64 -D | awk -F, '{printf("%-15s %-25s %-25s %-25s %-25s\n",$1,$9,$10,$11,$12)}'
+aws iam get-credential-report --output text | awk '{print $1}' | base64 -D |
+    awk -F, '{printf("%-15s %-25s %-25s %-25s %-25s\n",$1,$9,$10,$11,$12)}';
 ```
diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -49,11 +49,12 @@ SERVER_LIST_IP=$( echo $SERVER_LIST | jq '.Reservations[].Instances[].PublicIpAd
 
 ##### delete volume
 @see http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-volume.html
-
-
-
-
-
+<br/><br/><br/>
+
+
+
+
+
 ## IAM
 
 ##### list the age of all keys

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -49,10 +49,11 @@ SERVER_LIST_IP=$( echo $SERVER_LIST | jq '.Reservations[].Instances[].PublicIpAd
 
 ##### delete volume
 @see http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-volume.html
-
-
-
-<br/>
+
+
+
+
+
 ## IAM
 
 ##### list the age of all keys

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -52,7 +52,7 @@ SERVER_LIST_IP=$( echo $SERVER_LIST | jq '.Reservations[].Instances[].PublicIpAd
 
 
 
-
+<br/>
 ## IAM
 
 ##### list the age of all keys

diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -48,4 +48,15 @@ SERVER_LIST_IP=$( echo $SERVER_LIST | jq '.Reservations[].Instances[].PublicIpAd
 @see http://docs.aws.amazon.com/cli/latest/reference/ec2/terminate-instances.html
 
 ##### delete volume
-@see http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-volume.html
+@see http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-volume.html
+
+
+
+
+## IAM
+
+##### list the age of all keys
+[source](https://evidentio.squarespace.com/blog/2015/3/20/top-10-aws-security-best-practices-6-rotate-all-the-keys-regularly)
+```shell
+aws iam get-credential-report --output text | awk '{print $1}' | base64 -D | awk -F, '{printf("%-15s %-25s %-25s %-25s %-25s\n",$1,$9,$10,$11,$12)}'
+```
diff --git a/aws cli cheatsheet.md b/aws cli cheatsheet.md
@@ -10,7 +10,7 @@
 @see http://docs.aws.amazon.com/cli/latest/reference/ec2/index.html
 
 ##### describe instances
-# @see http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html
+@see http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html
 
 ##### list all instances
 ```shell