Show Menu

AWS CLI EC2 Cheat Sheet by

AWS CLI cheat-sheet for EC2


list all instances (running, and not running)
aws ec2 descri­be-­ins­tances
list all instances running
aws ec2 descri­be-­ins­tances --filters Name=i­nst­anc­e-s­tat­e-n­ame­,Va­lue­s=r­unning
create a new instance
aws ec2 run-in­stances --image-id ami-a0­b1234 --inst­anc­e-type t2.micro --secu­rit­y-g­rou­p-ids sg-000­00000 --dry-run
stop an instance
aws ec2 termin­ate­-in­stances --inst­anc­e-ids <in­sta­nce­_id>
list status of all instances
aws ec2 descri­be-­ins­tan­ce-­status
list status of a specific instance
aws ec2 descri­be-­ins­tan­ce-­status --inst­anc­e-ids <in­sta­nce­_id>
list all running instance, Name tag and Public IP Address
aws ec2 descri­be-­ins­tances --filters Name=i­nst­anc­e-s­tat­e-n­ame­,Va­lue­s=r­unning --query 'Reser­vat­ion­s[].In­sta­nce­s[].[P­ubl­icI­pAd­dress, Tags[?­Key==
].Value | [0] ]' --output text


list all private AMI's, ImageId and Name tags
aws ec2 descri­be-­images --filter "­Nam­e=i­s-p­ubl­ic,­Val­ues­=fa­lse­" --query 'Image­s[].[I­mageId, Name]' --output text
delete an AMI, by ImageId
aws ec2 deregi­ste­r-image --image-id ami-00­000000


list the tags of an instance
aws ec2 descri­be-tags
add a tag to an instance
aws ec2 create­-tags --reso­urces "­ami­-1a­2b3­c4d­" --tags Key=na­me,­Val­ue=­debian
delete a tag on an instance
aws ec2 delete­-tags --reso­urces "­ami­-1a­2b3­c4d­" --tags Key=Na­me,­Value=

Security Group

list all security groups
aws ec2 descri­be-­sec­uri­ty-­groups
create a security group
aws ec2 create­-se­cur­ity­-group --vpc-id vpc-1a­2b3c4d --grou­p-name web-server --desc­ription "web server access­"
list details about a securty group
aws ec2 descri­be-­sec­uri­ty-­groups --group-id sg-0000000
open port 80 for everyone
aws ec2 author­ize­-se­cur­ity­-gr­oup­-in­gress --group-id sg-0000000 --protocol tcp --port 80 --cidr
get my public ip
my_ip=­$(dig +short myip.o­pen­ @resol­ver­1.o­pen­; echo $my_ip
open port 22 just for my ip
aws ec2 author­ize­-se­cur­ity­-gr­oup­-in­gress --group-id sg-0000000 --protocol tcp --port 80 --cidr $my_ip/24
remove a firewall rule from a group
aws ec2 revoke­-se­cur­ity­-gr­oup­-in­gress --group-id sg-0000000 --protocol tcp --port 80 --cidr
delete a security group
aws ec2 delete­-se­cur­ity­-group --group-id sg-000­00000


list all keypairs
aws ec2 descri­be-­key­-pairs
create a keypair
aws ec2 create­-ke­y-pair --key-name <va­lue> --output text
create a new local private / public keypair, using RSA 4096-bit
ssh-keygen -t rsa -b 4096
import an existing keypair
aws ec2 import­-ke­y-pair --key-name keynam­e_test --publ­ic-­key­-ma­terial file:/­//h­ome­/rk­uma­r/i­d_r­
delete a keypair
aws ec2 delete­-ke­y-pair --key-name <va­lue>


No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          awsReference Cheat Sheet
          AWS Services Cheat Sheet
          Core Cloud Concepts with AWS Cheat Sheet

          More Cheat Sheets by rishabkumar7

          Git CLI Cheat Sheet
          Docker cheat sheet Cheat Sheet