In AWS Console when launching an instance with any image I get "user data" field to fill in optionally to be later executed by cloud-init. However, not all images support cloud-init. How do I check if an AWS image supports cloud-init or not? I can see the "user data" field for any image I randomly choose.
enter image description here
Related
Good day,
Is there any script or any aws cli command to know which IAM user created what resource in AWS. so that we just enter the IAM user name and it shows all the resources created by that particular IAM user.
thanks in advance.
The service that you're looking for is CloudTrail.
By default, it retains 90 days worth of events for the current account and region, and you can access it from either the Console or CLI. You can also configure it to write events to S3, where they're be preserved as long as you want to pay for the storage (this also lets you capture events across all regions, and for every account in an orgnanization).
CloudTrail events can be challenging to search. If you're just looking for events by a specific user, and know that user's access key (here I'm using my access key stored in an environment variable) you can use a query like this:
aws cloudtrail lookup-events --lookup-attributes "AttributeKey=AccessKeyId,AttributeValue=$AWS_ACCESS_KEY_ID" --query 'Events[].[EventTime,EventName,Username,EventId]' --output table
Or, by username:
aws cloudtrail lookup-events --lookup-attributes "AttributeKey=Username,AttributeValue=parsifal" --query 'Events[].[EventTime,EventName,Username,EventId]' --output table
You can then use grep to find the event(s) that interest you, and dig into the details of a specific event with:
aws cloudtrail lookup-events --lookup-attributes "AttributeKey=EventId,AttributeValue=8c5a5d8a-9999-9999-9999-a8e4b5213c3d"
I am having an issue with my Amazon EC2 Instance. I want the information panel that appears on the top right of the instance when you access it (as displayed in the image below) to be modified. Is there a way to add lines of information from sources like one of the instance tags?
If someone has a solution to this that would be excellent. Thank you for taking the time to read this.
Example of where the information panel explained above is
I don't think you can modify it as such, it's a feature of the aws agent preinstalled on your instance. You could disable the feature in ec2config/ec2launch and then use a script to recreate the functionality with your custom data. The data displayed is accessible via http request from the instance metadata.
You could use a simple script using imagemagick, or PowerShell to create an image and set a registry key to set the new background.
I tested with simple PowerShell script mkdir C:\tempdir
When I specify it as UserData for instance launched from Amazon image, everything works fine. If I launch instance with specified UserData and make image of that instance, UserData is not executed for instances created from my custom image.
What is interesting, "C:\Program Files\Amazon\Ec2ConfigService\Scripts\UserScript.ps1" contains UserData of initial launch (before image was created), although, it should contain data specified during last launch.
More interesting, even UserScript.ps1 is present, it is not executed (it should create text file but text file is not present).
Here is UserData from second launch
<powershell>
mkdir C:\tempdir
</powershell>
User data scripts only run once when the instance is launched (created not started up). They are then disabled on the instance. So when when you grab an AMI from that instance and launch a new one, user data has already been disabled.
Enable UserData
To allow it run again when you launch a new one from an AMI you created you must turn user data support back on at the EC2ConfigService Settings utility by checking the UserData box (before grabbing the AMI).
Persist Enabling UserData
Now after this if you reboot the instance again then the UserData will run and again disable itself. To disable this functionality too you will need to add <persist>true</persist> to the instance's UserData which will keep the checkbox in the same state (on if you turn it on).
More info:
http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html
User-data scripts is not running on my custom AMI, but working in standard Amazon linux
Amazon EC2 custom AMI not running bootstrap (user-data)
I had the same problem. Here's what solved it
Launch an instance from your image if you haven't already
RDP into it
Open powershell, and run this C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 –Schedule
If you had a custom password for the instance, it will have been reset in the previous step. If you want it back, open powershell and run the following (assuming your username is Administrator net user Administrator "your_new_password" (if you didn't have a custom password, and were just using one generated by a .pem file, then you can ignore this step)
Now go into the AWS console (i.e in the browser) and create an AMI from the instance
Ensure your user data is of following form (the persist/true part is essential).
<powershell>
# Some powershell code here
</powershell>
<persist>true</persist>
That's it. Your userdata powershell script will now run next time your instance is launched.
I created a custom AMI for use in an Elastic Beanstalk environment as described here. It all works, except for requesting log files from the instances. When using the Console, when I click "Request Logs|Last 100 lines", it show a Loading spinner for a rather long time and then leaves the list of downloadable logs empty.
I already tried enabling all Logging related checkboxes in the EC2Config dialog before creating the AMI, but this did not help.
I started an default instance of EC2 Wowza AMI (LINUX) and then I bundled/snapshot it via 'ec2-bundle-vol', uploaded it to s3 and registered the AMI.
When I start the bundled AMI with user data (zip file) with a script, it doesn't seem to execute it.
But when I start a default instance with the same user data (zip file), it works.
Does anyone know why my bundled AMI is not executing the user data I specify?
Thanks.
I'm not familiar with wowza or how they have their AMIs setup but...
On its own the ec2 user data does nothing - it only has relevance because a script running on that machine checks for the presence of the user data and does something with it.
Sometimes these scripts are set so that they only do stuff on the instance's first boot, they then drop a file somewhere so that on subsequent reboots the startup scripts aren't rerun.
If the wowza amis work on this basis then when you first boot up the ami this process is followed, so the data you've saved into the new AMI includes the "don't run startup scripts again" file. If this is the case you'd need to delete that file before creating your ami.
The user data mechanism on EC2 allows a script on the image to download the startup package as a file via HTTP from a link-local address (169.254.something) - if it's plaintext, it will execute directly. If it's compressed data, wowza startup will unpack it to /opt/working - the Wowza startup process is logged to wowzamediaserver_startup.log in Wowza's logs directory.
I had the same issue. Looking at our script I discovered that we were removing a cloud init dependancy in the script, making it a run once operation. The dependancy in question was boto.