• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Archives

tags

AWS Create Volume From Snapshot with Tags

January 19, 2023

Here’s another script that creates a volume from a snapshot, but also add the tags.

#!/bin/bash
read -p "server     : " server
read -p "volumeId   : " volume
read -p "snapshotId : " snapshot
read -p "region     : " region
read -p "zone       : " zone
read -p "profile    : " profile
# get tags
tags1=$(aws ec2 describe-volumes --volume-ids $volume --query 'Volumes[].Tags[]' --region $region --profile $profile)
# remove quotes
tags2=$(echo "$tags1" | tr -d '"')
# remove spaces
tags3=$(echo $tags2 | sed 's/ //g')
# replace : with =
tags4=$(echo $tags3 | sed 's/:/=/g')
# if empty value replace with quotes
tags5=$(echo $tags4 | sed 's/Value=}/Value=""}/g')
# create volume
aws ec2 create-volume \
--availability-zone $zone \
--encrypted \
--iops 3000 \
--volume-type gp3 \
--snapshot-id $snapshot \
--tag-specifications 'ResourceType=volume,Tags='$tags5'' \
--region $region \
--profile $profile

#!/bin/bash read -p "server : " server read -p "volumeId : " volume read -p "snapshotId : " snapshot read -p "region : " region read -p "zone : " zone read -p "profile : " profile # get tags tags1=$(aws ec2 describe-volumes --volume-ids $volume --query 'Volumes[].Tags[]' --region $region --profile $profile) # remove quotes tags2=$(echo "$tags1" | tr -d '"') # remove spaces tags3=$(echo $tags2 | sed 's/ //g') # replace : with = tags4=$(echo $tags3 | sed 's/:/=/g') # if empty value replace with quotes tags5=$(echo $tags4 | sed 's/Value=}/Value=""}/g') # create volume aws ec2 create-volume \ --availability-zone $zone \ --encrypted \ --iops 3000 \ --volume-type gp3 \ --snapshot-id $snapshot \ --tag-specifications 'ResourceType=volume,Tags='$tags5'' \ --region $region \ --profile $profile

Filed Under: Cloud, Linux Tagged With: aws, create, snapshot, tags, volume

AWS Spot Instances Running Docker

February 14, 2021

I have an AMI with docker installed. Here’s how I launch a spot instance using Terraform.

Here’s my Terraform script.

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
    }
  }
}
provider "aws" {
  profile = "default"
  region  = "us-east-1"
}
resource "aws_spot_instance_request" "docker" {
  ami                           = "ami-xxxxxxxxxxxxxxxx"
  spot_price                    = "0.0031"
  wait_for_fulfillment          = "true"
  key_name                      = "servers"
  instance_type                 = "t3.micro"
  subnet_id                     = "subnet-xxxxxxxxxxxxxxxx"
  security_groups               = ["sg-xxxxxxxxxxxxxxxxxx"]
  associate_public_ip_address   = "true"
  user_data = <<-EOF
              #!/bin/bash
              hostnamectl set-hostname docker
              EOF
  tags = {
        Name = "docker-0.1"
  }
}
resource "aws_ec2_tag" "tagging" {
  resource_id                   = aws_spot_instance_request.docker.spot_instance_id
  key                           = "Name"
  value                         = "docker-0.1"
}

terraform { required_providers { aws = { source = "hashicorp/aws" } } } provider "aws" { profile = "default" region = "us-east-1" } resource "aws_spot_instance_request" "docker" { ami = "ami-xxxxxxxxxxxxxxxx" spot_price = "0.0031" wait_for_fulfillment = "true" key_name = "servers" instance_type = "t3.micro" subnet_id = "subnet-xxxxxxxxxxxxxxxx" security_groups = ["sg-xxxxxxxxxxxxxxxxxx"] associate_public_ip_address = "true" user_data = <<-EOF #!/bin/bash hostnamectl set-hostname docker EOF tags = { Name = "docker-0.1" } } resource "aws_ec2_tag" "tagging" { resource_id = aws_spot_instance_request.docker.spot_instance_id key = "Name" value = "docker-0.1" }

I use “aws_ec2_tag” resource to tag the instance properly.

In addition, I use user_data to run a script, to set the hostname.

To launch via Terraform, I run the following commands.

terraform init
terraform apply

terraform init terraform apply

When done, I could stop the instance to stop incurring charges. Or just simply destroy it via Terraform.

terraform destroy

terraform destroy

It’s not bad deal for an instance that costs only $0.0031 per hour.

Filed Under: Cloud Tagged With: aws, docker, instances, spot, tags, terraform

EFS Tags Auto Assign Backup Tags

January 17, 2021

Here’s a script that scans all EFS systems in several AWS accounts and regions and randomly assigns backup tags to EFS systems that are missing backup tags. This is assuming EFS is using AWS Backup service using tags to apply backup policies. If there are no backup tags, an EFS gets assigned a randomly picked backup policy.

#!/bin/bash
# log file
output="test.log"
tmpfil="temp.txt"
# empty file
> $output
# set random array
arr[0]="efs-0000"
arr[1]="efs-0400"
arr[2]="efs-0800"
arr[3]="efs-1200"
arr[4]="efs-1600"
arr[5]="efs-2000"
rand=$[ $RANDOM %6 ]
backup=${arr[$rand]}
# set accounts and regions
declare -a account=("default" "one" "two" "three" "four" "five")
declare -a region=("us-east-1" "us-east-2" "us-west-1" "us-west-2")
for i in "${account[@]}"; do
  echo "===================" >> $output
  echo $i >> $output
  echo "===================" >> $output
  for j in "${region[@]}"; do
    echo $j >> $output
        aws efs describe-file-systems \
        --query "FileSystems[*].[FileSystemId,Tags[?Key=='aws-backup']|[0].Value]" \
        --profile $i \
        --region $j \
        --output text > $tmpfil
        while read -r id tag; do
      if [[ $tag == "" ]]; then
        aws efs tag-resource \
        --resource-id $id \
        --tags Key="aws-backup",Value=${arr[$rand]} \
        --profile $i \
        --region $j >> $output
        echo "Added backup tag $backup to $id" >> $output
      elif [[ $tag == "no-backup" ]]; then
        echo "Backup tag is already set to no-backup on $id." >> $output
      else
        echo "No backup tag changes applied to $id." >> $output
      fi
    done < $tmpfil
  done
done
rm $tmpfil

#!/bin/bash # log file output="test.log" tmpfil="temp.txt" # empty file > $output # set random array arr[0]="efs-0000" arr[1]="efs-0400" arr[2]="efs-0800" arr[3]="efs-1200" arr[4]="efs-1600" arr[5]="efs-2000" rand=$[ $RANDOM %6 ] backup=${arr[$rand]} # set accounts and regions declare -a account=("default" "one" "two" "three" "four" "five") declare -a region=("us-east-1" "us-east-2" "us-west-1" "us-west-2") for i in "${account[@]}"; do echo "===================" >> $output echo $i >> $output echo "===================" >> $output for j in "${region[@]}"; do echo $j >> $output aws efs describe-file-systems \ --query "FileSystems[*].[FileSystemId,Tags[?Key=='aws-backup']|[0].Value]" \ --profile $i \ --region $j \ --output text > $tmpfil while read -r id tag; do if [[ $tag == "" ]]; then aws efs tag-resource \ --resource-id $id \ --tags Key="aws-backup",Value=${arr[$rand]} \ --profile $i \ --region $j >> $output echo "Added backup tag $backup to $id" >> $output elif [[ $tag == "no-backup" ]]; then echo "Backup tag is already set to no-backup on $id." >> $output else echo "No backup tag changes applied to $id." >> $output fi done < $tmpfil done done rm $tmpfil

Filed Under: Cloud Tagged With: auto, aws, backup, efs, set, tags

AWS EFS Tags

January 4, 2021

This script add new tags if they are missing.

#!/bin/bash
log="log.txt"
id=$(aws efs describe-file-systems --query "FileSystems[*].[FileSystemId]" --output text --region us-east-1)
tag=$(aws efs describe-file-systems --query "FileSystems[*].Tags[?Key=='aws-backup'].Value" --output text --region us-east-1 )
 
arr[0]="efs-0000"
arr[1]="efs-0400"
arr[2]="efs-0800"
arr[3]="efs-1200"
arr[4]="efs-1600"
arr[5]="efs-2000"
 
rand=$[ $RANDOM %6 ]
backup=${arr[$rand]}
 
if [[ $tag == "" ]]; then
  aws efs tag-resource --resource-id $id --tags Key="aws-backup",Value=${arr[$rand]} --profile default --region us-east-1
  echo "Added backup tag $backup to $id" 
elif [[ $tag == "no-backup" ]]; then
  echo "No backup on $id."
else
  echo "No changes done to $id."
fi

#!/bin/bash log="log.txt" id=$(aws efs describe-file-systems --query "FileSystems[*].[FileSystemId]" --output text --region us-east-1) tag=$(aws efs describe-file-systems --query "FileSystems[*].Tags[?Key=='aws-backup'].Value" --output text --region us-east-1 ) arr[0]="efs-0000" arr[1]="efs-0400" arr[2]="efs-0800" arr[3]="efs-1200" arr[4]="efs-1600" arr[5]="efs-2000" rand=$[ $RANDOM %6 ] backup=${arr[$rand]} if [[ $tag == "" ]]; then aws efs tag-resource --resource-id $id --tags Key="aws-backup",Value=${arr[$rand]} --profile default --region us-east-1 echo "Added backup tag $backup to $id" elif [[ $tag == "no-backup" ]]; then echo "No backup on $id." else echo "No changes done to $id." fi

Filed Under: Cloud Tagged With: add, aws, efs, tags

AWS CLI Display Tags

January 2, 2021

This command lists the EC2 instance id and the tag name using query.

aws ec2 describe-instances \
--query 'Reservations[].Instances[].[InstanceId,Tags[?Key==Name]|[0].Value]' \
--profile tfc \
--region us-east-2 \
--output text

aws ec2 describe-instances \ --query 'Reservations[].Instances[].[InstanceId,Tags[?Key==Name]|[0].Value]' \ --profile tfc \ --region us-east-2 \ --output text

Output:

i-xxxxxxxxxxxxxxxxx     server-one
i-xxxxxxxxxxxxxxxxx     server-two
i-xxxxxxxxxxxxxxxxx     server-three

i-xxxxxxxxxxxxxxxxx server-one i-xxxxxxxxxxxxxxxxx server-two i-xxxxxxxxxxxxxxxxx server-three

|[0].Value insures output is one instance record per line.

Filed Under: Cloud Tagged With: aws, describe-instances, ec2, instance-id, query, tags

GCP Create Firewall with Tags

May 28, 2020

Here’s another way to create a firewall in GCP using network tag as targets.

gcloud compute firewall-rules create "firewall-name" \
    --description="egress rule to allow port 8000 to destination" \
    --priority "1000" \
    --direction EGRESS \
    --action allow \
    --network "your-network" \
    --target-tags="your-network-tag" \
    --destination-ranges="10.0.0.1/32" \
    --rules tcp:8000

gcloud compute firewall-rules create "firewall-name" \ --description="egress rule to allow port 8000 to destination" \ --priority "1000" \ --direction EGRESS \ --action allow \ --network "your-network" \ --target-tags="your-network-tag" \ --destination-ranges="10.0.0.1/32" \ --rules tcp:8000

Filed Under: Cloud Tagged With: destination, egress, firewall, gcp, tags, target

AWS EC2 Describe Snapshots

May 7, 2020

Here’s how to describe snapshots using query with tags.

aws ec2 describe-snapshots \
--owner-ids xxxxxxxxxxx \
--profile default \
--region us-east-2 \
--output text \
--query "Snapshots[*].[SnapshotId,Tags[?Key=='Name'].Value[] | [0]]"

aws ec2 describe-snapshots \ --owner-ids xxxxxxxxxxx \ --profile default \ --region us-east-2 \ --output text \ --query "Snapshots[*].[SnapshotId,Tags[?Key=='Name'].Value[] | [0]]"

Result.

snap-xxxxxxxxxxxxxxxxx	Server1
snap-xxxxxxxxxxxxxxxxx	Server2

snap-xxxxxxxxxxxxxxxxx Server1 snap-xxxxxxxxxxxxxxxxx Server2

Filed Under: Cloud Tagged With: aws, describe, ec2, output, snapshots, tags, text

AWS IAM Tag User

January 15, 2020

Here’s how to add tags to an existing user.

aws iam tag-user \
--user-name ulysses \
--tags "Key"="dept","Value"="it" "Key"="role","Value"="admin"

aws iam tag-user \ --user-name ulysses \ --tags "Key"="dept","Value"="it" "Key"="role","Value"="admin"

Tags with identical keys are overwritten. New keys are added.

Filed Under: Cloud Tagged With: add, aws, cli, iam, tag-user, tags

  • Go to page 1
  • Go to page 2
  • Go to Next Page »
  • Home
  • About
  • Archives

Copyright © 2023