You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

alias 5.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152
  1. # Original file based on https://github.com/awslabs/awscli-aliases
  2. # LICENSE: MIT No Attribution (MIT-0)
  3. #
  4. #
  5. # Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
  6. #
  7. # Permission is hereby granted, free of charge, to any person obtaining a copy of this
  8. # software and associated documentation files (the "Software"), to deal in the Software
  9. # without restriction, including without limitation the rights to use, copy, modify,
  10. # merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
  11. # permit persons to whom the Software is furnished to do so.
  12. #
  13. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
  14. # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
  15. # PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
  16. # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  17. # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
  18. # SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  19. #
  20. [toplevel]
  21. whoami = sts get-caller-identity
  22. create-assume-role =
  23. !f() {
  24. aws iam create-role --role-name "${1}" \
  25. --assume-role-policy-document \
  26. "{\"Statement\":[{\
  27. \"Action\":\"sts:AssumeRole\",\
  28. \"Effect\":\"Allow\",\
  29. \"Principal\":{\"Service\":\""${2}".amazonaws.com\"},\
  30. \"Sid\":\"\"\
  31. }],\
  32. \"Version\":\"2012-10-17\"\
  33. }";
  34. }; f
  35. running-instances = ec2 describe-instances \
  36. --filter Name=instance-state-name,Values=running \
  37. --output table \
  38. --query 'Reservations[].Instances[].{ID: InstanceId,Hostname: PublicDnsName,Name: Tags[?Key==`Name`].Value | [0],Type: InstanceType, Platform: Platform || `Linux`}'
  39. ebs-volumes= ec2 describe-volumes \
  40. --query 'Volumes[].{VolumeId: VolumeId,State: State,Size: Size,Name: Tags[0].Value,AZ: AvailabilityZone}' \
  41. --output table
  42. amazon-linux-amis = ec2 describe-images \
  43. --filter \
  44. Name=owner-alias,Values=amazon \
  45. Name=name,Values="amzn-ami-hvm-*" \
  46. Name=architecture,Values=x86_64 \
  47. Name=virtualization-type,Values=hvm \
  48. Name=root-device-type,Values=ebs \
  49. Name=block-device-mapping.volume-type,Values=gp2 \
  50. --query "reverse(sort_by(Images, &CreationDate))[*].[ImageId,Name,Description]" \
  51. --output text
  52. list-sgs = ec2 describe-security-groups --query "SecurityGroups[].[GroupId, GroupName]" --output text
  53. sg-rules = !f() { aws ec2 describe-security-groups \
  54. --query "SecurityGroups[].IpPermissions[].[FromPort,ToPort,IpProtocol,join(',',IpRanges[].CidrIp)]" \
  55. --group-id "$1" --output text; }; f
  56. tostring =
  57. !f() {
  58. cat "${1}" | jq 'tostring'
  59. }; f
  60. authorize-my-ip =
  61. !f() {
  62. ip=$(aws myip)
  63. aws ec2 authorize-security-group-ingress --group-id ${1} --cidr $ip/32 --protocol tcp --port 22
  64. }; f
  65. get-group-id =
  66. !f() {
  67. aws ec2 describe-security-groups --filters Name=group-name,Values=${1} --query SecurityGroups[0].GroupId --output text
  68. }; f
  69. authorize-my-ip-by-name =
  70. !f() {
  71. group_id=$(aws get-group-id "${1}")
  72. aws authorize-my-ip "$group_id"
  73. }; f
  74. # list all security group port ranges open to 0.0.0.0/0
  75. public-ports = ec2 describe-security-groups \
  76. --filters Name=ip-permission.cidr,Values=0.0.0.0/0 \
  77. --query 'SecurityGroups[].{
  78. GroupName:GroupName,
  79. GroupId:GroupId,
  80. PortRanges:
  81. IpPermissions[?contains(IpRanges[].CidrIp, `0.0.0.0/0`)].[
  82. join(`:`, [IpProtocol, join(`-`, [to_string(FromPort), to_string(ToPort)])])
  83. ][]
  84. }'
  85. # List or set your region
  86. region = !f() { [[ $# -eq 1 ]] && aws configure set region "$1" || aws configure get region; }; f
  87. find-access-key =
  88. !f() {
  89. clear_to_eol=$(tput el)
  90. for i in $(aws iam list-users --query "Users[].UserName" --output text); do
  91. printf "\r%sSearching...$i" "${clear_to_eol}"
  92. result=$(aws iam list-access-keys --output text --user-name "${i}" --query "AccessKeyMetadata[?AccessKeyId=='${1}'].UserName";)
  93. if [ -n "${result}" ]; then
  94. printf "\r%s%s is owned by %s.\n" "${lear_to_eol}" "$1" "${result}"
  95. break
  96. fi
  97. done
  98. if [ -z "${result}" ]; then
  99. printf "\r%sKey not found." "${clear_to_eol}"
  100. fi
  101. }; f
  102. docker-ecr-login =
  103. !f() {
  104. region=$(aws configure get region)
  105. endpoint=$(aws ecr get-authorization-token --region $region --output text --query authorizationData[].proxyEndpoint)
  106. passwd=$(aws ecr get-authorization-token --region $region --output text --query authorizationData[].authorizationToken | base64 --decode | cut -d: -f2)
  107. docker login -u AWS -p $passwd $endpoint
  108. }; f
  109. myip =
  110. !f() {
  111. dig +short myip.opendns.com @resolver1.opendns.com
  112. }; f
  113. allow-my-ip =
  114. !f() {
  115. my_ip=$(aws myip)
  116. aws ec2 authorize-security-group-ingress --group-name ${1} --protocol ${2} --port ${3} --cidr $my_ip/32
  117. }; f
  118. revoke-my-ip =
  119. !f() {
  120. my_ip=$(aws myip)
  121. aws ec2 revoke-security-group-ingress --group-name ${1} --protocol ${2} --port ${3} --cidr $my_ip/32
  122. }; f
  123. allow-my-ip-all =
  124. !f() {
  125. aws allow-my-ip ${1} all all
  126. }; f
  127. revoke-my-ip-all =
  128. !f() {
  129. aws revoke-my-ip ${1} all all
  130. }; f