[英]Powershell script works on server but not with cloudformation cfn-init functions
[英]Cloudformation CFN-Init Windows Powershell Issue
我們在通過 Cloudformation 啟動堡壘主機時在 CFN-Init 中傳遞多個 Powershell 命令時遇到問題。
安裝 Windows 功能的第一個命令正在運行,但第二個命令(以及后續命令)沒有運行。 我們已經嘗試了基本的“echo hello> file.txt”,但它不起作用。 我們已經嘗試使用反斜杠來轉義引號。 在這一點上,我們不知所措。
這里是資源
BastionServer:
Type: AWS::EC2::Instance
Metadata:
AWS::Cloudformation::Init:
configSets:
config:
- setup
- installADDS
- finalize
setup:
files:
c:\cfn\cfn-hup.conf:
content: !Sub |
[main]
stack=${AWS::StackId}
region=${AWS::Region}
c:\cfn\hooks.d\cfn-auto-reloader.conf:
content: !Sub |
[cfn-auto-reloader-hook]
triggers=post.update
path=Resources.BastionServer.Metadata.AWS::CloudFormation::Init
action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchConfig --configsets full_install --region ${AWS::Region}
services:
windows:
cfn-hup:
enabled: 'true'
ensureRunning: 'true'
files:
- c:\cfn\cfn-hup.conf
- c:\cfn\hooks.d\cfn-auto-reloader.conf
installADDS:
commands:
1-install-prereqs:
command: powershell.exe -Command "Install-WindowsFeature RSAT-AD-Powershell RSAT-ADDS-Tools; "
waitAfterCompletion: '0'
2-create-user:
command: powershell.exe -ExecutionPolicy Bypass -Command "New-ADUser -Name '${DomainAdminUser}' -UserPrincipalName '${DomainAdminUser}'@'{$DomainDNSName}' -AccountPassword (ConvertTo-SecureString ${DomainAdminPassword} -AsPlainText -Force) -Enabled:$true -PasswordNeverExpires:$true"
finalize:
1-signal-success:
command: powershell.exe -Command "Write-AWSQuickStartStatus"
waitAfterCompletion: '0'
Properties:
ImageId:
Fn::FindInMap:
- "AWSAMIRegionMap"
- Ref: "AWS::Region"
- "WS2016FULLBASE"
InstanceType: t2.medium
SsmAssociations:
-
DocumentName:
Ref: "SSMDoc"
KeyName: !Ref 'KeyPair'
UserData: !Base64
Fn::Join:
- ''
- - "<script>\n"
- 'cfn-init.exe -v -c config -s '
- !Ref 'AWS::StackId'
- ' -r BastionServer'
- ' --region '
- !Ref 'AWS::Region'
- "\n"
- "</script>\n"
假設您將所需的變量(DomainAdminUser、DomainDNSName 和 DomainAdminPassword)作為模板中的參數傳遞,那么您只需要利用內部替換函數,以便 CloudFormation 知道用什么來替換您的變量:
installADDS:
commands:
1-install-prereqs: ...
2-create-user:
command: !Sub >-
powershell.exe -ExecutionPolicy Bypass -Command
"New-ADUser -Name '${DomainAdminUser}' -UserPrincipalName '${DomainAdminUser}'@'${DomainDNSName}' -AccountPassword (ConvertTo-SecureString ${DomainAdminPassword} -AsPlainText -Force) -Enabled:$true -PasswordNeverExpires:$true"
為了幫助排除故障,您可以將腳本保存在堡壘上以查看替換是否按預期工作:
installADDS:
files:
'C:\cfn\scripts\CreateUser.ps1':
content: !Join
- ''
- - "New-ADUser -Name '${"
- !Ref DomainAdminUser
- "}' -UserPrincipalName '${"
- !Ref DomainAdminUser
- "}'@'${"
- !Ref DomainDNSName
- "}' -AccountPassword (ConvertTo-SecureString ${"
- !Ref DomainAdminPassword
- "} -AsPlainText -Force) -Enabled:$true -PasswordNeverExpires:$true"
commands:
1-install-prereqs: ...
2-create-user:
command: >-
powershell.exe -ExecutionPolicy Bypass -Command
C:\cfn\scripts\CreateUser.ps1
"AWS::Cloudformation::Init"
元素有問題。 它應該是"AWS::CloudFormation::Init"
。 (大寫"F"
)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.