[英]Cloudformation CFN-Init Windows Powershell Issue
我们在通过 Cloudformation 启动堡垒主机时在 CFN-Init 中传递多个 Powershell 命令时遇到问题。
安装 Windows 功能的第一个命令正在运行,但第二个命令(以及后续命令)没有运行。 我们已经尝试了基本的“echo hello> file.txt”,但它不起作用。 我们已经尝试使用反斜杠来转义引号。 在这一点上,我们不知所措。
这里是资源
BastionServer:
Type: AWS::EC2::Instance
Metadata:
AWS::Cloudformation::Init:
configSets:
config:
- setup
- installADDS
- finalize
setup:
files:
c:\cfn\cfn-hup.conf:
content: !Sub |
[main]
stack=${AWS::StackId}
region=${AWS::Region}
c:\cfn\hooks.d\cfn-auto-reloader.conf:
content: !Sub |
[cfn-auto-reloader-hook]
triggers=post.update
path=Resources.BastionServer.Metadata.AWS::CloudFormation::Init
action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchConfig --configsets full_install --region ${AWS::Region}
services:
windows:
cfn-hup:
enabled: 'true'
ensureRunning: 'true'
files:
- c:\cfn\cfn-hup.conf
- c:\cfn\hooks.d\cfn-auto-reloader.conf
installADDS:
commands:
1-install-prereqs:
command: powershell.exe -Command "Install-WindowsFeature RSAT-AD-Powershell RSAT-ADDS-Tools; "
waitAfterCompletion: '0'
2-create-user:
command: powershell.exe -ExecutionPolicy Bypass -Command "New-ADUser -Name '${DomainAdminUser}' -UserPrincipalName '${DomainAdminUser}'@'{$DomainDNSName}' -AccountPassword (ConvertTo-SecureString ${DomainAdminPassword} -AsPlainText -Force) -Enabled:$true -PasswordNeverExpires:$true"
finalize:
1-signal-success:
command: powershell.exe -Command "Write-AWSQuickStartStatus"
waitAfterCompletion: '0'
Properties:
ImageId:
Fn::FindInMap:
- "AWSAMIRegionMap"
- Ref: "AWS::Region"
- "WS2016FULLBASE"
InstanceType: t2.medium
SsmAssociations:
-
DocumentName:
Ref: "SSMDoc"
KeyName: !Ref 'KeyPair'
UserData: !Base64
Fn::Join:
- ''
- - "<script>\n"
- 'cfn-init.exe -v -c config -s '
- !Ref 'AWS::StackId'
- ' -r BastionServer'
- ' --region '
- !Ref 'AWS::Region'
- "\n"
- "</script>\n"
假设您将所需的变量(DomainAdminUser、DomainDNSName 和 DomainAdminPassword)作为模板中的参数传递,那么您只需要利用内部替换函数,以便 CloudFormation 知道用什么来替换您的变量:
installADDS:
commands:
1-install-prereqs: ...
2-create-user:
command: !Sub >-
powershell.exe -ExecutionPolicy Bypass -Command
"New-ADUser -Name '${DomainAdminUser}' -UserPrincipalName '${DomainAdminUser}'@'${DomainDNSName}' -AccountPassword (ConvertTo-SecureString ${DomainAdminPassword} -AsPlainText -Force) -Enabled:$true -PasswordNeverExpires:$true"
为了帮助排除故障,您可以将脚本保存在堡垒上以查看替换是否按预期工作:
installADDS:
files:
'C:\cfn\scripts\CreateUser.ps1':
content: !Join
- ''
- - "New-ADUser -Name '${"
- !Ref DomainAdminUser
- "}' -UserPrincipalName '${"
- !Ref DomainAdminUser
- "}'@'${"
- !Ref DomainDNSName
- "}' -AccountPassword (ConvertTo-SecureString ${"
- !Ref DomainAdminPassword
- "} -AsPlainText -Force) -Enabled:$true -PasswordNeverExpires:$true"
commands:
1-install-prereqs: ...
2-create-user:
command: >-
powershell.exe -ExecutionPolicy Bypass -Command
C:\cfn\scripts\CreateUser.ps1
"AWS::Cloudformation::Init"元素有问题。 它应该是"AWS::CloudFormation::Init" 。 (大写"F" )
Powershell脚本可在服务器上运行,但不能与cloudformation cfn-init函数一起使用
[英]Powershell script works on server but not with cloudformation cfn-init functions
Windows CloudFormation 脚本、元数据命令未运行
[英]Windows CloudFormation Script, MetaData commands are not running
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.