Cloudformation CFN-Init Windows Powershell 问题
[英]Cloudformation CFN-Init Windows Powershell Issue
问题描述
We are having an issue passing multiple Powershell commands in CFN-Init while launching a bastion host via Cloudformation.
我们在通过 Cloudformation 启动堡垒主机时在 CFN-Init 中传递多个 Powershell 命令时遇到问题。
The first command to install the windows features is working, but the the second command (and subsequent ones) are not running.安装 Windows 功能的第一个命令正在运行,但第二个命令(以及后续命令)没有运行。 We have tried basic "echo hello> file.txt" and it's not working.我们已经尝试了基本的“echo hello> file.txt”,但它不起作用。 We've tried backslashes for escaping the quotes.我们已经尝试使用反斜杠来转义引号。 At this point, we're at a loss.在这一点上,我们不知所措。
Here is the resource这里是资源
BastionServer:
Type: AWS::EC2::Instance
Metadata:
AWS::Cloudformation::Init:
configSets:
config:
- setup
- installADDS
- finalize
setup:
files:
c:\cfn\cfn-hup.conf:
content: !Sub |
[main]
stack=${AWS::StackId}
region=${AWS::Region}
c:\cfn\hooks.d\cfn-auto-reloader.conf:
content: !Sub |
[cfn-auto-reloader-hook]
triggers=post.update
path=Resources.BastionServer.Metadata.AWS::CloudFormation::Init
action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchConfig --configsets full_install --region ${AWS::Region}
services:
windows:
cfn-hup:
enabled: 'true'
ensureRunning: 'true'
files:
- c:\cfn\cfn-hup.conf
- c:\cfn\hooks.d\cfn-auto-reloader.conf
installADDS:
commands:
1-install-prereqs:
command: powershell.exe -Command "Install-WindowsFeature RSAT-AD-Powershell RSAT-ADDS-Tools; "
waitAfterCompletion: '0'
2-create-user:
command: powershell.exe -ExecutionPolicy Bypass -Command "New-ADUser -Name '${DomainAdminUser}' -UserPrincipalName '${DomainAdminUser}'@'{$DomainDNSName}' -AccountPassword (ConvertTo-SecureString ${DomainAdminPassword} -AsPlainText -Force) -Enabled:$true -PasswordNeverExpires:$true"
finalize:
1-signal-success:
command: powershell.exe -Command "Write-AWSQuickStartStatus"
waitAfterCompletion: '0'
Properties:
ImageId:
Fn::FindInMap:
- "AWSAMIRegionMap"
- Ref: "AWS::Region"
- "WS2016FULLBASE"
InstanceType: t2.medium
SsmAssociations:
-
DocumentName:
Ref: "SSMDoc"
KeyName: !Ref 'KeyPair'
UserData: !Base64
Fn::Join:
- ''
- - "<script>\n"
- 'cfn-init.exe -v -c config -s '
- !Ref 'AWS::StackId'
- ' -r BastionServer'
- ' --region '
- !Ref 'AWS::Region'
- "\n"
- "</script>\n"
2 个解决方案
解决方案1
2 2019-10-07 04:28:15
Assuming you are passing the required variables (DomainAdminUser, DomainDNSName and DomainAdminPassword) as parameters within your template, then you just need to utilise the intrinsic substitution function so that CloudFormation knows what to replace your variables with:假设您将所需的变量(DomainAdminUser、DomainDNSName 和 DomainAdminPassword)作为模板中的参数传递,那么您只需要利用内部替换函数,以便 CloudFormation 知道用什么来替换您的变量:
installADDS:
commands:
1-install-prereqs: ...
2-create-user:
command: !Sub >-
powershell.exe -ExecutionPolicy Bypass -Command
"New-ADUser -Name '${DomainAdminUser}' -UserPrincipalName '${DomainAdminUser}'@'${DomainDNSName}' -AccountPassword (ConvertTo-SecureString ${DomainAdminPassword} -AsPlainText -Force) -Enabled:$true -PasswordNeverExpires:$true"
To assist with troubleshooting you can save the script on the Bastion to see if the substitution is working as expected:为了帮助排除故障,您可以将脚本保存在堡垒上以查看替换是否按预期工作:
installADDS:
files:
'C:\cfn\scripts\CreateUser.ps1':
content: !Join
- ''
- - "New-ADUser -Name '${"
- !Ref DomainAdminUser
- "}' -UserPrincipalName '${"
- !Ref DomainAdminUser
- "}'@'${"
- !Ref DomainDNSName
- "}' -AccountPassword (ConvertTo-SecureString ${"
- !Ref DomainAdminPassword
- "} -AsPlainText -Force) -Enabled:$true -PasswordNeverExpires:$true"
commands:
1-install-prereqs: ...
2-create-user:
command: >-
powershell.exe -ExecutionPolicy Bypass -Command
C:\cfn\scripts\CreateUser.ps1
解决方案2
1 2021-03-17 18:23:11
There is a problem with the "AWS::Cloudformation::Init" element. "AWS::Cloudformation::Init"元素有问题。 It should be "AWS::CloudFormation::Init" .它应该是"AWS::CloudFormation::Init" 。 (Capital "F" ) (大写"F" )
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.