Uly.me – cloud engineer

March 6, 2021

AWS Backup Setup

This script creates an AWS backup vault, adds a backup plan and a backup selection.

Set up profile, region and Account ID first.

#!/bin/bash
profile="default"
region="us-east-1"
id=$(aws sts get-caller-identity --query Account --output text)

Create a vault.

aws backup create-backup-vault \
--backup-vault-name my-vault \
--profile $profile \
--region $region

Create a backup plan.

aws backup create-backup-plan \
--backup-plan file://back-plan.json \ 
--profile $profile \
--region $region

backup-plan.json

{
    "BackupPlan": {
        "BackupPlanName": "efs-0000",
        "Rules": [
            {
                "RuleName": "efs-0000",
                "TargetBackupVaultName": "my-vault",
                "ScheduleExpression": "cron(0 0 ? * * *)",
                "StartWindowMinutes": 60,
                "CompletionWindowMinutes": 10080,
                "Lifecycle": {
                    "DeleteAfterDays": 7
                }
            }
        ]
    }
}

Get the backup plan ID.

planid=$(aws backup list-backup-plans \
  --query "BackupPlansList[?BackupPlanName=='efs-0000'].BackupPlanId" \
  --profile $profile \
  --region $region \
  --output text)

Create a backup selection.

# Create a backup selection
aws backup create-backup-selection \
--backup-plan-id $planid \
--cli-input-json file://backup-selection.json \
--profile $profile \
--region $region

backup-selection.json

{
    "BackupSelection": {
		"SelectionName": "efs-0000",
        "IamRoleArn": "arn:aws:iam::xxxxxxxxxxxx:role/service-role/AWSBackupDefaultServiceRole",
        "Resources": [],
        "ListOfTags": [
            {
                "ConditionType": "STRINGEQUALS",
                "ConditionKey": "aws-backup",
                "ConditionValue": "efs-0000"
            }
        ]
    }
}

The enable EFS backup, add a tag key of aws-backup with a value of efs-0000.

March 6, 2021

AWS Get Account ID

Here’s a quick way to find the AWS Account ID via AWS CLI.

aws sts get-caller-identity --query Account --output text

Output is a 12 digit number (redacted)

xxxxxxxxxxxx

AWS Account ID is a 12 digit number unique to each AWS account. Occasionally, there are scripts and policies that need the ID of the account. The command above is one way of querying the account ID so they can be used for policies that need them.

March 5, 2021

AWS Backup Vaults

Here’s how to list AWS Backup vaults and plans. You can filter the output by specifying a vault.

aws backup list-backup-vaults --query "BackupVaultList[?BackupVaultName=='my-vault']" --output json

Output: (outputs are redacted for security reasons)

[
    {
        "BackupVaultName": "my-vault",
        "BackupVaultArn": "arn:aws:backup:us-east-1:xxxxxxxxxxxx:backup-vault:my-vault",
        "CreationDate": "2019-02-10T11:38:42.556000-05:00",
        "EncryptionKeyArn": "arn:aws:kms:us-east-1:xxxxxxxxxxxx:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
        "CreatorRequestId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
        "NumberOfRecoveryPoints": 3
    }
]

Display the BackupPlanId of a specific backup plan.

aws backup list-backup-plans --query "BackupPlansList[?BackupPlanName=='my-backup-plan'].BackupPlanId"

Output: (outputs are redacted for security reasons)

[
    "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
]

March 3, 2021

Count String Characters

Here’s a simple little script that displays the number of characters in a string.

#!/bin/bash
if [[ $# -eq 0 ]] ; then echo 'Missing arguments'; exit 0; fi
var=$1
size=${#var}
echo $size

Command:

./length.sh abcdefghijklmnopqrstuvwxyz

Output:

March 2, 2021

GCP Add New Route

Here’s how to add a new route in Google Cloud Platform.

gcloud compute routes create name-of-new-route \
  --destination-range=200.20.0.0/15 \
  --next-hop-gateway=default-internet-gateway \
  --project=host-project \
  --network="default" \
  --priority=900