This documentation is for Version 1 of the Amazon CLI only. For documentation related to Version 2 of the Amazon CLI, see the Version 2 User Guide.
Trusted Advisor examples using Amazon CLI
The following code examples show you how to perform actions and implement common scenarios by using the Amazon Command Line Interface with Trusted Advisor.
Actions are code excerpts from larger programs and must be run in context. While actions show you how to call individual service functions, you can see actions in context in their related scenarios.
Each example includes a link to the complete source code, where you can find instructions on how to set up and run the code in context.
Topics
Actions
The following code example shows how to use get-organization-recommendation
.
- Amazon CLI
-
To get an organization recommendation
The following
get-organization-recommendation
example gets an organization recommendation by its identifier.aws trustedadvisor get-organization-recommendation \ --organization-recommendation-identifier
arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5
Output:
{ "organizationRecommendation": { "arn": "arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "name": "Lambda Runtime Deprecation Warning", "description": "One or more lambdas are using a deprecated runtime", "awsServices": [ "lambda" ], "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", "id": "9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "lifecycleStage": "resolved", "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 0, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "warning", "type": "priority" } }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. -
For API details, see GetOrganizationRecommendation
in Amazon CLI Command Reference.
-
The following code example shows how to use get-recommendation
.
- Amazon CLI
-
To get a recommendation
The following
get-recommendation
example gets a recommendation by its identifier.aws trustedadvisor get-recommendation \ --recommendation-identifier
arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578
Output:
{ "recommendation": { "arn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "name": "MFA Recommendation", "description": "Enable multi-factor authentication", "awsServices": [ "iam" ], "checkArn": "arn:aws:trustedadvisor:::check/7DAFEmoDos", "id": "55fa4d2e-bbb7-491a-833b-5773e9589578", "lastUpdatedAt": "2023-11-01T15:57:58.673Z", "pillarSpecificAggregates": { "costOptimizing": { "estimatedMonthlySavings": 0.0, "estimatedPercentMonthlySavings": 0.0 } }, "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 1, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "error", "type": "standard" } }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. -
For API details, see GetRecommendation
in Amazon CLI Command Reference.
-
The following code example shows how to use list-checks
.
- Amazon CLI
-
To list Trusted Advisor checks
The following
list-checks
example lists all Trusted Advisor checks.aws trustedadvisor list-checks
Output:
{ "checkSummaries": [ { "arn": "arn:aws:trustedadvisor:::check/1iG5NDGVre", "awsServices": [ "EC2" ], "description": "Checks security groups for rules that allow unrestricted access to a resource. Unrestricted access increases opportunities for malicious activity (hacking, denial-of-service attacks, loss of data)", "id": "1iG5NDGVre", "metadata": { "0": "Region", "1": "Security Group Name", "2": "Security Group ID", "3": "Protocol", "4": "Port", "5": "Status", "6": "IP Range" }, "name": "Security Groups - Unrestricted Access", "pillars": [ "security" ], "source": "ta_check" }, { "arn": "arn:aws:trustedadvisor:::check/1qazXsw23e", "awsServices": [ "RDS" ], "description": "Checks your usage of RDS and provides recommendations on purchase of Reserved Instances to help reduce costs incurred from using RDS On-Demand. AWS generates these recommendations by analyzing your On-Demand usage for the past 30 days. We then simulate every combination of reservations in the generated category of usage in order to identify the best number of each type of Reserved Instance to purchase to maximize your savings. This check covers recommendations based on partial upfront payment option with 1-year or 3-year commitment. This check is not available to accounts linked in Consolidated Billing. Recommendations are only available for the Paying Account.", "id": "1qazXsw23e", "metadata": { "0": "Region", "1": "Family", "2": "Instance Type", "3": "License Model", "4": "Database Edition", "5": "Database Engine", "6": "Deployment Option", "7": "Recommended number of Reserved Instances to purchase", "8": "Expected Average Reserved Instance Utilization", "9": "Estimated Savings with Recommendation (monthly)" "10": "Upfront Cost of Reserved Instances", "11": "Estimated cost of Reserved Instances (monthly)", "12": "Estimated On-Demand Cost Post Recommended Reserved Instance Purchase (monthly)", "13": "Estimated Break Even (months)", "14": "Lookback Period (days)", "15": "Term (years)" }, "name": "Amazon Relational Database Service (RDS) Reserved Instance Optimization", "pillars": [ "cost_optimizing" ], "source": "ta_check" }, { "arn": "arn:aws:trustedadvisor:::check/1qw23er45t", "awsServices": [ "Redshift" ], "description": "Checks your usage of Redshift and provides recommendations on purchase of Reserved Nodes to help reduce costs incurred from using Redshift On-Demand. AWS generates these recommendations by analyzing your On-Demand usage for the past 30 days. We then simulate every combination of reservations in the generated category of usage in order to identify the best number of each type of Reserved Nodes to purchase to maximize your savings. This check covers recommendations based on partial upfront payment option with 1-year or 3-year commitment. This check is not available to accounts linked in Consolidated Billing. Recommendations are only available for the Paying Account.", "id": "1qw23er45t", "metadata": { "0": "Region", "1": "Family", "2": "Node Type", "3": "Recommended number of Reserved Nodes to purchase", "4": "Expected Average Reserved Node Utilization", "5": "Estimated Savings with Recommendation (monthly)", "6": "Upfront Cost of Reserved Nodes", "7": "Estimated cost of Reserved Nodes (monthly)", "8": "Estimated On-Demand Cost Post Recommended Reserved Nodes Purchase (monthly)", "9": "Estimated Break Even (months)", "10": "Lookback Period (days)", "11": "Term (years)", }, "name": "Amazon Redshift Reserved Node Optimization", "pillars": [ "cost_optimizing" ], "source": "ta_check" }, ], "nextToken": "REDACTED" }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. -
For API details, see ListChecks
in Amazon CLI Command Reference.
-
The following code example shows how to use list-organization-recommendation-accounts
.
- Amazon CLI
-
To list organization recommendation accounts
The following
list-organization-recommendation-accounts
example lists all account recommendation summaries for an organization recommendation by its identifier.aws trustedadvisor list-organization-recommendation-accounts \ --organization-recommendation-identifier
arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5
Output:
{ "accountRecommendationLifecycleSummaries": [{ "accountId": "000000000000", "accountRecommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "lifecycleStage": "resolved", "updateReason": "Resolved issue", "updateReasonCode": "valid_business_case", "lastUpdatedAt": "2023-01-17T18:25:44.552Z" }], "nextToken": "REDACTED" }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. -
For API details, see ListOrganizationRecommendationAccounts
in Amazon CLI Command Reference.
-
The following code example shows how to use list-organization-recommendation-resources
.
- Amazon CLI
-
To list organization recommendation resources
The following
list-organization-recommendation-resources
example lists all resources for an organization recommendation by its identifier.aws trustedadvisor list-organization-recommendation-resources \ --organization-recommendation-identifier
arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0
Output:
{ "organizationRecommendationResourceSummaries": [ { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/5a694939-2e54-45a2-ae72-730598fa89d0/bb38affc0ce0681d9a6cd13f30238ba03a8f63dfe7a379dc403c619119d86af", "awsResourceId": "database-1-instance-1", "id": "bb38affc0ce0681d9a6cd13f302383ba03a8f63dfe7a379dc403c619119d86af", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "208.79999999999998", "2": "database-1-instance-1", "3": "db.r5.large", "4": "false", "5": "us-west-2", "6": "arn:aws:rds:us-west-2:000000000000:db:database-1-instance-1", "7": "1" }, "recommendationArn": "arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0", "regionCode": "us-west-2", "status": "warning" }, { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/5a694939-2e54-45a2-ae72-730598fa89d0/51fded4d7a3278818df9cfe344ff5762cec46c095a6763d1ba1ba53bd0e1b0e6", "awsResourceId": "database-1", "id": "51fded4d7a3278818df9cfe344ff5762cec46c095a6763d1ba1ba53bd0e1b0e6", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "31.679999999999996", "2": "database-1", "3": "db.t3.small", "4": "false", "5": "us-west-2", "6": "arn:aws:rds:us-west-2:000000000000:db:database-1", "7": "20" }, "recommendationArn": "arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0", "regionCode": "us-west-2", "status": "warning" }, { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/5a694939-2e54-45a2-ae72-730598fa89d0/f4d01bd20f4cd5372062aafc8786c489e48f0ead7cdab121463bf9f89e40a36b", "awsResourceId": "database-2-instance-1-us-west-2a", "id": "f4d01bd20f4cd5372062aafc8786c489e48f0ead7cdab121463bf9f89e40a36b", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "187.20000000000002", "2": "database-2-instance-1-us-west-2a", "3": "db.r6g.large", "4": "true", "5": "us-west-2", "6": "arn:aws:rds:us-west-2:000000000000:db:database-2-instance-1-us-west-2a", "7": "1" }, "recommendationArn": "arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0", "regionCode": "us-west-2", "status": "warning" }, ], "nextToken": "REDACTED" }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. -
For API details, see ListOrganizationRecommendationResources
in Amazon CLI Command Reference.
-
The following code example shows how to use list-organization-recommendations
.
- Amazon CLI
-
Example 1: To list organization recommendations
The following
list-organization-recommendations
example lists all organization recommendations and does not include a filter.aws trustedadvisor list-organization-recommendations
Output:
{ "organizationRecommendationSummaries": [ { "arn": "arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "name": "Lambda Runtime Deprecation Warning", "awsServices": [ "lambda" ], "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", "id": "9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "lifecycleStage": "resolved", "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 0, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "warning", "type": "priority" }, { "arn": "arn:aws:trustedadvisor:::organization-recommendation/4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", "name": "Lambda Runtime Deprecation Warning", "awsServices": [ "lambda" ], "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", "id": "4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", "lifecycleStage": "resolved", "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 0, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "warning", "type": "priority" }, ], "nextToken": "REDACTED" }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. Example 2: To list organization recommendations with a filter
The following
list-organization-recommendations
example filters and returns a max of one organization recommendation that is a part of the "security" pillar.aws trustedadvisor list-organization-recommendations \ --pillar
security
\ --max-items100
Output:
{ "organizationRecommendationSummaries": [{ "arn": "arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "name": "Lambda Runtime Deprecation Warning", "awsServices": [ "lambda" ], "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", "id": "9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "lifecycleStage": "resolved", "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 0, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "warning", "type": "priority" }], "nextToken": "REDACTED" }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. Example 3: To list organization recommendations with a pagination token
The following
list-organization-recommendations
example uses the "nextToken" returned from a previous request to fetch the next page of organization recommendations.aws trustedadvisor list-organization-recommendations \ --pillar
security
\ --max-items100
\ --starting-token<next-token>
Output:
{ "organizationRecommendationSummaries": [{ "arn": "arn:aws:trustedadvisor:::organization-recommendation/4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", "name": "Lambda Runtime Deprecation Warning", "awsServices": [ "lambda" ], "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", "id": "4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", "lifecycleStage": "resolved", "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 0, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "warning", "type": "priority" }] }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. -
For API details, see ListOrganizationRecommendations
in Amazon CLI Command Reference.
-
The following code example shows how to use list-recommendation-resources
.
- Amazon CLI
-
To list recommendation resources
The following
list-recommendation-resources
example lists all resources for a recommendation by its identifier.aws trustedadvisor list-recommendation-resources \ --recommendation-identifier
arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578
Output:
{ "recommendationResourceSummaries": [ { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/55fa4d2e-bbb7-491a-833b-5773e9589578/18959a1f1973cff8e706e9d9bde28bba36cd602a6b2cb86c8b61252835236010", "id": "18959a1f1973cff8e706e9d9bde28bba36cd602a6b2cb86c8b61252835236010", "awsResourceId": "webcms-dev-01", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "123.12000000000002", "2": "webcms-dev-01", "3": "db.m6i.large", "4": "false", "5": "us-east-1", "6": "arn:aws:rds:us-east-1:000000000000:db:webcms-dev-01", "7": "20" }, "recommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "regionCode": "us-east-1", "status": "warning" }, { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/55fa4d2e-bbb7-491a-833b-5773e9589578/e6367ff500ac90db8e4adeb4892e39ee9c36bbf812dcbce4b9e4fefcec9eb63e", "id": "e6367ff500ac90db8e4adeb4892e39ee9c36bbf812dcbce4b9e4fefcec9eb63e", "awsResourceId": "aws-dev-db-stack-instance-1", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "29.52", "2": "aws-dev-db-stack-instance-1", "3": "db.t2.small", "4": "false", "5": "us-east-1", "6": "arn:aws:rds:us-east-1:000000000000:db:aws-dev-db-stack-instance-1", "7": "1" }, "recommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "regionCode": "us-east-1", "status": "warning" }, { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/55fa4d2e-bbb7-491a-833b-5773e9589578/31aa78ba050a5015d2d38cca7f5f1ce88f70857c4e1c3ad03f8f9fd95dad7459", "id": "31aa78ba050a5015d2d38cca7f5f1ce88f70857c4e1c3ad03f8f9fd95dad7459", "awsResourceId": "aws-awesome-apps-stack-db", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "114.48000000000002", "2": "aws-awesome-apps-stack-db", "3": "db.m6g.large", "4": "false", "5": "us-east-1", "6": "arn:aws:rds:us-east-1:000000000000:db:aws-awesome-apps-stack-db", "7": "100" }, "recommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "regionCode": "us-east-1", "status": "warning" } ], "nextToken": "REDACTED" }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. -
For API details, see ListRecommendationResources
in Amazon CLI Command Reference.
-
The following code example shows how to use list-recommendations
.
- Amazon CLI
-
Example 1: To list recommendations
The following
list-recommendations
example lists all recommendations and does not include a filter.aws trustedadvisor list-recommendations
Output:
{ "recommendationSummaries": [ { "arn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "name": "MFA Recommendation", "awsServices": [ "iam" ], "checkArn": "arn:aws:trustedadvisor:::check/7DAFEmoDos", "id": "55fa4d2e-bbb7-491a-833b-5773e9589578", "lastUpdatedAt": "2023-11-01T15:57:58.673Z", "pillarSpecificAggregates": { "costOptimizing": { "estimatedMonthlySavings": 0.0, "estimatedPercentMonthlySavings": 0.0 } }, "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 1, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "error", "type": "standard" }, { "arn": "arn:aws:trustedadvisor::000000000000:recommendation/8b602b6f-452d-4cb2-8a9e-c7650955d9cd", "name": "RDS clusters quota warning", "awsServices": [ "rds" ], "checkArn": "arn:aws:trustedadvisor:::check/gjqMBn6pjz", "id": "8b602b6f-452d-4cb2-8a9e-c7650955d9cd", "lastUpdatedAt": "2023-11-01T15:58:17.397Z", "pillarSpecificAggregates": { "costOptimizing": { "estimatedMonthlySavings": 0.0, "estimatedPercentMonthlySavings": 0.0 } }, "pillars": [ "service_limits" ], "resourcesAggregates": { "errorCount": 0, "okCount": 3, "warningCount": 6 }, "source": "ta_check", "status": "warning", "type": "standard" } ], "nextToken": "REDACTED" }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. Example 2: To list recommendations with a filter
The following
list-recommendations
example lists recommendations and includes a filter.aws trustedadvisor list-recommendations \ --aws-service
iam
\ --max-items100
Output:
{ "recommendationSummaries": [{ "arn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "name": "MFA Recommendation", "awsServices": [ "iam" ], "checkArn": "arn:aws:trustedadvisor:::check/7DAFEmoDos", "id": "55fa4d2e-bbb7-491a-833b-5773e9589578", "lastUpdatedAt": "2023-11-01T15:57:58.673Z", "pillarSpecificAggregates": { "costOptimizing": { "estimatedMonthlySavings": 0.0, "estimatedPercentMonthlySavings": 0.0 } }, "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 1, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "error", "type": "standard" }], "nextToken": "REDACTED" }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. Example 3: To list recommendations with a pagination token
The following
list-recommendations
example uses the "nextToken" returned from a previous request to fetch the next page of filtered Recommendations.aws trustedadvisor list-recommendations \ --aws-service
rds
\ --max-items100
\ --starting-token<next-token>
Output:
{ "recommendationSummaries": [{ "arn": "arn:aws:trustedadvisor::000000000000:recommendation/8b602b6f-452d-4cb2-8a9e-c7650955d9cd", "name": "RDS clusters quota warning", "awsServices": [ "rds" ], "checkArn": "arn:aws:trustedadvisor:::check/gjqMBn6pjz", "id": "8b602b6f-452d-4cb2-8a9e-c7650955d9cd", "lastUpdatedAt": "2023-11-01T15:58:17.397Z", "pillarSpecificAggregates": { "costOptimizing": { "estimatedMonthlySavings": 0.0, "estimatedPercentMonthlySavings": 0.0 } }, "pillars": [ "service_limits" ], "resourcesAggregates": { "errorCount": 0, "okCount": 3, "warningCount": 6 }, "source": "ta_check", "status": "warning", "type": "standard" }] }
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. -
For API details, see ListRecommendations
in Amazon CLI Command Reference.
-
The following code example shows how to use update-organization-recommendation-lifecycle
.
- Amazon CLI
-
To update an organization recommendation lifecycle
The following
update-organization-recommendation-lifecycle
example updates the lifecycle of an organization recommendation by its identifier.aws trustedadvisor update-organization-recommendation-lifecycle \ --organization-recommendation-identifier
arn:aws:trustedadvisor:::organization-recommendation/96b5e5ca-7930-444c-90c6-06d386128100
\ --lifecycle-stagedismissed
\ --update-reason-codenot_applicable
This command produces no output.
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. -
For API details, see UpdateOrganizationRecommendationLifecycle
in Amazon CLI Command Reference.
-
The following code example shows how to use update-recommendation-lifecycle
.
- Amazon CLI
-
To update a recommendation lifecycle
The following
update-recommendation-lifecycle
example updates the lifecycle of a recommendation by its identifier.aws trustedadvisor update-recommendation-lifecycle \ --recommendation-identifier
arn:aws:trustedadvisor::000000000000:recommendation/861c9c6e-f169-405a-8b59-537a8caccd7a
\ --lifecycle-stageresolved
\ --update-reason-codevalid_business_case
This command produces no output.
For more information, see Get started with the Trusted Advisor API
in the Amazon Trusted Advisor User Guide. -
For API details, see UpdateRecommendationLifecycle
in Amazon CLI Command Reference.
-