Close

aws

Give EC2 instance access to a specific S3 bucket using IAM

Here’s the policy you need to attach to your instance’s IAM: { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: “s3:*”, “Resource”: [ “arn:aws:s3:::bucket-name”, “arn:aws:s3:::bucket-name/*” ] } ] } You can replace the ‘*’ above with more restrictive permissions (e.g. read only) where necessary. This approach means you don’t need […]

Read More

Puppet – Using AWS web console as Puppet’s external node classifier (ENC)

This is a script I wrote that queries the ec2 tags of an aws console, in order to figure out what environment a node belongs to, and what class to assign to it. #!/bin/bash # https://docs.puppetlabs.com/guides/external_nodes.html # http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html export AWS_ACCESS_KEY_ID=xxxxxxxxxxxxxxxxxxxxxx export AWS_SECRET_ACCESS_KEY=xxxxxxxxxxxxxxxxxxxxxx export AWS_DEFAULT_REGION=xxxxxxx instanceid=`echo $1 | awk -F”_” ‘{print […]

Read More

AWS – Avoid using User-Data/Cloud-init by utilizing Autoscaling + Cloudwatch Events + Lambda + Ansible

http://docs.aws.amazon.com/lambda/latest/dg/python-programming-model-handler-types.html http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/EventTypes.html#auto_scaling_event_types https://aws.amazon.com/blogs/compute/scheduling-ssh-jobs-using-aws-lambda/ https://github.com/fugue/emulambda https://github.com/nficano/python-lambda

Read More