Last active
March 25, 2023 08:15
-
-
Save sebsto/6b2f976d7bd6e84dd2eb147c0a7af9f8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
### | |
### Payload script | |
### | |
CURRENT_USER=$(whoami) | |
echo "Hello from shell script as user: \"$CURRENT_USER\"" | |
exit 0 | |
#### | |
#### User Data Script | |
#### | |
#!/bin/sh | |
REMOTE_SCRIPT_URL=https://gist.githubusercontent.com/sebsto/6b2f976d7bd6e84dd2eb147c0a7af9f8/raw/71cb67d980e2b03aac9b99f203f42010cb62fa0d/Test%2520User%2520Data | |
LOCAL_FILENAME=/tmp/shell_script.sh | |
NON_PRIVILEDGED_USER=ec2-user | |
curl -s -o $LOCAL_FILENAME "$REMOTE_SCRIPT_URL" | |
chmod u+x $LOCAL_FILENAME | |
chown $NON_PRIVILEDGED_USER:staff $LOCAL_FILENAME | |
su -m $NON_PRIVILEDGED_USER $LOCAL_FILENAME > /tmp/userdata.txt # beware of env variables accessible or not from the target script (read `man su` for a detailed discussion) | |
rm $LOCAL_FILENAME | |
### | |
### EC2 run instance command (assumes userdata.sh is the script above, in the current directory) | |
### | |
HOST_ID=h-00000d | |
SSH_KEY_NAME=my_ssh_key | |
AMI_ID=ami-04a8015f31efaeab1 # macOS 13.2 on Apple Silicon in us-east-1 | |
SECURITY_GROUP=sg_700000001 | |
aws ec2 run-instances \ | |
--region us-east-1 \ | |
--instance-type mac2.metal \ | |
--placement HostId=$HOST_ID \ | |
--key-name $SSH_KEY_NAME \ | |
--image-id $AMI_ID \ | |
--security-group-ids $SECURITY_GROUP \ | |
--user-data file://./userdata.sh |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment