AWS
Amazon Web Services (AWS) is a subsidiary of Amazon that provides on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis. In aggregate, these cloud computing web services provide a set of primitive abstract technical infrastructure and distributed computing building blocks and tools.
Learn path⚑
TBD
AWS snippets⚑
Get the role used by the instance⚑
aws sts get-caller-identity
{
"UserId": "AIDAxxx",
"Account": "xxx",
"Arn": "arn:aws:iam::xxx:user/Tyrone321"
}
You can then take the role name, and query IAM for the role details using both iam list-role-policies
for inline policies and iam-list-attached-role-policies
for attached managed policies (thanks to @Dimitry K for the callout).
$ aws iam list-attached-role-policies --role-name Tyrone321 { "AttachedPolicies": [ { "PolicyName": "SomePolicy", "PolicyArn": "arn:aws:iam::aws:policy/xxx" }, { "PolicyName": "AnotherPolicy", "PolicyArn": "arn:aws:iam::aws:policy/xxx" } ] }
To get the actual IAM permissions, use aws iam get-policy to get the default policy version ID, and then aws iam get-policy-version with the version ID to retrieve the actual policy statements. If the IAM principal is a user, the commands are aws iam list-attached-user-policies and aws iam get-user-policy.
Stop an EC2 instance⚑
aws ec2 stop-instances --instance-ids i-xxxxxxxx