pull git bash script for aws user data
Question
I am new to GIT, is there a way to pull a GIT script that holds the user data to provision an AWS EC2 instance via CLI?
aws ec2 run-instances --image-id ami-cd0f5cb6 --count 1 --instance-type t2.micro
--key-name ciServer --subnet-id subnet-2f31275b --associate-public-ip-address
--security-group-ids sg-762a5006 --block-device-mappings '[{"DeviceName":"/dev/sda1","Ebs":{"VolumeSize":20}}]'
--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=My New Server}]'
--user-data me@git.com/myUserDatarepo.git
1 answers
solution1
0 ACCPTED 2017-10-12 14:34:05
Create a bash script that installs git and then downloads the repo to where you need it. Make this script your userdata script. You'll have to get credentials to the git repo to the userdata script/server. You can install the AWS cli and pull from a protected s3 bucket that has the credentials or use something like consul or Hashicorp vault to pull the secret. I generally uses a ssh key file that has access to the git repo, a s3 bucket is only accessible to the IAM instance role for the server you are provisioning and is encrypted with Server side encryption.
Other questions discusses this as well
Is it secure to store EC2 User-Data shell scripts in a private S3 bucket?
How can I (securely) download a private S3 asset onto a new EC2 instance with cloudinit?
New Services by AWS System Manager Parameter Store
https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-about.html
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.