Amazon AWS Cloudformation JSON模板,用于将LAMP www / html文件夹权限分配给ec2-user
[英]Amazon AWS Cloudformation JSON template to assign the LAMP www/html folder permissions to ec2-user
问题描述
I have created a JSON template to create the Amazon AWS LAMP stack with RDS (free tier) and succeffully created the stack. 
我已创建一个JSON模板以使用RDS(免费层)创建Amazon AWS LAMP堆栈,并成功创建了该堆栈。 But when I tried to move the files to the var/www/html folder it seems to have no permission for the ec2-user. 但是,当我尝试将文件移动到var / www / html文件夹时,似乎没有ec2-user的权限。 I know changing permission with help of SSH. 我知道借助SSH更改权限。 But my intention is to create a template to setup a stack (hosting environment) without using any ssh client. 但是我的意图是创建一个模板来设置堆栈(托管环境),而不使用任何ssh客户端。
Also I know how to add a file or copy a zipped source to var/ww/html with the cloudformation JSON templating. 我也知道如何使用cloudformation JSON模板添加文件或将压缩源复制到var / ww / html。 What need to do is, just create the environment and later upload the files using ftp client and db using workbench or something. 需要做的是,只需创建环境,然后再使用ftp客户端和使用工作台的db上传文件。 Please help me attain my goal, which I will share publicly for AWS beginners who are not familiar with setting up things with SSH. 请帮助我实现我的目标,我将向不熟悉SSH设置的AWS初学者公开分享该目标。
The JSON template is a bit lengthy and so here is the link to the code http://pasted.co/803836f5 JSON模板有点长,因此这里是代码http://pasted.co/803836f5的链接
2 个解决方案
解决方案1
1 2016-02-08 09:24:12
tar files and distribution dependent files like .deb or .rpm include the file permissions for directories. tar文件和依赖于发行版的文件(如.deb或.rpm)包括目录的文件权限。 So you could set up a tar or custom .rpm file to include ec2-user as the owner 因此,您可以设置tar或自定义.rpm文件,以将ec2-user包含为所有者
Alternatively, whatever scripting element installs the apache could also run a set of updates to set the owner of the /var/www/html to ec2-user 另外,无论安装了什么脚本元素,apache都可以运行一组更新,将/ var / www / html的所有者设置为ec2-user
Of course you might run into trouble with the User / Group that apache runs under and be able to upload with ftp but not able to read with apache. 当然,您可能会遇到apache运行所在的用户/组的问题,并且无法通过ftp上传但无法使用apache进行读取。 It would need some thought, and possibly adding the ec2-user to the apache group or ftp'ing as the apache user or some other combination that gives the ttpd server read access and the ssh user write access 这将需要一些思考,并且可能将ec2-user添加到apache组或以apache用户的身份进行ftp'ing或其他一些组合,这些组合赋予ttpd服务器读取权限和ssh用户写入权限
解决方案2
1 已采纳 2016-02-08 10:18:30
use the Cloud formation init Meta instead of Userdata. 使用Cloud形成初始化Meta代替Userdata。
That way you can run commands on the server such as pulling down files from S3 and then running gzip to expand them. 这样,您可以在服务器上运行命令,例如从S3提取文件,然后运行gzip进行扩展。
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-init.html http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-init.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.