1

How can I get list of all Instances running under multiple Accounts by using Aws CLI

I have my profile configured, need assistance with looping, assume roles and than write output in a file

Cheers

Improve this question
1
  • 2
    What did you try? And what did it do? Commented Aug 8, 2019 at 2:17

1 Answer 1

Reset to default
3

I assume you've already configured one AWS profile for each AWS account and those AWS profiles permit to assume a role having the ec2:DescribeInstances action (this is typically configured inside the ~/.aws/credentials and ~/.aws/config files).

The following script (list-instances.sh) could be written.

Default AWS region version

#!/bin/bash AWS_PROFILES=() AWS_PROFILES[0]=profile_for_account_1 AWS_PROFILES[1]=profile_for_account_2 AWS_PROFILES[2]=profile_for_account_3 for AWS_PROFILE in ${AWS_PROFILES[*]} do echo "== Profile '${AWS_PROFILE}' ==" aws ec2 describe-instances --profile "${AWS_PROFILE}" --filters Name=instance-state-code,Values=16 | jq -r '.Reservations[].Instances[].InstanceId' done

Multi-regions version

#!/bin/bash AWS_PROFILES=() AWS_PROFILES[0]=profile_for_account_1 AWS_PROFILES[1]=profile_for_account_2 AWS_PROFILES[2]=profile_for_account_3 for AWS_PROFILE in ${AWS_PROFILES[*]} do for AWS_REGION in $(aws ec2 describe-regions | jq -r '.Regions[].RegionName') do echo "== profile: ${AWS_PROFILE}, region: ${AWS_REGION}" aws ec2 describe-instances --profile "${AWS_PROFILE}" --region "${AWS_REGION}" --filters Name=instance-state-code,Values=16 | jq -r '.Reservations[].Instances[].InstanceId' done done
  • You must have the jq command to parse the JSON output (see https://stedolan.github.io/jq/) ;
  • If you want more than only the EC2 instance identifiers feel free to update the jq expression ;
  • The --filters returns only EC2 instances in the running, be careful because it will not list instances in pending, shutting-down or stopping states (see the instance-state-code filter documentation here https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html) ;
  • You can redirect the output to a file with ./list-instances.sh > instance-identifiers.txt. Then simply use cat instance-identifiers.txt | grep -v "==" | cat to loop again (here the cat command apply on each EC2 instance identifier, you can replace it by another command).

Hope this helps.

Baptiste

Improve this answer
4
  • Suggested addition: I believe the account profiles must be put in the "credentials" file as outlined here: docs.aws.amazon.com/cli/latest/userguide/… Commented Aug 9, 2019 at 21:23
  • I tested this script and it works, but it does not take into account multiple regions. An enhanced version would also iterate all regions in use. Commented Aug 9, 2019 at 21:24
  • Thanks @vjones, I updated the response to explain the profiles are configured both in the "credentials" and "config" files. Also I added a multi-regions version. Do you think its good now ? Do you have any other suggestions ? Commented Aug 11, 2019 at 7:37
  • Yes, it seems to address the original question quite well. I prefer to filter on both running and stopped instances using aws ec2 describe-instances --profile "${AWS_PROFILE}" --region "${AWS_REGION}" --filters Name=instance-state-code,Va lues=16,80 | jq -r '.Reservations[].Instances[].InstanceId' Commented Aug 11, 2019 at 23:58

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.