AWS - EC2

Amazon Web Services Elastic Compute Cloud (EC2) For more information regarding the AWS EC2 service, please visit the official documentation found here.

Configure AWS - EC2 on Cortex XSOAR

  1. Navigate to Settings > Integrations > Servers & Services.
  2. Search for AWS - EC2.
  3. Click Add instance to create and configure a new integration instance.
ParameterDescriptionRequired
defaultRegionAWS Default RegionFalse
roleArnRole ArnFalse
roleSessionNameRole Session NameFalse
sessionDurationRole Session DurationFalse
access_keyAccess KeyFalse
secret_keySecret KeyFalse
proxyUse system proxy settingsFalse
insecureTrust any certificate (not secure)False
  1. Click Test to validate the URLs, token, and connection.

Commands

You can execute these commands from the Demisto CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details. All command, argument, and output descriptions are taken from the AWS documentation.

aws-ec2-describe-instances


Describes one or more of your instances.

Base Command

aws-ec2-describe-instances

Input

Argument NameDescriptionRequired
filtersOne or more filters.See documentation for details & filter options.Optional
instanceIdsOne or more instance IDs. Seprated by comma.Optional
regionThe AWS Region, if not specified the default region will be usedOptional
roleArnThe Amazon Resource Name (ARN) of the role to assumeOptional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Instances.AmiLaunchIndexnumberThe AMI launch index, which can be used to find this instance in the launch group.
AWS.EC2.Instances.ImageIdstringThe ID of the AMI used to launch the instance.
AWS.EC2.Instances.InstanceIdstringThe ID of the instance.
AWS.EC2.Instances.InstanceTypestringThe instance type.
AWS.EC2.Instances.KernelIdstringThe kernel associated with this instance, if applicable.
AWS.EC2.Instances.KeyNamestringThe name of the key pair, if this instance was launched with an associated key pair.
AWS.EC2.Instances.LaunchTimedateThe time the instance was launched.
AWS.EC2.Instances.Monitoring.StatestringIndicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
AWS.EC2.Instances.Placement.AvailabilityZonestringThe Availability Zone of the instance.
AWS.EC2.Instances.Placement.AffinitystringThe affinity setting for the instance on the Dedicated Host.
AWS.EC2.Instances.Placement.GroupNamestringThe name of the placement group the instance is in (for cluster compute instances).
AWS.EC2.Instances.Placement.HostIdstringhe ID of the Dedicated Host on which the instance resides.
AWS.EC2.Instances.Placement.TenancystringThe tenancy of the instance (if the instance is running in a VPC).
AWS.EC2.Instances.PlatformstringThe value is Windows for Windows instances; otherwise blank.
AWS.EC2.Instances.PrivateDnsNamestring(IPv4 only) The private DNS hostname name assigned to the instance. This DNS hostname can only be used inside the Amazon EC2 network. This name is not available until the instance enters the running state.
AWS.EC2.Instances.PrivateIpAddressstringThe private IPv4 address assigned to the instance.
AWS.EC2.Instances.ProductCodes.ProductCodeIdstringThe product code.
AWS.EC2.Instances.ProductCodes.ProductCodeTypestringThe type of product code.
AWS.EC2.Instances.PublicDnsNamestring(IPv4 only) The public DNS name assigned to the instance. This name is not available until the instance enters the running state.
AWS.EC2.Instances.PublicIpAddressstringThe public IPv4 address assigned to the instance, if applicable.
AWS.EC2.Instances.RamdiskIdstringThe RAM disk associated with this instance, if applicable.
AWS.EC2.Instances.State.CodestringThe low byte represents the state.
AWS.EC2.Instances.State.NamestringThe current state of the instance.
AWS.EC2.Instances.StateTransitionReasonstringThe reason for the most recent state transition. This might be an empty string.
AWS.EC2.Instances.SubnetIdstringThe ID of the subnet in which the instance is running.
AWS.EC2.Instances.VpcIdstringThe ID of the VPC in which the instance is running.
AWS.EC2.Instances.ArchitecturestringThe architecture of the image.
AWS.EC2.Instances.BlockDeviceMappings.DeviceNamestringThe device name (for example, /dev/sdh or xvdh).
AWS.EC2.Instances.BlockDeviceMappings.Ebs.AttachTimestringThe time stamp when the attachment initiated.
AWS.EC2.Instances.BlockDeviceMappings.Ebs.DeleteOnTerminationstringIndicates whether the volume is deleted on instance termination.
AWS.EC2.Instances.BlockDeviceMappings.Ebs.StatusstringThe attachment state.
AWS.EC2.Instances.BlockDeviceMappings.Ebs.VolumeIdstringThe ID of the EBS volume.
AWS.EC2.Instances.ClientTokenstringThe idempotency token you provided when you launched the instance, if applicable.
AWS.EC2.Instances.EbsOptimizedbooleanIndicates whether the instance is optimized for Amazon EBS I/O.
AWS.EC2.Instances.EnaSupportbooleanSpecifies whether enhanced networking with ENA is enabled.
AWS.EC2.Instances.HypervisorstringThe hypervisor type of the instance.
AWS.EC2.Instances.IamInstanceProfile.ArnstringThe Amazon Resource Name (ARN) of the instance profile.
AWS.EC2.Instances.IamInstanceProfile.IdstringThe ID of the instance profile.
AWS.EC2.Instances.InstanceLifecyclestringIndicates whether this is a Spot Instance or a Scheduled Instance.
AWS.EC2.Instances.ElasticGpuAssociations.ElasticGpuIdstringThe ID of the Elastic GPU.
AWS.EC2.Instances.ElasticGpuAssociations.ElasticGpuAssociationIdstringThe ID of the association.
AWS.EC2.Instances.ElasticGpuAssociations.ElasticGpuAssociationStatestringThe state of the association between the instance and the Elastic GPU.
AWS.EC2.Instances.ElasticGpuAssociations.ElasticGpuAssociationTimestringThe time the Elastic GPU was associated with the instance.
AWS.EC2.Instances.NetworkInterfaces.Association.IpOwnerIdstringThe ID of the owner of the Elastic IP address.
AWS.EC2.Instances.NetworkInterfaces.Association.PublicDnsNamestringThe public DNS name.
AWS.EC2.Instances.NetworkInterfaces.Association.PublicIpstringThe public IP address or Elastic IP address bound to the network interface.
AWS.EC2.Instances.NetworkInterfaces.Attachment.AttachTimedateThe time stamp when the attachment initiated.
AWS.EC2.Instances.NetworkInterfaces.Attachment.AttachmentIdstringThe ID of the network interface attachment.
AWS.EC2.Instances.NetworkInterfaces.Attachment.DeleteOnTerminationbooleanIndicates whether the network interface is deleted when the instance is terminated.
AWS.EC2.Instances.NetworkInterfaces.Attachment.DeviceIndexnumberThe index of the device on the instance for the network interface attachment.
AWS.EC2.Instances.NetworkInterfaces.Attachment.StatusstringThe attachment state.
AWS.EC2.Instances.NetworkInterfaces.DescriptionstringThe description.
AWS.EC2.Instances.NetworkInterfaces.Groups.GroupNamestringThe name of the security group.
AWS.EC2.Instances.NetworkInterfaces.Groups.GroupIdstringThe ID of the security group.
AWS.EC2.Instances.NetworkInterfaces.Ipv6Addresses.Ipv6AddressstringThe IPv6 addresses associated with the network interface.
AWS.EC2.Instances.NetworkInterfaces.MacAddressstringThe MAC address.
AWS.EC2.Instances.NetworkInterfaces.NetworkInterfaceIdstringThe ID of the network interface.
AWS.EC2.Instances.NetworkInterfaces.OwnerIdstringThe ID of the AWS account that created the network interface.
AWS.EC2.Instances.NetworkInterfaces.PrivateDnsNamestringThe private DNS name.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddressstringThe IPv4 address of the network interface within the subnet.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.Association.IpOwnerIdstringThe ID of the owner of the Elastic IP address.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.Association.PublicDnsNamestringThe public DNS name.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.Association.PublicIpstringThe public IP address or Elastic IP address bound to the network interface.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.PrimarybooleanIndicates whether this IPv4 address is the primary private IP address of the network interface.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.PrivateDnsNamestringThe private IPv4 DNS name.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.PrivateIpAddressstringThe private IPv4 address of the network interface.
AWS.EC2.Instances.NetworkInterfaces.SourceDestCheckbooleanIndicates whether to validate network traffic to or from this network interface.
AWS.EC2.Instances.NetworkInterfaces.StatusstringThe status of the network interface.
AWS.EC2.Instances.NetworkInterfaces.SubnetIdstringThe ID of the subnet.
AWS.EC2.Instances.NetworkInterfaces.VpcIdstringThe ID of the VPC.
AWS.EC2.Instances.RootDeviceNamestringThe device name of the root device volume (for example, /dev/sda1).
AWS.EC2.Instances.RootDeviceTypestringThe root device type used by the AMI. The AMI can use an EBS volume or an instance store volume.
AWS.EC2.Instances.SecurityGroups.GroupNamestringThe name of the security group.
AWS.EC2.Instances.SecurityGroups.GroupIdstringThe ID of the security group.
AWS.EC2.Instances.SourceDestCheckbooleanSpecifies whether to enable an instance launched in a VPC to perform NAT.
AWS.EC2.Instances.SpotInstanceRequestIdstringIf the request is a Spot Instance request, the ID of the request.
AWS.EC2.Instances.SriovNetSupportstringSpecifies whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.
AWS.EC2.Instances.StateReason.CodestringThe reason code for the state change.
AWS.EC2.Instances.StateReason.MessagestringThe message for the state change.
AWS.EC2.Instances.Tags.KeystringThe key of the tag.
AWS.EC2.Instances.Tags.ValuestringThe value of the tag.
AWS.EC2.Instances.VirtualizationTypestringThe virtualization type of the instance.

Command Example

!aws-ec2-describe-instances

Context Example

{
"AWS": {
"EC2": {
"Instances": [
{
"AmiLaunchIndex": 0,
"Architecture": "x86_64",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/dev_name",
"Ebs": {
"AttachTime": "2020-04-26T15:49:18",
"DeleteOnTermination": true,
"Status": "attached",
"VolumeId": "vol-1"
}
}
],
"CapacityReservationSpecification": {
"CapacityReservationPreference": "open"
},
"ClientToken": "some_token",
"CpuOptions": {
"CoreCount": 8,
"ThreadsPerCore": 2
},
"EbsOptimized": false,
"EnaSupport": true,
"HibernationOptions": {
"Configured": false
},
"Hypervisor": "xen",
"IamInstanceProfile": {
"Arn": "some_arn",
"Id": "id"
},
"ImageId": "ami-id",
"InstanceId": "i-id",
"InstanceType": "m5.4xlarge",
"KeyName": "Aqua",
"LaunchTime": "2020-04-26T15:49:17",
"Monitoring": {
"State": "enabled"
},
"NetworkInterfaces": [
{
"Attachment": {
"AttachTime": "2020-04-26T15:49:28",
"AttachmentId": "eni-attach",
"DeleteOnTermination": false,
"DeviceIndex": 1,
"Status": "attached"
},
"Description": "Floating network interface providing a fixed IP address for AWS Ground Station to connect to.",
"Groups": [
{
"GroupId": "sg",
"GroupName": "some_group_name"
}
],
"Ipv6Addresses": [],
"MacAddress": "add",
"NetworkInterfaceId": "eni",
"OwnerId": "some_id",
"PrivateDnsName": "name",
"PrivateIpAddress": "1.1.1.1",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "name",
"PrivateIpAddress": "1.1.1.1"
}
],
"SourceDestCheck": true,
"Status": "in-use",
"SubnetId": "subnet",
"VpcId": "vpc"
}
],
"Placement": {
"AvailabilityZone": "us-west-2a",
"GroupName": "name",
"Tenancy": "dedicated"
},
"PrivateDnsName": "dns_name",
"PrivateIpAddress": "1.1.1.1",
"ProductCodes": [],
"PublicDnsName": "",
"Region": "us-west-2",
"RootDeviceName": "/dev/dev_name",
"RootDeviceType": "ebs",
"SecurityGroups": [
{
"GroupId": "sg",
"GroupName": "name"
}
],
"SourceDestCheck": true,
"State": {
"Code": 80,
"Name": "stopped"
},
"StateReason": {
"Code": "Client.UserInitiatedShutdown",
"Message": "Client.UserInitiatedShutdown: User initiated shutdown"
},
"StateTransitionReason": "User initiated (2020-04-26 18:28:48 GMT)",
"SubnetId": "subnet-1",
"Tags": [
{
"Key": "stack-id",
"Value": "some_info"
}
],
"VirtualizationType": "hvm",
"VpcId": "vpc"
}
]
}
}
}

Human Readable Output

AWS Instances

ImageIdInstanceIdKeyNameLaunchDateMonitoringNamePublicDNSNamePublicIPAddressRegionStateTypeaws:cloudformation:logical-idaws:cloudformation:stack-idaws:cloudformation:stack-name
ami-1i-1Aqua2020-04-26T15:49:17ZenabledReceiver-gs-aqua-receiverus-west-2stoppedm5.4xlargeReceiverInstancearn1name1
ami-2i-22020-08-19T11:23:48Zdisabledflask-envsome_server1.2.3.4us-west-2runningt2.microAWSEBAutoScalingGrouparn2name2

aws-ec2-describe-images


Describes one or more of the images (AMIs, AKIs, and ARIs) available to you. Images available to you include public images, private images that you own, and private images owned by other AWS accounts but for which you have explicit launch permissions.

Base Command

aws-ec2-describe-images

Input

Argument NameDescriptionRequired
filtersOne or more filters.Optional
imageIdsOne or more image IDs, Seperated by commaOptional
ownersFilters the images by the owner. Specify an AWS account ID, self (owner is the sender of the request), or an AWS owner alias (valid values are amazon | aws-marketplace | microsoft ). Omitting this option returns all images for which you have launch permissions, regardless of ownership.Optional
executableUsersScopes the images by users with explicit launch permissions. Specify an AWS account ID, self (the sender of the request), or all (public AMIs).Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Images.ArchitecturestringThe architecture of the image.
AWS.EC2.Images.CreationDatedateThe date and time the image was created.
AWS.EC2.Images.ImageIdstringThe ID of the AMI.
AWS.EC2.Images.ImageLocationstringThe location of the AMI.
AWS.EC2.Images.ImageTypestringThe type of image.
AWS.EC2.Images.PublicbooleanIndicates whether the image has public launch permissions. The value is true if this image has public launch permissions or false if it has only implicit and explicit launch permissions.
AWS.EC2.Images.KernelIdstringThe kernel associated with the image, if any. Only applicable for machine images.
AWS.EC2.Images.OwnerIdstringThe AWS account ID of the image owner.
AWS.EC2.Images.PlatformstringThe value is Windows for Windows AMIs; otherwise blank.
AWS.EC2.Images.ProductCodes.ProductCodeIdstringThe product code.
AWS.EC2.Images.ProductCodes.ProductCodeTypestringThe type of product code.
AWS.EC2.Images.RamdiskIdstringThe RAM disk associated with the image, if any. Only applicable for machine images.
AWS.EC2.Images.StatestringThe current state of the AMI. If the state is available , the image is successfully registered and can be used to launch an instance.
AWS.EC2.Images.BlockDeviceMappings.DeviceNamestringThe device name (for example, /dev/sdh or xvdh).
AWS.EC2.Images.BlockDeviceMappings.VirtualNamestringThe virtual device name (ephemeral N).
AWS.EC2.Images.BlockDeviceMappings.Ebs.EncryptedbooleanIndicates whether the EBS volume is encrypted.
AWS.EC2.Images.BlockDeviceMappings.Ebs.DeleteOnTerminationbooleanIndicates whether the EBS volume is deleted on instance termination.
AWS.EC2.Images.BlockDeviceMappings.Ebs.IopsnumberThe number of I/O operations per second (IOPS) that the volume supports.
AWS.EC2.Images.BlockDeviceMappings.Ebs.KmsKeyIdstringIdentifier (key ID, key alias, ID ARN, or alias ARN) for a user-managed CMK under which the EBS volume is encrypted.
AWS.EC2.Images.BlockDeviceMappings.Ebs.SnapshotIdstringThe ID of the snapshot.
AWS.EC2.Images.BlockDeviceMappings.Ebs.VolumeSizenumberThe size of the volume, in GiB.
AWS.EC2.Images.BlockDeviceMappings.Ebs.VolumeTypestringThe volume type.
AWS.EC2.Images.BlockDeviceMappings.NoDevicestringSuppresses the specified device included in the block device mapping of the AMI.
AWS.EC2.Images.DescriptionstringThe description of the AMI that was provided during image creation.
AWS.EC2.Images.EnaSupportbooleanSpecifies whether enhanced networking with ENA is enabled.
AWS.EC2.Images.HypervisorstringThe hypervisor type of the image.
AWS.EC2.Images.ImageOwnerAliasstringThe AWS account alias (for example, amazon , self ) or the AWS account ID of the AMI owner.
AWS.EC2.Images.NamestringThe name of the AMI that was provided during image creation.
AWS.EC2.Images.RootDeviceNamestringThe device name of the root device volume (for example, /dev/sda1).
AWS.EC2.Images.RootDeviceTypestringThe type of root device used by the AMI. The AMI can use an EBS volume or an instance store volume.
AWS.EC2.Images.SriovNetSupportstringSpecifies whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.
AWS.EC2.Images.StateReason.CodestringThe reason code for the state change.
AWS.EC2.Images.StateReason.MessagestringThe message for the state change.
AWS.EC2.Images.Tags.KeystringThe key of the tag.
AWS.EC2.Images.Tags.ValuestringThe value of the tag.
AWS.EC2.Images.VirtualizationTypestringThe type of virtualization of the AMI.

aws-ec2-describe-regions


Describes one or more regions that are currently available to you.

Base Command

aws-ec2-describe-regions

Input

Argument NameDescriptionRequired
regionNamesThe name of the region (for example, us-east-1 ).Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.Regions.EndpointstringThe region service endpoint.
AWS.Regions.RegionNamestringThe name of the region.

Command Example

!aws-ec2-describe-regions

Context Example

{
"AWS": {
"Regions": [
{
"Endpoint": "ec2.eu-north-1.amazonaws.com",
"RegionName": "eu-north-1"
},
{
"Endpoint": "ec2.ap-south-1.amazonaws.com",
"RegionName": "ap-south-1"
}
]
}
}

Human Readable Output

AWS Regions

EndpointRegionName
ec2.eu-north-1.amazonaws.comeu-north-1
ec2.ap-south-1.amazonaws.comap-south-1

aws-ec2-describe-addresses


Describes one or more of your Elastic IP addresses.

Base Command

aws-ec2-describe-addresses

Input

Argument NameDescriptionRequired
filtersOne or more filters. See documentation for filters list.Optional
publicIpsOne or more Elastic IP addresses.Optional
allocationIdsOne or more allocation IDs.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.ElasticIPs.InstanceIdstringThe ID of the instance that the address is associated with (if any).
AWS.EC2.ElasticIPs.PublicIpstringThe Elastic IP address.
AWS.EC2.ElasticIPs.AllocationIdstringThe ID representing the allocation of the address for use with EC2-VPC.
AWS.EC2.ElasticIPs.AssociationIdstringThe ID representing the association of the address with an instance in a VPC.
AWS.EC2.ElasticIPs.Domainstringdicates whether this Elastic IP address is for use with instances in EC2-Classic (standard) or instances in a VPC.
AWS.EC2.ElasticIPs.NetworkInterfaceIdstringThe ID of the network interface.
AWS.EC2.ElasticIPs.NetworkInterfaceOwnerIdstringThe ID of the AWS account that owns the network interface.
AWS.EC2.ElasticIPs.PrivateIpAddressstringThe private IP address associated with the Elastic IP address.
AWS.EC2.ElasticIPs.RegionstringThe aws region were the elastic ip is located.
AWS.EC2.ElasticIPs.Tags.KeystringThe key of the tag.
AWS.EC2.ElasticIPs.Tags.ValuestringThe value of the tag.

Command Example

!aws-ec2-describe-addresses

Context Example

{
"AWS": {
"EC2": {
"ElasticIPs": [
{
"AllocationId": "eipalloc-1",
"Domain": "vpc",
"PublicIp": "1.1.1.1",
"PublicIpv4Pool": "amazon",
"Region": "us-west-2"
},
{
"AllocationId": "eipalloc-2",
"AssociationId": "eipassoc-2",
"Domain": "vpc",
"InstanceId": "i-1",
"NetworkInterfaceId": "eni-1",
"NetworkInterfaceOwnerId": "id",
"PrivateIpAddress": "1.2.3.4",
"PublicIp": "3.4.5.6",
"PublicIpv4Pool": "amazon"
}
]
}
}
}

Human Readable Output

AWS EC2 ElasticIPs

AllocationIdDomainPublicIpRegion
eipalloc-1vpc1.1.1.1us-west-2
eipalloc-2vpc1.2.3.4us-west-2

aws-ec2-describe-snapshots


Describes one or more of the EBS snapshots available to you.

Base Command

aws-ec2-describe-snapshots

Input

Argument NameDescriptionRequired
filtersOne or more filters. See documentation for filters list.Optional
ownerIdsReturns the snapshots owned by the specified owner. Multiple owners can be specified.Optional
snapshotIdsOne or more snapshot IDs. Seperated by commasOptional
restorableByUserIdsOne or more AWS accounts IDs that can create volumes from the snapshot.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Snapshots.DataEncryptionKeyIdstringThe data encryption key identifier for the snapshot.
AWS.EC2.Snapshots.DescriptionstringThe description for the snapshot.
AWS.EC2.Snapshots.EncryptedbooleanIndicates whether the snapshot is encrypted.
AWS.EC2.Snapshots.KmsKeyIdstringThe full ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the parent volume.
AWS.EC2.Snapshots.OwnerIdstringThe AWS account ID of the EBS snapshot owner.
AWS.EC2.Snapshots.ProgressstringThe progress of the snapshot, as a percentage.
AWS.EC2.Snapshots.SnapshotIdstringThe ID of the snapshot.
AWS.EC2.Snapshots.StartTimestringThe time stamp when the snapshot was initiated.
AWS.EC2.Snapshots.StatestringThe snapshot state.
AWS.EC2.Snapshots.StateMessagestringthis field displays error state details to help you diagnose why the error occurred.
AWS.EC2.Snapshots.VolumeIdstringThe ID of the volume that was used to create the snapshot.
AWS.EC2.Snapshots.VolumeSizenumberThe size of the volume, in GiB.
AWS.EC2.Snapshots.OwnerAliasstringValue from an Amazon-maintained list of snapshot owners.
AWS.EC2.Snapshots.RegionstringThe aws region were the snapshot is located
AWS.EC2.Snapshots.Tags.KeystringThe key of the tag.
AWS.EC2.Snapshots.Tags.ValuestringThe value of the tag.

aws-ec2-describe-launch-templates


Describes one or more launch templates.

Base Command

aws-ec2-describe-launch-templates

Input

Argument NameDescriptionRequired
FiltersOne or more filters.See documentation for filters list.Optional
LaunchTemplateNamesOne or more launch template names. Sepereted by comma.Optional
LaunchTemplateIdsOne or more launch template IDs. Sepereted by comma.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.LaunchTemplates.LaunchTemplateIdstringThe ID of the launch template.
AWS.EC2.LaunchTemplates.LaunchTemplateNamestringThe name of the launch template.
AWS.EC2.LaunchTemplates.CreateTimedateThe time launch template was created.
AWS.EC2.LaunchTemplates.CreatedBystringThe principal that created the launch template.
AWS.EC2.LaunchTemplates.DefaultVersionNumbernumberThe version number of the default version of the launch template.
AWS.EC2.LaunchTemplates.LatestVersionNumbernumberThe version number of the latest version of the launch template.
AWS.EC2.LaunchTemplates.Tags.KeystringThe key of the tag.
AWS.EC2.LaunchTemplates.Tags.ValuestringThe value of the tag.
AWS.EC2.LaunchTemplates.RegionstringThe aws region where the template is located

Command Example

!aws-ec2-describe-launch-templates

Context Example

{
"AWS": {
"EC2": {
"LaunchTemplates": {
"CreateTime": "2019-04-21T07:54:50",
"CreatedBy": "some_user",
"DefaultVersionNumber": 1,
"LatestVersionNumber": 1,
"LaunchTemplateId": "lt-1",
"LaunchTemplateName": "sample_launch_template",
"Region": "us-west-2"
}
}
}
}

Human Readable Output

AWS EC2 LaunchTemplates

CreateTimeCreatedByDefaultVersionNumberLatestVersionNumberLaunchTemplateIdLaunchTemplateNameRegion
2019-04-21T07:54:50Zsome_user11lt-1sample_launch_templateus-west-2

aws-ec2-describe-key-pairs


Describes one or more of your key pairs.

Base Command

aws-ec2-describe-key-pairs

Input

Argument NameDescriptionRequired
filtersOne or more filters. See documentation for filters list.Optional
keyNamesOne or more key pair names. Sepereted by comma.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.KeyPairs.KeyFingerprintUnknownIf you used CreateKeyPair to create the key pair, this is the SHA-1 digest of the DER encoded private key. If you used ImportKeyPair to provide AWS the public key, this is the MD5 public key fingerprint as specified in section 4 of RFC4716.
AWS.EC2.KeyPairs.KeyNameUnknownThe name of the key pair.
AWS.EC2.KeyPairs.RegionUnknownThe aws region where the key pair is located

Command Example

!aws-ec2-describe-key-pairs

Context Example

{
"AWS": {
"EC2": {
"KeyPairs": [
{
"KeyFingerprint": "fp1",
"KeyName": "Aqua",
"Region": "us-west-2"
},
{
"KeyFingerprint": "fp2",
"KeyName": "Test Keys",
"Region": "us-west-2"
}
]
}
}
}

Human Readable Output

AWS EC2 Key Pairs

KeyFingerprintKeyNameRegion
fp1Aquaus-west-2
fp2Test Keysus-west-2

aws-ec2-describe-volumes


Describes the specified EBS volumes.

Base Command

aws-ec2-describe-volumes

Input

Argument NameDescriptionRequired
filtersOne or more filters. See documentation for filters list.Optional
volumeIdsOne or more volume IDs. Sepereted by comma.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Volumes.AvailabilityZonestringThe Availability Zone for the volume.
AWS.EC2.Volumes.CreateTimedateThe time stamp when volume creation was initiated.
AWS.EC2.Volumes.EncryptedbooleanIndicates whether the volume will be encrypted.
AWS.EC2.Volumes.KmsKeyIdstringThe full ARN of the AWS Key Management Service customer master key that was used to protect the volume encryption key for the volume.
AWS.EC2.Volumes.SizenumberThe snapshot from which the volume was created, if applicable.
AWS.EC2.Volumes.StatestringThe volume state.
AWS.EC2.Volumes.VolumeIdstringThe ID of the volume.
AWS.EC2.Volumes.IopsnumberThe number of I/O operations per second (IOPS) that the volume supports.
AWS.EC2.Volumes.VolumeTypestringThe volume type. This can be gp2 for General Purpose SSD, io1 for Provisioned IOPS SSD, st1 for Throughput Optimized HDD, sc1 for Cold HDD, or standard for Magnetic volumes.
AWS.EC2.Volumes.Tags.KeystringThe key of the tag.
AWS.EC2.Volumes.Tags.ValuestringThe value of the tag.
AWS.EC2.Volumes.Attachments.AttachTimedateThe time stamp when the attachment initiated.
AWS.EC2.Volumes.Attachments.DevicestringThe device name.
AWS.EC2.Volumes.Attachments.InstanceIdstringThe ID of the instance.
AWS.EC2.Volumes.Attachments.StatestringThe attachment state of the volume.
AWS.EC2.Volumes.Attachments.VolumeIdstringThe ID of the volume.
AWS.EC2.Volumes.Attachments.DeleteOnTerminationbooleanIndicates whether the EBS volume is deleted on instance termination.

Command Example

!aws-ec2-describe-volumes

Context Example

{
"AWS": {
"EC2": {
"Volumes": [
{
"Attachments": [
{
"AttachTime": "2019-04-29T13:05:57",
"DeleteOnTermination": true,
"Device": "/dev/dev_name",
"InstanceId": "i-1",
"State": "attached",
"VolumeId": "vol-1"
}
],
"AvailabilityZone": "us-west-2b",
"CreateTime": "2019-04-29T13:05:57",
"Encrypted": false,
"Iops": 100,
"Region": "us-west-2",
"Size": 8,
"SnapshotId": "snap-1",
"State": "in-use",
"VolumeId": "vol-1",
"VolumeType": "gp2"
},
{
"Attachments": [
{
"AttachTime": "2020-08-19T11:22:07",
"DeleteOnTermination": true,
"Device": "/dev/dev_name",
"InstanceId": "i-1",
"State": "attached",
"VolumeId": "vol-1"
}
],
"AvailabilityZone": "us-west-2b",
"CreateTime": "2020-08-19T11:22:07",
"Encrypted": false,
"Iops": 100,
"Size": 8,
"SnapshotId": "snap-1",
"State": "in-use",
"VolumeId": "vol-1",
"VolumeType": "gp2"
}
]
}
}
}

Human Readable Output

AWS EC2 Volumes

AvailabilityZoneCreateTimeEncryptedStateVolumeIdVolumeType
us-west-2b2019-04-29T13:05:57Zfalsein-usevol-1gp2
us-west-2b2020-08-19T11:22:07Zfalsein-usevol-2gp2

aws-ec2-describe-vpcs


Describes one or more of your VPCs.

Base Command

aws-ec2-describe-vpcs

Input

Argument NameDescriptionRequired
filtersOne or more filters. See documentation for filters list.Optional
vpcIdsOne or more VPC IDs. Sepereted by comma.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Vpcs.CidrBlockstringThe primary IPv4 CIDR block for the VPC.
AWS.EC2.Vpcs.DhcpOptionsIdstringThe ID of the set of DHCP options you have associated with the VPC.
AWS.EC2.Vpcs.StatestringThe current state of the VPC.
AWS.EC2.Vpcs.VpcIdstringThe ID of the VPC.
AWS.EC2.Vpcs.InstanceTenancystringThe allowed tenancy of instances launched into the VPC.
AWS.EC2.Vpcs.IsDefaultstringIndicates whether the VPC is the default VPC.
AWS.EC2.Vpcs.Tags.KeystringThe key of the tag.
AWS.EC2.Vpcs.Tags.ValuestringThe value of the tag.
AWS.EC2.Vpcs.Tags.Ipv6CidrBlockAssociationSet.AssociationIdstringThe association ID for the IPv6 CIDR block.
AWS.EC2.Vpcs.Tags.Ipv6CidrBlockAssociationSet.Ipv6CidrBlockstringThe IPv6 CIDR block.
AWS.EC2.Vpcs.Tags.Ipv6CidrBlockAssociationSet.Ipv6CidrBlockState.StatestringThe state of the CIDR block.
AWS.EC2.Vpcs.Tags.Ipv6CidrBlockAssociationSet.Ipv6CidrBlockState.StatusMessagestringA message about the status of the CIDR block, if applicable.
AWS.EC2.Vpcs.Tags.CidrBlockAssociationSet.AssociationIdstringThe association ID for the IPv4 CIDR block.
AWS.EC2.Vpcs.Tags.CidrBlockAssociationSet.CidrBlockstringThe IPv4 CIDR block.
AWS.EC2.Vpcs.Tags.CidrBlockAssociationSet.CidrBlockState.StatestringThe state of the CIDR block.
AWS.EC2.Vpcs.Tags.CidrBlockAssociationSet.CidrBlockState.StatusMessagestringA message about the status of the CIDR block, if applicable.

Command Example

!aws-ec2-describe-vpcs

Context Example

{
"AWS": {
"EC2": {
"Vpcs": {
"CidrBlock": "1.1.1.1/16",
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc",
"CidrBlock": "1.1.1.1/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"DhcpOptionsId": "dopt-1",
"InstanceTenancy": "default",
"IsDefault": true,
"OwnerId": "id",
"Region": "us-west-2",
"State": "available",
"VpcId": "vpc-1"
}
}
}
}

Human Readable Output

AWS EC2 Vpcs

CidrBlockDhcpOptionsIdInstanceTenancyIsDefaultRegionStateVpcId
1.1.1.1/16dopt-1defaulttrueus-west-2availablevpc-1

aws-ec2-describe-subnets


Describes one or more of your subnets.

Base Command

aws-ec2-describe-subnets

Input

Argument NameDescriptionRequired
filtersOne or more filters. See documetation for filters list.Optional
subnetIdsOne or more subnet IDs. Sepereted by comma.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Subnets.AvailabilityZonestringThe Availability Zone of the subnet.
AWS.EC2.Subnets.AvailableIpAddressCountnumberThe number of unused private IPv4 addresses in the subnet. Note that the IPv4 addresses for any stopped instances are considered unavailable.
AWS.EC2.Subnets.CidrBlockstringThe IPv4 CIDR block assigned to the subnet.
AWS.EC2.Subnets.DefaultForAzbooleanIndicates whether this is the default subnet for the Availability Zone.
AWS.EC2.Subnets.MapPublicIpOnLaunchbooleanIndicates whether instances launched in this subnet receive a public IPv4 address.
AWS.EC2.Subnets.StatestringThe current state of the subnet.
AWS.EC2.Subnets.SubnetIdstringThe ID of the subnet.
AWS.EC2.Subnets.VpcIdstringThe ID of the VPC the subnet is in.
AWS.EC2.Subnets.AssignIpv6AddressOnCreationbooleanIndicates whether a network interface created in this subnet (including a network interface created by RunInstances) receives an IPv6 address.
AWS.EC2.Subnets.Ipv6CidrBlockAssociationSet.AssociationIdstringThe association ID for the CIDR block.
AWS.EC2.Subnets.Ipv6CidrBlockAssociationSet.Ipv6CidrBlockstringThe IPv6 CIDR block.
AWS.EC2.Subnets.Ipv6CidrBlockAssociationSet.Ipv6CidrBlockState.StatestringThe state of a CIDR block.
AWS.EC2.Subnets.Ipv6CidrBlockAssociationSet.Ipv6CidrBlockState.StatusMessagestringA message about the status of the CIDR block, if applicable.
AWS.EC2.Subnets.Tags.KeystringThe key of the tag.
AWS.EC2.Subnets.Tags.ValuestringThe value of the tag.

Command Example

!aws-ec2-describe-subnets

Context Example

{
"AWS": {
"EC2": {
"Subnets": [
{
"AssignIpv6AddressOnCreation": false,
"AvailabilityZone": "us-west-2d",
"AvailabilityZoneId": "zone_id",
"AvailableIpAddressCount": 4091,
"CidrBlock": "1.1.1.1/20",
"DefaultForAz": true,
"Ipv6CidrBlockAssociationSet": [],
"MapPublicIpOnLaunch": true,
"OwnerId": "id",
"Region": "us-west-2",
"State": "available",
"SubnetArn": "arn",
"SubnetId": "subnet-1",
"VpcId": "vpc-1"
}
]
}
}
}

Human Readable Output

AWS EC2 Subnets

AvailabilityZoneAvailableIpAddressCountCidrBlockDefaultForAzRegionStateSubnetIdVpcId
us-west-2d40911.1.1.1/20trueus-west-2availablesubnet-1vpc-1
us-west-2c40902.2.2.2/20trueus-west-2availablesubnet-2vpc-2

aws-ec2-describe-security-groups


Describes one or more of your security groups.

Base Command

aws-ec2-describe-security-groups

Input

Argument NameDescriptionRequired
filtersOne or more filters. See documetation for filters list.Optional
groupIdsOne or more security group IDs. Required for security groups in a nondefault VPC. Sepereted by comma.Optional
groupNamesOne or more security group names. Sepereted by comma.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.SecurityGroups.DescriptionstringA description of the security group.
AWS.EC2.SecurityGroups.GroupNamestringThe name of the security group.
AWS.EC2.SecurityGroups.IpPermissions.FromPortnumberThe start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types.
AWS.EC2.SecurityGroups.IpPermissions.IpProtocolstringThe IP protocol name (tcp , udp , icmp ) or number.
AWS.EC2.SecurityGroups.IpPermissions.IpRanges.CidrIpstringThe IPv4 CIDR range.
AWS.EC2.SecurityGroups.IpPermissions.IpRanges.DescriptionstringA description for the security group rule that references this IPv4 address range.
AWS.EC2.SecurityGroups.IpPermissions.Ipv6Ranges.CidrIpv6stringThe IPv6 CIDR range.
AWS.EC2.SecurityGroups.IpPermissions.Ipv6Ranges.DescriptionstringA description for the security group rule that references this IPv6 address range.
AWS.EC2.SecurityGroups.IpPermissions.PrefixListIds.DescriptionstringA description for the security group rule that references this prefix list ID.
AWS.EC2.SecurityGroups.IpPermissions.PrefixListIds.PrefixListIdstringThe ID of the prefix.
AWS.EC2.SecurityGroups.IpPermissions.ToPortnumberThe end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.
AWS.EC2.SecurityGroups.IpPermissions.UserIdGroupPairs.DescriptionstringA description for the security group rule that references this user ID group pair.
AWS.EC2.SecurityGroups.IpPermissions.UserIdGroupPairs.GroupIdstringThe ID of the security group.
AWS.EC2.SecurityGroups.IpPermissions.UserIdGroupPairs.GroupNamestringThe name of the security group.
AWS.EC2.SecurityGroups.IpPermissions.UserIdGroupPairs.PeeringStatusstringThe status of a VPC peering connection, if applicable.
AWS.EC2.SecurityGroups.IpPermissions.UserIdGroupPairs.UserIdstringThe ID of an AWS account.
AWS.EC2.SecurityGroups.IpPermissions.UserIdGroupPairs.VpcIdstringThe ID of the VPC for the referenced security group, if applicable.
AWS.EC2.SecurityGroups.IpPermissions.UserIdGroupPairs.VpcPeeringConnectionIdstringThe ID of the VPC peering connection, if applicable.
AWS.EC2.SecurityGroups.OwnerIdstringThe AWS account ID of the owner of the security group.
AWS.EC2.SecurityGroups.GroupIdstringThe ID of the security group.
AWS.EC2.SecurityGroups.IpPermissionsEgress.FromPortnumberThe start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number.
AWS.EC2.SecurityGroups.IpPermissionsEgress.IpProtocolstringThe IP protocol name (tcp , udp , icmp) or number.
AWS.EC2.SecurityGroups.IpPermissionsEgress.IpRanges.CidrIpstringThe IPv4 CIDR range.
AWS.EC2.SecurityGroups.IpPermissionsEgress.IpRanges.DescriptionstringA description for the security group rule that references this IPv4 address range.
AWS.EC2.SecurityGroups.IpPermissionsEgress.Ipv6Ranges.CidrIpv6stringThe IPv6 CIDR range.
AWS.EC2.SecurityGroups.IpPermissionsEgress.Ipv6Ranges.DescriptionstringA description for the security group rule that references this IPv6 address range.
AWS.EC2.SecurityGroups.IpPermissionsEgress.PrefixListIds.DescriptionstringA description for the security group rule that references this prefix list ID.
AWS.EC2.SecurityGroups.IpPermissionsEgress.PrefixListIds.PrefixListIdstringThe ID of the prefix.
AWS.EC2.SecurityGroups.IpPermissionsEgress.ToPortstringThe end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.
AWS.EC2.SecurityGroups.IpPermissionsEgress.UserIdGroupPairs.DescriptionstringA description for the security group rule that references this user ID group pair.
AWS.EC2.SecurityGroups.IpPermissionsEgress.UserIdGroupPairs.GroupIdstringThe ID of the security group.
AWS.EC2.SecurityGroups.IpPermissionsEgress.UserIdGroupPairs.GroupNamestringThe name of the security group.
AWS.EC2.SecurityGroups.IpPermissionsEgress.UserIdGroupPairs.PeeringStatusstringThe status of a VPC peering connection, if applicable.
AWS.EC2.SecurityGroups.IpPermissionsEgress.UserIdGroupPairs.UserIdstringThe ID of an AWS account.
AWS.EC2.SecurityGroups.IpPermissionsEgress.UserIdGroupPairs.VpcIdstringThe ID of the VPC for the referenced security group, if applicable.
AWS.EC2.SecurityGroups.IpPermissionsEgress.UserIdGroupPairs.VpcPeeringConnectionIdstringThe ID of the VPC peering connection, if applicable.
AWS.EC2.SecurityGroups.VpcIdstringThe ID of the VPC for the security group.
AWS.EC2.SecurityGroups.Tags.KeystringThe key of the tag.
AWS.EC2.SecurityGroups.Tags.ValuestringThe value of the tag.

Command Example

!aws-ec2-describe-security-groups

Context Example

{
"AWS": {
"EC2": {
"SecurityGroups": [
{
"Description": "AWS Ground Station receiver instance security group.",
"GroupId": "sg-1",
"GroupName": "gs-name",
"IpPermissions": [
{
"FromPort": 80,
"IpProtocol": "tcp",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [
{
"CidrIpv6": "::/0"
}
],
"PrefixListIds": [],
"ToPort": 80,
"UserIdGroupPairs": []
},
{
"FromPort": 22,
"IpProtocol": "tcp",
"IpRanges": [
{
"CidrIp": "10.0.0.0/16"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"ToPort": 22,
"UserIdGroupPairs": []
},
{
"FromPort": 55888,
"IpProtocol": "udp",
"IpRanges": [],
"Ipv6Ranges": [],
"PrefixListIds": [],
"ToPort": 55888,
"UserIdGroupPairs": [
{
"Description": "AWS Ground Station Downlink Stream",
"GroupId": "sg-1",
"UserId": "id"
}
]
}
],
"IpPermissionsEgress": [
{
"IpProtocol": "-1",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"UserIdGroupPairs": []
}
],
"OwnerId": "id",
"Region": "us-west-2",
"Tags": [
{
"Key": "aws:key",
"Value": "InstanceSecurityGroup"
}
],
"VpcId": "vpc-1"
}
]
}
}
}

Human Readable Output

AWS EC2 SecurityGroups

DescriptionGroupIdGroupNameOwnerIdRegionVpcIdaws:cloudformation:logical-idaws:cloudformation:stack-idaws:cloudformation:stack-name
AWS Ground Station receiver instance security group.sg-1gs-nameidus-west-2vpc-1InstanceSecurityGrouparngs-aqua-receiver
Demisto-PlaybookTestsg-2Demisto-PlaybookTestidus-west-2vpc-2

aws-ec2-allocate-address


Allocates an Elastic IP address.

Base Command

aws-ec2-allocate-address

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.ElasticIPs.PublicIpUnknownThe Elastic IP address.
AWS.EC2.ElasticIPs.AllocationIdstringThe ID that AWS assigns to represent the allocation of the Elastic IP address for use with instances in a VPC.
AWS.EC2.ElasticIPs.DomainstringIndicates whether this Elastic IP address is for use with instances in EC2-Classic (standard ) or instances in a VPC (vpc).
AWS.EC2.ElasticIPs.RegionUnknownThe aws region where the elastic IP is located.

aws-ec2-associate-address


Associates an Elastic IP address with an instance or a network interface.

Base Command

aws-ec2-associate-address

Input

Argument NameDescriptionRequired
allocationIdThe allocation ID.Required
instanceIdThe ID of the instance. For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both. The operation fails if you specify an instance ID unless exactly one network interface is attached.Optional
allowReassociationFor a VPC in an EC2-Classic account, specify true to allow an Elastic IP address that is already associated with an instance or network interface to be reassociated with the specified instance or network interface. Otherwise, the operation fails. In a VPC in an EC2-VPC-only account, reassociation is automatic, therefore you can specify false to ensure the operation fails if the Elastic IP address is already associated with another resource.Optional
networkInterfaceIdThe ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.Optional
privateIpAddressThe primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.ElasticIPs.AssociationIdstringThe ID that represents the association of the Elastic IP address with an instance.

aws-ec2-create-snapshot


Creates a snapshot of an EBS volume and stores it in Amazon S3. You can use snapshots for backups, to make copies of EBS volumes, and to save data before shutting down an instance.

Base Command

aws-ec2-create-snapshot

Input

Argument NameDescriptionRequired
volumeIdThe ID of the EBS volume.Required
descriptionA description for the snapshot.Optional
tagsThe tags to apply to the snapshot during creation.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Snapshots.DataEncryptionKeyIdstringThe data encryption key identifier for the snapshot.
AWS.EC2.Snapshots.DescriptionstringThe description for the snapshot.
AWS.EC2.Snapshots.EncryptednumberIndicates whether the snapshot is encrypted.
AWS.EC2.Snapshots.KmsKeyIdstringThe full ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the parent volume.
AWS.EC2.Snapshots.OwnerIdstringThe AWS account ID of the EBS snapshot owner.
AWS.EC2.Snapshots.ProgressstringThe progress of the snapshot, as a percentage.
AWS.EC2.Snapshots.SnapshotIdstringThe ID of the snapshot.
AWS.EC2.Snapshots.StartTimedateThe time stamp when the snapshot was initiated.
AWS.EC2.Snapshots.StatestringThe snapshot state.
AWS.EC2.Snapshots.StateMessagestringthis field displays error state details to help you diagnose why the error occurred.
AWS.EC2.Snapshots.VolumeIdstringThe ID of the volume that was used to create the snapshot.
AWS.EC2.Snapshots.VolumeSizenumberThe size of the volume, in GiB.
AWS.EC2.Snapshots.OwnerAliasstringValue from an Amazon-maintained list of snapshot owners.
AWS.EC2.Snapshots.Tags.KeystringThe key of the tag.
AWS.EC2.Snapshots.Tags.ValuestringThe value of the tag.

aws-ec2-delete-snapshot


Deletes the specified snapshot.

Base Command

aws-ec2-delete-snapshot

Input

Argument NameDescriptionRequired
snapshotIdThe ID of the EBS snapshot.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-create-image


Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance that is either running or stopped.

Base Command

aws-ec2-create-image

Input

Argument NameDescriptionRequired
nameA name for the new image.Required
instanceIdThe ID of the instance.Required
descriptionA description for the new image.Optional
noRebootBy default, Amazon EC2 attempts to shut down and reboot the instance before creating the image. If the noReboot option is set, Amazon EC2 wont shut down the instance before creating the image. When this option is used, file system integrity on the created image cant be guaranteed.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Images.ImageIdstringThe ID of the new AMI.
AWS.EC2.Images.NamestringThe name of the new AMI.
AWS.EC2.Images.InstanceIdstringThe ID of the instance.
AWS.EC2.Images.RegionstringThe aws region where the image is located

aws-ec2-deregister-image


Deregisters the specified AMI.

Base Command

aws-ec2-deregister-image

Input

Argument NameDescriptionRequired
imageIdThe ID of the AMI.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-modify-volume


You can modify several parameters of an existing EBS volume, including volume size, volume type, and IOPS capacity.

Base Command

aws-ec2-modify-volume

Input

Argument NameDescriptionRequired
volumeIdThe ID of the volume.Required
sizeTarget size in GiB of the volume to be modified.Optional
volumeTypeTarget EBS volume type of the volume to be modified The API does not support modifications for volume type standard . You also cannot change the type of a volume to standard .Optional
iopsTarget IOPS rate of the volume to be modified.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Volumes.Modification.VolumeIdstringID of the volume being modified.
AWS.EC2.Volumes.Modification.ModificationStatestringCurrent state of modification. Modification state is null for unmodified. volumes.
AWS.EC2.Volumes.Modification.StatusMessagestringGeneric status message on modification progress or failure.
AWS.EC2.Volumes.Modification.TargetSizenumberTarget size of the volume being modified.
AWS.EC2.Volumes.Modification.TargetIopsnumberTarget IOPS rate of the volume being modified.
AWS.EC2.Volumes.Modification.TargetVolumeTypestringTarget EBS volume type of the volume being modified.
AWS.EC2.Volumes.Modification.OriginalSizenumberOriginal size of the volume being modified.
AWS.EC2.Volumes.Modification.OriginalIopsnumberOriginal IOPS rate of the volume being modified.
AWS.EC2.Volumes.Modification.OriginalVolumeTypestringOriginal EBS volume type of the volume being modified.
AWS.EC2.Volumes.Modification.ProgressstringModification progress from 0 to 100%.
AWS.EC2.Volumes.Modification.StartTimedateModification start time.
AWS.EC2.Volumes.Modification.EndTimedateModification completion or failure time.

aws-ec2-create-tags


Adds or overwrites one or more tags for the specified Amazon EC2 resource or resources.

Base Command

aws-ec2-create-tags

Input

Argument NameDescriptionRequired
resourcesThe IDs of one or more resources to tag. For example, ami-1a2b3c4d.Optional
tagsOne or more tags.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-disassociate-address


Disassociates an Elastic IP address from the instance or network interface its associated with.

Base Command

aws-ec2-disassociate-address

Input

Argument NameDescriptionRequired
associationIdThe association ID.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-release-address


Releases the specified Elastic IP address.

Base Command

aws-ec2-release-address

Input

Argument NameDescriptionRequired
allocationIdThe allocation ID.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-start-instances


Starts an Amazon EBS-backed instance that you have previously stopped.

Base Command

aws-ec2-start-instances

Input

Argument NameDescriptionRequired
instanceIdsOne or more instance IDs. Sepereted by comma.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-stop-instances


Stops an Amazon EBS-backed instance.

Base Command

aws-ec2-stop-instances

Input

Argument NameDescriptionRequired
instanceIdsOne or more instance IDs.Required
regionThe AWS Region, if not specified the default region will be usedOptional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-terminate-instances


Shuts down one or more instances. This operation is idempotent; if you terminate an instance more than once, each call succeeds.

Base Command

aws-ec2-terminate-instances

Input

Argument NameDescriptionRequired
instanceIdsOne or more instance IDs.Required
regionThe AWS Region, if not specified the default region will be usedOptional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-create-volume


Creates an EBS volume that can be attached to an instance in the same Availability Zone.

Base Command

aws-ec2-create-volume

Input

Argument NameDescriptionRequired
availabilityZoneThe Availability Zone in which to create the volume. Use DescribeAvailabilityZones to list the Availability Zones that are currently available to you.Required
encryptedSpecifies whether the volume should be encrypted.Optional
iopsThe number of I/O operations per second (IOPS) to provision for the volume, with a maximum ratio of 50 IOPS/GiB. Range is 100 to 32000 IOPS for volumes in most regions.Optional
kmsKeyIdAn identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a KmsKeyId is specified, the Encrypted flag must also be set.Optional
sizeThe size of the volume, in GiBs.Optional
snapshotIdThe snapshot from which to create the volume.Optional
volumeTypeThe volume type.Optional
tagsOne or more tags.Example key=Name,value=test;key=Owner,value=BobOptional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Volumes.AvailabilityZonestringThe Availability Zone for the volume.
AWS.EC2.Volumes.CreateTimedateThe time stamp when volume creation was initiated.
AWS.EC2.Volumes.EncryptedbooleanIndicates whether the volume will be encrypted.
AWS.EC2.Volumes.KmsKeyIdstringThe full ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the volume.
AWS.EC2.Volumes.SizenumberThe size of the volume, in GiBs.
AWS.EC2.Volumes.SnapshotIdstringThe snapshot from which the volume was created, if applicable.
AWS.EC2.Volumes.StatestringThe volume state.
AWS.EC2.Volumes.VolumeIdstringThe ID of the volume.
AWS.EC2.Volumes.IopsnumberThe number of I/O operations per second (IOPS) that the volume supports.
AWS.EC2.Volumes.VolumeTypestringThe volume type. This can be gp2 for General Purpose SSD, io1 for Provisioned IOPS SSD, st1 for Throughput Optimized HDD, sc1 for Cold HDD, or standard for Magnetic volumes.
AWS.EC2.Volumes.Tags.KeystringThe key of the tag.
AWS.EC2.Volumes.Tags.ValuestringThe value of the tag.

aws-ec2-attach-volume


Attaches an EBS volume to a running or stopped instance and exposes it to the instance with the specified device name.

Base Command

aws-ec2-attach-volume

Input

Argument NameDescriptionRequired
deviceThe device name (for example, /dev/sdh or xvdh).Required
instanceIdThe ID of the instance.Required
volumeIdThe ID of the EBS volume. The volume and instance must be within the same Availability Zone.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Volumes.Attachments.AttachTimedateThe time stamp when the attachment initiated.
AWS.EC2.Volumes.Attachments.DevicestringThe device name.
AWS.EC2.Volumes.Attachments.InstanceIdstringThe ID of the instance.
AWS.EC2.Volumes.Attachments.StatestringThe attachment state of the volume.
AWS.EC2.Volumes.Attachments.VolumeIdstringThe ID of the volume.
AWS.EC2.Volumes.Attachments.DeleteOnTerminationbooleanIndicates whether the EBS volume is deleted on instance termination.

aws-ec2-detach-volume


Detaches an EBS volume from an instance.

Base Command

aws-ec2-detach-volume

Input

Argument NameDescriptionRequired
volumeIdThe ID of the volume.Required
forceForces detachment if the previous detachment attempt did not occur cleanly. This option can lead to data loss or a corrupted file system. Use this option only as a last resort to detach a volume from a failed instance.Optional
deviceThe device name (for example, /dev/sdh or xvdh).Optional
instanceIdThe ID of the instance.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Volumes.Attachments.AttachTimedateThe time stamp when the attachment initiated.
AWS.EC2.Volumes.Attachments.DevicestringThe device name.
AWS.EC2.Volumes.Attachments.InstanceIdstringThe ID of the instance.
AWS.EC2.Volumes.Attachments.StatestringThe attachment state of the volume.
AWS.EC2.Volumes.Attachments.VolumeIdstringThe ID of the volume.
AWS.EC2.Volumes.Attachments.DeleteOnTerminationbooleanIndicates whether the EBS volume is deleted on instance termination.

aws-ec2-delete-volume


Deletes the specified EBS volume. The volume must be in the available state (not attached to an instance).

Base Command

aws-ec2-delete-volume

Input

Argument NameDescriptionRequired
volumeIdThe ID of the volume.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-run-instances


Launches the specified number of instances using an AMI for which you have permissions. You can create a launch template , which is a resource that contains the parameters to launch an instance. When you launch an instance using RunInstances , you can specify the launch template instead of specifying the launch parameters. An instance is ready for you to use when its in the running state. You can check the state of your instance using DescribeInstances.

Base Command

aws-ec2-run-instances

Input

Argument NameDescriptionRequired
countThe number of instances to launch. must be grater then 0.Required
imageIdThe ID of the AMI, which you can get by calling DescribeImages . An AMI is required to launch an instance and must be specified here or in a launch template.Optional
instanceTypeThe instance type. for example: t2.largeOptional
securityGroupIdsOne or more security group IDs. Sepereted by comma.Optional
securityGroupsOne or more security group names. For a nondefault VPC, you must use security group IDs instead.Optional
subnetIdThe ID of the subnet to launch the instance into.Optional
userDataThe user data to make available to the instance.This value will be base64 encoded automatically. Do not base64 encode this value prior to performing the operation.Optional
disableApiTerminationIf you set this parameter to true , you cant terminate the instance using the Amazon EC2 console, CLI, or API.Optional
iamInstanceProfileArnThe Amazon Resource Name (ARN) of the instance profile. Both iamInstanceProfileArn and iamInstanceProfile are required if you would like to associate an instance profile.Optional
iamInstanceProfileNameThe name of the instance profile. Both iamInstanceProfileArn and iamInstanceProfile are required if you would like to associate an instance profile.Optional
keyNameThe name of the key pair. Warning - If you do not specify a key pair, you cant connect to the instance unless you choose an AMI that is configured to allow users another way to log in.Optional
ebsOptimizedIndicates whether the instance is optimized for Amazon EBS I/O.Optional
deviceNameThe device name (for example, /dev/sdh or xvdh).Optional
ebsVolumeSizeThe size of the volume, in GiB.Optional
ebsVolumeTypeThe volume type.Optional
ebsIopsThe number of I/O operations per second (IOPS) that the volume supports.Optional
ebsDeleteOnTerminationIndicates whether the EBS volume is deleted on instance termination.Optional
ebsKmsKeyIdIdentifier (key ID, key alias, ID ARN, or alias ARN) for a user-managed CMK under which the EBS volume is encrypted.Optional
ebsSnapshotIdThe ID of the snapshot.Optional
ebsEncryptedIndicates whether the EBS volume is encrypted.Optional
launchTemplateIdThe ID of the launch template. The launch template to use to launch the instances. Any parameters that you specify in RunInstances override the same parameters in the launch template. You can specify either the name or ID of a launch template, but not both.Optional
launchTemplateNameThe name of the launch template. The launch template to use to launch the instances. Any parameters that you specify in RunInstances override the same parameters in the launch template. You can specify either the name or ID of a launch template, but not both.Optional
launchTemplateVersionThe version number of the launch template.Optional
tagsThe tags to apply to the instance.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Instances.AmiLaunchIndexnumberThe AMI launch index, which can be used to find this instance in the launch group.
AWS.EC2.Instances.ImageIdstringThe ID of the AMI used to launch the instance.
AWS.EC2.Instances.InstanceIdstringThe ID of the instance.
AWS.EC2.Instances.InstanceTypestringThe instance type.
AWS.EC2.Instances.KernelIdstringThe kernel associated with this instance, if applicable.
AWS.EC2.Instances.KeyNamestringThe name of the key pair, if this instance was launched with an associated key pair.
AWS.EC2.Instances.LaunchTimedateThe time the instance was launched.
AWS.EC2.Instances.Monitoring.StatestringIndicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
AWS.EC2.Instances.Placement.AvailabilityZonestringThe Availability Zone of the instance.
AWS.EC2.Instances.Placement.AffinitystringThe affinity setting for the instance on the Dedicated Host.
AWS.EC2.Instances.Placement.GroupNamestringThe name of the placement group the instance is in (for cluster compute instances).
AWS.EC2.Instances.Placement.HostIdstringhe ID of the Dedicated Host on which the instance resides.
AWS.EC2.Instances.Placement.TenancystringThe tenancy of the instance (if the instance is running in a VPC).
AWS.EC2.Instances.PlatformstringThe value is Windows for Windows instances; otherwise blank.
AWS.EC2.Instances.PrivateDnsNamestring(IPv4 only) The private DNS hostname name assigned to the instance. This DNS hostname can only be used inside the Amazon EC2 network. This name is not available until the instance enters the running state.
AWS.EC2.Instances.PrivateIpAddressstringThe private IPv4 address assigned to the instance.
AWS.EC2.Instances.ProductCodes.ProductCodeIdstringThe product code.
AWS.EC2.Instances.ProductCodes.ProductCodeTypestringThe type of product code.
AWS.EC2.Instances.PublicDnsNamestring(IPv4 only) The public DNS name assigned to the instance. This name is not available until the instance enters the running state.
AWS.EC2.Instances.PublicIpAddressstringThe public IPv4 address assigned to the instance, if applicable.
AWS.EC2.Instances.RamdiskIdstringThe RAM disk associated with this instance, if applicable.
AWS.EC2.Instances.State.CodestringThe low byte represents the state.
AWS.EC2.Instances.State.NamestringThe current state of the instance.
AWS.EC2.Instances.StateTransitionReasonstringThe reason for the most recent state transition. This might be an empty string.
AWS.EC2.Instances.SubnetIdstringThe ID of the subnet in which the instance is running.
AWS.EC2.Instances.VpcIdstringThe ID of the VPC in which the instance is running.
AWS.EC2.Instances.ArchitecturestringThe architecture of the image.
AWS.EC2.Instances.BlockDeviceMappings.DeviceNamestringThe device name (for example, /dev/sdh or xvdh).
AWS.EC2.Instances.BlockDeviceMappings.Ebs.AttachTimestringThe time stamp when the attachment initiated.
AWS.EC2.Instances.BlockDeviceMappings.Ebs.DeleteOnTerminationstringIndicates whether the volume is deleted on instance termination.
AWS.EC2.Instances.BlockDeviceMappings.Ebs.StatusstringThe attachment state.
AWS.EC2.Instances.BlockDeviceMappings.Ebs.VolumeIdstringThe ID of the EBS volume.
AWS.EC2.Instances.ClientTokenstringThe idempotency token you provided when you launched the instance, if applicable.
AWS.EC2.Instances.EbsOptimizedbooleanIndicates whether the instance is optimized for Amazon EBS I/O.
AWS.EC2.Instances.EnaSupportbooleanSpecifies whether enhanced networking with ENA is enabled.
AWS.EC2.Instances.HypervisorstringThe hypervisor type of the instance.
AWS.EC2.Instances.IamInstanceProfile.ArnstringThe Amazon Resource Name (ARN) of the instance profile.
AWS.EC2.Instances.IamInstanceProfile.IdstringThe ID of the instance profile.
AWS.EC2.Instances.InstanceLifecyclestringIndicates whether this is a Spot Instance or a Scheduled Instance.
AWS.EC2.Instances.ElasticGpuAssociations.ElasticGpuIdstringThe ID of the Elastic GPU.
AWS.EC2.Instances.ElasticGpuAssociations.ElasticGpuAssociationIdstringThe ID of the association.
AWS.EC2.Instances.ElasticGpuAssociations.ElasticGpuAssociationStatestringThe state of the association between the instance and the Elastic GPU.
AWS.EC2.Instances.ElasticGpuAssociations.ElasticGpuAssociationTimestringThe time the Elastic GPU was associated with the instance.
AWS.EC2.Instances.NetworkInterfaces.Association.IpOwnerIdstringThe ID of the owner of the Elastic IP address.
AWS.EC2.Instances.NetworkInterfaces.Association.PublicDnsNamestringThe public DNS name.
AWS.EC2.Instances.NetworkInterfaces.Association.PublicIpstringThe public IP address or Elastic IP address bound to the network interface.
AWS.EC2.Instances.NetworkInterfaces.Attachment.AttachTimedateThe time stamp when the attachment initiated.
AWS.EC2.Instances.NetworkInterfaces.Attachment.AttachmentIdstringThe ID of the network interface attachment.
AWS.EC2.Instances.NetworkInterfaces.Attachment.DeleteOnTerminationbooleanIndicates whether the network interface is deleted when the instance is terminated.
AWS.EC2.Instances.NetworkInterfaces.Attachment.DeviceIndexnumberThe index of the device on the instance for the network interface attachment.
AWS.EC2.Instances.NetworkInterfaces.Attachment.StatusstringThe attachment state.
AWS.EC2.Instances.NetworkInterfaces.DescriptionstringThe description.
AWS.EC2.Instances.NetworkInterfaces.Groups.GroupNamestringThe name of the security group.
AWS.EC2.Instances.NetworkInterfaces.Groups.GroupIdstringThe ID of the security group.
AWS.EC2.Instances.NetworkInterfaces.Ipv6Addresses.Ipv6AddressstringThe IPv6 addresses associated with the network interface.
AWS.EC2.Instances.NetworkInterfaces.MacAddressstringThe MAC address.
AWS.EC2.Instances.NetworkInterfaces.NetworkInterfaceIdstringThe ID of the network interface.
AWS.EC2.Instances.NetworkInterfaces.OwnerIdstringThe ID of the AWS account that created the network interface.
AWS.EC2.Instances.NetworkInterfaces.PrivateDnsNamestringThe private DNS name.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddressstringThe IPv4 address of the network interface within the subnet.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.Association.IpOwnerIdstringThe ID of the owner of the Elastic IP address.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.Association.PublicDnsNamestringThe public DNS name.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.Association.PublicIpstringThe public IP address or Elastic IP address bound to the network interface.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.PrimarybooleanIndicates whether this IPv4 address is the primary private IP address of the network interface.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.PrivateDnsNamestringThe private IPv4 DNS name.
AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddresses.PrivateIpAddressstringThe private IPv4 address of the network interface.
AWS.EC2.Instances.NetworkInterfaces.SourceDestCheckbooleanIndicates whether to validate network traffic to or from this network interface.
AWS.EC2.Instances.NetworkInterfaces.StatusstringThe status of the network interface.
AWS.EC2.Instances.NetworkInterfaces.SubnetIdstringThe ID of the subnet.
AWS.EC2.Instances.NetworkInterfaces.VpcIdstringThe ID of the VPC.
AWS.EC2.Instances.RootDeviceNamestringThe device name of the root device volume (for example, /dev/sda1).
AWS.EC2.Instances.RootDeviceTypestringThe root device type used by the AMI. The AMI can use an EBS volume or an instance store volume.
AWS.EC2.Instances.SecurityGroups.GroupNamestringThe name of the security group.
AWS.EC2.Instances.SecurityGroups.GroupIdstringThe ID of the security group.
AWS.EC2.Instances.SourceDestCheckbooleanSpecifies whether to enable an instance launched in a VPC to perform NAT.
AWS.EC2.Instances.SpotInstanceRequestIdstringIf the request is a Spot Instance request, the ID of the request.
AWS.EC2.Instances.SriovNetSupportstringSpecifies whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.
AWS.EC2.Instances.StateReason.CodestringThe reason code for the state change.
AWS.EC2.Instances.StateReason.MessagestringThe message for the state change.
AWS.EC2.Instances.Tags.KeystringThe key of the tag.
AWS.EC2.Instances.Tags.ValuestringThe value of the tag.
AWS.EC2.Instances.VirtualizationTypestringThe virtualization type of the instance.

aws-ec2-waiter-instance-running


A waiter function that runs every 15 seconds until a successful state is reached.

Base Command

aws-ec2-waiter-instance-running

Input

Argument NameDescriptionRequired
filterOne or more filters. See documentation for details & filter options.Optional
instanceIdsOne or more instance IDs. Sepreted by comma.Optional
waiterDelayThe amount of time in seconds to wait between attempts. Default 15Optional
waiterMaxAttemptsThe maximum number of attempts to be made. Default 40Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-waiter-instance-status-ok


A waiter function that runs every 15 seconds until a successful state is reached

Base Command

aws-ec2-waiter-instance-status-ok

Input

Argument NameDescriptionRequired
filterOne or more filters. See documentation for details & filter options.Optional
instanceIdsOne or more instance IDs. Seprated by comma.Optional
waiterDelayThe amount of time in seconds to wait between attempts. Default 15Optional
waiterMaxAttemptsThe maximum number of attempts to be made. Default 40.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-waiter-instance-stopped


A waiter function that runs every 15 seconds until a successful state is reached

Base Command

aws-ec2-waiter-instance-stopped

Input

Argument NameDescriptionRequired
filterOne or more filters. See documentation for details & filter options.Optional
instanceIdsOne or more instance IDs. Seprated by comma.Optional
waiterDelayThe amount of time in seconds to wait between attempts. Default 15Optional
waiterMaxAttemptsThe maximum number of attempts to be made. Default 40Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-waiter-instance-terminated


A waiter function that runs every 15 seconds until a successful state is reached

Base Command

aws-ec2-waiter-instance-terminated

Input

Argument NameDescriptionRequired
filterOne or more filters. See documentation for details & filter options.Optional
instanceIdsOne or more instance IDs. Seprated by comma.Optional
waiterDelayThe amount of time in seconds to wait between attempts. Default 15Optional
waiterMaxAttemptsThe maximum number of attempts to be made. Default 40Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-waiter-image-available


A waiter function that waits until image is avilable

Base Command

aws-ec2-waiter-image-available

Input

Argument NameDescriptionRequired
filtersOne or more filters. See documentation for available filters.Optional
imageIdsOne or more image IDs. Sperated by comma.Optional
ownersFilters the images by the owner. Specify an AWS account ID, self (owner is the sender of the request), or an AWS owner alias (valid values are amazon | aws-marketplace | microsoft ). Omitting this option returns all images for which you have launch permissions, regardless of ownership.Optional
executableUsersScopes the images by users with explicit launch permissions. Specify an AWS account ID, self (the sender of the request), or all (public AMIs).Optional
waiterDelayThe amount of time in seconds to wait between attempts. Default 15Optional
waiterMaxAttemptsThe maximum number of attempts to be made. Default 40Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-waiter-snapshot_completed


A waiter function that waits until the snapshot is complate

Base Command

aws-ec2-waiter-snapshot_completed

Input

Argument NameDescriptionRequired
filtersOne or more filters. See documentation for available filters.Optional
ownerIdsReturns the snapshots owned by the specified owner. Multiple owners can be specified. Sperated by comma.Optional
snapshotIdsOne or more snapshot IDs. Sperated by comma.Optional
restorableByUserIdsOne or more AWS accounts IDs that can create volumes from the snapshot.Optional
waiterDelayThe amount of time in seconds to wait between attempts. Default 15Optional
waiterMaxAttemptsThe maximum number of attempts to be made. Default 40Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-get-latest-ami


Get The latest AMI

Base Command

aws-ec2-get-latest-ami

Input

Argument NameDescriptionRequired
filtersOne or more filters. See documentation for available filters.Optional
ownersFilters the images by the owner. Specify an AWS account ID, self (owner is the sender of the request), or an AWS owner alias (valid values are amazon | aws-marketplace | microsoft ). Omitting this option returns all images for which you have launch permissions, regardless of ownership.Optional
executableUsersScopes the images by users with explicit launch permissions. Specify an AWS account ID, self (the sender of the request), or all (public AMIs).Optional
regionThe AWS Region, if not specified the default region will be usedOptional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Images.ArchitecturestringThe architecture of the image.
AWS.EC2.Images.CreationDatedateThe date and time the image was created.
AWS.EC2.Images.ImageIdstringThe ID of the AMI.
AWS.EC2.Images.ImageLocationstringThe location of the AMI.
AWS.EC2.Images.ImageTypestringThe type of image.
AWS.EC2.Images.PublicbooleanIndicates whether the image has public launch permissions. The value is true if this image has public launch permissions or false if it has only implicit and explicit launch permissions.
AWS.EC2.Images.KernelIdstringThe kernel associated with the image, if any. Only applicable for machine images.
AWS.EC2.Images.OwnerIdstringThe AWS account ID of the image owner.
AWS.EC2.Images.PlatformstringThe value is Windows for Windows AMIs; otherwise blank.
AWS.EC2.Images.ProductCodes.ProductCodeIdstringThe product code.
AWS.EC2.Images.ProductCodes.ProductCodeTypestringThe type of product code.
AWS.EC2.Images.RamdiskIdstringThe RAM disk associated with the image, if any. Only applicable for machine images.
AWS.EC2.Images.StatestringThe current state of the AMI. If the state is available , the image is successfully registered and can be used to launch an instance.
AWS.EC2.Images.BlockDeviceMappings.DeviceNamestringThe device name (for example, /dev/sdh or xvdh ).
AWS.EC2.Images.BlockDeviceMappings.VirtualNamestringThe virtual device name (ephemeral N).
AWS.EC2.Images.BlockDeviceMappings.Ebs.EncryptedbooleanIndicates whether the EBS volume is encrypted.
AWS.EC2.Images.BlockDeviceMappings.Ebs.DeleteOnTerminationbooleanIndicates whether the EBS volume is deleted on instance termination.
AWS.EC2.Images.BlockDeviceMappings.Ebs.IopsnumberThe number of I/O operations per second (IOPS) that the volume supports.
AWS.EC2.Images.BlockDeviceMappings.Ebs.KmsKeyIdstringIdentifier (key ID, key alias, ID ARN, or alias ARN) for a user-managed CMK under which the EBS volume is encrypted.
AWS.EC2.Images.BlockDeviceMappings.Ebs.SnapshotIdstringThe ID of the snapshot.
AWS.EC2.Images.BlockDeviceMappings.Ebs.VolumeSizenumberThe size of the volume, in GiB.
AWS.EC2.Images.BlockDeviceMappings.Ebs.VolumeTypestringThe volume type
AWS.EC2.Images.BlockDeviceMappings.NoDevicestringSuppresses the specified device included in the block device mapping of the AMI.
AWS.EC2.Images.DescriptionstringThe description of the AMI that was provided during image creation.
AWS.EC2.Images.EnaSupportbooleanSpecifies whether enhanced networking with ENA is enabled.
AWS.EC2.Images.HypervisorstringThe hypervisor type of the image.
AWS.EC2.Images.ImageOwnerAliasstringThe AWS account alias (for example, amazon , self ) or the AWS account ID of the AMI owner.
AWS.EC2.Images.NamestringThe name of the AMI that was provided during image creation.
AWS.EC2.Images.RootDeviceNamestringThe device name of the root device volume (for example, /dev/sda1).
AWS.EC2.Images.RootDeviceTypestringThe type of root device used by the AMI. The AMI can use an EBS volume or an instance store volume.
AWS.EC2.Images.SriovNetSupportstringSpecifies whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.
AWS.EC2.Images.StateReason.CodestringThe reason code for the state change.
AWS.EC2.Images.StateReason.MessagestringThe message for the state change.
AWS.EC2.Images.Tags.KeystringThe key of the tag.
AWS.EC2.Images.Tags.ValuestringThe value of the tag.
AWS.EC2.Images.VirtualizationTypestringThe type of virtualization of the AMI.

aws-ec2-create-security-group


Creates a security group.

Base Command

aws-ec2-create-security-group

Input

Argument NameDescriptionRequired
groupNameThe name of the security group.Required
descriptionA description for the security group.Required
vpcIdThe ID of the VPC.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.SecurityGroups.GroupNamestringThe name of the security group.
AWS.EC2.SecurityGroups.DescriptionstringA description for the security group.
AWS.EC2.SecurityGroups.VpcIdstringThe ID of the VPC.
AWS.EC2.SecurityGroups.GroupIdstringThe ID of the security group.

aws-ec2-delete-security-group


Deletes a security group.

Base Command

aws-ec2-delete-security-group

Input

Argument NameDescriptionRequired
groupIdThe ID of the security group. Required for a nondefault VPC.Optional
groupNamedefault VPC only. The name of the security group. You can specify either the security group name or the security group ID.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-authorize-security-group-ingress-rule


Adds ingress rule to a security group.

Base Command

aws-ec2-authorize-security-group-ingress-rule

Input

Argument NameDescriptionRequired
groupIdThe ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.Required
fromPortThe start of port range for the TCP and UDP protocols. In case ipProtocol is specified, this argument will be ignored.Optional
toPortThe end of port range for the TCP and UDP protocols. In case ipProtocol is specified, this argument will be ignored.Optional
cidrIpThe CIDR IPv4 address range.Optional
ipProtocolThe IP protocol name (tcp , udp , icmp) or number. Use -1 to specify all protocols.Optional
sourceSecurityGroupNameThe name of the source security group. The source security group must be in the same VPC.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
IpPermissionsfromPortThe start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.Optional
IpPermissionsIpProtocolThe IP protocol name (tcp, udp, icmp, icmpv6) or number.Optional
IpPermissionsToPortThe end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.Optional
IpRangesCidrIpThe IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.Optional
IpRangesDescA description for the security group rule that references this IPv4 address range.

Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
Optional
Ipv6RangesCidrIpThe IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.Optional
Ipv6RangesDescA description for the security group rule that references this IPv6 address range.

Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
Optional
PrefixListIdThe ID of the prefix.Optional
PrefixListIdDescA description for the security group rule that references this prefix list ID.

Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
Optional
UserIdGroupPairsDescriptionA description for the security group rule that references this user ID group pair.

Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
Optional
UserIdGroupPairsGroupIdThe ID of the security group.Optional
UserIdGroupPairsGroupNameThe name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.Optional
UserIdGroupPairsPeeringStatusThe status of a VPC peering connection, if applicable.Optional
UserIdGroupPairsUserIdThe ID of an AWS account.Optional
UserIdGroupPairsVpcIdThe ID of the VPC for the referenced security group, if applicable.Optional
UserIdGroupPairsVpcPeeringConnectionIdThe ID of the VPC peering connection, if applicable.Optional

Context Output

There is no context output for this command.

aws-ec2-revoke-security-group-ingress-rule


Removes egress rule from a security group. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.

Base Command

aws-ec2-revoke-security-group-ingress-rule

Input

Argument NameDescriptionRequired
groupIdThe ID of the security group.Required
fromPortThe start of port range for the TCP and UDP protocols. In case ipProtocol is specified, this argument will be ignored.Optional
toPortThe end of port range for the TCP and UDP protocols. In case ipProtocol is specified, this argument will be ignored.Optional
cidrIpThe CIDR IPv4 address range.Optional
ipProtocolThe IP protocol name (tcp , udp , icmp) or number. Use -1 to specify all protocols.Optional
sourceSecurityGroupNameThe name of the source security group. The source security group must be in the same VPC.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-copy-image


Initiates the copy of an AMI from the specified source region to the current region.

Base Command

aws-ec2-copy-image

Input

Argument NameDescriptionRequired
nameThe name of the new AMI in the destination region.Required
sourceImageIdThe ID of the AMI to copy.Required
sourceRegionThe name of the region that contains the AMI to copy.Required
descriptionA description for the new AMI in the destination region.Optional
encryptedSpecifies whether the destination snapshots of the copied image should be encrypted. The default CMK for EBS is used unless a non-default AWS Key Management Service (AWS KMS) CMK is specified with KmsKeyId .Optional
kmsKeyIdAn identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a KmsKeyId is specified, the Encrypted flag must also be set.Optional
clientTokennique, case-sensitive identifier you provide to ensure idempotency of the request.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Images.ImageIdstringThe ID of the new AMI.
AWS.EC2.Images.RegionstringThe Region where the image is located.

aws-ec2-copy-snapshot


Copies a point-in-time snapshot of an EBS volume and stores it in Amazon S3. You can copy the snapshot within the same region or from one region to another.

Base Command

aws-ec2-copy-snapshot

Input

Argument NameDescriptionRequired
sourceSnapshotIdThe ID of the EBS snapshot to copy.Required
sourceRegionThe ID of the region that contains the snapshot to be copied.Required
descriptionA description for the EBS snapshot.Optional
encryptedSpecifies whether the destination snapshot should be encrypted. You can encrypt a copy of an unencrypted snapshot using this flag, but you cannot use it to create an unencrypted copy from an encrypted snapshot. Your default CMK for EBS is used unless a non-default AWS Key Management Service (AWS KMS) CMK is specified with KmsKeyId .Optional
kmsKeyIdAn identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a KmsKeyId is specified, the Encrypted flag must also be set.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Snapshots.SnapshotIdstringThe ID of the new snapshot.
AWS.EC2.Snapshots.RegionstringThe Region where the snapshot is located.

aws-ec2-describe-reserved-instances


Describes one or more of the Reserved Instances that you purchased.

Base Command

aws-ec2-describe-reserved-instances

Input

Argument NameDescriptionRequired
filtersne or more filters.Optional
reservedInstancesIdsOne or more Reserved Instance IDs. Separated by comma.Optional
offeringClassDescribes whether the Reserved Instance is Standard or Convertible.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.ReservedInstances.AvailabilityZonestringThe Availability Zone in which the Reserved Instance can be used.
AWS.EC2.ReservedInstances.DurationnumberThe duration of the Reserved Instance, in seconds.
AWS.EC2.ReservedInstances.EnddateThe time when the Reserved Instance expires.
AWS.EC2.ReservedInstances.FixedPricenumberThe purchase price of the Reserved Instance.
AWS.EC2.ReservedInstances.InstanceCountnumberThe number of reservations purchased.
AWS.EC2.ReservedInstances.InstanceTypestringThe instance type on which the Reserved Instance can be used.
AWS.EC2.ReservedInstances.ProductDescriptionstringThe Reserved Instance product platform description.
AWS.EC2.ReservedInstances.ReservedInstancesIdstringThe ID of the Reserved Instance.
AWS.EC2.ReservedInstances.StartdateThe date and time the Reserved Instance started.
AWS.EC2.ReservedInstances.StatestringThe state of the Reserved Instance purchase.
AWS.EC2.ReservedInstances.UsagePricenumberThe usage price of the Reserved Instance, per hour.
AWS.EC2.ReservedInstances.CurrencyCodestringThe currency of the Reserved Instance. It's specified using ISO 4217 standard currency codes. At this time, the only supported currency is USD .
AWS.EC2.ReservedInstances.InstanceTenancystringThe tenancy of the instance.
AWS.EC2.ReservedInstances.OfferingClassstringThe offering class of the Reserved Instance.
AWS.EC2.ReservedInstances.OfferingTypestringThe Reserved Instance offering type.
AWS.EC2.ReservedInstances.RecurringCharges.AmountnumberThe amount of the recurring charge.
AWS.EC2.ReservedInstances.RecurringCharges.Frequencystringhe frequency of the recurring charge.
AWS.EC2.ReservedInstances.ScopestringThe scope of the Reserved Instance.
AWS.EC2.ReservedInstances.Tags.KeystringThe key of the tag.
AWS.EC2.ReservedInstances.Tags.ValuestringThe value of the tag.
AWS.EC2.ReservedInstances.RegionstringThe AWS region where the reserved instance is located.

aws-ec2-monitor-instances


Enables detailed monitoring for a running instance.

Base Command

aws-ec2-monitor-instances

Input

Argument NameDescriptionRequired
instancesIdsOne or more instance IDs. Separated by comma.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Instances.InstanceIdstringThe ID of the instance.
AWS.EC2.Instances.Monitoring.StatestringIndicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.

aws-ec2-unmonitor-instances


Disables detailed monitoring for a running instance.

Base Command

aws-ec2-unmonitor-instances

Input

Argument NameDescriptionRequired
instancesIdsOne or more instance IDs. Separated by comma.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Instances.InstanceIdUnknownThe ID of the instance.
AWS.EC2.Instances.Monitoring.StateUnknownIndicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.

aws-ec2-reboot-instances


Requests a reboot of one or more instances. This operation is asynchronous; it only queues a request to reboot the specified instances. The operation succeeds if the instances are valid and belong to you. Requests to reboot terminated instances are ignored. If an instance does not cleanly shut down within four minutes, Amazon EC2 performs a hard reboot.

Base Command

aws-ec2-reboot-instances

Input

Argument NameDescriptionRequired
instanceIdsOne or more instance IDs. Separated by comma.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-get-password-data


Retrieves the encrypted administrator password for a running Windows instance.

Base Command

aws-ec2-get-password-data

Input

Argument NameDescriptionRequired
instanceIdThe ID of the Windows instance.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.Instances.PasswordData.PasswordDatastringThe password of the instance. Returns an empty string if the password is not available.
AWS.EC2.Instances.PasswordData.TimestampdateThe time the data was last updated.

aws-ec2-modify-network-interface-attribute


Modifies the specified network interface attribute. You can specify only one attribute at a time.

Base Command

aws-ec2-modify-network-interface-attribute

Input

Argument NameDescriptionRequired
networkInterfaceIdThe ID of the network interface.Required
groupsChanges the security groups for the network interface. The new set of groups you specify replaces the current set. You must specify at least one group, even if it's just the default security group in the VPC. You must specify the ID of the security group, not the name.Optional
sourceDestCheckIndicates whether source/destination checking is enabled. A value of true means checking is enabled, and false means checking is disabled. This value must be false for a NAT instance to perform NAT.Optional
descriptionA description for the network interface.Optional
attachmentIdThe ID of the network interface attachment. Information about the interface attachment. If modifying the 'delete on termination' attribute, you must specify the ID of the interface attachment.Optional
deleteOnTerminationIndicates whether the network interface is deleted when the instance is terminated. Information about the interface attachment. If modifying the 'delete on termination' attribute, you must specify the ID of the interface attachment.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-modify-instance-attribute


Modifies the specified attribute of the specified instance. You can specify only one attribute at a time. Using this action to change the security groups associated with an elastic network interface (ENI) attached to an instance in a VPC can result in an error if the instance has more than one ENI. To change the security groups associated with an ENI attached to an instance that has multiple ENIs, we recommend that you use the ModifyNetworkInterfaceAttribute action.

Base Command

aws-ec2-modify-instance-attribute

Input

Argument NameDescriptionRequired
instanceIdThe ID of the instance.Required
sourceDestCheckSpecifies whether source/destination checking is enabled. A value of true means that checking is enabled, and false means that checking is disabled. This value must be false for a NAT instance to perform NAT.Optional
disableApiTerminationIf the value is true , you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can. You cannot use this parameter for Spot Instances.Optional
ebsOptimizedSpecifies whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.Optional
enaSupportSet to true to enable enhanced networking with ENA for the instance. This option is supported only for HVM instances. Specifying this option with a PV instance can make it unreachable.Optional
instanceTypeChanges the instance type to the specified value.Optional
instanceInitiatedShutdownBehaviorSpecifies whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown)Optional
groups[EC2-VPC] Changes the security groups of the instance. You must specify at least one security group, even if it's just the default security group for the VPC. You must specify the security group ID, not the security group name.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-create-network-acl


Creates a network ACL in a VPC. Network ACLs provide an optional layer of security (in addition to security groups) for the instances in your VPC.

Base Command

aws-ec2-create-network-acl

Input

Argument NameDescriptionRequired
DryRunChecks whether you have the required permissions for the action, without actually making the request, and provides an error response.Optional
VpcIdThe ID of the VPC.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

PathTypeDescription
AWS.EC2.VpcId.NetworkAcl.Associations.NetworkAclAssociationIdStringThe ID of the association between a network ACL and a subnet.
AWS.EC2.VpcId.NetworkAcl.Associations.NetworkAclIdStringThe ID of the network ACL.
AWS.EC2.VpcId.NetworkAcl.Associations.SubnetIdStringThe ID of the subnet.
AWS.EC2.VpcId.NetworkAcl.Entries.CidrBlockStringThe IPv4 network range to allow or deny, in CIDR notation.
AWS.EC2.VpcId.NetworkAcl.Entries.EgressBooleanIndicates whether the rule is an egress rule (applied to traffic leaving the subnet).
AWS.EC2.VpcId.NetworkAcl.Entries.IcmpTypeCode.CodeNumberThe ICMP code. A value of -1 means all codes for the specified ICMP type.
AWS.EC2.VpcId.NetworkAcl.Entries.IcmpTypeCode.TypeNumberThe ICMP type. A value of -1 means all types.
AWS.EC2.VpcId.NetworkAcl.Entries.Ipv6CidrBlockStringThe IPv6 network range to allow or deny, in CIDR notation.
AWS.EC2.VpcId.NetworkAcl.Entries.PortRange.FromNumberThe first port in the range.
AWS.EC2.VpcId.NetworkAcl.Entries.PortRange.ToNumberThe last port in the range.
AWS.EC2.VpcId.NetworkAcl.Entries.ProtocolStringThe protocol number. A value of "-1" means all protocols.
AWS.EC2.VpcId.NetworkAcl.Entries.RuleActionStringIndicates whether to allow or deny the traffic that matches the rule.
AWS.EC2.VpcId.NetworkAcl.Entries.RuleNumberNumberThe rule number for the entry. ACL entries are processed in ascending order by rule number.
AWS.EC2.VpcId.NetworkAcl.NetworkAclIdStringThe ID of the network ACL.
AWS.EC2.VpcId.NetworkAcl.Tags.KeyStringThe key of the tag.
AWS.EC2.VpcId.NetworkAcl.Tags.ValueStringThe value of the tag.
AWS.EC2.VpcId.NetworkAcl.VpcIdStringThe ID of the VPC for the network ACL.
AWS.EC2.VpcId.NetworkAcl.OwnerIdStringThe ID of the AWS account that owns the network ACL.

aws-ec2-create-network-acl-entry


Creates an entry (a rule) in a network ACL with the specified rule number.

Base Command

aws-ec2-create-network-acl-entry

Input

Argument NameDescriptionRequired
CidrBlockThe IPv4 network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).Optional
DryRunChecks whether you have the required permissions for the action, without actually making the request, and provides an error response.Optional
EgressIndicates whether this is an egress rule (rule is applied to traffic leaving the subnet).Required
CodeThe ICMP code. A value of -1 means all codes for the specified ICMP type.Optional
TypeThe ICMP type. A value of -1 means all types.Optional
Ipv6CidrBlockThe IPv6 network range to allow or deny, in CIDR notation (for example 2001:db8:1234:1a00::/64 ).Optional
NetworkAclIdThe ID of the network ACL.Required
FromThe first port in the range.Optional
ToThe last port in the range.Optional
ProtocolThe protocol number. A value of "-1" means all protocols. If you specify "-1" or a protocol number other than "6" (TCP), "17" (UDP), or "1" (ICMP), traffic on all ports is allowed, regardless of any ports or ICMP types or codes that you specify. If you specify protocol "58" (ICMPv6) and specify an IPv4 CIDR block, traffic for all ICMP types and codes allowed, regardless of any that you specify. If you specify protocol "58" (ICMPv6) and specify an IPv6 CIDR block, you must specify an ICMP type and code.Required
RuleActionIndicates whether to allow or deny the traffic that matches the rule.Required
RuleNumberThe rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output

There is no context output for this command.

aws-ec2-create-fleet


Launches an EC2 Fleet.

Base Command

aws-ec2-create-fleet

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
DryRunChecks whether you have the required permissions for the action, without actually making the request, and provides an error response.Optional
ClientTokenUnique, case-sensitive identifier you provide to ensure the idempotency of the request.Optional
SpotAllocationStrategyIndicates how to allocate the target capacity across the Spot pools specified by the Spot Fleet request.Optional
InstanceInterruptionBehaviorThe behavior when a Spot Instance is interrupted.Optional
InstancePoolsToUseCountThe number of Spot pools across which to allocate your target Spot capacity.Optional
SpotSingleInstanceTypeIndicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.Optional
SpotSingleInstanceTypeIndicates that the fleet launches all Spot Instances into a single Availability Zone.Optional
SpotMinTargetCapacityThe minimum target capacity for Spot Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances.Optional
OnDemandAllocationStrategyThe order of the launch template overrides to use in fulfilling On-Demand capacity.Optional
OnDemandSingleInstanceTypeIndicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.Optional
OnDemandSingleAvailabilityZoneIndicates that the fleet launches all On-Demand Instances into a single Availability Zone.Optional
OnDemandMinTargetCapacityThe minimum target capacity for On-Demand Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances.Optional
ExcessCapacityTerminationPolicyIndicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.Optional
LaunchTemplateIdThe ID of the launch template.Required
LaunchTemplateNameThe name of the launch template.Required
VersionThe version number of the launch template.Required
OverrideInstanceTypeThe instance type.Optional
OverrideMaxPriceThe maximum price per unit hour that you are willing to pay for a Spot Instance.Optional
OverrideSubnetIdThe ID of the subnet in which to launch the instances.Optional
OverrideAvailabilityZoneThe Availability Zone in which to launch the instances.Optional
OverrideWeightedCapacityThe number of units provided by the specified instance type.Optional
OverridePriorityThe priority for the launch template override.Optional
TotalTargetCapacityThe number of units to request, filled using DefaultTargetCapacityType .Required
OnDemandTargetCapacityThe number of On-Demand units to request.Required
SpotTargetCapacityThe number of Spot units to request.Required
DefaultTargetCapacityTypeThe default TotalTargetCapacity, which is either Spot or On-Demand .Required
TypeThe type of the request.Optional
ValidFromThe start date and time of the request, in UTC format (for example, YYYY -MM -DD THH :MM :SS Z).Optional
ValidUntilThe end date and time of the request, in UTC format (for example, YYYY -MM -DD THH :MM :SS Z).Optional
ReplaceUnhealthyInstancesIndicates whether EC2 Fleet should replace unhealthy instances.Optional
TagsThe tags to apply to the resource.Optional

Context Output

PathTypeDescription
AWS.EC2.Fleet.FleetIdStringThe ID of the EC2 Fleet.
AWS.EC2.Fleet.ErrorsStringInformation about the instances that could not be launched by the fleet. Valid only when Type is set to instant.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.LaunchTemplateSpecification.LaunchTemplateIdStringThe ID of the launch template. You must specify either a template ID or a template name.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.LaunchTemplateSpecification.LaunchTemplateNameStringThe name of the launch template. You must specify either a template name or a template ID.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.LaunchTemplateSpecification.VersionStringThe version number of the launch template. You must specify a version number.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.Overrides.InstanceTypeStringThe instance type.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.Overrides.MaxPriceStringThe maximum price per unit hour that you are willing to pay for a Spot Instance.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.Overrides.SubnetIdStringThe ID of the subnet in which to launch the instances.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.Overrides.AvailabilityZoneStringThe Availability Zone in which to launch the instances.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.Overrides.WeightedCapacityStringThe number of units provided by the specified instance type.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.Overrides.PriorityStringThe priority for the launch template override.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.Overrides.Placement.GroupNameStringThe name of the placement group the instance is in.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.LifecycleStringIndicates if the instance that could not be launched was a Spot Instance or On-Demand Instance.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.ErrorCodeStringThe error code that indicates why the instance could not be launched.
AWS.EC2.Fleet.LaunchTemplateAndOverrides.ErrorMessageStringThe error message that describes why the instance could not be launched.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.LaunchTemplateSpecification.LaunchTemplateIdStringThe ID of the launch template. You must specify either a template ID or a template name.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.LaunchTemplateSpecification.LaunchTemplateNameStringThe name of the launch template. You must specify either a template name or a template ID.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.LaunchTemplateSpecification.VersionStringThe version number of the launch template. You must specify a version number.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.InstanceTypeStringThe instance type.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.MaxPriceStringThe maximum price per unit hour that you are willing to pay for a Spot Instance.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.SubnetIdStringThe ID of the subnet in which to launch the instances.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.AvailabilityZoneStringThe Availability Zone in which to launch the instances.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.WeightedCapacityNumberThe number of units provided by the specified instance type.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.PriorityNumberThe priority for the launch template override.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.Placement.GroupNameStringThe name of the placement group the instance is in.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.LifecycleStringIndicates if the instance that was launched is a Spot Instance or On-Demand Instance.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.InstanceIdsStringThe IDs of the instances.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.InstanceTypeStringThe instance type.
AWS.EC2.Fleet.Instances.LaunchTemplateAndOverrides.Overrides.PlatformStringThe value is Windows for Windows instances; otherwise blank.

aws-ec2-delete-fleet


Deletes the specified EC2 Fleet.

Base Command

aws-ec2-delete-fleet

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
DryRunChecks whether you have the required permissions for the action, without actually making the request, and provides an error response.Optional
FleetIdsThe IDs of the EC2 Fleets.Required
TerminateInstancesIndicates whether to terminate instances for an EC2 Fleet if it is deleted successfully.Required

Context Output

PathTypeDescription
AWS.EC2.DeletedFleets.SuccessfulFleetDeletions.CurrentFleetStateStringThe current state of the EC2 Fleet.
AWS.EC2.DeletedFleets.SuccessfulFleetDeletions.PreviousFleetStateStringThe previous state of the EC2 Fleet.
AWS.EC2.DeletedFleets.SuccessfulFleetDeletions.FleetIdStringThe ID of the EC2 Fleet.
AWS.EC2.DeletedFleets.UnsuccessfulFleetDeletions.Error.CodeStringThe error code.
AWS.EC2.DeletedFleets.UnsuccessfulFleetDeletions.Error.MessageStringThe description for the error code.
AWS.EC2.DeletedFleets.UnsuccessfulFleetDeletions.FleetIdStringThe ID of the EC2 Fleet.

aws-ec2-describe-fleets


Describes one or more of your EC2 Fleets.

Base Command

aws-ec2-describe-fleets

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
filtersOne or more filters.Optional
FleetIdsThe ID of the EC2 Fleets.Optional
MaxResultsThe maximum number of results to return in a single call. Specify a value between 1 and 1000.Optional
NextTokenThe token for the next set of results.Optional

Context Output

PathTypeDescription
AWS.EC2.Fleet.NextTokenstringThe token for the next set of results.
AWS.EC2.Fleet.Fleets.ActivityStatusstringThe progress of the EC2 Fleet. If there is an error, the status is error .
AWS.EC2.Fleet.Fleets.CreateTimedateThe creation date and time of the EC2 Fleet.
AWS.EC2.Fleet.Fleets.FleetIdstringThe ID of the EC2 Fleet.
AWS.EC2.Fleet.Fleets.FleetStatestringThe state of the EC2 Fleet.
AWS.EC2.Fleet.Fleets.ClientTokenstringUnique, case-sensitive identifier you provide to ensure the idempotency of the request.
AWS.EC2.Fleet.Fleets.ExcessCapacityTerminationPolicystringIndicates whether running instances should be terminated if the target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.
AWS.EC2.Fleet.Fleets.FulfilledCapacitynumberThe number of units fulfilled by this request compared to the set target capacity.
AWS.EC2.Fleet.Fleets.FulfilledOnDemandCapacitynumberThe number of units fulfilled by this request compared to the set target On-Demand capacity.
AWS.EC2.Fleet.Fleets.LaunchTemplateConfigs.LaunchTemplateSpecification.LaunchTemplateIdstringThe ID of the launch template. You must specify either a template ID or a template name.
AWS.EC2.Fleet.Fleets.LaunchTemplateConfigs.LaunchTemplateSpecification.LaunchTemplateNamestringThe name of the launch template. You must specify either a template name or a template ID.
AWS.EC2.Fleet.Fleets.LaunchTemplateConfigs.LaunchTemplateSpecification.VersionstringThe version number of the launch template. You must specify a version number.
AWS.EC2.Fleet.Fleets.LaunchTemplateConfigs.LaunchTemplateSpecification.Overrides.InstanceTypestringThe instance type.
AWS.EC2.Fleet.Fleets.LaunchTemplateConfigs.LaunchTemplateSpecification.Overrides.MaxPricestringThe maximum price per unit hour that you are willing to pay for a Spot Instance.
AWS.EC2.Fleet.Fleets.LaunchTemplateConfigs.LaunchTemplateSpecification.Overrides.SubnetIdstringThe ID of the subnet in which to launch the instances.
AWS.EC2.Fleet.Fleets.LaunchTemplateConfigs.LaunchTemplateSpecification.Overrides.AvailabilityZonestringThe Availability Zone in which to launch the instances.
AWS.EC2.Fleet.Fleets.LaunchTemplateConfigs.LaunchTemplateSpecification.Overrides.WeightedCapacitynumberThe number of units provided by the specified instance type.
AWS.EC2.Fleet.Fleets.LaunchTemplateConfigs.LaunchTemplateSpecification.Overrides.PrioritynumberThe priority for the launch template override.
AWS.EC2.Fleet.Fleets.LaunchTemplateConfigs.LaunchTemplateSpecification.Overrides.Placement.GroupNamestringThe name of the placement group the instance is in.
AWS.EC2.Fleet.Fleets.TargetCapacitySpecification.TotalTargetCapacitynumberThe number of units to request, filled using DefaultTargetCapacityType .
AWS.EC2.Fleet.Fleets.TargetCapacitySpecification.OnDemandTargetCapacitynumberThe number of On-Demand units to request.
AWS.EC2.Fleet.Fleets.TargetCapacitySpecification.SpotTargetCapacitynumberThe maximum number of Spot units to launch.
AWS.EC2.Fleet.Fleets.TargetCapacitySpecification.DefaultTargetCapacityTypestringThe default TotalTargetCapacity , which is either Spot or On-Demand.
AWS.EC2.Fleet.Fleets.TerminateInstancesWithExpirationbooleanIndicates whether running instances should be terminated when the EC2 Fleet expires.
AWS.EC2.Fleet.Fleets.TypestringThe type of request. Indicates whether the EC2 Fleet only requests the target capacity, or also attempts to maintain it.
AWS.EC2.Fleet.Fleets.ValidFromdateThe start date and time of the request, in UTC format (for example, YYYY -MM -DD T*HH* :MM :SS Z).
AWS.EC2.Fleet.Fleets.ValidUntildateThe end date and time of the request, in UTC format (for example, YYYY -MM -DD T*HH* :MM :SS Z).
AWS.EC2.Fleet.Fleets.ReplaceUnhealthyInstancesbooleanIndicates whether EC2 Fleet should replace unhealthy instances.
AWS.EC2.Fleet.Fleets.SpotOptions.AllocationStrategystringIndicates how to allocate the target capacity across the Spot pools specified by the Spot Fleet request.
AWS.EC2.Fleet.Fleets.SpotOptions.InstanceInterruptionBehaviorstringThe behavior when a Spot Instance is interrupted. The default is terminate.
AWS.EC2.Fleet.Fleets.SpotOptions.InstancePoolsToUseCountnumberThe number of Spot pools across which to allocate your target Spot capacity.
AWS.EC2.Fleet.Fleets.SpotOptions.SingleInstanceTypebooleanIndicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.
AWS.EC2.Fleet.Fleets.SpotOptions.SingleAvailabilityZonebooleanIndicates that the fleet launches all Spot Instances into a single Availability Zone.
AWS.EC2.Fleet.Fleets.SpotOptions.MinTargetCapacitynumberThe minimum target capacity for Spot Instances in the fleet.
AWS.EC2.Fleet.Fleets.OnDemandOptions.AllocationStrategystringThe order of the launch template overrides to use in fulfilling On-Demand capacity.
AWS.EC2.Fleet.Fleets.OnDemandOptions.SingleInstanceTypebooleanIndicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.
AWS.EC2.Fleet.Fleets.OnDemandOptions.SingleAvailabilityZonebooleanIndicates that the fleet launches all On-Demand Instances into a single Availability Zone.
AWS.EC2.Fleet.Fleets.OnDemandOptions.MinTargetCapacitynumberThe minimum target capacity for On-Demand Instances in the fleet.
AWS.EC2.Fleet.Fleets.Tags.KeystringThe key of the tag.
AWS.EC2.Fleet.Fleets.Tags.ValuestringThe value of the tag.
AWS.EC2.Fleet.Fleets.Errors.LaunchTemplateAndOverrides.LaunchTemplateSpecification.LaunchTemplateIdstringThe ID of the launch template. You must specify either a template ID or a template name.
AWS.EC2.Fleet.Fleets.Errors.LaunchTemplateAndOverrides.LaunchTemplateSpecification.LaunchTemplateNamestringThe name of the launch template. You must specify either a template name or a template ID.
AWS.EC2.Fleet.Fleets.Errors.LaunchTemplateAndOverrides.LaunchTemplateSpecification.VersionstringThe version number of the launch template. You must specify a version number.
AWS.EC2.Fleet.Fleets.Errors.Overrides.InstanceTypestringThe instance type.
AWS.EC2.Fleet.Fleets.Errors.Overrides.MaxPricestringThe maximum price per unit hour that you are willing to pay for a Spot Instance.
AWS.EC2.Fleet.Fleets.Errors.Overrides.SubnetIdstringThe ID of the subnet in which to launch the instances.
AWS.EC2.Fleet.Fleets.Errors.Overrides.AvailabilityZonestringThe Availability Zone in which to launch the instances.
AWS.EC2.Fleet.Fleets.Errors.Overrides.WeightedCapacitynumberThe number of units provided by the specified instance type.
AWS.EC2.Fleet.Fleets.Errors.Overrides.PrioritynumberThe priority for the launch template override.
AWS.EC2.Fleet.Fleets.Errors.Overrides.Placement.GroupNamestringThe name of the placement group the instance is in.
AWS.EC2.Fleet.Fleets.Errors.LifecyclestringIndicates if the instance that could not be launched was a Spot Instance or On-Demand Instance.
AWS.EC2.Fleet.Fleets.Errors.ErrorCodestringThe error code that indicates why the instance could not be launched.
AWS.EC2.Fleet.Fleets.Errors.ErrorMessagestringThe error message that describes why the instance could not be launched.
AWS.EC2.Fleet.Fleets.Instances.LaunchTemplateAndOverrides.LaunchTemplateSpecification.LaunchTemplateIdstringThe ID of the launch template. You must specify either a template ID or a template name.
AWS.EC2.Fleet.Fleets.Instances.LaunchTemplateAndOverrides.LaunchTemplateSpecification.LaunchTemplateNamestringThe name of the launch template. You must specify either a template name or a template ID.
AWS.EC2.Fleet.Fleets.Instances.LaunchTemplateAndOverrides.LaunchTemplateSpecification.VersionstringThe version number of the launch template. You must specify a version number.
AWS.EC2.Fleet.Fleets.Instances.LaunchTemplateAndOverrides.Overrides.InstanceTypestringThe instance type.
AWS.EC2.Fleet.Fleets.Instances.LaunchTemplateAndOverrides.Overrides.MaxPricestringThe maximum price per unit hour that you are willing to pay for a Spot Instance.
AWS.EC2.Fleet.Fleets.Instances.LaunchTemplateAndOverrides.Overrides.SubnetIdstringThe ID of the subnet in which to launch the instances.
AWS.EC2.Fleet.Fleets.Instances.LaunchTemplateAndOverrides.Overrides.AvailabilityZonestringThe Availability Zone in which to launch the instances.
AWS.EC2.Fleet.Fleets.Instances.LaunchTemplateAndOverrides.Overrides.WeightedCapacitynumberThe number of units provided by the specified instance type.
AWS.EC2.Fleet.Fleets.Instances.LaunchTemplateAndOverrides.Overrides.PrioritynumberThe priority for the launch template override.
AWS.EC2.Fleet.Fleets.Instances.LaunchTemplateAndOverrides.Overrides.Placement.GroupNamestringThe name of the placement group the instance is in.
AWS.EC2.Fleet.Fleets.Instances.LifecyclestringIndicates if the instance that was launched is a Spot Instance or On-Demand Instance.
AWS.EC2.Fleet.Fleets.Instances.InstanceIdsstringThe IDs of the instances.
AWS.EC2.Fleet.Fleets.Instances.InstanceTypestringThe instance type.
AWS.EC2.Fleet.Fleets.Instances.PlatformstringThe value is Windows for Windows instances; otherwise blank.

aws-ec2-describe-fleet-instances


Describes the running instances for the specified EC2 Fleet.

Base Command

aws-ec2-describe-fleet-instances

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
filtersA filter name and value pair that is used to return a more specific list of results from a describe operation.Optional
FleetIdThe ID of the EC2 Fleet.Required
MaxResultsThe maximum number of results to return in a single call. Specify a value between 1 and 1000.Optional
NextTokenThe token for the next set of results.Optional

Context Output

PathTypeDescription
AWS.EC2.Fleet.ActiveInstances.InstanceIdStringThe ID of the instance.
AWS.EC2.Fleet.ActiveInstances.InstanceTypeStringThe instance type.
AWS.EC2.Fleet.ActiveInstances.SpotInstanceRequestIdStringThe ID of the Spot Instance request.
AWS.EC2.Fleet.ActiveInstances.InstanceHealthStringThe health status of the instance.
AWS.EC2.Fleet.NextTokenStringThe token for the next set of results.
AWS.EC2.Fleet.FleetIdStringThe ID of the EC2 Fleet.

aws-ec2-modify-fleet


Modifies the specified EC2 Fleet.

Base Command

aws-ec2-modify-fleet

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
FleetIdThe ID of the EC2 Fleet.Required
TotalTargetCapacityThe number of units to request, filled using DefaultTargetCapacityType.Required
OnDemandTargetCapacityThe number of On-Demand units to request.Optional
SpotTargetCapacityThe number of Spot units to request.Optional
DefaultTargetCapacityTypeThe default TotalTargetCapacity, which is either Spot or On-Demand.Optional

Context Output

There is no context output for this command.

aws-ec2-create-launch-template


Creates a launch template. A launch template contains the parameters to launch an instance.

Base Command

aws-ec2-create-launch-template

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
ClientTokenUnique, case-sensitive identifier you provide to ensure the idempotency of the request.Optional
LaunchTemplateNameA name for the launch template.Required
VersionDescriptionA description for the first version of the launch template.Optional
KernelIdThe ID of the kernel.Optional
EbsOptimizedIndicates whether the instance is optimized for Amazon EBS I/O.Optional
iamInstanceProfileArnThe Amazon Resource Name (ARN) of the instance profile.Optional
iamInstanceProfileNameThe name of the instance profile.Optional
deviceNameThe device name (for example, /dev/sdh or xvdh).Optional
VirtualNameThe virtual device name (ephemeralN). Instance store volumes are numbered starting from 0.Optional
ebsEncryptedIndicates whether the EBS volume is encrypted.Optional
ebsDeleteOnTerminationIndicates whether the EBS volume is deleted on instance termination.Optional
ebsIopsThe number of I/O operations per second (IOPS) that the volume supports.Optional
ebsKmsKeyIdThe ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.Optional
ebsSnapshotIdThe ID of the snapshot.Optional
ebsVolumeSizeThe size of the volume, in GiB.Optional
ebsVolumeTypeThe volume type.Optional
NoDeviceSuppresses the specified device included in the block device mapping of the AMI.Optional
AssociatePublicIpAddressAssociates a public IPv4 address with eth0 for a new network interface.Optional
NetworkInterfacesDeleteOnTerminationIndicates whether the network interface is deleted when the instance is terminated.Optional
NetworkInterfacesDescriptionA description for the network interface.Optional
NetworkInterfacesDeviceIndexThe device index for the network interface attachment.Optional
NetworkInterfaceGroupsThe IDs of one or more security groups.Optional
Ipv6AddressCountThe number of IPv6 addresses to assign to a network interface.Optional
Ipv6AddressesOne or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.Optional
NetworkInterfaceIdThe ID of the network interface.Optional
PrivateIpAddressThe primary private IPv4 address of the network interface.Optional
SubnetIdThe ID of the subnet for the network interface.Optional
ImageIdThe ID of the AMI, which you can get by using DescribeImages.Optional
InstanceTypeThe instance type.Optional
KeyNameThe name of the key pair.Optional
MonitoringSpecify true to enable detailed monitoring. Otherwise, basic monitoring is enabled.Optional
AvailabilityZoneThe Availability Zone for the instance.Optional
PlacementAffinityThe affinity setting for an instance on a Dedicated Host.Optional
AvailabilityZoneGroupNameThe name of the placement group for the instance.Optional
PlacementHostIdThe ID of the Dedicated Host for the instance.Optional
PlacementTenancyThe tenancy of the instance (if the instance is running in a VPC).Optional
PlacementSpreadDomainReserved for future use.Optional
RamDiskIdThe ID of the RAM disk.Optional
DisableApiTerminationIf set to true , you can't terminate the instance using the Amazon EC2 console, CLI, or API.Optional
InstanceInitiatedShutdownBehaviorIndicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).Optional
UserDataThe Base64-encoded user data to make available to the instance.Optional
TagsThe tags to apply to the resource.Optional
ElasticGpuSpecificationsTypeThe type of Elastic Graphics accelerator.Optional
ElasticInferenceAcceleratorsTypeThe type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.Optional
securityGroupIdsOne or more security group IDs.Optional
securityGroupsOne or more security group names.Optional
MarketTypeThe market type.Optional
SpotInstanceTypeThe Spot Instance request type.Optional
BlockDurationMinutesThe required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).Optional
SpotValidUntilThe end date of the request.Optional
SpotInstanceInterruptionBehaviorThe behavior when a Spot Instance is interrupted. The default is terminate.Optional
SpotMaxPriceThe maximum hourly price you're willing to pay for the Spot Instances.Optional

Context Output

PathTypeDescription
AWS.EC2.LaunchTemplates.LaunchTemplate.LaunchTemplateIdStringThe ID of the launch template.
AWS.EC2.LaunchTemplates.LaunchTemplate.LaunchTemplateNameStringThe name of the launch template.
AWS.EC2.LaunchTemplates.LaunchTemplate.CreateTimeDateThe time launch template was created.
AWS.EC2.LaunchTemplates.LaunchTemplate.CreatedByStringThe principal that created the launch template.
AWS.EC2.LaunchTemplates.LaunchTemplate.DefaultVersionNumberNumberThe version number of the default version of the launch template.
AWS.EC2.LaunchTemplates.LaunchTemplate.LatestVersionNumberNumberThe version number of the latest version of the launch template.
AWS.EC2.LaunchTemplates.LaunchTemplate.Tags.KeyStringThe key of the tag.
AWS.EC2.LaunchTemplates.LaunchTemplate.Tags.ValueStringThe value of the tag.

aws-ec2-delete-launch-template


Deletes a launch template. Deleting a launch template deletes all of its versions.

Base Command

aws-ec2-delete-launch-template

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
LaunchTemplateIdThe ID of the launch template.Optional
LaunchTemplateNameThe name of the launch template.Optional

Context Output

PathTypeDescription
AWS.EC2.DeletedLaunchTemplates.LaunchTemplate.LaunchTemplateIdStringThe ID of the launch template.
AWS.EC2.DeletedLaunchTemplates.LaunchTemplate.LaunchTemplateNameStringThe name of the launch template.
AWS.EC2.DeletedLaunchTemplates.LaunchTemplate.CreateTimeDateThe time launch template was created.
AWS.EC2.DeletedLaunchTemplates.LaunchTemplate.CreatedByStringThe principal that created the launch template.
AWS.EC2.DeletedLaunchTemplates.LaunchTemplate.DefaultVersionNumberNumberThe version number of the default version of the launch template.
AWS.EC2.DeletedLaunchTemplates.LaunchTemplate.LatestVersionNumberNumberThe version number of the latest version of the launch template.

aws-ec2-modify-image-attribute


Modifies the specified attribute of the specified AMI.

Base Command

aws-ec2-modify-image-attribute

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
AttributeThe name of the attribute to modify. The valid values are description, launchPermission, and productCodes.Optional
DescriptionA new description for the AMI.Optional
ImageIdThe ID of the AMI.Required
LaunchPermission-Add-GroupThe name of the group.Optional
LaunchPermission-Add-UserIdThe AWS account ID.Optional
LaunchPermission-Remove-GroupThe name of the group.Optional
LaunchPermission-Remove-UserIdThe AWS account ID.Optional
OperationTypeThe operation type.Optional
ProductCodesOne or more DevPay product codes. After you add a product code to an AMI, it can't be removed.Optional
UserGroupsOne or more user groups. This parameter can be used only when the Attribute parameter is launchPermission.Optional
UserIdsOne or more AWS account IDs. This parameter can be used only when the Attribute parameter is launchPermission.Optional
ValueThe value of the attribute being modified. This parameter can be used only when the Attribute parameter is description or productCodes.Optional

Context Output

There is no context output for this command.

aws-ec2-delete-subnet


Deletes the specified subnet. You must terminate all running instances in the subnet before you can delete the subnet.

Base Command

aws-ec2-delete-subnet

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
SubnetIdThe ID of the subnet.Required

Context Output

There is no context output for this command.

aws-ec2-delete-vpc


Deletes the specified VPC. You must detach or delete all gateways and resources that are associated with the VPC before you can delete it. For example, you must terminate all instances running in the VPC, delete all security groups associated with the VPC (except the default one), delete all route tables associated with the VPC (except the default one), and so on.

Base Command

aws-ec2-delete-vpc

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
VpcIdThe ID of the VPC.Required

Context Output

There is no context output for this command.

aws-ec2-delete-internet-gateway


Deletes the specified internet gateway. You must detach the internet gateway from the VPC before you can delete it.

Base Command

aws-ec2-delete-internet-gateway

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
InternetGatewayIdThe ID of the internet gateway.Required

Context Output

There is no context output for this command.

aws-ec2-describe-internet-gateway


Describes one or more of your internet gateways.

Base Command

aws-ec2-describe-internet-gateway

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
filtersOne or more filters.Optional
InternetGatewayIdsOne or more internet gateway IDs.Optional

Context Output

PathTypeDescription
AWS.EC2.InternetGateways.InternetGatewayIdstringThe ID of the internet gateway.
AWS.EC2.InternetGateways.OwnerIdstringThe ID of the AWS account that owns the internet gateway.
AWS.EC2.InternetGateways.TagsstringAny tags assigned to the internet gateway.
AWS.EC2.InternetGateways.Attachments.StatestringThe current state of the attachment.
AWS.EC2.InternetGateways.Attachments.VpcIdstringThe ID of the VPC.

aws-ec2-detach-internet-gateway


Detaches an internet gateway from a VPC, disabling connectivity between the internet and the VPC. The VPC must not contain any running instances with Elastic IP addresses or public IPv4 addresses.

Base Command

aws-ec2-detach-internet-gateway

Input

Argument NameDescriptionRequired
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional
InternetGatewayIdThe ID of the internet gateway.Required
VpcIdThe ID of the VPC.Required

Context Output

There is no context output for this command.

aws-ec2-create-traffic-mirror-session


Creates a Traffic Mirror session.

Base Command

aws-ec2-create-traffic-mirror-session

Input

Argument NameDescriptionRequired
NetworkInterfaceIdThe ID of the source network interface.Required
TrafficMirrorTargetIdThe ID of the Traffic Mirror target.Required
TrafficMirrorFilterIdThe ID of the Traffic Mirror filter.Required
PacketLengthThe number of bytes in each packet to mirror.Optional
SessionNumberThe session number determines the order in which sessions are evaluated when an interface is used by multiple sessions.Required
VirtualNetworkIdThe VXLAN ID for the Traffic Mirror session.Optional
DescriptionThe description of the Traffic Mirror session.Optional
TagsThe tags to assign to a Traffic Mirror session.Optional
DryRunChecks whether you have the required permissions for the action, without actually making the request, and provides an error response.Optional
ClientTokenUnique, case-sensitive identifier that you provide to ensure the idempotency of the request.Optional

Context Output

PathTypeDescription
AWS.EC2.TrafficMirrorSession.TrafficMirrorSessionIdStringThe ID for the Traffic Mirror session.
AWS.EC2.TrafficMirrorSession.TrafficMirrorTargetIdStringThe ID of the Traffic Mirror target.
AWS.EC2.TrafficMirrorSession.TrafficMirrorFilterIdStringThe ID of the Traffic Mirror filter.
AWS.EC2.TrafficMirrorSession.NetworkInterfaceIdStringThe ID of the Traffic Mirror session's network interface.
AWS.EC2.TrafficMirrorSession.OwnerIdStringThe ID of the account that owns the Traffic Mirror session.
AWS.EC2.TrafficMirrorSession.PacketLengthNumberThe number of bytes in each packet to mirror.
AWS.EC2.TrafficMirrorSession.SessionNumberNumberThe session number determines the order in which sessions are evaluated when an interface is used by multiple sessions.
AWS.EC2.TrafficMirrorSession.VirtualNetworkIdNumberThe virtual network ID associated with the Traffic Mirror session.
AWS.EC2.TrafficMirrorSession.DescriptionStringThe description of the Traffic Mirror session.
AWS.EC2.TrafficMirrorSession.Tags.KeyStringThe key of the tag.
AWS.EC2.TrafficMirrorSession.Tags.ValueStringThe value of the tag.
AWS.EC2.TrafficMirrorSession.ClientTokenStringUnique, case-sensitive identifier that you provide to ensure the idempotency of the request.