nexxai.dev

Find a missing EC2 instance in AWS using just the command line

October 6, 2022October 6, 2022

Today we found ourselves in a position where we had a Windows server – with only the Server Core experience installed – somewhere in EC2 but we could not figure out what AWS account it actually lived in. This meant that we were limiting to finding the missing EC2 instance in AWS using just the command line.

Most cloud providers offer an instance metadata endpoint that you can query to get some basic info about the instance itself. It usually operates on http://169.254.169.254 (that IP is not a placeholder, it’s literally the IP you query) and AWS is no different. As per the AWS documentation, if you hit http://169.254.169.254/latest/meta-data/ you can get some information about the running instance which was exactly what we needed.

The first thing we knew is that we needed to be in PowerShell, since the basic Windows command line doesn’t have an HTTP client.

Microsoft Windows [Version 10.0.20348.1070]
(c) Microsoft Corporation. All rights reserved.

C:\Users\nexxai>powershell.exe
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

Install the latest PowerShell for new features and improvements! https://aka.ms/PSWindows

PS C:\Users\nexxai>

Next, we tried to use the Invoke-WebRequest cmdlet, except being Server Core, it did not have the Internet Explorer (lol) components installed that this cmdlet apparently needs.

Thinking on our feet, we considered that maybe the Invoke-RestMethod cmdlet didn’t have the IE dependency since it was strictly used for REST-based calls and may have be implemented without any IE components. Success.

PS C:\Users\nexxai>Invoke-RestMethod -Uri http://169.254.169.254/latest/meta-data/
ami-id
ami-launch-index
ami-manifest-path
block-device-mapping/
events/
hostname
iam/
instance-action
instance-id
instance-life-cycle
instance-type
local-hostname
local-ipv4
mac
metrics/
network/
placement/
profile
public-hostname
public-ipv4
public-keys/
reservation-id
security-groups
services/

We tried a couple of different endpoints, but then saw the iam entry and gave it a shot.

PS C:\Users\nexxai>Invoke-RestMethod -Uri http://169.254.169.254/latest/meta-data/iam/
info
security-credentials/

Then naturally we checked out info.

PS C:\Users\nexxai>Invoke-RestMethod -Uri http://169.254.169.254/latest/meta-data/iam/info

I can’t share the results of this command for obvious reasons, but contained within the results was the ARN of the IAM role that the EC2 instance was associated with, which – and here’s the important part – includes the account number! Yes!

After some more digging, it turns if you have the AWS CLI installed on the VM (unsure if this is installed by default), you can also run aws sts get-caller-identity which will show the account the instance is running in.

Once we were able to get the account number, we were quickly able to locate the rogue instance and deal with the original problem we were searching it out for. I hope you never have to try and find a missing EC2 instance using just the command line, but if so, hopefully we’ve just made it a little easier to do so.

New Python script published: Excel to Markdown

August 2, 2022August 2, 2022

I just published a new Python script that I’ve dubbed Excel to Markdown to Github and wanted to share the details of the what and the why.

Using some of the PowerShell scripts I published on nexxai.dev last week, I found that I had a need to dump the results of some of these spreadsheets into a more accessible documentation repo. We use Confluence here and so the easy choice was to convert those worksheets to Markdown. However, when I looked around, I couldn’t find anything that would do what I needed without costing several thousand(!!!) dollars.

This script takes a single input (the path to your spreadsheet), will prompt you for the heading level to use for the title of the table, and will dump to the screen every worksheet in the workbook. You can then copy/paste this text into the documentation management system of your choice, and presto, you have an editable document that you and your teams can use.

I hope this help you if you ever have to convert Excel to Markdown!

Get all of the scopes and reservations from all activated DHCP servers in an Active Directory domain

July 12, 2022July 12, 2022

Today I had to get all of the scopes and reservations from all activated DHCP servers in our Active Directory domain. I whipped up this PowerShell script and figured someone else out there might need it. Please note that the Import-Excel package is required if you plan on using this script verbatim. It can be easily modified to not use it, however this is left as an exercise for the reader to implement.

Get-DhcpServerInDC | ForEach-Object {
    $DHCPServer = $_
    $hostName = $DHCPServer.DnsName
    Write-Host $hostName

    $scopes = Get-DhcpServerv4Scope -ComputerName $DHCPServer.DnsName | Where-Object { $_.State -eq "Active" } | Select-Object -Property Name, ScopeId, SubnetMask, StartRange, EndRange
    $scopes | Export-Excel ".\DHCPScopes.xlsx" -WorkSheetname "$($hostName)-Scopes" -AutoSize -AutoFilter

    ForEach ($scope in $scopes) {
        $reservations = Get-DhcpServerv4Reservation -ComputerName $DHCPServer.DnsName -ScopeId $scope.ScopeId | Select-Object -Property ClientId, Description, IPAddress, Name
        $reservations | Export-Excel ".\DHCPScopes.xlsx" -WorkSheetname "$($hostName)-Reservations" -AutoSize -AutoFilter 
    }
}

Posts navigation