I'm making a custom ami to use in CloudFormation template and hence I don't need any of cloud-init functionality except running user-data script I provide in CFN template. How do I configure cloud-init to only run that script on instance boot?
The cloud formation scripts, like cfn-init, must be called from UserData to start. If you don't want to use them, just don't call them. If you want, you can uninstall them from your image (if they're even present). AWS Reference
Related
As the title suggests I am looking for a way to deploy a terraform file via an AWS lambda function. I would like to deploy this file via a time-based event. This is my first time working with terraform and I cannot seem to find anything pertaining to this specific use case.
I am much more versed in CloudFormation so normally what I would do is use the boto3 library to set up a lambda function that would deploy a CloudFormation stack. Does anyone know how to do this with a terraform file?
I would like to run an EC2 in another region without having to change aws configuration. This is a script that should run for other users as well.
I know that it is possible to create an SG in another region just by passing the argument --region us-east-2 .. but doesn't work for Runinstances api.
Another solution would be a script that runs aws configure and change ONLY the region, without any input from the user. any idea on how to implement any of these 2 ?
--region works for all aws cli commands. It is a top-level parameter documented here. If that isn't working for you, you should show the details of that in your question.
Also, aws configure only sets the default region. You can override the current region at any time by setting the AWS_REGION environment variable. You could do this inside your script before calling aws cli commands.
See the aws cli environment variable documentation.
I'm new to AWS Lambda and following some tutorials to learn. But I haven't figured out if I'm able to run some shell script on EC2 instances via AWS Lambda.
I have multiple servers running on AWS EC2 24/7. Within the EC2 instance, I have a script to generate logs, package it and send it to my email. You can assume there's a shell script written in advance for me to trigger.
So far I always use session manager or ssh into each instance to execute the shell script. However, due to the secruity concerns, I'm not going to ssh anymore. As I need to execute the shell script on each server in a particular order, it's painful to open that much session manager and execute each shell scripts one by one manually.
So I wonder if I can get some help from AWS Lambda. My goal is to use AWS Lambda to ssh (or session manager or something else) to get in the EC2 instance to execute the shell script for me. As I have multiple servers, I learned that I can use scripts in AWS Lambda to do this one by one automatically, which would make things easy like triggering a AWS Lambda button to execute shell scripts in each server one by one in a particular order.
Could anyone please provide me some guidence on the AWS Lambda part or some other guidence if there's a better way in AWS to allow me execute shell scripts in multiple EC2 in a particular order automatically. I would appreciate that!
I'm writing a Helm chart for a custom application that we'll need to bring up in different environments within my organization. This application has some pieces in Kubernetes (which is why I'm writing the Helm chart) and other pieces outside of K8S, more specifically various resources in AWS which I have codified with Terraform.
One of those resources is a Lambda function, which I have fronted with API Gateway. This means that when I run the Terraform in a new environment, it creates the Lambda function and attaches an API Gateway endpoint to it, with a brand new URL which AWS generates for that endpoint. I'm having Terraform record that URL as an output variable, and moreover I have a non-local backend configured so that Terraform is saving its state remotely.
What I want to do is tie them both together, directly from Helm. I want a way to run the Terraform so that it brings up my Lambda, and by doing so saves the generated API Gateway URL to its remote state file. Then when I install my Helm chart, I'd like it if Helm were smart enough to automatically pull from the Terraform remote state file to get the URL it needs of the API Gateway endpoint, to use as a variable within my chart.
Currently, I either have to copy and paste, or use Bash. I can get away with doing it with a bash script much like this one:
#!/bin/bash
terraform init
terraform plan -out=tfplan.out
terraform apply tfplan.out
export WEBHOOK_URL=$(terraform output webhook_url)
helm install ./mychart --set webhook.url="${WEBHOOK_URL}"
But using a Bash script to accomplish this is not ideal. It requires that I run it in the same directory as the Terraform files (because the output command must be called from that directory), and it doesn't account for different methods of authentication we might use. Moreover, other developers on the team might want to run Terraform and Helm directly and not have to rely on a custom bash script to do it for them. Since this bash script is effectively acting as an "operator," and since Helm already is kind of an operator itself, I'm wondering if there's some way I can do it entirely within Helm?
The Terraform remote state files are ultimately just JSON files. I happen to be using the Consul backend, but I could just as easily use the S3 backend or any other; at the end of the day Terraform will manifest its state as a JSON file somewhere, where (presumably) Helm could read it and pick out the specific output value. Except I'm not sure if Helm is powerful enough to do this. Looking over their documentation, I didn't really see anything outside of writing your normal values.yaml templates to specify defaults. Does Helm have any functions built into it around making REST requests for external JSON? Is this something that could be done?
Helm does not have any functionality to search in files/templates.
It needs for you to tell it exactly what to inject.
One of my developer is creating a Images and they are storing in AWS, and I can see them under Images --> AMI.
Now here my request starts -
I want to take the latest AMI and launch EC2. So how can I write JSON to call the latest AMI and launch EC2.
Can you please help me quickly. Thanks in Advance!
You have two options:
Determine the AMI to use, and then pass that value to the CloudFormation template as a Parameter. Whatever code you use to launch the template would be responsible for doing a lookup on the AMI to use, so it is happening before CloudFormation is called.
Use a Custom Resource in CloudFormation that can call a Lambda function, which would determine the AMI to use. The Lambda function would return the value to CloudFormation, which would then use that value to launch the instance.
Either way, you would need to write code to perform your logic. It cannot be done within the JSON itself.