AWS Tools for Windows PowerShell
Command Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Synopsis

Calls the Amazon Elastic Compute Cloud (EC2) DescribeInstances API operation.

Syntax

Get-EC2Instance
-InstanceId <Object[]>
-Filter <Filter[]>
-MaxResult <Int32>
-NextToken <String>
-Select <String>
-PassThru <SwitchParameter>
-ClientConfig <AmazonEC2Config>

Description

Describes the specified instances or all instances. If you specify instance IDs, the output includes information for only the specified instances. If you specify filters, the output includes information for only those instances that meet the filter criteria. If you do not specify instance IDs or filters, the output includes information for all instances, which can affect performance. We recommend that you use pagination to ensure that the operation returns quickly and successfully. If you specify an instance ID that is not valid, an error is returned. If you specify an instance that you do not own, it is not included in the output. Recently terminated instances might appear in the returned results. This interval is usually less than one hour. If you describe instances in the rare case where an Availability Zone is experiencing a service disruption and you specify instance IDs that are in the affected zone, or do not specify any instance IDs at all, the call fails. If you describe instances and specify only instance IDs that are in an unaffected zone, the call works normally. The order of the elements in the response, including those within nested structures, might vary. Applications should not assume the elements appear in a particular order.

In the AWS.Tools.EC2 module, this cmdlet automatically pages all available results to the pipeline - parameters related to iteration are only needed if you want to manually control the paginated output. To disable autopagination, use -NoAutoIteration.

Parameters

-ClientConfig <AmazonEC2Config>
Amazon.PowerShell.Cmdlets.EC2.AmazonEC2ClientCmdlet.ClientConfig
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-Filter <Filter[]>
The filters.
  • affinity - The affinity setting for an instance running on a Dedicated Host (default | host).
  • architecture - The instance architecture (i386 | x86_64 | arm64).
  • availability-zone - The Availability Zone of the instance.
  • block-device-mapping.attach-time - The attach time for an EBS volume mapped to the instance, for example, 2022-09-15T17:15:20.000Z.
  • block-device-mapping.delete-on-termination - A Boolean that indicates whether the EBS volume is deleted on instance termination.
  • block-device-mapping.device-name - The device name specified in the block device mapping (for example, /dev/sdh or xvdh).
  • block-device-mapping.status - The status for the EBS volume (attaching | attached | detaching | detached).
  • block-device-mapping.volume-id - The volume ID of the EBS volume.
  • boot-mode - The boot mode that was specified by the AMI (legacy-bios | uefi | uefi-preferred).
  • capacity-reservation-id - The ID of the Capacity Reservation into which the instance was launched.
  • capacity-reservation-specification.capacity-reservation-preference - The instance's Capacity Reservation preference (open | none).
  • capacity-reservation-specification.capacity-reservation-target.capacity-reservation-id - The ID of the targeted Capacity Reservation.
  • capacity-reservation-specification.capacity-reservation-target.capacity-reservation-resource-group-arn - The ARN of the targeted Capacity Reservation group.
  • client-token - The idempotency token you provided when you launched the instance.
  • current-instance-boot-mode - The boot mode that is used to launch the instance at launch or start (legacy-bios | uefi).
  • dns-name - The public DNS name of the instance.
  • ebs-optimized - A Boolean that indicates whether the instance is optimized for Amazon EBS I/O.
  • ena-support - A Boolean that indicates whether the instance is enabled for enhanced networking with ENA.
  • enclave-options.enabled - A Boolean that indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves.
  • hibernation-options.configured - A Boolean that indicates whether the instance is enabled for hibernation. A value of true means that the instance is enabled for hibernation.
  • host-id - The ID of the Dedicated Host on which the instance is running, if applicable.
  • hypervisor - The hypervisor type of the instance (ovm | xen). The value xen is used for both Xen and Nitro hypervisors.
  • iam-instance-profile.arn - The instance profile associated with the instance. Specified as an ARN.
  • iam-instance-profile.id - The instance profile associated with the instance. Specified as an ID.
  • iam-instance-profile.name - The instance profile associated with the instance. Specified as an name.
  • image-id - The ID of the image used to launch the instance.
  • instance-id - The ID of the instance.
  • instance-lifecycle - Indicates whether this is a Spot Instance, a Scheduled Instance, or a Capacity Block (spot | scheduled | capacity-block).
  • instance-state-code - The state of the instance, as a 16-bit unsigned integer. The high byte is used for internal purposes and should be ignored. The low byte is set based on the state represented. The valid values are: 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).
  • instance-state-name - The state of the instance (pending | running | shutting-down | terminated | stopping | stopped).
  • instance-type - The type of instance (for example, t2.micro).
  • instance.group-id - The ID of the security group for the instance.
  • instance.group-name - The name of the security group for the instance.
  • ip-address - The public IPv4 address of the instance.
  • ipv6-address - The IPv6 address of the instance.
  • kernel-id - The kernel ID.
  • key-name - The name of the key pair used when the instance was launched.
  • launch-index - When launching multiple instances, this is the index for the instance in the launch group (for example, 0, 1, 2, and so on).
  • launch-time - The time when the instance was launched, in the ISO 8601 format in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ), for example, 2021-09-29T11:04:43.305Z. You can use a wildcard (*), for example, 2021-09-29T*, which matches an entire day.
  • maintenance-options.auto-recovery - The current automatic recovery behavior of the instance (disabled | default).
  • metadata-options.http-endpoint - The status of access to the HTTP metadata endpoint on your instance (enabled | disabled)
  • metadata-options.http-protocol-ipv4 - Indicates whether the IPv4 endpoint is enabled (disabled | enabled).
  • metadata-options.http-protocol-ipv6 - Indicates whether the IPv6 endpoint is enabled (disabled | enabled).
  • metadata-options.http-put-response-hop-limit - The HTTP metadata request put response hop limit (integer, possible values 1 to 64)
  • metadata-options.http-tokens - The metadata request authorization state (optional | required)
  • metadata-options.instance-metadata-tags - The status of access to instance tags from the instance metadata (enabled | disabled)
  • metadata-options.state - The state of the metadata option changes (pending | applied).
  • monitoring-state - Indicates whether detailed monitoring is enabled (disabled | enabled).
  • network-interface.addresses.association.allocation-id - The allocation ID.
  • network-interface.addresses.association.association-id - The association ID.
  • network-interface.addresses.association.carrier-ip - The carrier IP address.
  • network-interface.addresses.association.customer-owned-ip - The customer-owned IP address.
  • network-interface.addresses.association.ip-owner-id - The owner ID of the private IPv4 address associated with the network interface.
  • network-interface.addresses.association.public-dns-name - The public DNS name.
  • network-interface.addresses.association.public-ip - The ID of the association of an Elastic IP address (IPv4) with a network interface.
  • network-interface.addresses.primary - Specifies whether the IPv4 address of the network interface is the primary private IPv4 address.
  • network-interface.addresses.private-dns-name - The private DNS name.
  • network-interface.addresses.private-ip-address - The private IPv4 address associated with the network interface.
  • network-interface.association.allocation-id - The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.
  • network-interface.association.association-id - The association ID returned when the network interface was associated with an IPv4 address.
  • network-interface.association.carrier-ip - The customer-owned IP address.
  • network-interface.association.customer-owned-ip - The customer-owned IP address.
  • network-interface.association.ip-owner-id - The owner of the Elastic IP address (IPv4) associated with the network interface.
  • network-interface.association.public-dns-name - The public DNS name.
  • network-interface.association.public-ip - The address of the Elastic IP address (IPv4) bound to the network interface.
  • network-interface.attachment.attach-time - The time that the network interface was attached to an instance.
  • network-interface.attachment.attachment-id - The ID of the interface attachment.
  • network-interface.attachment.delete-on-termination - Specifies whether the attachment is deleted when an instance is terminated.
  • network-interface.attachment.device-index - The device index to which the network interface is attached.
  • network-interface.attachment.instance-id - The ID of the instance to which the network interface is attached.
  • network-interface.attachment.instance-owner-id - The owner ID of the instance to which the network interface is attached.
  • network-interface.attachment.network-card-index - The index of the network card.
  • network-interface.attachment.status - The status of the attachment (attaching | attached | detaching | detached).
  • network-interface.availability-zone - The Availability Zone for the network interface.
  • network-interface.deny-all-igw-traffic - A Boolean that indicates whether a network interface with an IPv6 address is unreachable from the public internet.
  • network-interface.description - The description of the network interface.
  • network-interface.group-id - The ID of a security group associated with the network interface.
  • network-interface.group-name - The name of a security group associated with the network interface.
  • network-interface.ipv4-prefixes.ipv4-prefix - The IPv4 prefixes that are assigned to the network interface.
  • network-interface.ipv6-address - The IPv6 address associated with the network interface.
  • network-interface.ipv6-addresses.ipv6-address - The IPv6 address associated with the network interface.
  • network-interface.ipv6-addresses.is-primary-ipv6 - A Boolean that indicates whether this is the primary IPv6 address.
  • network-interface.ipv6-native - A Boolean that indicates whether this is an IPv6 only network interface.
  • network-interface.ipv6-prefixes.ipv6-prefix - The IPv6 prefix assigned to the network interface.
  • network-interface.mac-address - The MAC address of the network interface.
  • network-interface.network-interface-id - The ID of the network interface.
  • network-interface.outpost-arn - The ARN of the Outpost.
  • network-interface.owner-id - The ID of the owner of the network interface.
  • network-interface.private-dns-name - The private DNS name of the network interface.
  • network-interface.private-ip-address - The private IPv4 address.
  • network-interface.public-dns-name - The public DNS name.
  • network-interface.requester-id - The requester ID for the network interface.
  • network-interface.requester-managed - Indicates whether the network interface is being managed by Amazon Web Services.
  • network-interface.status - The status of the network interface (available) | in-use).
  • network-interface.source-dest-check - Whether the network interface performs source/destination checking. A value of true means that checking is enabled, and false means that checking is disabled. The value must be false for the network interface to perform network address translation (NAT) in your VPC.
  • network-interface.subnet-id - The ID of the subnet for the network interface.
  • network-interface.tag-key - The key of a tag assigned to the network interface.
  • network-interface.tag-value - The value of a tag assigned to the network interface.
  • network-interface.vpc-id - The ID of the VPC for the network interface.
  • outpost-arn - The Amazon Resource Name (ARN) of the Outpost.
  • owner-id - The Amazon Web Services account ID of the instance owner.
  • placement-group-name - The name of the placement group for the instance.
  • placement-partition-number - The partition in which the instance is located.
  • platform - The platform. To list only Windows instances, use windows.
  • platform-details - The platform (Linux/UNIX | Red Hat BYOL Linux | Red Hat Enterprise Linux | Red Hat Enterprise Linux with HA | Red Hat Enterprise Linux with SQL Server Standard and HA | Red Hat Enterprise Linux with SQL Server Enterprise and HA | Red Hat Enterprise Linux with SQL Server Standard | Red Hat Enterprise Linux with SQL Server Web | Red Hat Enterprise Linux with SQL Server Enterprise | SQL Server Enterprise | SQL Server Standard | SQL Server Web | SUSE Linux | Ubuntu Pro | Windows | Windows BYOL | Windows with SQL Server Enterprise | Windows with SQL Server Standard | Windows with SQL Server Web).
  • private-dns-name - The private IPv4 DNS name of the instance.
  • private-dns-name-options.enable-resource-name-dns-a-record - A Boolean that indicates whether to respond to DNS queries for instance hostnames with DNS A records.
  • private-dns-name-options.enable-resource-name-dns-aaaa-record - A Boolean that indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.
  • private-dns-name-options.hostname-type - The type of hostname (ip-name | resource-name).
  • private-ip-address - The private IPv4 address of the instance.
  • product-code - The product code associated with the AMI used to launch the instance.
  • product-code.type - The type of product code (devpay | marketplace).
  • ramdisk-id - The RAM disk ID.
  • reason - The reason for the current state of the instance (for example, shows "User Initiated [date]" when you stop or terminate the instance). Similar to the state-reason-code filter.
  • requester-id - The ID of the entity that launched the instance on your behalf (for example, Amazon Web Services Management Console, Auto Scaling, and so on).
  • reservation-id - The ID of the instance's reservation. A reservation ID is created any time you launch an instance. A reservation ID has a one-to-one relationship with an instance launch request, but can be associated with more than one instance if you launch multiple instances using the same launch request. For example, if you launch one instance, you get one reservation ID. If you launch ten instances using the same launch request, you also get one reservation ID.
  • root-device-name - The device name of the root device volume (for example, /dev/sda1).
  • root-device-type - The type of the root device volume (ebs | instance-store).
  • source-dest-check - Indicates whether the instance performs source/destination checking. A value of true means that checking is enabled, and false means that checking is disabled. The value must be false for the instance to perform network address translation (NAT) in your VPC.
  • spot-instance-request-id - The ID of the Spot Instance request.
  • state-reason-code - The reason code for the state change.
  • state-reason-message - A message that describes the state change.
  • subnet-id - The ID of the subnet for the instance.
  • tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
  • tag-key - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.
  • tenancy - The tenancy of an instance (dedicated | default | host).
  • tpm-support - Indicates if the instance is configured for NitroTPM support (v2.0).
  • usage-operation - The usage operation value for the instance (RunInstances | RunInstances:00g0 | RunInstances:0010 | RunInstances:1010 | RunInstances:1014 | RunInstances:1110 | RunInstances:0014 | RunInstances:0210 | RunInstances:0110 | RunInstances:0100 | RunInstances:0004 | RunInstances:0200 | RunInstances:000g | RunInstances:0g00 | RunInstances:0002 | RunInstances:0800 | RunInstances:0102 | RunInstances:0006 | RunInstances:0202).
  • usage-operation-update-time - The time that the usage operation was last updated, for example, 2022-09-15T17:15:20.000Z.
  • virtualization-type - The virtualization type of the instance (paravirtual | hvm).
  • vpc-id - The ID of the VPC that the instance is running in.
Required?False
Position?2
Accept pipeline input?True (ByPropertyName)
AliasesFilters
-InstanceId <Object[]>
The instance IDs.Default: Describes all your instances.
Required?False
Position?1
Accept pipeline input?True (ByValue, ByPropertyName)
AliasesInstanceIds
-MaxResult <Int32>
The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, see Pagination.You cannot specify this parameter and the instance IDs parameter in the same request.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesMaxResults
-NextToken <String>
The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
Note: In the AWS.Tools.EC2 module, this parameter is only used if you are manually controlling output pagination of the service API call.
In order to manually control output pagination, use '-NextToken $null' for the first call and '-NextToken $AWSHistory.LastServiceResponse.NextToken' for subsequent calls.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-PassThru <SwitchParameter>
Changes the cmdlet behavior to return the value passed to the InstanceId parameter. The -PassThru parameter is deprecated, use -Select '^InstanceId' instead. This parameter will be removed in a future version.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-Select <String>
Use the -Select parameter to control the cmdlet output. The default value is 'Reservations'. Specifying -Select '*' will result in the cmdlet returning the whole service response (Amazon.EC2.Model.DescribeInstancesResponse). Specifying the name of a property of type Amazon.EC2.Model.DescribeInstancesResponse will result in that property being returned. Specifying -Select '^ParameterName' will result in the cmdlet returning the selected cmdlet parameter value.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)

Common Credential and Region Parameters

-AccessKey <String>
The AWS access key for the user account. This can be a temporary access key if the corresponding session token is supplied to the -SessionToken parameter.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesAK
-Credential <AWSCredentials>
An AWSCredentials object instance containing access and secret key information, and optionally a token for session-based credentials.
Required?False
Position?Named
Accept pipeline input?True (ByValue, ByPropertyName)
-EndpointUrl <String>
The endpoint to make the call against.Note: This parameter is primarily for internal AWS use and is not required/should not be specified for normal usage. The cmdlets normally determine which endpoint to call based on the region specified to the -Region parameter or set as default in the shell (via Set-DefaultAWSRegion). Only specify this parameter if you must direct the call to a specific custom endpoint.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-NetworkCredential <PSCredential>
Used with SAML-based authentication when ProfileName references a SAML role profile. Contains the network credentials to be supplied during authentication with the configured identity provider's endpoint. This parameter is not required if the user's default network identity can or should be used during authentication.
Required?False
Position?Named
Accept pipeline input?True (ByValue, ByPropertyName)
-ProfileLocation <String>
Used to specify the name and location of the ini-format credential file (shared with the AWS CLI and other AWS SDKs)If this optional parameter is omitted this cmdlet will search the encrypted credential file used by the AWS SDK for .NET and AWS Toolkit for Visual Studio first. If the profile is not found then the cmdlet will search in the ini-format credential file at the default location: (user's home directory)\.aws\credentials.If this parameter is specified then this cmdlet will only search the ini-format credential file at the location given.As the current folder can vary in a shell or during script execution it is advised that you use specify a fully qualified path instead of a relative path.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesAWSProfilesLocation, ProfilesLocation
-ProfileName <String>
The user-defined name of an AWS credentials or SAML-based role profile containing credential information. The profile is expected to be found in the secure credential file shared with the AWS SDK for .NET and AWS Toolkit for Visual Studio. You can also specify the name of a profile stored in the .ini-format credential file used with the AWS CLI and other AWS SDKs.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesStoredCredentials, AWSProfileName
-Region <Object>
The system name of an AWS region or an AWSRegion instance. This governs the endpoint that will be used when calling service operations. Note that the AWS resources referenced in a call are usually region-specific.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesRegionToCall
-SecretKey <String>
The AWS secret key for the user account. This can be a temporary secret key if the corresponding session token is supplied to the -SessionToken parameter.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesSK, SecretAccessKey
-SessionToken <String>
The session token if the access and secret keys are temporary session-based credentials.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesST

Outputs

Amazon.EC2.Model.Reservation or Amazon.EC2.Model.DescribeInstancesResponse
This cmdlet returns a collection of Amazon.EC2.Model.Reservation objects. The service call response (type Amazon.EC2.Model.DescribeInstancesResponse) can also be referenced from properties attached to the cmdlet entry in the $AWSHistory stack.

Examples

Example 1

(Get-EC2Instance -InstanceId i-12345678).Instances
    
AmiLaunchIndex        : 0
Architecture          : x86_64
BlockDeviceMappings   : {/dev/sda1}
ClientToken           : TleEy1448154045270
EbsOptimized          : False
Hypervisor            : xen
IamInstanceProfile    : Amazon.EC2.Model.IamInstanceProfile
ImageId               : ami-12345678
InstanceId            : i-12345678
InstanceLifecycle     :
InstanceType          : t2.micro
KernelId              :
KeyName               : my-key-pair
LaunchTime            : 12/4/2015 4:44:40 PM
Monitoring            : Amazon.EC2.Model.Monitoring
NetworkInterfaces     : {ip-10-0-2-172.us-west-2.compute.internal}
Placement             : Amazon.EC2.Model.Placement
Platform              : Windows
PrivateDnsName        : ip-10-0-2-172.us-west-2.compute.internal
PrivateIpAddress      : 10.0.2.172
ProductCodes          : {}
PublicDnsName         : 
PublicIpAddress       : 
RamdiskId             :
RootDeviceName        : /dev/sda1
RootDeviceType        : ebs
SecurityGroups        : {default}
SourceDestCheck       : True
SpotInstanceRequestId :
SriovNetSupport       :
State                 : Amazon.EC2.Model.InstanceState
StateReason           :
StateTransitionReason :
SubnetId              : subnet-12345678
Tags                  : {Name}
VirtualizationType    : hvm
VpcId                 : vpc-12345678
This example describes the specified instance.

Example 2

Get-EC2Instance
    
GroupNames    : {}
Groups        : {}
Instances     : {}
OwnerId       : 123456789012
RequesterId   : 226008221399
ReservationId : r-c5df370c

GroupNames    : {}
Groups        : {}
Instances     : {}
OwnerId       : 123456789012
RequesterId   : 854251627541
ReservationId : r-63e65bab
...
This example describes all your instances in the current region, grouped by reservation. To see the instance details expand the Instances collection within each reservation object.

Example 3

(Get-EC2Instance -Filter @{Name="vpc-id";Values="vpc-1a2bc34d"},@{Name="subnet-id";Values="subnet-1a2b3c4d"}).Instances

InstanceId          InstanceType Platform PrivateIpAddress PublicIpAddress SecurityGroups SubnetId        VpcId
----------          ------------ -------- ---------------- --------------- -------------- --------        -----
i-01af...82cf180e19 t2.medium    Windows  10.0.0.98                        ...            subnet-1a2b3c4d vpc-1a2b3c4d
i-0374...7e9d5b0c45 t2.xlarge    Windows  10.0.0.53                        ...            subnet-1a2b3c4d vpc-1a2b3c4d
    
This example illustrates using a filter to query for EC2 instances in a specific subnet of a VPC.
User Guide
Service API Reference
Microsoft Windows Guide
VPC User Guide
AWS Tools for PowerShell User Guide

Supported Version

AWS Tools for PowerShell: 2.x.y.z