Give EC2 instance access to a specific S3 bucket using IAM

Here’s the policy you need to attach to your instance’s IAM: { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: “s3:*”, “Resource”: [ “arn:aws:s3:::bucket-name”, “arn:aws:s3:::bucket-name/*” ] } ] } You can replace the ‘*’ above with more restrictive permissions (e.g. read only) where necessary. This approach means you don’t need […]

Read More

Puppet – Using AWS web console as Puppet’s external node classifier (ENC)

This is a script I wrote that queries the ec2 tags of an aws console, in order to figure out what environment a node belongs to, and what class to assign to it. #!/bin/bash # # export AWS_ACCESS_KEY_ID=xxxxxxxxxxxxxxxxxxxxxx export AWS_SECRET_ACCESS_KEY=xxxxxxxxxxxxxxxxxxxxxx export AWS_DEFAULT_REGION=xxxxxxx instanceid=`echo $1 | awk -F”_” ‘{print […]

Read More

AWS – Avoid using User-Data/Cloud-init by utilizing Autoscaling + Cloudwatch Events + Lambda + Ansible

Read More