CloudFormation模板无法在MetaData Section下创建“文件”

时间:2017-02-25 06:40:50

标签: amazon-web-services amazon-ec2 amazon-cloudformation

有人可以帮我指出我在这里做错了什么。我无法理解元数据部分如何使用身份验证资源,在AWS :: CloudFormation :: Authentication部分中,我提到了与附加到实例的角色相同的角色,但我无法创建文件“ some.txt“

{

"Parameters": {

    "SecurityGroupId": {
        "Description": "Security group for instance",
        "Type": "AWS::EC2::SecurityGroup::Id"
    }

},


"Resources": {
    "MyInstance": {
        "Type": "AWS::EC2::Instance",
        "Metadata": {
            "AWS::CloudFormation::Init": {
                "configsets": {
                    "InstallIt": ["config1"]
                },

                "config1": {
                    "files": {
                        "/home/ec2-user/some.txt": {
                            "content": "This is my name ",
                            "encoding": "base64",
                            "mode": "000644",
                            "owner": "root",
                            "group": "root"
                        }
                    }
                }
            },

            "AWS::CloudFormation::Authentication": {
                "HelpMe": {
                    "type": "S3",
                    "buckets": "poc-bucket",
                    "roleName": "EC2andS3"
                }

            }
        },
        "Properties": {
            "KeyName": "GoldenImage-NV-Anant",
            "DisableApiTermination": "false",
            "ImageId": "ami-0b33d91d",
            "InstanceType": "t2.micro",
            "Monitoring": "false",
            "SubnetId": "subnet-73487a59",
            "SecurityGroupIds": [{
                "Ref": "SecurityGroupId"
            }],
            "IamInstanceProfile": {
                "Ref": "MyInstanceProfile"
            },
            "Tags": [{
                "Key": "Name",
                "Value": "GeicoUserDataPocInstance"
            }],
            "UserData": {
                "Fn::Base64": {
                    "Fn::Join": [
                        "", [
                            "#!/bin/bash -ex \n",
                            "echo \"hello dudes\" > /home/ec2-user/hello.txt \n",
                            "yum update -y aws-cfn-bootstrap\n",
                            "/opt/aws/bin/cfn-init -v",
                            " --stack ", {
                                "Ref": "AWS::StackId"
                            },
                            " --resource MyInstance ",
                            " --configsets InstallIt ",
                            " --region ", {
                                "Ref": "AWS::Region"
                            }, "\n",
                            "echo \"bye dudes\" > /home/ec2-user/bye.txt", "\n",


                            "/opt/aws/bin/cfn-signal -e $? ",
                            "    --stack ", {
                                "Ref": "AWS::StackId"
                            },
                            "    --resource MyInstance ",
                            "    --region ", {
                                "Ref": "AWS::Region"
                            }, "\n"
                        ]
                    ]
                }
            }
        },

        "CreationPolicy": {
            "ResourceSignal": {
                "Timeout": "PT90M",
                "Count": "1"
            }
        }
    },

    "MyInstanceProfile": {
        "Description": "Instance profile for the instance",
        "Type": "AWS::IAM::InstanceProfile",
        "Properties": {
            "Path": "/",
            "Roles": ["EC2andS3"]
        }
    }
}
}

1 个答案:

答案 0 :(得分:2)

  • configsets应为configSets,资金为S

    "configSets": {
    "InstallIt": ["config1"]
},

  • buckets属性需要是一个字符串列表(这可能没有必要,文档有点不清楚):

    "buckets": ["poc-bucket"]
    • 除非您的文件来源是S3存储桶,否则

  • AWS::CloudFormation::Authentication资源不是必需的。即便如此,在使用附加的实例配置文件时仍然没有必要,因为默认情况下它将使用实例配置文件进行身份验证。

相关问题
最新问题