Sample Windows Packer

bootstrap-aws.txt

<powershell>

# set administrator password
net user Administrator "ChangeMeN0w!123"
wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE

winrm quickconfig -q
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="300"}'
winrm set winrm/config '@{MaxTimeoutms="1800000"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'

netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow
netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow

net stop winrm
sc config winrm start=auto
net start winrm

# turn off PowerShell execution policy restrictions
Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope LocalMachine

</powershell>

install_codedeploy.ps1

## Simple Script to Install AWS CodeDeploy Agent

New-Item -type directory -f c:\temp
Read-S3Object -BucketName aws-codedeploy-us-east-1/latest -Key codedeploy-agent.msi -File c:\temp\codedeploy-agent.msi
Start-Process -Wait -FilePath c:\temp\codedeploy-agent.msi -WindowStyle Hidden
Get-Service -Name codedeployagent

PowerShell Commands.ps1

<#
    NOTE: DO NOT RUN THIS SCRIPT
    This is simply a record of commands 
    demonstrated in the AWS PowerShell Webinar
#>

#Credentials

Get-EC2Instance -AccessKey $AccessKey -SecretKey $SecretKey -Region us-west-1

Get-AWSCredentials -ListStoredCredentials
Clear-AWSCredentials -StoredCredentials PSH

Set-AWSCredentials -StoreAs PSH -AccessKey $AccessKey -SecretKey $SecretKey

Get-EC2Instance -ProfileName PSH

Get-EC2Instance -ProfileName PSH -Region us-west-1

Clear-AWSCredentials -StoredCredentials PSH

Initialize-AWSDefaults -AccessKey $AccessKey -SecretKey $SecretKey -Region us-west-1

Get-AWSCredentials -ListStoredCredentials

#Regions

Get-AWSRegion

Set-DefaultAWSRegion -Region us-west-1

Clear-DefaultAWSRegion

#Discovery

Get-Command -Module AWSPowerShell

Get-Help

help New-EC2Instance -Examples

#History

$AWSHistory

Get-History

Get-History | select -ExpandProperty commandline

#Find ami's

Get-EC2ImageByName

Get-EC2ImageByName windows_2012r2_base | select -First 1 -ExpandProperty imageid
$win_ami = Get-EC2ImageByName windows_2012r2_base | select -First 1 -ExpandProperty imageid

#Create instance

$i = New-EC2Instance -ImageId $win_ami -MinCount 1 -MaxCount 1 -KeyName norcal -InstanceType m3.xlarge
$i = New-EC2Instance -ImageId $win_ami -MinCount 1 -MaxCount 1 -KeyName norcal -InstanceType m3.xlarge | select -ExpandProperty instances

Get-EC2Instance | Stop-EC2Instance -Terminate -Confirm:$false -Force

#Security groups
$sg = New-EC2SecurityGroup -GroupName MyRDPGroup -Description 'Enable RDP from Internet'
Get-EC2SecurityGroup -GroupIds $sg | select -ExpandProperty ippermissions

$ip.IpProtocol = 'tcp'
$ip.FromPort = '3389'
$ip.ToPort = '3389'
$ip.IpRange.add('0.0.0.0/0')

Grant-EC2SecurityGroupIngress -GroupId $sg -IpPermissions $ip

$i = New-EC2Instance -ImageId $win_ami -MinCount 1 -MaxCount 1 -KeyName norcal -InstanceType m3.xlarge -SecurityGroupIds $sg | select -ExpandProperty instances

#Tagging
New-EC2Tag -Resources $i.instanceid -Tags @{key='Name';value='SRV01'}

#Filters
Get-EC2Instance -Filter @{name='tag:Name';values='SRV01'}

#Password retrieval (you need to change the pem file path)
Get-EC2PasswordData -InstanceId $i.instanceid -PemFile C:\norcal.pem

#Instance meta-data
Invoke-RestMethod -Uri http://169.254.169.254/latest/meta-data
Invoke-RestMethod -Uri http://169.254.169.254/latest/meta-data/instance-type

#Ebs - add storage to new instance

$vol = New-Object Amazon.EC2.Model.EbsBlockDevice
$vol
$vol.DeleteOnTermination = $true
$vol.VolumeSize = 100
$vol.VolumeType = 'gp2'
$map = New-Object Amazon.EC2.Model.BlockDeviceMapping

$map.DeviceName = 'xvdf'
$map.Ebs = $vol

$i = New-EC2Instance -ImageId $win_ami -MinCount 1 -MaxCount 1 -KeyName norcal -InstanceType m3.xlarge -BlockDeviceMapping $map | select -ExpandProperty instances

#Ebs add storage to running instance

$v = New-EC2Volume -AvailabilityZone us-west-1b -Size 100 -VolumeType gp2
Add-EC2Volume -Device xvdf -InstanceId $i.instanceid -VolumeId $v.VolumeId

setup_iis.ps1

Add-WindowsFeature -Name Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Security,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Tools,WAS,WAS-Process-Model

windows_demo2.json

{
  "variables": {
    "aws_access_key": "XXXXXXXXXXXXXXXXXXXXXXXX",
    "aws_secret_key": "YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY",
    "aws_ami_id": "ami-c8a9baa2",
    "aws_user": "ec2-user",
    "aws_region": "us-east-1",
    "aws_instance_type": "c4.large"
  },
  "builders": [
    {
      "access_key": "{{user `aws_access_key`}}",
      "ami_name": "Windows-Demo-AMI",
      "associate_public_ip_address": true,
      "communicator": "winrm",
      "iam_instance_profile": "WindowsDemo",
      "instance_type": "{{user `aws_instance_type`}}",
      "region": "us-east-1",
      "secret_key": "{{user `aws_secret_key`}}",
      "security_group_id": "sg-552ce12e",
      "source_ami": "{{user `aws_ami_id`}}",
      "subnet_id": "subnet-64dec74c",
      "tags": { "Name": "Windows Demo" },
      "type": "amazon-ebs",
      "user_data_file": "bootstrap-aws.txt",
      "winrm_password": "SomeSecurePasswordHere",
      "winrm_timeout": "5m",
      "winrm_username": "Administrator"
    }
  ],
  "provisioners": [
    {
      "type": "powershell",
      "scripts": [
        "install_codedeploy.ps1",
        "setup_iis.ps1"
      ]
    }
  ]
}