AWS CLI Cheat Sheet

AWS CLI Cheat Sheet

Igor Oseledko Igor Oseledko

Igor Oseledko

Published Jul 5, 2018
+ Follow

The installation and configuration process for AWS CLI is fairly simple. The package itself is installed with pip:

yum -y install python-pip
pip install awscli --upgrade --user

Selecting what you need from the output can be accomplished via awscli filters and queries; using the excellent jq JSON processor; or just using awk, sed, and whatever other standard shell tools you like. My preference is to keep awscli queries simple and do most of the formatting in the shell.

The first time you run awscli you will be prompted to provide your API credentials. You would need to supply the AWS Access Key ID, the AWS Secret Access Key, and the default region the can be modified from command line along with other variables.

You can obtain this info by logging into your AWS account, clicking on your username in the upper right-hand corner ➡ My Security Credentials ➡ Users ➡ Select your username ➡ Security Credentials ➡ Create access key.

In the examples below I used a variety of methods for massaging the output. Not because this was the most efficient way of doing things, but just to illustrate the available options.

List running instances

aws ec2 describe-instances \
--filters Name=instance-state-name,Values=running \
--query 'Reservations[].Instances[].[InstanceId]'

List all instances in a table format

aws ec2 describe-instances \
--query 'Reservations[].Instances[].[Placement.AvailabilityZone, State.Name, InstanceId,InstanceType,Platform,Tags.Value,State.Code,Tags.Values]' \
--output table

See if any running instances have scheduled events

for i in $(aws ec2 describe-instances \
--filters Name=instance-state-name,Values=running \
--query 'Reservations[].Instances[].[InstanceId]'); do 
if [ $(aws ec2 describe-instance-status --instance-id ${i} 2>/dev/null | grep -c ^EVENTS) -eq 1 ]; then 
aws ec2 describe-instance-status \
--instance-id ${i} \
--output=json | \
jq -r '.InstanceStatuses[].Events[] | join(",")' | \
awk -v var="${i}," '{print var$0}' | \
(echo "Instance,Description,Code,Start,End" && cat) | \
column -s',' -t; fi; done

List stopped instances and reason why

aws ec2 describe-instances \
--filters Name=instance-state-name,Values=stopped \
--output json | \
jq -r .Reservations[].Instances[].StateReason.Message

List AWS Dashboard users

aws iam list-users --output table

List EBS volumes for a specific instance

i=<InstanceId>; aws ec2 describe-instances \
--filter Name="instance-id",Values="${i}" \
--output json | \
jq -r '.Reservations[].Instances[] | "\(.InstanceId) \(.Tags[].Value) \(.BlockDeviceMappings[].DeviceName) \(.BlockDeviceMappings[].Ebs.VolumeId)"'

List EBS volumes for all instances

for i in $(aws ec2 describe-instances \
--filters Name=instance-state-name,Values=running \
--query 'Reservations[].Instances[].[InstanceId]'); do 
aws ec2 describe-instances \
--filter Name="instance-id",Values="${i}" \
--output json | \
jq -r '.Reservations[].Instances[] | "\(.InstanceId) \(.Tags[].Value) \(.BlockDeviceMappings[].DeviceName) \(.BlockDeviceMappings[].Ebs.VolumeId)"'
done

List snapshots of volumes for a specific instance

NOTE: It would appear that particularly old snapshots are not reported via the CLI, while still visible in the Web UI. I am not sure if this is by design, or if this is just some issue on my end. I briefly consulted the documentation, but did not find any mention of this behavior.

i=<InstanceId>; for j in $(aws ec2 describe-instances \
--filter Name="instance-id",Values="${i}" \
--output text | grep ^EBS | awk '{print $NF}'); do 
aws ec2 describe-snapshots \
--filter "Name=volume-id,Values=${j}" \
--query 'Snapshots[*].SnapshotId' \
--output text
done

Describe snapshots of volumes for a specific instance

i="<InstanceId>"; for j in $(aws ec2 describe-instances \
--filter Name="instance-id",Values="${i}" \
--output text | grep ^EBS | awk '{print $NF}'); do 
aws ec2 describe-snapshots \
--filter "Name=volume-id,Values=${j}" \
--output text
done

Generate snapshot report for all running instances

for i in $(aws ec2 describe-instances \
--filters Name=instance-state-name,Values=running \
--query 'Reservations[].Instances[].[InstanceId]'); do 
aws ec2 describe-instances \
--filter Name="instance-id",Values="${i}" \
--output json | \
jq -r '.Reservations[].Instances[] | "\(.InstanceId) \(.Tags[].Value) \(.BlockDeviceMappings[].DeviceName) \(.BlockDeviceMappings[].Ebs.VolumeId)"'
for j in $(aws ec2 describe-instances \
--filter Name="instance-id",Values="${i}" \
--output text | grep ^EBS | awk '{print $NF}'); do 
aws ec2 describe-snapshots \
--filter "Name=volume-id,Values=${j}" \
--output text; done
echo "------------"; done

Make a screenshot of the instance's terminal and email it

i=<instance_id>; e=<your_email>; d=$(date +'%Y-%m-%d_%H%M%S')
s="Screenshot of ${i} at ${d}"; f="${i}_screenshot_${d}.jpg"
aws ec2 get-console-screenshot \
--wake-up \
--instance-id ${i} | \
base64 --decode 2>/dev/null > ${f}
echo "${s}" | mailx -s "${s}" -a "${f}" ${e}


To view or add a comment, sign in

More articles by Igor Oseledko

  • The Black Box on the Org Chart
    Apr 22, 2026

    The Black Box on the Org Chart

    There’s a particular kind of delusion that takes hold in tech booms. It starts with a true thing, wraps itself around a…

  • Outsmarted by a River, a Rope, and an Anchor
    Apr 8, 2026

    Outsmarted by a River, a Rope, and an Anchor

    Before you entrust serious decisions to AI, consider that the most advanced systems routinely fail at school-level…

  • The Post-Language Future of AI Systems
    Mar 25, 2026

    The Post-Language Future of AI Systems

    There’s a persistent assumption baked into how we talk about AI: that language is fundamental. That intelligence…

  • The AI Bubble Isn’t a Bubble. It’s a Trap.
    Jan 31, 2026

    The AI Bubble Isn’t a Bubble. It’s a Trap.

    Let’s dispense with the fantasy right away. Your $20-a-month ChatGPT subscription isn’t paying for anything remotely…

  • Fuzzy Search with Linux
    Nov 29, 2022

    Fuzzy Search with Linux

    This quick look at several handy utilities will allow you to find, navigate, and edit directories and files easily…

  • Awk & sed Snippets for SysAdmins
    Nov 2, 2021

    Awk & sed Snippets for SysAdmins

    Books have been written on the subject of awk and sed. Here's a small sample of commands I put together over the years…

    2 Comments
  • Automatic File Backups in VIM
    Sep 23, 2021

    Automatic File Backups in VIM

    Having to undo foolish changes to config files is an unfortunate side effect of having too many servers and not enough…

  • Generating Honeypot Data Structure
    Sep 18, 2021

    Generating Honeypot Data Structure

    I’ve been fiddling with my inotifywatch scripts to make a better “early-warning” system for ransomware detection and…

  • NFS I/O Stats with Logging
    Sep 2, 2021

    NFS I/O Stats with Logging

    The nfsiostat is an excellent tool for analyzing NFS performance. The only major problem with this utility is that it’s…

    1 Comment
  • Convert Color Text to Images in Bash
    Jul 13, 2021

    Convert Color Text to Images in Bash

    I felt the rest of my posts might've been a bit tedious for LinkedIn, so here's something more fun. But this is also…

See all articles

Others also viewed

Similar topics

Explore content categories