Tools
Practical
By Samson Tanimawo, PhD
Published May 18, 2026
4 min read
AWS CLI Incident Response Tools
Top AWS CLI commands for incident response.
Live workflow · 3 working · 1 queuedLive
Signal · gather Working
Decide · pick action Working
Apply · with verify Working
Learn · update playbook Queued
EC2
aws ec2 describe-instances --filters Name=tag:env,Values=prod surfaces matching instances.
Combine with --query for jq-like filtering.
CloudWatch Logs
aws logs tail /aws/lambda/myfunc --follow streams logs.
Faster than the console.
RDS
aws rds describe-db-instances --db-instance-identifier prod-db reads current state.
Look at PendingModifiedValues to spot scheduled changes.