I wanted to list images from ECR registry, but getting some error. Can someone provide the solution?
aws ecr list-images --repository-name <Repository_Name>
Got error below
An error occurred (RepositoryNotFoundException) when calling the
ListImages operation: The repository with name '<Repository_Name>' does
not exist in the registry with id 'ID_Name'
Note: I want to list all the images from repository, but I don't want to list the images using filter.
From the error, it seems you insert invalid repository name or you are looking in wrong region
aws ecr list-images --repository-name VALID_REPO_NAME --region us-west-2
OR you can get all images from all repository using this script.
#!/bin/sh
REPO_LIST=$(aws ecr describe-repositories --query "repositories[].repositoryName" --output text --region us-west-2);
for repo in $REPO_LIST; do
echo "list image for $repo"
aws ecr list-images --repository-name $repo --region us-west-2
done
aws-cli-cheatsheet
Related
I am very new at awscli and programming in general. I am tyring to update a route53 record when i start up an instance using cmd and powershell. However, i keep getting this error when running it:
Error parsing parameter '--change-batch': Expected: '=', received: 'ÿ' for input:
ÿþ{
The commmand i am running is :
aws route53 change-resource-record-sets --hosted-zone-id Z337IOSIXTUZ2M --change-batch=file://C:\temp\config.json
I have tried just about all combinations like:
aws route53 change-resource-record-sets --hosted-zone-id Z337IOSIXTUZ2M --change-batch='C:\temp\config.json'
aws route53 change-resource-record-sets --hosted-zone-id Z337IOSIXTUZ2M --change-batch=file://C:\temp\config.json
aws route53 change-resource-record-sets --hosted-zone-id Z337IOSIXTUZ2M --change-batch=C:\temp\config.json
But nothing seems to work. If i put the config.json file in my home directory on a ubuntu vm and run the same command it works, so i am pretty sure my problem is with the --change-batch stuff.
Any help would be very much appropriated as i have been working on this for a couple of days.
I keep getting this when try to run it:
Error parsing parameter '--change-batch': Expected: '=', received: 'ÿ' for input:
ÿþ{
$ aws route53 change-resource-record-sets --hosted-zone-id Z337IOSIXTUZ2M --change-batch file://C:\temp\config.json
The parameters change-batch doesn't accept value with =. The above command should work for you.
Ref: Route53 - Change Resource Record Set
I am trying to receive a message in a queue when triggering an email with SES in localstack. The SES service is using an event destination that connects to a SNS topic. The SNS topic is connected to a queue, where I want to receive the bounce, click information.
Here are the steps:
// 1 whitelist email sender
aws --endpoint-url=http://localhost:4566 ses verify-email-identity --email-address sender#test.com --profile test-profile --region eu-central-1 --output table | cat
// 2 create sqs queue
aws --endpoint-url=http://localhost:4566 sqs create-queue --queue-name ses_events_queue --profile test-profile --region eu-central-1 --output table | cat
// 3 create sns topic
aws --endpoint-url=http://localhost:4566 sns create-topic --name ses_events_topic --region eu-central-1 --profile test-profile --output table
// 4 subscribe sqs queue to sns topic
aws --endpoint-url=http://localhost:4566 sns subscribe --topic-arn arn:aws:sns:eu-central-1:000000000000:ses_events_topic --protocol sqs --notification-endpoint arn:aws:sqs:eu-central-1:000000000000:ses_events_queue --profile test-profile --region eu-central-1 --output table | cat
up until here, if I publish a message with:
aws --endpoint-url=http://localhost:4566 sns publish --topic-arn arn:aws:sns:eu-central-1:000000000000:ses_events_topic --message "{\"subject\":\"Subject\",\"body8\":\"Body 8\",\"from\":\"test#test.com\",\"to\":\"to#ta.com\"}" --profile test-profile --region eu-central-1 --output table | cat
it works, I can see message in queue.
Now the SES setup:
// 5 create config set
aws --endpoint-url=http://localhost:4566 ses create-configuration-set --configuration-set "{\"Name\":\"ses_config_set\"}" --profile test-profile --region eu-central-1 --output table | cat
// 6 create event destination
aws --endpoint-url=http://localhost:4566 ses create-configuration-set-event-destination --configuration-set-name ses_config_set --event-destination '{"Name":"some_name2","Enabled":true,"MatchingEventTypes":["send","bounce","delivery","open"],"SNSDestination":{"TopicARN":"arn:aws:sns:eu-central-1:000000000000:ses_events_topic"}}' --profile test-profile --region eu-central-1 --output table | cat
And now the actual sending of the email:
// 7 send email via ses using config set
aws --endpoint-url=http://localhost:4566 ses send-email --destination '{"ToAddresses":["receiver#mail.com"]}' --message '{"Subject":{"Data":"some sub","Charset":"string"},"Body":{"Text":{"Data":"some tesxt body","Charset":"string"}}}' --configuration-set-name ses_config_set --from 'sender#test.com' --profile test-profile --region eu-central-1 --output table | cat
Email is sent, but if I check messages in queue, there's none:
aws --endpoint-url=http://localhost:4566 sqs receive-message --queue-url http://localhost:4566/000000000000/ses_events_queue --profile test-profile --region eu-central-1 --output table | cat
Not sure where the error is. I'm also not sure what is the best way to debug. I tried to use --debug in the email sending, but I can't find anything useful.
My suspicion is that the create event destination step can be wrong, since there are may options inside, but not sure.
I've also tried to add permissions to the queue:
aws --endpoint-url=http://localhost:4566 sqs set-queue-attributes --queue-url http://localhost:4566/000000000000/ses_events_queue --attributes file://set_queue_attributes.json --profile test-profile --region eu-central-1 --output table | cat
in set_queue_attributes.json:
{"Policy" : "{\"Id\": \"Policy1564523767951\",\"Version\": \"2012-10-17\",\"Statement\": [{\"Sid\": \"Stmt1564523766749\",\"Action\": \"sqs:*\",\"Effect\": \"Allow\",\"Resource\": \"arn:aws:sqs:us-east-1:12345678:example-queue\",\"Condition\": {\"ArnEquals\": {\"aws:SourceArn\": \"arn:aws:sns:us-east-1:73628827939:MySNS\"}},\"Principal\": \"*\"}]}"}
But it does not work either. Not sure if this might be the issue, because publishing directly to sns, I can see the queue receiving the message. I don't know how to debug, that ses sends the message, and that ses publishes a message in the sns topic
In the doc, they state
Whether you create a new SNS topic or select an existing one, you need to give access to SES to publish notifications to the topic.
In your case, try to add this permission, after step 3 //create sns topic
awslocal sns add-permission \
--topic-arn arn:aws:sns:eu-central-1:000000000000:ses_events_topic \
--label Publish-Permission \
--aws-account-id 000000000000 \
--action-name Publish
I use the thin wrapper awslocal
Also, use option "--max-number-of-messages 10" in "sqs receive-message".
Default is "1"
the reason it was not working was because the feature was not implemented. I opened an issue and they worked fast on it:
https://github.com/localstack/localstack/issues/7184
I post this answer in case anyone finds something similar
I am trying to create an SFTP user with the help of AWS CLI in my Linux Box.
Below is the AWS CLI command which I am passing in my bash script (my ssh public key is in a file, with the help of variable I am passing same into AWS CLI options section)
customer_name_pub_value=$(cat /home/developer/naman/dir/$customer_name.pub)
aws transfer create-user --user-name $customer_name --home-directory script-test/power-archive-ireland/$customer_name/ --server-id s-aaabbbccc --ssh-public-key-body $customer_name_pub_value --tags 'Key=Product,Value="demo",Key=Environment,Value=dev,Key=Contact,Value="dev.user#domain.com",Key=Service,Value="sftp"' --role customer-sftp-role
Below is the ERROR which I am facing while executing above commands:
[developer#dev-lin demo]$ aws transfer create-user --user-name $customer_name --home-directory script-test/power-archive-ireland/$customer_name/ --server-id s-aaabbbccc --ssh-public-key-body $customer_name_pub_value --tags 'Key=Product,Value="demo",Key=Environment,Value=dev,Key=Contact,Value="dev.user#domain.com",Key=Service,Value="sftp"' --role customer-sftp-role
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
Unknown options: developer#dev-lin.domain.com, XXXXXXXXXXAB3NzaC1yc2EAAAADAQABAAABAQCm2hI3Y33K1GVbdQV0lfkm/klZRJS7Kcz8+53e/BoIbVMFH0jqm1aejELDFgPnN7HvIZ/csYGzF/ssTx5lXVaHQh/qkYwfqQBg8WvXVB0Jmogj1hr6z5M8Qy/3oCx0fSmh6e/Ekfk8vHhiHQlGZV3o8a2AW5SkP8IH/OgT6Bq+SMuB+xtSciVBZqSLI0OgYtOZ0MyxBzfLau1Tyegu5lVFevZDVjecnIaS4l+v2VIQ/OgaZ40oAI3NuRZ2EdnLqEqFyLjasx4kcuwNzD5oaXAU6T9UsqKN2rVLMKrXXXXXXXXXXX
Am I missing something bash syntax while passing option value!
UPDATE 30-March-2020
as per suggestions in below comments, I have added AWS ARN Role in command, now facing different issue than previous
CODE:
customer_name='demo'
customer_name_pub_value=$(cat /home/developer/naman/dir/$customer_name.pub)
aws transfer create-user --user-name $customer_name --home-directory script-test/power-archive-ireland/$customer_name/ --server-id s-aaabbbccc --ssh-public-key-body "$customer_name_pub_value" --tags 'Key=Product,Value="demo",Key=Environment,Value=dev,Key=Contact,Value="dev.user#domain.com",Key=Service,Value="sftp"' --role "arn:aws:iam::8XXXXXXXXX2:role/customer-sftp-role"
ERROR
An error occurred (ValidationException) when calling the CreateUser operation: 1 validation error detected: Value 'script-test/power-archive-ireland/demo/' at 'homeDirectory' failed to satisfy constraint: Member must satisfy regular expression pattern: ^$|/.*
Yes, for the final bug, you should feed it as a list of objects:
--tags [{Key="Product", Value="demo"}, {Key="Environment", Value="dev"}, {Key="Contact", Value="dev.user#domain.com"}, {Key="Service", Value="sftp"
You may need to put "Key" and "Value" in quotes or even perhaps have to try key:value pairs (i.e. {"Product": "demo"}), but this should be the general syntax.
Below is the final working CLI command:
Changes
Added ROLE ARN (Thanks #user1394 for the suggestion)
Biggest issue resolved by placing / before --home-directory option (bad AWS documentation (https://docs.aws.amazon.com/cli/latest/reference/transfer/create-user.html) and their out-dated RegEx ^$|/.*)
Transform the broken CLI into JSON based CLI to fix the final bug (not all the tags were able to attach in old command)
#!/bin/bash
customer_name='demo'
customer_name_pub_value=$(cat /home/developer/naman/dir/$customer_name.pub)
aws transfer create-user \
--user-name $customer_name \
--server-id s-aaabbbccc \
--role "arn:aws:iam::8XXXXXXXXX2:role/customer-sftp-role" \
--ssh-public-key-body "$customer_name_pub_value" \
--home-directory /script-test/power-archive-ireland/$customer_name \
--tags '[
{"Key": "Product", "Value": "demo"},
{"Key": "Environment", "Value": "dev"},
{"Key": "Contact", "Value": "dev.user#domain.com"},
{"Key": "Service", "Value": "sftp"}
]'
Does anyone have an example of how to create a dns entry, for a lightsail hosted domain, using the aws cli?
I haven't been able to find an example of the format for the --domain-entry parameter of the create-domain-entry sub-command.
I made use of Mike's syntax to create a TXT record for DMARC. (Thank you Mike!)
I'd been trying to create it in the UI. I kept getting this error: Input error: Target should be enclosed in quotation marks: ""v=DMARC1; p=none; rua="mailto:dmarc#YOURDOMAINNAME.com"".
After trying several times with different recommended quote configurations, I bailed on the UI, and used Mike's syntax in a bash script. In my case, I also removed the extra quotes I had around the email address inside the rua portion. This may have been the source of my errors in the UI.
Here's what successfully created the DMARC record for me:
#!/usr/bin/bash
aws lightsail --region us-east-1 \
create-domain-entry \
--domain-name 'YOURDOMAINNAME.com' \
--domain-entry '{"name":"_dmarc.YOURDOMAINNAME.com","target":"\"v=DMARC1; p=none; rua=mailto:dmarcreports#YOURDOMAINNAME.com\"","isAlias":false,"type":"TXT"}'
Of course, replace YOURDOMAINNAME with your domain name, and the mailto name with the email at which you want to receive DMarc reports.
The command below will create an A record using the CLI
aws lightsail create-domain-entry \
--domain-name mikegcoleman.com \
--region us-east-1 --domain-entry \
name=blog.mikegcoleman.com,target=52.40.235.176,isAlias=false,type=A
Note that you need to specify the region as all domain actions with the Lightsail CLI need to be performed against us-east-1
For a TXT record the following should work. I think there is some funkiness with the CLI that it doesn't like the inline domain entry, and needs the JSON to do the TXT record, so it's formatted difrerently from above:
aws lightsail --region us-east-1 \
create-domain-entry \
--domain-name 'mikegcoleman.com' \
--domain-entry '{"name":"test.mikegcoleman.com","target":"\"response\"","isAlias":false,"type":"TXT"}'
Yes!
The answer from #binarybelle to create a BASH script and add the command as the JSON version worked for me too in order to add a TXT entry for DKIM.
The extra trick with a long DKIM entry is to split the text key into 2 parts, so lots of escaping the extra double-quotes :-)
#!/bin/bash
/usr/local/bin/aws lightsail --region us-east-1 \
create-domain-entry --domain-name 'mydomain.co.uk' \
--domain-entry '{"name":"default._domainkey.mydomain.co.uk","target":"\"v=DKIM1; h=sha256; k=rsa; \" \"p=MIIBIjxxxxxxxxxxxiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurVgfLc8xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx9cRHBTEOIR4lmIgatpit\" \"t+v7oQzngmfKpBNoTeyxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxQIDAQAB\"","isAlias":false,"type":"TXT"}'
I was trying to request a spot instance using CLI. I used below command to request a spot instance:
aws ec2 request-spot-instances --spot-price "0.050" --instance-count 1 --block-duration-minutes 120 --type "one-time" --launch-specification file://Spot_P2_request.json --query 'SpotInstanceRequests[*].SpotInstanceRequestId' --output text
I get below error:
Unknown options: --block-duration-minutes, 120
Is block-duration-minutes not supported by CLI?