2023年2月6日月曜日

よく使うaws-cliは bash のalias とか function にしている

 

aws-cliを、~/.bashrcとか~/.bash_aliases などに書いて使ってます。

--profile は指定せず、環境変数(AWS_PROFILE)でプロファイルを切り替えて使ってます。


EC2関連


# instance
lsec2() {
  local filter=""
  if [ "$1" == "" ]; then
    aws ec2 describe-instances \
    --query 'Reservations[].Instances[].{name:Tags[?Key==`Name`]|[0].Value,instanceId:InstanceId,privateIp:PrivateIpAddress,publicIp:PublicIpAddress,image:ImageId,state:State.Name,sg:SecurityGroups[].GroupName|sort(@)|join(`,`,@)}' \
    --output table
  else
    aws ec2 describe-instances \
    --filters "Name=tag:Name,Values=$1" \
    --query 'sort_by(Reservations[].Instances[].{name:Tags[?Key==`Name`]|[0].Value,instanceId:InstanceId,privateIp:PrivateIpAddress,publicIp:PublicIpAddress,image:ImageId,state:State.Name,sg:SecurityGroups[].GroupName|sort(@)|join(`,`,@)},&name)' \
    --output table
  fi
}

# tag
lsec2-tag() {
  if [ "$1" == "" ]; then
    echo "lsec2-tag <resource-id>"
    return
  fi
  aws ec2 describe-tags --filters "Name=resource-id,Values=$1" --output table
}

# security group
lssg() {
  local key='*'
  if [ "$1" != "" ]; then
    key=$1
  fi
  aws ec2 describe-security-groups \
  --filters "Name=group-name,Values=$key" \
  --query 'sort_by(SecurityGroups[].{id:GroupId, name:GroupName, vpc:VpcId, desc:Description},&name)' \
  --output table
}
lssg-rule() {
  if [ "$1" == "" ]; then
    echo "lssg-rule <security-group-id>"
    return
  fi
  local key="$1"
  aws ec2 describe-security-group-rules \
  --filters "Name=group-id,Values=$key" \
  --output table
}

# elb
alias lselb="aws elbv2 describe-load-balancers --query 'LoadBalancers[].{schme:Scheme,dns:DNSName,state:State.Code}' --output table"

lselb-tg() {
  local cond=""
  if [ "$1" != "" ]; then
    cond=$(printf '?contains(TargetGroupName,`%s`)' $1)
  fi
  aws elbv2 describe-target-groups \
  --query "TargetGroups[$cond].[TargetGroupArn,TargetGroupName]" \
  --output table
}
lselb-health() {
  while read key
  do
    state=$(aws elbv2 describe-target-health \
    --target-group-arn "$key" \
    --query 'TargetHealthDescriptions[].[TargetHealth.State]' \
    --output text)
    echo "$key $state"
  done< <(aws elbv2 describe-target-groups --query "TargetGroups[].[TargetGroupArn]" --output text)
}

# ami
rmami() {
  local ami_ids=$@

  for ami_id in $ami_ids;do
    snapshot_ids=`aws ec2 describe-images --image-ids=$ami_id \
    --query "Images[].BlockDeviceMappings[].Ebs.[SnapshotId]" \
    --output text`

    echo "deregister image $ami_id"
    aws ec2 deregister-image --image-id=$ami_id
    for snapshot_id in $snapshot_ids;do
        echo "delete snapshot $snapshot_id"
        aws ec2 delete-snapshot --snapshot-id=$snapshot_id
    done
  done
}
lsami() {
  local  key='*'
  if [ "$1" != "" ]; then
    key=$1
  fi
  aws ec2 describe-images --owner self \
  --filter "Name=name,Values=$key" \
  --query "sort_by(Images[].{name:Name,image:ImageId,date:CreationDate,state:State},&name)" \
  --output table
}

# network
lseni()
{
    aws ec2 describe-network-interfaces --query 'NetworkInterfaces[].[PrivateIpAddress,Association.PublicIp]' --output text
}

lsvpc() {
  aws ec2 describe-vpcs \
  --output text \
  --query 'Vpcs[].[CidrBlock,VpcId]'
}

lsvpc-sub() {
  aws ec2 describe-subnets \
  --output text \
  --query 'Subnets[].[AvailabilityZone,CidrBlock,SubnetId,VpcId,Tags[?Key==`Name`].Value|[0]]'
}

lsvpc-pl() {
  aws ec2 describe-managed-prefix-lists \
  --output text \
  --query 'PrefixLists[].[PrefixListId,PrefixListName]'
}



CloudWatchLogs関連


lslog(){
  local cond=""
  if [ "$1" != "" ]; then
    cond=$(printf '?contains(logGroupName,`%s`)' $1)
  fi
  aws logs describe-log-groups --query "sort_by(logGroups[$cond].{name:logGroupName,bytes:storedBytes},&name)" --output table
}
rmlog(){
  if [ $# -eq 0 ]; then
    echo "usage: rmlog <log group name>"
    return
  fi
  aws logs delete-log-group --log-group-name $1
}
taillog(){
  if [ $# -eq 0 ]; then
    echo "usage: taillog <log group name>"
    return
  fi
  aws logs tail $1 --follow --since 1h
}

CloudFormation


lsstack() {
  aws cloudformation describe-stacks \
  --query "Stacks[?contains(StackName,\`$1\`)].{StackName:StackName,StackStatus:StackStatus,Desc:Description}" \
  --output table
}
rmstack() {
  rain rm $1
}


ECS/EKS/ECR


# ecr
lsecr-repo() {
  aws ecr describe-repositories --query 'repositories[].repositoryName' --output text | tr "\t" "\n"
}

lsecr-img() {
  if [ $# -eq 0 ]; then
    echo "usage: lsecr-img <repository name>"
    return
  fi
  aws ecr list-images --repository-name $1 --query 'imageIds[].imageTag' --output text
}

rmecr-img() {
  if [ $# -eq 0 ]; then
    echo "usage: rmecr-img <repository name> <tag>"
    return
  fi
  aws ecr batch-delete-image --repository-name $1 --image-ids imageTag=$2
}

# ecs
lsecs() {
  local keyword=.
  if [ $# -ne 0 ]; then
    keyword=$1
  fi
  aws ecs list-clusters | jq -r '.clusterArns[]' | cut -d/ -f2 | grep -i $keyword | sort
}
lsecs-task() {
  if [ $# -eq 0 ]; then
    echo "usage: lsecs-task <cluster name>"
    return
  fi
  local cluster=$1
  local tasks=$(aws ecs list-tasks --cluster $cluster --query 'taskArns[]' --output text | tr "\t" " ")
  aws ecs describe-tasks --tasks $tasks --output table \
    --cluster $cluster \
    --query 'tasks[].[group,taskArn, attachments[0].details[?name==`privateIPv4Address`]|[0].value, capacityProviderName, lastStatus]'
}

# eks
lseks() {
  local keyword=.
  if [ $# -ne 0 ]; then
    keyword=$1
  fi
  aws eks list-clusters | jq -r '.clusters[]'| grep -i $keyword | sort
}


SSM


 alias lsssm='aws ssm describe-parameters --query 'Parameters[].[Name]' --output text | sort'


おまけ


上記コマンドを使用して作業している様子です。(動画)

terraformでAWS環境を構築しながら上記コマンドで構築結果を確認しています。