Skip to content

Instantly share code, notes, and snippets.

@cwgem
Last active July 22, 2017 16:35
Show Gist options
  • Save cwgem/f80cd47c61d4ba1c4215c24e432de533 to your computer and use it in GitHub Desktop.
Save cwgem/f80cd47c61d4ba1c4215c24e432de533 to your computer and use it in GitHub Desktop.
SSM Automation Doc for Blog Automation
{
"schemaVersion":"0.3",
"description":"Updates AMI with Linux distribution packages and Amazon software. For details,see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sysman-ami-walkthrough.html",
"assumeRole":"{{AutomationAssumeRole}}",
"parameters":{
"SourceAmiId":{
"type":"String",
"description":"(Required) The source Amazon Machine Image ID.",
"default":"ami-8b92b4ee"
},
"EFSId":{
"type":"String",
"description":"(Required) The ID of the EFS volume."
},
"PythonVersion":{
"type":"String",
"description":"(Required) The Python 3 version to use.",
"default":"3.6.1"
},
"ChefdkDownloadUrl":{
"type":"String",
"description":"(Required) The URL to download ChefDK from.",
"default":"https://packages.chef.io/files/stable/chefdk/2.0.28/ubuntu/16.04/chefdk_2.0.28-1_amd64.deb"
},
"ChefdkSHA256":{
"type":"String",
"description":"(Required) The SHA256 to validate the ChefDK archive",
"default":"4fa0daa3f26545a3b4ad104370e210df0d3d909298b2df85a613f564e0780730"
},
"OsUser":{
"type":"String",
"description":"(Required) The ID of the non-root user.",
"default":"ubuntu"
},
"EFSMount":{
"type":"String",
"description":"(Required) The mount point for the EFS volume.",
"default":"/mnt/efs"
},
"InstanceIamRole":{
"type":"String",
"description":"(Required) The name of the role that enables Systems Manager (SSM) to manage the instance.",
"default": "ManagedInstanceProfile"
},
"AutomationAssumeRole":{
"type":"String",
"description":"(Required) The ARN of the role that allows Automation to perform the actions on your behalf.",
"default":"arn:aws:iam::{{global:ACCOUNT_ID}}:role/AutomationServiceRole"
},
"TargetAmiName":{
"type":"String",
"description":"(Optional) The name of the new AMI that will be created. Default is a system-generated string including the source AMI id, and the creation time and date.",
"default":"UpdateLinuxAmi_from_{{SourceAmiId}}_on_{{global:DATE_TIME}}"
},
"InstanceType":{
"type":"String",
"description":"(Optional) Type of instance to launch as the workspace host. Instance types vary by region. Default is t2.micro.",
"default":"t2.micro"
}
},
"mainSteps":[
{
"name":"launchInstance",
"action":"aws:runInstances",
"maxAttempts":3,
"timeoutSeconds":300,
"onFailure":"Abort",
"inputs":{
"ImageId":"{{SourceAmiId}}",
"InstanceType":"{{InstanceType}}",
"UserData":"IyEvYmluL2Jhc2gNCg0KZnVuY3Rpb24gZ2V0X2NvbnRlbnRzKCkgew0KICAgIGlmIFsgLXggIiQod2hpY2ggY3VybCkiIF07IHRoZW4NCiAgICAgICAgY3VybCAtcyAtZiAiJDEiDQogICAgZWxpZiBbIC14ICIkKHdoaWNoIHdnZXQpIiBdOyB0aGVuDQogICAgICAgIHdnZXQgIiQxIiAtTyAtDQogICAgZWxzZQ0KICAgICAgICBkaWUgIk5vIGRvd25sb2FkIHV0aWxpdHkgKGN1cmwsIHdnZXQpIg0KICAgIGZpDQp9DQoNCnJlYWRvbmx5IElERU5USVRZX1VSTD0iaHR0cDovLzE2OS4yNTQuMTY5LjI1NC8yMDE2LTA2LTMwL2R5bmFtaWMvaW5zdGFuY2UtaWRlbnRpdHkvZG9jdW1lbnQvIg0KcmVhZG9ubHkgVFJVRV9SRUdJT049JChnZXRfY29udGVudHMgIiRJREVOVElUWV9VUkwiIHwgYXdrIC1GXCIgJy9yZWdpb24vIHsgcHJpbnQgJDQgfScpDQpyZWFkb25seSBERUZBVUxUX1JFR0lPTj0idXMtZWFzdC0xIg0KcmVhZG9ubHkgUkVHSU9OPSIke1RSVUVfUkVHSU9OOi0kREVGQVVMVF9SRUdJT059Ig0KDQpyZWFkb25seSBTQ1JJUFRfTkFNRT0iYXdzLWluc3RhbGwtc3NtLWFnZW50Ig0KIFNDUklQVF9VUkw9Imh0dHBzOi8vYXdzLXNzbS1kb3dubG9hZHMtJFJFR0lPTi5zMy5hbWF6b25hd3MuY29tL3NjcmlwdHMvJFNDUklQVF9OQU1FIg0KDQppZiBbICIkUkVHSU9OIiA9ICJjbi1ub3J0aC0xIiBdOyB0aGVuDQogIFNDUklQVF9VUkw9Imh0dHBzOi8vYXdzLXNzbS1kb3dubG9hZHMtJFJFR0lPTi5zMy5jbi1ub3J0aC0xLmFtYXpvbmF3cy5jb20uY24vc2NyaXB0cy8kU0NSSVBUX05BTUUiDQpmaQ0KDQppZiBbICIkUkVHSU9OIiA9ICJ1cy1nb3Ytd2VzdC0xIiBdOyB0aGVuDQogIFNDUklQVF9VUkw9Imh0dHBzOi8vYXdzLXNzbS1kb3dubG9hZHMtJFJFR0lPTi5zMy11cy1nb3Ytd2VzdC0xLmFtYXpvbmF3cy5jb20vc2NyaXB0cy8kU0NSSVBUX05BTUUiDQpmaQ0KDQpjZCAvdG1wDQpGSUxFX1NJWkU9MA0KTUFYX1JFVFJZX0NPVU5UPTMNClJFVFJZX0NPVU5UPTANCg0Kd2hpbGUgWyAkUkVUUllfQ09VTlQgLWx0ICRNQVhfUkVUUllfQ09VTlQgXSA7IGRvDQogIGVjaG8gQVdTLVVwZGF0ZUxpbnV4QW1pOiBEb3dubG9hZGluZyBzY3JpcHQgZnJvbSAkU0NSSVBUX1VSTA0KICBnZXRfY29udGVudHMgIiRTQ1JJUFRfVVJMIiA+ICIkU0NSSVBUX05BTUUiDQogIEZJTEVfU0laRT0kKGR1IC1rIC90bXAvJFNDUklQVF9OQU1FIHwgY3V0IC1mMSkNCiAgZWNobyBBV1MtVXBkYXRlTGludXhBbWk6IEZpbmlzaGVkIGRvd25sb2FkaW5nIHNjcmlwdCwgc2l6ZTogJEZJTEVfU0laRQ0KICBpZiBbICRGSUxFX1NJWkUgLWd0IDAgXTsgdGhlbg0KICAgIGJyZWFrDQogIGVsc2UNCiAgICBpZiBbWyAkUkVUUllfQ09VTlQgLWx0IE1BWF9SRVRSWV9DT1VOVCBdXTsgdGhlbg0KICAgICAgUkVUUllfQ09VTlQ9JCgoUkVUUllfQ09VTlQrMSkpOw0KICAgICAgZWNobyBBV1MtVXBkYXRlTGludXhBbWk6IEZpbGVTaXplIGlzIDAsIHJldHJ5Q291bnQ6ICRSRVRSWV9DT1VOVA0KICAgIGZpDQogIGZpIA0KZG9uZQ0KDQppZiBbICRGSUxFX1NJWkUgLWd0IDAgXTsgdGhlbg0KICBjaG1vZCAreCAiJFNDUklQVF9OQU1FIg0KICBlY2hvIEFXUy1VcGRhdGVMaW51eEFtaTogUnVubmluZyBVcGRhdGVTU01BZ2VudCBzY3JpcHQgbm93IC4uLi4NCiAgLi8iJFNDUklQVF9OQU1FIiAtLXJlZ2lvbiAiJFJFR0lPTiINCmVsc2UNCiAgZWNobyBBV1MtVXBkYXRlTGludXhBbWk6IFVuYWJsZSB0byBkb3dubG9hZCBzY3JpcHQsIHF1aXR0aW5nIC4uLi4NCmZp",
"MinInstanceCount":1,
"MaxInstanceCount":1,
"IamInstanceProfileName":"{{InstanceIamRole}}"
}
},
{
"name":"updateOSSoftware",
"action":"aws:runCommand",
"maxAttempts":3,
"timeoutSeconds":3600,
"onFailure":"Abort",
"inputs":{
"DocumentName":"AWS-RunShellScript",
"InstanceIds":[
"{{launchInstance.InstanceIds}}"
],
"Parameters":{
"commands":[
"set -e",
"export DEBIAN_FRONTEND=noninteractive",
"apt-get -qq update",
"unattended-upgrade -d",
"apt-get -qq install nfs-common gnupg"
]
}
}
},
{
"name":"efsSetup",
"action":"aws:runCommand",
"maxAttempts":3,
"timeoutSeconds":300,
"onFailure":"Abort",
"inputs":{
"DocumentName":"AWS-RunShellScript",
"InstanceIds":[
"{{launchInstance.InstanceIds}}"
],
"Parameters":{
"commands":[
"mkdir {{EFSMount}}",
"echo '{{EFSId}}.efs.{{global:REGION}}.amazonaws.com:/ {{EFSMount}} nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev 0 0' >> /etc/fstab"
]
}
}
},
{
"name":"setupChefDK",
"action":"aws:runCommand",
"maxAttempts":3,
"timeoutSeconds":3600,
"onFailure":"Abort",
"inputs":{
"DocumentName":"AWS-RunShellScript",
"InstanceIds":[
"{{launchInstance.InstanceIds}}"
],
"Parameters":{
"commands":[
"set -e",
"cd /tmp",
"wget -q -O chefdk.deb '{{ChefdkDownloadUrl}}' 2>&1 >/dev/null",
"echo '{{ChefdkSHA256}} chefdk.deb' > SHASUM256",
"sha256sum -c SHASUM256",
"apt-get install -y /tmp/chefdk.deb"
]
}
}
},
{
"name":"setupPython",
"action":"aws:runCommand",
"maxAttempts":3,
"timeoutSeconds":3600,
"onFailure":"Abort",
"inputs":{
"DocumentName":"AWS-RunShellScript",
"InstanceIds":[
"{{launchInstance.InstanceIds}}"
],
"Parameters":{
"commands":[
"set -e",
"export DEBIAN_FRONTEND=noninteractive",
"apt-get -qq install build-essential python-pip libbz2-dev libssl-dev libreadline-dev libsqlite3-dev tk-dev",
"cd /tmp",
"wget -q https://www.python.org/ftp/python/{{PythonVersion}}/Python-{{PythonVersion}}.tgz",
"wget -q https://www.python.org/ftp/python/{{PythonVersion}}/Python-{{PythonVersion}}.tgz.asc",
"gpg --recv-keys 6A45C816 36580288 7D9DC8D2 18ADD4FF A4135B38 A74B06BF EA5BBD71 E6DF025C AA65421D 6F5E1540 F73C700D 487034E5",
"gpg --verify Python-{{PythonVersion}}.tgz.asc",
"tar xzvf Python-{{PythonVersion}}.tgz",
"cd Python-{{PythonVersion}} && ./configure && make",
"make install",
"/usr/local/bin/pip3 install --upgrade pip",
"/usr/local/bin/pip3 install virtualenv",
"su {{OsUser}} -c '/usr/local/bin/virtualenv ~/venv-python{{PythonVersion}}'"
]
}
}
},
{
"name":"setupAWS",
"action":"aws:runCommand",
"maxAttempts":3,
"timeoutSeconds":3600,
"onFailure":"Abort",
"inputs":{
"DocumentName":"AWS-RunShellScript",
"InstanceIds":[
"{{launchInstance.InstanceIds}}"
],
"Parameters":{
"commands":[
"set -e",
"pip install awscli",
"su {{OsUser}} -c 'aws configure set default.region {{global:REGION}}'"
]
}
}
},
{
"name":"asciidocInstall",
"action":"aws:runCommand",
"maxAttempts":3,
"timeoutSeconds":3600,
"onFailure":"Abort",
"inputs":{
"DocumentName":"AWS-RunShellScript",
"InstanceIds":[
"{{launchInstance.InstanceIds}}"
],
"Parameters":{
"commands":[
"set -e",
"export DEBIAN_FRONTEND=noninteractive",
"apt-get install -y asciidoc",
"pip install Pygments"
]
}
}
},
{
"name":"setupPelican",
"action":"aws:runCommand",
"maxAttempts":3,
"timeoutSeconds":3600,
"onFailure":"Abort",
"inputs":{
"DocumentName":"AWS-RunShellScript",
"InstanceIds":[
"{{launchInstance.InstanceIds}}"
],
"Parameters":{
"commands":[
"set -e",
"su {{OsUser}} -c 'source ~/venv-python{{PythonVersion}}/bin/activate; pip install pelican'"
]
}
}
},
{
"name":"stopInstance",
"action":"aws:changeInstanceState",
"maxAttempts":3,
"timeoutSeconds":1200,
"onFailure":"Abort",
"inputs":{
"InstanceIds":[
"{{launchInstance.InstanceIds}}"
],
"DesiredState":"stopped"
}
},
{
"name":"createImage",
"action":"aws:createImage",
"maxAttempts":3,
"onFailure":"Abort",
"inputs":{
"InstanceId":"{{launchInstance.InstanceIds}}",
"ImageName":"{{TargetAmiName}}",
"NoReboot":true,
"ImageDescription":"BlogAMI generated {{global:DATE_TIME}}"
}
},
{
"name":"terminateInstance",
"action":"aws:changeInstanceState",
"maxAttempts":3,
"onFailure":"Continue",
"inputs":{
"InstanceIds":[
"{{launchInstance.InstanceIds}}"
],
"DesiredState":"terminated"
}
}
],
"outputs":[
"createImage.ImageId"
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment