pbashyal-nmdp/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Usage


You will need to first make sure you have subscribed to the marketplace product
Get the AMI of the marketplace
Copy the script to machine
awsume (or otherwise authorize) to AWS
chmod the script to be executable if needed chmod +x marketplace-ami-encryptor.sh

Usage ./marketplace-ami-encryptor.sh {region} {ami} {name}

Example: ./marketplace-ami-encryptor.sh us-east-1 ami-f6eed4e0 OpenVPN
This make take a few minutes. Output looks like
Creating instance from marketplace AMI ami-f6eed4e0
Waiting for instance i-0d3a37ce1eb4b3f24 to be running and status OK...
Creating encrypted image
Waiting for AMI ami-01bfa37a, to be available...
Terminating unencrypted instance...
Everything is good! Your new AMI 'OpenVPN Encrypted' is available as ami-01bfa37a


## aws-ami-encryptor.sh
#!/bin/bash
set -e

export AWS_DEFAULT_REGION=$1
MARKETPLACE_AMI=$2
NAME=$3

# Run Instance from Base AMI
echo "Creating instance from marketplace AMI $MARKETPLACE_AMI"
INSTANCE=`aws ec2 run-instances --image-id $MARKETPLACE_AMI --count 1 --instance-type t2.micro --query 'Instances[0].InstanceId'`
INSTANCE=`sed -e 's/^"//' -e 's/"$//' <<<"$INSTANCE"`

echo "Waiting for instance $INSTANCE to be running and status OK..."
aws ec2 wait instance-status-ok --instance-ids $INSTANCE

echo "Creating account AMI copy"
AMI_COPY=`aws ec2 create-image --instance-id $INSTANCE --block-device-mappings DeviceName=/dev/sda1,Ebs={Encrypted=True} --name "$MARKETPLACE_AMI Copy for $NAME" --query 'ImageId'`
AMI_COPY=`sed -e 's/^"//' -e 's/"$//' <<<"$AMI_COPY"`

echo "Waiting for AMI COPY $AMI_COPY to be available..."
aws ec2 wait image-available --image-ids $AMI_COPY

echo "Terminating unencrypted instance..."
TERMINATION=`aws ec2 terminate-instances --instance-ids $INSTANCE`

echo "Creating Encrypted AMI"
AMI_ENC=`aws ec2 copy-image --source-image-id $AMI_COPY --name "$NAME Encrypted" --encrypted --source-region $AWS_DEFAULT_REGION --region $AWS_DEFAULT_REGION --query 'ImageId'`
AMI_ENC=`sed -e 's/^"//' -e 's/"$//' <<<"$AMI_ENC"`

echo "Waiting for Encrypted AMI $AMI_ENC to be available..."
aws ec2 wait image-available --image-ids $AMI_ENC

echo "Deleting unneeded AMI Copy"
REMOVED=`aws ec2 deregister-image --image-id $AMI_COPY`

aws ec2 wait instance-terminated --instance-ids $INSTANCE
echo "Everything is good! Your new AMI '$NAME Encrypted' is available as $AMI"
	#!/bin/bash
	set -e

	export AWS_DEFAULT_REGION=$1
	MARKETPLACE_AMI=$2
	NAME=$3

	# Run Instance from Base AMI
	echo "Creating instance from marketplace AMI $MARKETPLACE_AMI"
	INSTANCE=`aws ec2 run-instances --image-id $MARKETPLACE_AMI --count 1 --instance-type t2.micro --query 'Instances[0].InstanceId'`
	INSTANCE=`sed -e 's/^"//' -e 's/"$//' <<<"$INSTANCE"`

	echo "Waiting for instance $INSTANCE to be running and status OK..."
	aws ec2 wait instance-status-ok --instance-ids $INSTANCE

	echo "Creating account AMI copy"
	AMI_COPY=`aws ec2 create-image --instance-id $INSTANCE --block-device-mappings DeviceName=/dev/sda1,Ebs={Encrypted=True} --name "$MARKETPLACE_AMI Copy for $NAME" --query 'ImageId'`
	AMI_COPY=`sed -e 's/^"//' -e 's/"$//' <<<"$AMI_COPY"`

	echo "Waiting for AMI COPY $AMI_COPY to be available..."
	aws ec2 wait image-available --image-ids $AMI_COPY

	echo "Terminating unencrypted instance..."
	TERMINATION=`aws ec2 terminate-instances --instance-ids $INSTANCE`

	echo "Creating Encrypted AMI"
	AMI_ENC=`aws ec2 copy-image --source-image-id $AMI_COPY --name "$NAME Encrypted" --encrypted --source-region $AWS_DEFAULT_REGION --region $AWS_DEFAULT_REGION --query 'ImageId'`
	AMI_ENC=`sed -e 's/^"//' -e 's/"$//' <<<"$AMI_ENC"`

	echo "Waiting for Encrypted AMI $AMI_ENC to be available..."
	aws ec2 wait image-available --image-ids $AMI_ENC

	echo "Deleting unneeded AMI Copy"
	REMOVED=`aws ec2 deregister-image --image-id $AMI_COPY`

	aws ec2 wait instance-terminated --instance-ids $INSTANCE
	echo "Everything is good! Your new AMI '$NAME Encrypted' is available as $AMI"