DEV Community

zach beecher
zach beecher

Posted on

Bash commands for AWS Cloud engineers

#cloud #bash

Learning AWS cloud I stumbled onto Bash commands which got me thinking - which ones are key to a cloud engineer's toolbox?

*Wanna quickly edit EC2 instances and metadata?
*
`#!/bin/bash
echo "Fetching EC2 instances and their tags..."

aws ec2 describe-instances \
--query 'Reservations[].Instances[].[InstanceId,Tags]' \
--output table`

  • are wildcards so it'll pull down all reserved instances

*Wanna see S3 bucket backups?
*
`#!/bin/bash
SOURCE_BUCKET="my-source-bucket"
DEST_BUCKET="my-backup-bucket"
DATE=$(date +%Y-%m-%d)

echo "Backing up $SOURCE_BUCKET to $DEST_BUCKET/$DATE..."

aws s3 sync s3://$SOURCE_BUCKET s3://$DEST_BUCKET/$DATE --storage-class STANDARD_IA
`

Daily backup and version / archive storage

*Wanna rotate IAM access keys?
*
`#!/bin/bash
USER_NAME="your-iam-user"

echo "Creating new access key..."
NEW_KEY=$(aws iam create-access-key --user-name $USER_NAME)

echo "Disabling old access keys..."
OLD_KEYS=$(aws iam list-access-keys --user-name $USER_NAME --query 'AccessKeyMetadata[*].AccessKeyId' --output text)

for KEY in $OLD_KEYS; do
aws iam update-access-key --user-name $USER_NAME --access-key-id $KEY --status Inactive
done
`

Rotate keys daily to ensure security is hygenic

*Wanna check the CPU utillization of EC2?
*

`#!/bin/bash
INSTANCE_ID="i-xxxxxxxxxxxxxxxxx"
REGION="us-west-2"

aws cloudwatch get-metric-statistics \
--namespace AWS/EC2 \
--metric-name CPUUtilization \
--dimensions Name=InstanceId,Value=$INSTANCE_ID \
--start-time $(date -u -d '10 minutes ago' +%Y-%m-%dT%H:%M:%SZ) \
--end-time $(date -u +%Y-%m-%dT%H:%M:%SZ) \
--period 300 \
--statistics Average \
--region $REGION \
--output table
`
Wanna kill unused EC2s by tag (save dat money)

`#!/bin/bash
TAG_KEY="Environment"
TAG_VALUE="Dev"

echo "Finding EC2 instances with tag $TAG_KEY=$TAG_VALUE..."

INSTANCE_IDS=$(aws ec2 describe-instances \
--filters "Name=tag:$TAG_KEY,Values=$TAG_VALUE" "Name=instance-state-name,Values=running" \
--query "Reservations[].Instances[].InstanceId" \
--output text)

echo "Terminating instances: $INSTANCE_IDS"
aws ec2 terminate-instances --instance-ids $INSTANCE_IDS
`

Cleans up dev env automagically

Let me know which Bash scripts you reccomend, or use as your daily drivers?

Top comments (0)