Amazon Elastic Compute Cloud
CLI Reference (API Version 2014-06-15)
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Did this page help you?  Yes | No |  Tell us about it...

ec2-describe-snapshots

Description

Describes one or more of the Amazon EBS snapshots available to you. Snapshots available to you include public snapshots available for any AWS account to launch, private snapshots you own, and private snapshots owned by another AWS account but for which you've been given explicit create volume permissions.

The create volume permissions fall into the following categories.

PermissionDescription
publicThe owner of the snapshot granted create volume permissions for the snapshot to the all group. All AWS accounts have create volume permissions for these snapshots.
explicitThe owner of the snapshot granted create volume permissions to a specific AWS account.
implicitAn AWS account has implicit create volume permissions for all snapshots it owns.

You can modify the list of snapshots returned by specifying snapshot IDs, snapshot owners, or AWS accounts with create volume permissions. If you don't specify any options, Amazon EC2 returns all snapshots for which you have create volume permissions.

If you specify one or more snapshot IDs, only snapshots that have the specified IDs are returned. If you specify an invalid snapshot ID, an error is returned. If you specify a snapshot ID for which you do not have access, it will not be included in the returned results.

If you specify one or more snapshot owners, only snapshots from the specified owners and for which you have access are returned. The results can include the AWS account IDs of the specified owners, amazon for snapshots owned by Amazon, or self for snapshots that you own.

If you specify a list of restorable users, only snapshots with create snapshot permissions for those users are returned. You can specify AWS account IDs (if you own the snapshots), self for snapshots for which you own or have explicit permissions, or all for public snapshots.

Tip

Use the --help option to view examples of ways to use this command.

The short version of this command is ec2dsnap.

Tip

If you are using the AWS CLI, see describe-snapshots instead.

Syntax

ec2-describe-snapshots [snapshot_id ...] [-a] [-o owner ...] [-r user_id] [[--filter "name=value"] ...]

Options

NameDescription

snapshot_id

One or more snapshot IDs.

Type: String

Default: Describes all snapshots for which you have launch permissions.

Required: No

Example: snap-78a54011

-a, --all owner

Describe all snapshots (public, private, or shared) to which you have access.

Type: String

Default: None

Required: No

Example: -a

-o, --owner owner

Describes snapshots owned by the specified owner. Multiple owners can be specified.

Type: String

Valid values: self | amazon | AWS account ID

Default: None

Required: No

Example: -o AKIAIOSFODNN7EXAMPLE

-r, --restorable-by user_id

The ID of an AWS account that can create volumes from the snapshot. Before you specify a value for this option, review and follow the guidance in Best Practices for Managing AWS Access Keys.

Type: String

Valid values: self | all | AWS account ID

Default: None

Required: No

Example: -r self

-F, --filter name=value

A filter for limiting the results. For more information, see the Supported Filters section. Filter names and values are case-sensitive. Use quotation marks if the value string has a space ("name=value example"). On a Windows system, use quotation marks even without a space in the value string ("name=valueexample"). If you are using Windows Powershell, you might need to use a second set of quotation marks, escaped with backticks ("`"name=valueexample`"").

Type: String

Default: Describes all snapshots for which you have launch permissions, or only those you specified.

Required: No

Example: --filter "tag-key=Production"

Supported Filters

You can specify filters so that the response includes information for only certain snapshots. For example, you can use a filter to specify that you're interested in snapshots whose status is pending. You can specify multiple values for a filter. The response includes information for a snapshot only if it matches at least one of the filter values that you specified.

You can specify multiple filters; for example, specify snapshot's that have a pending status, and have a specific tag. The response includes information for a snapshot only if it matches all the filters that you specified. If there's no match, no special message is returned; the response is simply empty.

You can use wildcards in a filter value. An asterisk (*) matches zero or more characters, and a question mark (?) matches exactly one character. You can escape special characters using a backslash (\) before the character. For example, a value of \*amazon\?\\ searches for the literal string *amazon?\.

The following are the available filters.

description

A description of the snapshot.

Type: String

encrypted

The encryption status of the snapshot.

Type: Boolean

owner-alias

The AWS account alias (for example, amazon) that owns the snapshot.

Type: String

owner-id

The ID of the AWS account that owns the snapshot.

Type: String

progress

The progress of the snapshot, as a percentage (for example, 80%).

Type: String

snapshot-id

The snapshot ID.

Type: String

start-time

The time stamp when the snapshot was initiated.

Type: DateTime

status

The status of the snapshot.

Type: String

Valid values: pending | completed | error

tag-key

The key of a tag assigned to the resource. This filter is independent of the tag-value filter. For example, if you use both the filter "tag-key=Purpose" and the filter "tag-value=X", you get any resources assigned both the tag key Purpose (regardless of what the tag's value is), and the tag value X (regardless of what the tag's key is). If you want to list only resources where Purpose is X, see the tag:key=value filter.

For more information about tags, see Tagging Your Resources in the Amazon EC2 User Guide for Linux Instances.

Type: String

tag-value

The value of a tag assigned to the resource. This filter is independent of the tag-key filter.

Type: String

tag:key=value

The key/value combination of a tag assigned to the resource.

Example: To list the resources with the tag Purpose=X, use:

--filter tag:Purpose=X

Example: To list resources with the tag Purpose=X or the tag Purpose=Y, use:

--filter tag:Purpose=X --filter tag:Purpose=Y

volume-id

The ID of the volume the snapshot is for.

Type: String

volume-size

The size of the volume, in GiB (for example, 20).

Type: String

Common Options

OptionDescription

--region region

The region. Overrides the default region, the region specified by the EC2_URL environment variable, and the URL specified by the -U option.

Default: The region specified by the EC2_URL environment variable, or us-east-1 if EC2_URL isn't set.

-U, --url url

The uniform resource locator (URL) of the Amazon EC2 web service entry point.

Default: The endpoint specified by the EC2_URL environment variable, or https://ec2.amazonaws.com if EC2_URL isn't set.

-O, --aws-access-key aws_access_key_id

Your access key ID. For more information, see Tell the Tools Who You Are.

Default: The value of the AWS_ACCESS_KEY environment variable. If AWS_ACCESS_KEY isn't set, you must specify this option.

Example: -O AKIAIOSFODNN7EXAMPLE

-W, --aws-secret-key aws_secret_access_key

Your secret access key.

Default: The value of the AWS_SECRET_KEY environment variable. If AWS_SECRET_KEY isn't set, you must specify this option.

Example: -W wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

-T, --security-token delegation_token

The delegation token to pass along to the AWS request. This is only required when you are using temporary security credentials. For more information, see Using Temporary Security Credentials.

Default: The value of the AWS_DELEGATION_TOKEN environment variable (if set).

Example: -t AQoDYXdzEJr...<remainder of security token>

--connection-timeout timeout

The connection timeout, in seconds.

Example: --connection-timeout 30

--request-timeout timeout

The request timeout, in seconds.

Example: --request-timeout 45

-H, --headers

Includes column headers in the command output.

--show-empty-fields

Shows empty columns as (nil).

--hide-tags

Omits tags for tagged resources.

--debug

Displays internal debugging information. This can assist us when helping you troubleshooting problems.

-D, --auth-dry-run

Checks whether you have the required permissions for the command, without actually running the command. If you have the required permissions, the command returns DryRunOperation; otherwise, it returns UnauthorizedOperation.

-v, --verbose

Displays verbose output, including the API request and response on the command line. This is useful if you are building tools to talk directly to the Query API.

-

Reads arguments from standard input. This is useful when piping the output from one command to the input of another.

Example: ec2-describe-instances | grep stopped | cut -f 2 | ec2-start-instances -

-?, --help, -h

Displays usage information for the command.

Deprecated Options

We have deprecated the SOAP API for Amazon EC2. For more information, see SOAP Requests. From version 1.6.14.0 onwards of the Amazon EC2 CLI tools, the private key (-K, --private-key) and X.509 certificate (-C, --cert) options are not supported. Use your access key ID (-O, --aws-access-key) and secret access key (-W, --aws-secret-key) instead. For more information, see Setting Up the Amazon EC2 CLI and AMI Tools.

OptionDescription

-K, --private-key ec2_private_key

The private key to use when constructing requests to Amazon EC2.

Default: The value of the EC2_PRIVATE_KEY environment variable.

Example: -K pk-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem

-C, --cert ec2_cert

The X.509 certificate to use when constructing requests to Amazon EC2.

Default: The value of the EC2_CERT environment variable.

Example: -C cert-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem

Output

This command returns a table that contains the following information:

  1. The snapshot information

    • The SNAPSHOT identifier

    • The ID of the snapshot

    • The ID of the volume

    • The state of the snapshot (pending, completed, error)

    • The time stamp when the snapshot initiated

    • The percentage of completion

    • The ID of the snapshot owner

    • The size of the volume

    • The description of the snapshot

    • The encryption status of the snapshot

  2. Any tags associated with the snapshot

    • The TAG identifier

    • The resource type identifier

    • The ID of the resource

    • The tag key

    • The tag value

Amazon EC2 command line tools display errors on stderr.

Examples

Example 1

This example command describes the snapshot with the ID snap-1a2b3c4d.

PROMPT>  ec2-describe-snapshots snap-1a2b3c4d
SNAPSHOT	snap-1a2b3c4d	vol-1a2b3c4d	completed	YYYY-MM-DDTHH:MM:SS.SSSZ	100%	111122223333	15	Daily Backup
TAG	snapshot	snap-1a2b3c4d	Name	Test	Not Encrypted

Example 2

This example filters the response to include only snapshots with the pending status, and that are also tagged with a value that includes the string db_.

PROMPT>  ec2-describe-snapshots --filter "status=pending" --filter "tag-value=*db_*"
SNAPSHOT	snap-1a2b3c4d	vol-1a2b3c4d	pending	YYYY-MM-DDTHH:MM:SS.SSSZ	30%	111122223333	15	demo_db_14_backup
TAG	snapshot	snap-1a2b3c4d	Purpose	db_14	Not Encrypted