{"id":13449179,"url":"https://github.com/eon01/AWS-CheatSheet","last_synced_at":"2025-03-22T22:32:18.184Z","repository":{"id":74328438,"uuid":"91732069","full_name":"eon01/AWS-CheatSheet","owner":"eon01","description":"☁️ The AWS Cheat Sheet ☁️","archived":false,"fork":false,"pushed_at":"2023-12-24T08:54:04.000Z","size":176,"stargazers_count":196,"open_issues_count":0,"forks_count":90,"subscribers_count":9,"default_branch":"master","last_synced_at":"2024-08-01T06:21:19.449Z","etag":null,"topics":["aws","aws-apigateway","aws-cli","aws-ec2","aws-lambda","aws-s3","aws-sdk","cheat","cheat-sheets","cheats","cheatsheet","cheatsheets","cloud","cloud-computing","cloud-management"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eon01.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-05-18T19:51:26.000Z","updated_at":"2024-05-11T19:36:39.000Z","dependencies_parsed_at":"2023-12-24T09:32:04.376Z","dependency_job_id":"bd384da4-a79b-4aa3-aca2-c990c839ee2e","html_url":"https://github.com/eon01/AWS-CheatSheet","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eon01%2FAWS-CheatSheet","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eon01%2FAWS-CheatSheet/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eon01%2FAWS-CheatSheet/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eon01%2FAWS-CheatSheet/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eon01","download_url":"https://codeload.github.com/eon01/AWS-CheatSheet/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":221840609,"owners_count":16889827,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-apigateway","aws-cli","aws-ec2","aws-lambda","aws-s3","aws-sdk","cheat","cheat-sheets","cheats","cheatsheet","cheatsheets","cloud","cloud-computing","cloud-management"],"created_at":"2024-07-31T06:00:32.882Z","updated_at":"2025-10-14T12:03:31.849Z","avatar_url":"https://github.com/eon01.png","language":null,"readme":"# AWS CLI Cheat Sheet\n\n   * [Volumes](#volumes)\n      * [Describing volumes](#describing-volumes)\n      * [Describing volumes using a different aws user profile](#describing-volumes-using-a-different-aws-user-profile)\n      * [Listing Available Volumes IDs](#listing-available-volumes-ids)\n      * [Deleting a Volume](#deleting-a-volume)\n      * [Deleting Unused Volumes.. Think Before You Type :-)](#deleting-unused-volumes-think-before-you-type--)\n      * [Creating a Snapshot](#creating-a-snapshot)\n      * [Creating an Image (AMI)](#creating-an-image-ami)\n      * [Creating AMI Without Rebooting the Machine](#creating-ami-without-rebooting-the-machine)\n   * [AMIs](#amis)\n      * [Listing AMI(s)](#listing-amis)\n      * [Describing AMI(s)](#describing-amis)\n      * [Listing Amazon AMIs](#listing-amazon-amis)\n      * [Using Filters](#using-filters)\n   * [Lambda](#lambda)\n      * [List Functions](#list-functions)\n      * [Describe a Function](#describe-a-function)\n      * [Invoke a Function](#invoke-a-function)\n      * [Update a Function Code](#update-a-function-code)\n      * [Publish a Version](#publish-a-version)\n      * [List Layers](#list-layers)\n      * [List Aliases of a Function](#list-aliases-of-a-function)\n      * [Describe an Alias](#describe-an-alias)\n      * [Create an Alias](#create-an-alias)\n      * [Delete an Alias](#delete-an-alias)\n      * [List Function Tags](#list-function-tags)\n      * [Delete a Function](#delete-a-function)\n      * [Using AWS Lambda with Scheduled Events](#using-aws-lambda-with-scheduled-events)\n   * [IAM](#iam)\n      * [List Users](#list-users)\n      * [List Policies](#list-policies)\n      * [List Groups](#list-groups)\n      * [Get Users in a  Group](#get-users-in-a--group)\n      * [Describing a Policy](#describing-a-policy)\n      * [List Access Keys](#list-access-keys)\n      * [List Keys](#list-keys)\n      * [List the Access Key IDs for an IAM User](#list-the-access-key-ids-for-an-iam-user)\n      * [List the SSH Public Keys for a User](#list-the-ssh-public-keys-for-a-user)\n   * [S3 API](#s3-api)\n      * [Listing Buckets](#listing-buckets)\n      * [Listing Only Bucket Names](#listing-only-bucket-names)\n      * [Getting a Bucket Region](#getting-a-bucket-region)\n      * [Listing the Content of a Bucket](#listing-the-content-of-a-bucket)\n      * [Syncing a Local Folder with a Bucket](#syncing-a-local-folder-with-a-bucket)\n      * [Copying Files](#copying-files)\n      * [Copying Folders](#copying-folders)\n      * [Removing a File from a Bucket](#removing-a-file-from-a-bucket)\n      * [Deleting a Bucket](#deleting-a-bucket)\n      * [Emptying a Bucket](#emptying-a-bucket)\n   * [VPC](#vpc)\n      * [Creating A VPC](#creating-a-vpc)\n      * [Allowing DNS hostnames](#allowing-dns-hostnames)\n   * [Subnets](#subnets)\n      * [Creating A Subnet](#creating-a-subnet)\n      * [Auto Assigning Public IPs To Instances In A Public Subnet](#auto-assigning-public-ips-to-instances-in-a-public-subnet)\n   * [Internet Gateway](#internet-gateway)\n      * [Creating An IGW](#creating-an-igw)\n      * [Attaching An IGW to A VPC](#attaching-an-igw-to-a-vpc)\n   * [NAT](#nat)\n      * [Setting Up A NAT Gateway](#setting-up-a-nat-gateway)\n   * [Route Tables](#route-tables)\n      * [Creating A Public Route Table](#creating-a-public-route-table)\n      * [Creating A Private Route Tables](#creating-a-private-route-tables)\n   * [CloudFront](#cloudfront)\n      * [Listing Distributions](#listing-distributions)\n      * [Invalidating Files From a Distribution](#invalidating-files-from-a-distribution)\n      * [Sync a Local Folder with a CLoudFront Distribution](#sync-a-local-folder-with-a-cloudfront-distribution)\n      * [Sync and Invalidate at the Same Time:](#sync-and-invalidate-at-the-same-time)\n   * [RDS](#rds)\n      * [List Databases](#list-databases)\n      * [List Public Databases](#list-public-databases)\n      * [List Non Protected Databases (DeletionProtection)](#list-non-protected-databases-deletionprotection)\n      * [Describe the Automated Backups for a DB Instance](#describe-the-automated-backups-for-a-db-instance)\n      * [Create a DB Cluster](#create-a-db-cluster)\n      * [Create a DB Instance](#create-a-db-instance)\n      * [Create a DB Security Group](#create-a-db-security-group)\n      * [Create a Read Replica](#create-a-read-replica)\n      * [Create a Custom DB Cluster Endpoint](#create-a-custom-db-cluster-endpoint)\n      * [Apply Tag to a DB](#apply-tag-to-a-db)\n      * [Create a Cluster Snapshot](#create-a-cluster-snapshot)\n      * [Create a CloudWatch Alarm for a DB Instance](#create-a-cloudwatch-alarm-for-a-db-instance)\n   * [Connect Deeper](#connect-deeper)\n\n\n\n# Volumes\n\n\n\n## Describing volumes\n\n```\naws ec2 describe-volumes\n```\n\nDescribing filtered volumes:\n\n```\naws ec2 describe-volumes --filters  Name=status,Values=creating | available | in-use | deleting | deleted | error\n```\n\n\ne.g, describing all deleted volumes:\n\n```\naws ec2 describe-volumes --filters  Name=status,Values=deleted\n```\n\nFilters can be applied to the attachment status:\n\n```\naws ec2 describe-volumes --filters  Name=attachment.status,Values=attaching | attached | detaching | detached\n```\n\ne.g: describing all volumes with the status \"attaching\":\n\n\n```\naws ec2 describe-volumes --filters  Name=attachment.status,Values=attaching\n```\n\n\nThis is the generic form. Use --profile ```\u003cyour_profile_name\u003e ```, if you have multiple AWS profiles or accounts.\n\n\n```\naws ec2 describe-volumes --filters Name:'tag:Name',Values: ['some_values'] --profile \u003cyour_profile_name\u003e\n```\n\n\n\n## Describing volumes using a different aws user profile\n\n```\naws ec2 describe-volumes --filters  Name=status,Values=in-use  --profile \u003cyour_profile_name\u003e\n```\n\n\n\n## Listing Available Volumes IDs\n\n\n```\naws ec2 describe-volumes --filters  Name=status,Values=available |grep VolumeId|awk '{print $2}' | tr '\\n|,|\"' ' '\n```\n\nWith \"profile\":\n\n```\naws ec2 describe-volumes --filters  Name=status,Values=available  --profile \u003cyour_profile_name\u003e|grep VolumeId|awk '{print $2}' | tr '\\n|,|\"' ' '\n```\n\n\n\n## Deleting a Volume\n\n```\naws ec2 delete-volume --region \u003cregion\u003e --volume-id \u003cvolume_id\u003e\n```\n\n\n\n## Deleting Unused Volumes.. Think Before You Type :-)\n\n\n```\nfor x in $(aws ec2 describe-volumes --filters  Name=status,Values=available  --profile \u003cyour_profile_name\u003e|grep VolumeId|awk '{print $2}' | tr ',|\"' ' '); do aws ec2 delete-volume --region \u003cregion\u003e --volume-id $x; done\n```\n\nWith \"profile\":\n\n```\nfor x in $(aws ec2 describe-volumes --filters  Name=status,Values=available  --profile \u003cyour_profile_name\u003e|grep VolumeId|awk '{print $2}' | tr ',|\"' ' '); do aws ec2 delete-volume --region \u003cregion\u003e --volume-id $x --profile \u003cyour_profile_name\u003e; done\n```\n\n\n\n## Creating a Snapshot\n\n```\naws ec2 create-snapshot --volume-id \u003cvol-id\u003e\n```\n\n```\naws ec2 create-snapshot --volume-id \u003cvol-id\u003e --description \"snapshot-$(date +'%Y-%m-%d_%H-%M-%S')\"\n```\n\n\n\n## Creating an Image (AMI)\n\n```\naws ec2 create-image --instance-id \u003cinstance_id\u003e --name \"image-$(date +'%Y-%m-%d_%H-%M-%S')\" --description \"image-$(date +'%Y-%m-%d_%H-%M-%S')\"\n```\n\n\n\n## Creating AMI Without Rebooting the Machine\n\n```\naws ec2 create-image --instance-id \u003cinstance_id\u003e --name \"image-$(date +'%Y-%m-%d_%H-%M-%S')\" --description \"image-$(date +'%Y-%m-%d_%H-%M-%S')\" --no-reboot\n```\n\nYou are free to change the AMI name ``` image-$(date +'%Y-%m-%d_%H-%M-%S') ``` to a name of your choice.\n\n\n# AMIs\n\n\n\n## Listing AMI(s)\n\n```\naws ec2 describe-images\n```\n\n\n\n## Describing AMI(s)\n\n```\naws ec2 describe-images --image-ids \u003cimage_id\u003e --profile \u003cprofile\u003e --region \u003cregion\u003e\n```\n\ne.g: \n\n```\naws ec2 describe-images --image-ids ami-e24dfa9f --profile terraform --region eu-west-3\n```\n\n\n\n## Listing Amazon AMIs\n\n```\naws ec2 describe-images --owners amazon \n```\n\n\n\n## Using Filters\n\ne.g: Describing Windows AMIs that are backed by Amazon EBS.\n\n```\naws ec2 describe-images --filters \"Name=platform,Values=windows\" \"Name=root-device-type,Values=ebs\"\n```\n\ne.g: Describing Ubuntu AMIs \n\n```\naws ec2 describe-images --filters \"Name=name,Values=ubuntu*\"\n```\n\n# Lambda\n\n\n\n## List Functions\n\n```\naws lambda list-functions\n```\n\n\n\n## Describe a Function\n\n```\naws lambda get-function --function-name  my-function\n```\n\n\n\n## Invoke a Function\n\n```\naws lambda invoke --function-name my-function --payload '{ \"name\": \"Bob\" }' response.json\n```\n\n\n\n## Update a Function Code\n\n````\naws lambda update-function-code --function-name  my-function --zip-file fileb://my-function.zip\n````\n\n\n\n## Publish a Version\n\n```\naws lambda publish-version --function-name my-function\n```\n\n\n\n## List Layers\n\nLet's take this example in which we want to list information of layers that are compatible with Python 3.7 runtime. \n\n```\naws lambda list-layers --compatible-runtime python3.7\n```\n\nPossible layers runtime:\n\n```\nnodejs\nnodejs4.3\nnodejs6.10\nnodejs8.10\nnodejs10.x\nnodejs12.x\njava8\njava8.al2\njava11\npython2.7\npython3.6\npython3.7\npython3.8\ndotnetcore1.0\ndotnetcore2.0\ndotnetcore2.1\ndotnetcore3.1\nnodejs4.3-edge\ngo1.x\nruby2.5\nruby2.7\nprovided\nprovided.al2\n```\n\n\n\n## List Aliases of a Function\n\n```\naws lambda list-aliases --function-name my-function\n```\n\n\n\n## Describe an Alias\n\n```\naws lambda get-alias --function-name my-function --name LIVE\n```\n\n\n\n## Create an Alias\n\n```\naws lambda create-alias --function-name my-function --description \"alias description goes here\" --function-version 1 --name LIVE\n```\n\n\n\n## Delete an Alias\n\n```\naws lambda delete-alias --function-name my-function --name LIVE\n```\n\n\n\n## List Function Tags\n\n```\naws lambda list-tags --resource arn:aws:lambda:eu-west-1:xxxxxxxxxxx:function:my-function\n```\n\n\n\n## Delete a Function\n\n````\naws lambda delete-function --function-name my-function\n````\n\n\n\n## Using AWS Lambda with Scheduled Events\n\n```\nsid=Sid$(date +%Y%m%d%H%M%S); aws lambda add-permission --statement-id $sid --action 'lambda:InvokeFunction' --principal events.amazonaws.com --source-arn arn:aws:events:\u003cregion\u003e:\u003carn\u003e:rule/AWSLambdaBasicExecutionRole --function-name function:\u003cawsents\u003e --region \u003cregion\u003e\n```\n\n## \n\n# IAM\n\n\n\n## List Users\n\n```\naws iam list-users\n```\n\n\n\n## List Policies\n\n```\naws iam list-policies\n```\n\n\n\n## List Groups\n\n```\naws iam list-groups\n```\n\n\n\n## Get Users in a  Group\n\n```\naws iam get-group --group-name \u003cgroup_name\u003e\n```\n\n\n\n## Describing a Policy\n\n```\naws iam get-policy --policy-arn arn:aws:iam::aws:policy/\u003cpolicy_name\u003e\n```\n\n\n\n## List Access Keys\n\n```\naws iam list-access-keys\n```\n\n\n\n## List Keys\n\n```\naws iam list-access-keys\n```\n\n\n\n## List the Access Key IDs for an IAM User\n\n```\naws iam list-access-keys --user-name \u003cuser_name\u003e\n```\n\n\n\n## List the SSH Public Keys for a User\n\n```\naws iam list-ssh-public-keys --user-name \u003cuser_name\u003e\n```\n\n\n# S3 API\n\n\n\n## Listing Buckets\n\n```\naws s3api list-buckets\n```\n\nOr\n\n```\naws s3 ls\n```\n\n\ne.g\n\n```\naws s3 ls --profile eon01\n```\n\n\n\n## Listing Only Bucket Names\n\n```\naws s3api list-buckets --query 'Buckets[].Name'\n```\n\n\n\n## Getting a Bucket Region\n\n```\naws s3api get-bucket-location --bucket \u003cbucket_name\u003e\n```\n\ne.g\n\n```\naws s3api get-bucket-location --bucket practicalaws.com\n```\n\n\n\n## Listing the Content of a Bucket\n\n```\naws s3 ls s3://\u003cbucket_name\u003e --region \u003cregion\u003e\n```\n\ne.g\n\n```\naws s3 ls s3://practicalaws.com\n\naws s3 ls s3://practicalaws.com --region eu-west-1\n \naws s3 ls s3://practicalaws.com --region eu-west-1 --profile eon01\n```\n\n\n\n## Syncing a Local Folder with a Bucket\n\n```\naws s3 sync \u003clocal_path\u003e s3://\u003cbucket_name\u003e \n```\n\ne.g\n\n```\naws s3 sync . s3://practicalaws.com --region eu-west-1\n```\n\n\n\n## Copying Files\n\n```\naws s3 cp \u003cfile_name\u003e s3://\u003cbucket_name\u003e\n```\n\nOr:\n\n```\naws s3 cp \u003cfile_name\u003e s3://\u003cbucket_name\u003e/\u003cfolder_name\u003e/\n```\n\nTo copy all files from a filder, look at \"Copying Folders\". Or use the following example, where I copy the content of the folder \"images (contains images) in the remote folder \"images\".\n\n```\ncd images\naws s3 cp . s3://saltstackfordevops.com/images --recursive --region us-east-2\n```\n\n\n\n## Copying Folders\n\n```\naws s3 cp \u003cfolder_name\u003e/ s3://\u003cbucket_name\u003e/ --recursive\n```\n\nTo exclude files:\n\n```\naws s3 cp \u003cfolder_name\u003e/ s3://\u003cbucket_name\u003e/ --recursive --exclude \"\u003cfile_name_or_a_wildcard\u003e\" \n```\n\ne.g: To only include a certain type of files (PNG) and exclude others (JPG)\n\n```\naws s3 cp practicalaws.com/ s3://practicalaws-backup/  --recursive --exclude \"*.jpg\"  --include \"*.png\"\n```\n\ne.g: To exclude a folder\n\n```\naws s3 cp practicalaws.com/ s3://practicalaws-backup/ --recursive --exclude \".git/*\" \n```\n\n\n\n## Removing a File from a Bucket\n\n```\naws s3 rm s3://\u003cbucket_name\u003e/\u003cobject_name\u003e\n```\n\ne.g\n\n```\naws s3 rm s3://practicalaws.com/temp.txt\n```\n\n\n\n## Deleting a Bucket\n\n```\naws s3 rb s3://\u003cbucket_name\u003e --force\n```\n\nIf the bucket is not empty, use --force.\n\ne.g\n\n```\naws s3 rb s3://practicalaws.com --force  \n```\n\n\n\n## Emptying a Bucket\n\n```\naws s3 rm s3://\u003cbucket_name\u003e/\u003ckey_name\u003e --recursive\n```\n\ne.g\n\nIn order to remove tempfiles/file1.txt and tempfiles/file2.txt from practicalaws.com bucket, use:\n\n```\naws s3 rm s3://practicalaws.com/tempfiles --recursive\n```\n\nRemove all objects using:\n\n```\naws s3 rm s3://practicalaws.com/tempfiles\n```\n\n## Making a Public File Private\n\n```\naws s3api put-object-acl --acl private --bucket \u003cbucket-name\u003e --key \u003cfile_name or file_path\u003e\n```\n\ne.g:\n\n```\naws s3api put-object-acl --acl private --bucket practicalaws.com --key image/logo.png\n```\n\n## Making a Public bucket Private\n\n```\naws s3 ls --recursive s3://\u003cbucket-name\u003e | cut -d' ' -f5- | awk '{print $NF}' | while read line; do\n    echo \"$line\"\n    aws s3api put-object-acl --acl private --bucket \u003cbucket-name\u003e --key \"$line\"\ndone\n```\n\n\n\n# VPC\n\n\n\n## Creating A VPC\n\n```\naws ec2 create-vpc --cidr-block \u003ccidr_block\u003e --regiosn \u003cregion\u003e\n```\n\ne.g\n\n```\naws ec2 create-vpc --cidr-block 10.0.0.0/16 --region eu-west-1\n```\n\n\n\n## Allowing DNS hostnames\n\n```\naws ec2 modify-vpc-attribute --vpc-id \u003cvpc_id\u003e --enable-dns-hostnames \"{\\\"Value\\\":true}\" --region \u003cregion\u003e\n```\n\n# Subnets \n\n\n\n## Creating A Subnet\n\n```\naws ec2 create-subnet --vpc-id \u003cvpc_id\u003e --cidr-block \u003ccidr_block\u003e --availability-zone \u003cavailability_zone\u003e --region \u003cregion\u003e\n```\n\n\n\n## Auto Assigning Public IPs To Instances In A Public Subnet\n\n```\naws ec2 modify-subnet-attribute --subnet-id \u003csubnet_id\u003e --map-public-ip-on-launch --region \u003cregion\u003e\n```\n\n# Internet Gateway\n\n\n\n## Creating An IGW\n\n```\naws ec2 create-internet-gateway --region \u003cregion\u003e\n```\n\n\n\n## Attaching An IGW to A VPC\n\n```\naws ec2 attach-internet-gateway --internet-gateway-id \u003cigw_id\u003e --vpc-id \u003cvpc_id\u003e --region \u003cregion\u003e\n```\n\n# NAT\n\n\n\n## Setting Up A NAT Gateway\n\nAllocate Elastic IP\n\n``` \naws ec2 allocate-address --domain vpc --region \u003cregion\u003e \n```\n\nthen use the AllocationId to create the NAT Gateway for the public zone in \u003cregion\u003e\n\n``` \naws ec2 create-nat-gateway --subnet-id \u003csubnet_id\u003e --allocation-id \u003callocation_id\u003e --region \u003cregion\u003e \n```\n\n# Route Tables\n\n\n\n## Creating A Public Route Table\n\nCreate the Route Table: \n\n``` \naws ec2 create-route-table --vpc-id \u003cvpc_id\u003e --region \u003cregion\u003e \n```\n\nthen create a route for an Internet Gateway. \n\nNow, use the outputted Route Table ID: \n\n``` \naws ec2 create-route --route-table-id \u003croute_table_id\u003e --destination-cidr-block 0.0.0.0/0 --gateway-id \u003cigw_id\u003e --region \u003cregion\u003e \n```\n\nFinally, associate the public subnet with the Route Table\n\n``` \naws ec2 associate-route-table --route-table-id \u003croute_table_id\u003e --subnet-id \u003csubnet_id\u003e --region \u003cregion\u003e\n```\n\n\n\n## Creating A Private Route Tables\n\nCreate the Route Table\n\n``` \naws ec2 create-route-table --vpc-id \u003cvpc_id\u003e --region \u003cregion\u003e \n```\n\nthen create a route that points to a NAT Gateway \n\n``` \naws ec2 create-route --route-table-id \u003croute_table_id\u003e --destination-cidr-block 0.0.0.0/0 --nat-gateway-id \u003cnet_gateway_id\u003e --region \u003cregion\u003e \n```\n\nFinally, associate the subnet \n\n``` \naws ec2 associate-route-table --route-table-id \u003croute_table_id\u003e --subnet-id \u003csubnet_id\u003e --region \u003cregion\u003e \n```\n\n# CloudFront\n\n\n\n## Listing Distributions\n\nIn some cases, you need to setup this first:\n\n```\naws configure set preview.cloudfront true\n```\n\nThen:\n\n```\naws cloudfront list-distributions\n```\n\n\n\n## Invalidating Files From a Distribution\n\nTo invalidate index and error HTML files from the distribution with the ID Z2W2LX9VBMAPRX:\n\n```\naws cloudfront create-invalidation --distribution-id Z2W2LX9VBMAPRX  --paths /index.html /error.html\n```\n\nTo invalidate everything in the distribution:\n\n```\naws cloudfront create-invalidation --distribution-id Z2W2LX9VBMAPRX  --paths '/*'\n```\n\n\n\n## Sync a Local Folder with a CLoudFront Distribution\n\nCloudFront is \"attached\" to a bucket, you need to upload your files to the bucket. \n\ne.g.:\n\n```\naws s3 sync . s3://my-bucket.com\n```\n\nIf you should keep the files public:\n\n```\naws s3 sync . s3://my-bucket.com --acl public-read\n```\n\nTo copy a single file, you need to:\n\n```\naws s3 cp file1 s3://my-bucket.com/sub-folder/ --acl \u003cACL\u003e\n```\n\n\n\n## Sync and Invalidate at the Same Time: \n\n```\naws s3 sync . s3://my-bucket.com --acl public-read \u0026\u0026 aws cloudfront create-invalidation --distribution-id Z2W2LX9VBMAPRX  --paths '/*'\n```\n\nor in case you want to update a single file:\n\n```\naws s3 cp file1 s3://my-bucket.com/sub-folder/ --acl public-read \u0026\u0026 aws cloudfront create-invalidation --distribution-id Z2W2LX9VBMAPRX  --paths '/sub-folder/file1'\n```\n\n\n\n# RDS\n\n\n\n## List Databases\n\n```\naws rds describe-db-instances\n```\n\nor:\n\n```\naws rds describe-db-instances --query 'DBInstances[].DBInstanceIdentifier'\n```\n\n\n\n## List Public Databases\n\n```\naws rds describe-db-instances --query 'DBInstances[?PubliclyAccessible==\"true\"].[DBInstanceIdentifier,Endpoint.Address]'\n```\n\n\n\n## List Non Protected Databases (DeletionProtection)\n\n```\naws rds describe-db-instances \\\n    --query 'DBInstances[*].[DBInstanceIdentifier]' \\\n    --output text \\\n    | xargs -I {} bash -c 'if [[ $(aws rds describe-db-instances --db-instance-identifier {} --query '\"'\"'DBInstances[*].DeletionProtection'\"'\"' --output text) == False ]]; then echo {} ; fi'\n```\n\n\n\n## Describe the Automated Backups for a DB Instance\n\n```\naws rds describe-db-instance-automated-backups --db-instance-identifier database-mysql\n```\n\n\n\n## Create a DB Cluster\n\n````\naws rds create-db-cluster \\\n    --db-cluster-identifier mysql-cluster \\\n    --engine aurora-mysql \\\n    --engine-version 5.7.12 \\\n    --master-username master \\\n    --master-user-password xxxxxx \\\n    --db-subnet-group-name default \\\n    --vpc-security-group-ids sg-0130572b9daf3dc16\n````\n\n\n\n## Create a DB Instance\n\n```\naws rds create-db-instance \\\n    --db-instance-identifier mysql-instance \\\n    --db-instance-class db.t3.micro \\\n    --engine mysql \\\n    --master-username admin \\\n    --master-user-password xxxxx \\\n    --allocated-storage 40\n```\n\n\n\n## Create a DB Security Group\n\n```\naws rds create-db-security-group --db-security-group-name my-security-group --db-security-group-description \"My Security Group\"\n```\n\n\n\n## Create a Read Replica\n\n````\naws rds create-db-instance-read-replica \\\n    --db-instance-identifier test-instance-repl \\\n    --source-db-instance-identifier test-instance\n````\n\n\n\n## Create a Custom DB Cluster Endpoint\n\n```\naws rds create-db-cluster-endpoint \\\n    --db-cluster-endpoint-identifier mycustomendpoint \\\n    --endpoint-type reader \\\n    --db-cluster-identifier mydbcluster \\\n    --static-members dbinstance1 dbinstance2\n```\n\n\n\n## Apply Tag to a DB\n\n```\naws rds add-tags-to-resource \\\n    --resource-name arn:aws:rds:us-east-1:123456789012:db:database-mysql \\\n    --tags \"[{\\\"Key\\\": \\\"Name\\\",\\\"Value\\\": \\\"MyDatabase\\\"},{\\\"Key\\\": \\\"Environment\\\",\\\"Value\\\": \\\"test\\\"}]\"\n```\n\n\n\n## Create a Cluster Snapshot\n\n```\naws rds create-db-cluster-snapshot --db-cluster-identifier my-db-cluster --db-cluster-snapshot-identifier my-db-cluster-snapshot\n```\n\n\n\n## Create a CloudWatch Alarm for a DB Instance\n\ne.g.:  When **average CPU for latest 15 minutes is above 90%**\n\n```\naws cloudwatch put-metric-alarm \\\n    --alarm-name \"my-alarm\" \\\n    --metric-name \"CPUUtilization\" \\\n    --namespace \"AWS/RDS\" \\\n    --statistic \"Average\" \\\n    --period 300 \\\n    --evaluation-periods 3 \\\n    --threshold 90.0 \\\n    --comparison-operator \"GreaterThanOrEqualToThreshold\" \\\n    --dimensions \"Name=DBInstanceIdentifier,Value=my-db-instance\" \\\n    --alarm-actions \"\u003carn of sns resource\u003e\"\n```\n\nThis will monitor the DB instance during a period of 300 seconds (5 minutes) during 3 evaluation periods: 5*3 = 15 minutes.\n\nIf in the three periods, the average is equal or more than 90%, then the alarm will trigger the SNS resource.\n\nYou should subscribe to the SNS resource you create by email or SMS.\n\n# Connect Deeper\n\nJoin FAUN developer community [FAUN](https://faun.dev/join)\n","funding_links":[],"categories":["Others"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feon01%2FAWS-CheatSheet","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feon01%2FAWS-CheatSheet","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feon01%2FAWS-CheatSheet/lists"}