Using aws-cli --query Option To Simplify Output

My favorite session at AWS re:Invent was James Saryerwinnie’s clear, concise, and informative tour of the aws-cli (command line interface), which according to GitHub logs he is enhancing like crazy.

I just learned about a recent addition to aws-cli: The --query option lets you specify what parts of the response data structure you want output.

Instead of wading through pages of JSON output, you can select a few specific values and output them as JSON, table, or simple text. The new --query option is far easier to use than jq, grep+cut, or Perl, my other fallback tools for parsing the output.

aws --query Examples

The following sample aws-cli commands use the --query and --output options to extract the desired output fields so that we can assign them to shell variables:

Run a Ubuntu 12.04 Precise instance and assigns the instance id to a shell variable:

instance_id=$(aws ec2 run-instances --region us-east-1 --key $USER --instance-type t1.micro --image-id ami-d9a98cb0 --output text --query 'Instances[*].InstanceId')
echo instance_id=$instance_id

Wait for the instance to leave the pending state:

while state=$(aws ec2 describe-instances --instance-ids $instance_id --output text --query 'Reservations[*].Instances[*].State.Name'); test "$state" = "pending"; do
  sleep 1; echo -n '.'
done; echo " $state"

Get the IP address of the running instance:

ip_address=$(aws ec2 describe-instances --instance-ids $instance_id --output text --query 'Reservations[*].Instances[*].PublicIpAddress')
echo ip_address=$ip_address

Get the ssh host key fingerprints to compare at ssh time (might take a few minutes for this output to be available):

aws ec2 get-console-output --instance-id $instance_id --output text |
  perl -ne 'print if /BEGIN SSH .* FINGERPRINTS/../END SSH .* FINGERPRINTS/'

ssh to the instance. Check the prompted ssh host key fingerprint against the output above:

ssh ubuntu@$ip_address

Don’t forget to terminate the demo instance:

aws ec2 terminate-instances --instance-ids "$instance_id" --output text --query 'TerminatingInstances[*].CurrentState.Name'

The addition of the --query option greatly improves what was already a fantastic tool in aws-cli.

Note: The commands in this article assume you have already: