I am using below aws cli command to modify the UI.
aws cognito-idp set-ui-customization --user-pool-id us-west-2_XXXXXXX --client-id ALL --css ".submitButton-customizable{background-color: #0091e1;} " --region us-west-2 --image-file Logo.png
But it is giving me an error that my PNG File is not valid.
I have seen the documentation and found that image-file should have file format Base64-encoded binary data object
I am using Linux Instance (Ubuntu) and running this command from terminal.
How can i correct this?
I had the same problem, try using the fileb://./Logo.png syntax with the --image-file flag, e.g.
aws cognito-idp set-ui-customization --user-pool-id us-west-2_XXXXXXX --client-id ALL --css ".submitButton-customizable{background-color: #0091e1;} " --region us-west-2 --image-file fileb://./Logo.png
Related
I want to use the value of the DOMAIN_ID variable to filter the EFS to get a FileSystemId. I used the commands below. The first command works and it stores the domain ID. The second one returns an empty list, even though the DOMAIN_ID variable is present.
DOMAIN_ID=$(aws sagemaker list-domains --query 'Domains[0].DomainId')
aws efs describe-file-systems --query 'FileSystems[?CreationToken==`$DOMAIN_ID`].FileSystemId'
Output:
[]
Expected output:
<Some EFS identifier>
This works (escaping backticks) -
aws efs describe-file-systems --query "FileSystems[?CreationToken==\`$DOMAIN_ID\`].FileSystemId"
You can also use describe-domain command instead -
$ DOMAIN_ID=$(aws sagemaker list-domains --query 'Domains[0].DomainId' | tr -d '"')
$ aws sagemaker describe-domain --domain-id $DOMAIN_ID --query 'HomeEfsFileSystemId'
I am using the following command to display snaptshots.
aws ec2 describe-snapshots --filters "Name=volume-id,Values=vol-035a45c00af749577" --query 'Snapshots[*].{ID: SnapshotId,StartTime: StartTime,Key:Tags[?Key==`Name`].Value[]}' --output text
The output of the command is as follows:
KEY WebServices
snap-0905735cc7d8543b6 2021-12-07T03:37:21.532000+00:00
KEY WebServices
snap-007ab931e25f43136 2021-12-06T03:41:11.753000+00:00
KEY WebServices
snap-000d71e3b1b1bb929 2021-12-08T03:31:10.383000+00:00
KEY WebServices
I need to set up an exit similar to this.
KEY WebServices
snap-0ba6345e8c19e697b 2021-12-09T03:29:40.251000+00:00
snap-0905735cc7d8543b6 2021-12-07T03:37:21.532000+00:00
snap-007ab931e25f43136 2021-12-06T03:41:11.753000+00:00
snap-000d71e3b1b1bb929 2021-12-08T03:31:10.383000+00:00
I’m not an advanced user of sed, could someone help me do it?
Regards,
I'm trying to create a script to add my IP adress to AWS VPC security groups somthing like
> aws ec2 modify-security-group-rules --group-id GROUPID\
> --security-group-rules SecurityGroupRuleId= RULEID\
SecurityGroupRule={IpProtocol:'tcp',FromPort:433,ToPort:433,CidrIpv4:'MYIP'}
But I keep getting different errors like -
IpProtocol:tcp, type: <class 'str'>, valid types: <class 'dict'>
Can anyone please help figure out the correct syntax for this?
UPDATE:
I tried a new syntax that seems to work better
SecurityGroupRule={{IpProtocol=tcp},{FromPort=433},{ToPort=433},{CidrIpv4='IP'}}
But now I get a different error from AWS -
Invalid value for portRange. Must specify both from and to ports with TCP/UDP.
UPDATE: For reference - Here's the workaround I used- (based on John Rotenstein answer)
Instead of modifying the rule I create a new one each time and save the rule ID so I can delete it next time I run the script
IP=`curl -s http://whatismyip.akamai.com/`
aws ec2 revoke-security-group-ingress \
--group-id GROUP_ID \
--security-group-rule-ids $(cat ruleid_1.txt)
aws ec2 authorize-security-group-ingress --group-id GROUP_ID\
--ip-permissions "IpProtocol"="tcp","FromPort"=433,"ToPort"=443,"IpRanges"="[{CidrIp=$IP/32,Description=Shalev}]"|jq '.SecurityGroupRules[0].SecurityGroupRuleId' -r > ruleid_1.txt
Place value of parameter --security-group-rules inside quotes.
Both of the following seem to work for me (on Amazon Linux 2) -
Using double quotes for complete value, with description in single quotes-
aws ec2 modify-security-group-rules --group-id sg-xxx
--security-group-rules "SecurityGroupRuleId=sgr-xxx,SecurityGroupRule={Description='SSH
Test1',CidrIpv4=x.x.x.x/32,IpProtocol=tcp,FromPort=22,ToPort=22}"
Using single quotes for complete value, with description in double quotes-
aws ec2 modify-security-group-rules --group-id sg-xxx
--security-group-rules 'SecurityGroupRuleId=sgr-xxx,SecurityGroupRule={Description="SSH
Test2",CidrIpv4=x.x.x.x/32,IpProtocol=tcp,FromPort=22,ToPort=22}'
For reference - Here's the workaround I used- (based on John Rotenstein answer) Instead of modifying the rule I create a new one each time and save the rule ID so I can delete it next time I run the script
IP=`curl -s http://whatismyip.akamai.com/`
aws ec2 revoke-security-group-ingress \
--group-id GROUP_ID \
--security-group-rule-ids $(cat ruleid_1.txt)
aws ec2 authorize-security-group-ingress --group-id GROUP_ID\
--ip-permissions "IpProtocol"="tcp","FromPort"=433,"ToPort"=443,"IpRanges"="[{CidrIp=$IP/32,Description=Shalev}]"|jq '.SecurityGroupRules[0].SecurityGroupRuleId' -r > ruleid_1.txt
Here is a way to use the aws CLI to change a rule.
Requires "ec2:ModifySecurityGroupRules" permission.
aws ec2 describe-security-group-rules help
aws ec2 modify-security-group-rules --group-id sg--???????
--security-group-rules SecurityGroupRuleId=sgr---???????,SecurityGroupRule={IpProtocol=tcp,FromPort=22,ToPort=22,CidrIpv4=IP/32,Description="Regra
Alterada"}
Here's a script I use to add my current IP address to a Security Group:
IP=`curl -s http://whatismyip.akamai.com/`
aws ec2 authorize-security-group-ingress --group-name XXX --protocol tcp --port 22 --cidr $IP/32 --output text
It uses Akamai to retrieve my public IP address and then adds it to the desired Security Group.
Note that there is a limit to the number of rules in a Security Group, so eventually you will need to remove unused entries.
Use a variable for SecurityGroupRule.
Like:
IP=`curl -s http://whatismyip.akamai.com/`
security_group_rules={CidrIpv4=$IP/32,IpProtocol=tcp,FromPort=443,ToPort=443}
aws ec2 modify-security-group-rules \
--group-id sg-123 \
--security-group-rules SecurityGroupRuleId=sgr-123,SecurityGroupRule=$security_group_rules
It worked for me perfectly.
PS: This is my first answer here.
I am trying to create table in DynamoDB using CLI.
I am using below command:
aws dynamodb create-table \ --table-name my_table \--attribute-definitions 'AttributeName=Username, AttributeType=S' 'AttributeName=Timestamp, AttributeType=S' \--key-schema 'AttributeName=Username, KeyType=HASH' 'AttributeName=Timestamp, KeyType=RANGE' \--provisioned-throughput 'ReadCapacityUnits=5, WriteCapacityUnits=5' \--stream-specification StreamEnabled=true,StreamViewType=NEW_AND_OLD_IMAGES \--region us-east-1
On running above, I am getting below error:
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
aws: error: the following arguments are required: --attribute-definitions, --key-schema
I am new to AWS, in my command I am declaring the attributes and key-schema, what is the error?
The backlashes on the command you typed are used for telling the cmd, when there is a line break, that the command continues on the next line.
Based on the screenshot and command you typed, you are trying to execute it in a single line.
As a solution you could remove the backslashes from your command or copy the original command (the one from the tutorial) as it is (including line breaks).
Without line breaks:
aws dynamodb create-table --table-name my_table --attribute-definitions 'AttributeName=Username, AttributeType=S' 'AttributeName=Timestamp, AttributeType=S' --key-schema 'AttributeName=Username, KeyType=HASH' 'AttributeName=Timestamp, KeyType=RANGE' --provisioned-throughput 'ReadCapacityUnits=5, WriteCapacityUnits=5' --stream-specification StreamEnabled=true,StreamViewType=NEW_AND_OLD_IMAGES --region us-east-1
With line breaks:
aws dynamodb create-table \
--table-name my_table \
--attribute-definitions AttributeName=Username,AttributeType=S AttributeName=Timestamp,AttributeType=S \
--key-schema AttributeName=Username,KeyType=HASH AttributeName=Timestamp,KeyType=RANGE \
--provisioned-throughput ReadCapacityUnits=5,WriteCapacityUnits=5 \
--stream-specification StreamEnabled=true,StreamViewType=NEW_AND_OLD_IMAGES \
--region us-east-1
I would try using a json file for both the key schema and the attribute definitions. See https://docs.aws.amazon.com/cli/latest/reference/dynamodb/create-table.html for the json syntax and examples. You shouldn’t need any other arguments other than the table to get your table running.
I'm using the AWS CLI and I want to get the ID of security group whose name I know (kingkajou_sg). How can I do it?
When I ask it to list all the security groups, it does so happily:
$ aws ec2 describe-security-groups | wc -l
430
When I grep through this information, I see that the SG in question is listed:
$ aws ec2 describe-security-groups | grep -i kingkajou_sg
"GroupName": "kingkajou_sg",
However, when I try to get the information about only that security group, it won't let me. Why?
$ aws ec2 describe-security-groups --group-names kingkajou_sg
An error occurred (InvalidGroup.NotFound) when calling the
DescribeSecurityGroups operation: The security group 'kingkajou_sg' does not exist in default VPC 'vpc-XXXXXXXX'
Can someone please provide me the one line command that I can use to extract the Security group's ID given its name? You can assume that the command will be run from within an EC2 which is in the same VPC as the Security group.
From the API Documentation:
--group-names (list)
[EC2-Classic and default VPC only] One or more security group names. You can specify either the security group name or the security group ID. For security groups in a nondefault VPC, use the group-name filter to describe security groups by name.
If you are using a non-default VPC, use the Filter
aws ec2 describe-security-groups --filter Name=vpc-id,Values=<my-vpc-id> Name=group-name,Values=kingkajou_sg --query 'SecurityGroups[*].[GroupId]' --output text
If it's in a VPC and you know the name & region and vpc id, you can try it like below:
aws ec2 describe-security-groups --region eu-west-1 --filter Name=vpc-id,Values=vpc-xxxxx Name=group-name,Values=<your sg name> --query 'SecurityGroups[*].[GroupId]' --output text
You just need to add --query 'SecurityGroups[*].[GroupId]' option with aws cli command.
aws ec2 describe-security-groups --group-names kingkajou_sg --query 'SecurityGroups[*].[GroupId]' --output text
To get the IDs of all security groups with a name matching exactly a specified string (default in this example) without specifying a VPC ID, use the following:
aws ec2 describe-security-groups --filter Name=group-name,Values=default --output json | jq -r .SecurityGroups[].GroupId
Note: this works for security groups even if they are not in the default VPC.
Small shell script to list security with search string as a variable. and we can tag the security groups.
https://ideasofpraveen.blogspot.com/2022/09/aws-cli-get-security-group-id-with-name.html.
If you want boto3 script to integrate with lambda for automations .
https://ideasofpraveen.blogspot.com/2022/09/aws-cli-get-security-group-id-with-name_15.html