miztiik / aws-demos Goto Github PK
View Code? Open in Web Editor NEWA hands on repo with multiple demonstrations on AWS ๐
A hands on repo with multiple demonstrations on AWS ๐
Hi,
I just tried this stack in the Ohio region but I get this error = subject.
I have tried multiple variants of the availability region from the drop downs but it throws the same error irregardless of what I select.
Do you know why this is?
How can we give a command to press any key during the script?
ex:
How can we pass the command to press ESC key?
Hi has anyone extended this form so that one can upload more input field data and more files ?
There is no such parameter in Parameter Group for msql8.0
in AWS RDS
. See screenshot:
Please update the docs here.
I would suggest to ask other author to credit the hard work done by you, by at least adding this repo link when copying line by line.
Here is the duplicate entry: https://github.com/kcr123/AWS-Interview-Questions-Answers/tree/master/Interview-Questions
I have created IAM roles and updated the trusted entities as instructed, but I continue to get an error "The defined assume role is unable to be assumed." When executing I am selecting the basic function option.
I did make some minor modifications to the parameter store. I have already created a hardened image and would like to use that one. I am also using Ubuntu 18.04, but don't think any of these modifications would trigger the error above.
Do you have any ideas on what is causing this error?
============================================
{
"schemaVersion": "0.3",
"description": "Create a Golden AMI with Linux distribution packages(ClamAV) and Amazon software(SSM & Inspector). For details,see https://github.com/miztiik/AWS-Demos/tree/master/How-To/setup-ami-lifecycle-management-using-ssm",
"assumeRole": "{{AutomationAssumeRole}}}",
"parameters": {
"SourceAmiId": {
"type": "String",
"description": "(Required) The source Amazon Machine Image ID.",
"default": "{{ssm:/GoldenAMI/Ubuntu/source}}"
},
"InstanceIamRole": {
"type": "String",
"description": "(Required) The name of the role that enables Systems Manager (SSM) to manage the instance.",
"default": "ManagedInstanceRole"
},
"AutomationAssumeRole": {
"type": "String",
"description": "(Required) The ARN of the role that allows Automation to perform the actions on your behalf.",
"default": "arn:aws:iam::{{global:ACCOUNT_ID}}:role/AutomationServiceRole"
},
"SubnetId": {
"type": "String",
"description": "(Required) The subnet that the created instance will be placed into.",
"default": ""
},
"TargetAmiName": {
"type": "String",
"description": "(Optional) The name of the new AMI that will be created. Default is a system-generated string including the source AMI id, and the creation time and date.",
"default": "GoldenAMI-Ubuntu_18_on_{{global:DATE_TIME}}"
},
"InstanceType": {
"type": "String",
"description": "(Optional) Type of instance to launch as the workspace host. Instance types vary by region. Default is t2.medium.",
"default": "t2.medium"
},
"PreUpdateScript": {
"type": "String",
"description": "(Optional) URL of a script to run before updates are applied. Default ("none") is to not run a script.",
"default": "none"
},
"PostUpdateScript": {
"type": "String",
"description": "(Optional) URL of a script to run after package updates are applied. Default ("none") is to not run a script.",
"default": ""
},
"IncludePackages": {
"type": "String",
"description": "(Optional) Only update these named packages. By default ("all"), all available updates are applied.",
"default": "all"
},
"ExcludePackages": {
"type": "String",
"description": "(Optional) Names of packages to hold back from updates, under all conditions. By default ("none"), no package is excluded.",
"default": "none"
},
"lambdaFunctionName": {
"type": "String",
"description": "(Required) The name of the lambda function. Default ('none') is to not run a script.",
"default": "GoldImg-Automation-UpdateSsmParam"
}
},
"mainSteps": [
{
"name": "launchInstance",
"action": "aws:runInstances",
"maxAttempts": 3,
"timeoutSeconds": 1200,
"onFailure": "Abort",
"inputs": {
"ImageId": "{{SourceAmiId}}",
"InstanceType": "{{InstanceType}}",
"SubnetId": "{{ SubnetId }}",
"UserData":
"MinInstanceCount": 1,
"MaxInstanceCount": 1,
"IamInstanceProfileName": "{{InstanceIamRole}}"
}
},
{
"name": "updateOSSoftware",
"action": "aws:runCommand",
"maxAttempts": 3,
"timeoutSeconds": 3600,
"onFailure": "Abort",
"inputs": {
"DocumentName": "AWS-RunShellScript",
"InstanceIds": [
"{{launchInstance.InstanceIds}}"
],
"Parameters": {
"commands": [
"set -e",
"[ -x "$(which wget)" ] && get_contents='wget $1 -O -'",
"[ -x "$(which curl)" ] && get_contents='curl -s -f $1'",
"eval $get_contents https://aws-ssm-downloads-{{global:REGION}}.s3.amazonaws.com/scripts/aws-update-linux-instance > /tmp/aws-update-linux-instance",
"chmod +x /tmp/aws-update-linux-instance",
"/tmp/aws-update-linux-instance --pre-update-script '{{PreUpdateScript}}' --post-update-script '{{PostUpdateScript}}' --include-packages '{{IncludePackages}}' --exclude-packages '{{ExcludePackages}}' 2>&1 | tee /tmp/aws-update-linux-instance.log"
]
}
}
},
{
"name": "installCustomizations",
"action": "aws:runCommand",
"maxAttempts": 3,
"timeoutSeconds": 600,
"onFailure": "Abort",
"inputs": {
"DocumentName": "AWS-RunShellScript",
"InstanceIds": [
"{{launchInstance.InstanceIds}}"
],
"Parameters": {
"commands": "sudo apt-get update && sudo apt-get upgrade -y"
}
}
},
{
"name": "installInspectorAgent",
"action": "aws:runCommand",
"maxAttempts": 3,
"timeoutSeconds": 600,
"onFailure": "Abort",
"inputs": {
"DocumentName": "AmazonInspector-ManageAWSAgent",
"InstanceIds": [
"{{launchInstance.InstanceIds}}"
],
"Parameters": {
"Operation": "Install"
}
}
},
{
"name": "installUnifiedCloudWatchAgent",
"action": "aws:runCommand",
"maxAttempts": 3,
"timeoutSeconds": 600,
"onFailure": "Abort",
"inputs": {
"DocumentName": "AWS-ConfigureAWSPackage",
"InstanceIds": [
"{{launchInstance.InstanceIds}}"
],
"Parameters": {
"name": "AmazonCloudWatchAgent",
"action": "Install"
}
}
},
{
"name": "stopInstance",
"action": "aws:changeInstanceState",
"maxAttempts": 3,
"timeoutSeconds": 1200,
"onFailure": "Abort",
"inputs": {
"InstanceIds": [
"{{launchInstance.InstanceIds}}"
],
"DesiredState": "stopped"
}
},
{
"name": "createImage",
"action": "aws:createImage",
"maxAttempts": 3,
"onFailure": "Abort",
"inputs": {
"InstanceId": "{{launchInstance.InstanceIds}}",
"ImageName": "{{TargetAmiName}}",
"NoReboot": true,
"ImageDescription": "AMI Generated by EC2 Automation on {{global:DATE_TIME}} from {{SourceAmiId}}"
}
},
{
"name": "createEncryptedCopy",
"action": "aws:copyImage",
"maxAttempts": 3,
"onFailure": "Abort",
"inputs": {
"SourceImageId": "{{createImage.ImageId}}",
"SourceRegion": "{{global:REGION}}",
"ImageName": "Encrypted-{{TargetAmiName}}",
"ImageDescription": "Encrypted GoldenAMI by SSM Automation on {{global:DATE_TIME}} from source AMI {{createImage.ImageId}}",
"Encrypted": true
}
},
{
"name": "createTagsForEncryptedImage",
"action": "aws:createTags",
"maxAttempts": 1,
"onFailure": "Continue",
"inputs": {
"ResourceType": "EC2",
"ResourceIds": [
"{{createEncryptedCopy.ImageId}}"
],
"Tags": [
{
"Key": "Automation-Id",
"Value": "{{automation:EXECUTION_ID}}"
},
{
"Key": "Owner",
"Value": "Mystique"
},
{
"Key": "SourceAMI",
"Value": "{{SourceAmiId}}"
},
{
"Key": "Amazon-Inspector",
"Value": "true"
},
{
"Key": "Amazon-SSM",
"Value": "true"
},
{
"Key": "Encrypted",
"Value": "true"
}
]
}
},
{
"name": "updateSsmParam",
"action": "aws:invokeLambdaFunction",
"timeoutSeconds": 1200,
"maxAttempts": 1,
"onFailure": "Abort",
"inputs": {
"FunctionName": "Automation-UpdateSsmParam",
"Payload": "{"parameterName":"/GoldenAMI/Ubuntu/latest", "parameterValue":"{{createEncryptedCopy.ImageId}}"}"
}
},
{
"name": "terminateInstance",
"action": "aws:changeInstanceState",
"maxAttempts": 3,
"onFailure": "Continue",
"inputs": {
"InstanceIds": [
"{{launchInstance.InstanceIds}}"
],
"DesiredState": "terminated"
}
},
{
"name": "deleteUnEcryptedImage",
"action": "aws:deleteImage",
"maxAttempts": 3,
"timeoutSeconds": 180,
"onFailure": "Abort",
"inputs": {
"ImageId": "{{createImage.ImageId}}"
}
}
],
"outputs": [
"createImage.ImageId"
]
}
issue for the interview questions:
Q: Can you establish a peering connection to a VPC in a different REGION?
Ans: Not possible. Peering Connection are available only between VPC in the same region.
need to update the answer to below:
Ans: Yes, if the VPCs are in different regions, the request must be accepted in the region of the accepter VPC.
@KrishDD , In file https://github.com/miztiik/AWS-Demos/tree/master/How-To/setup-lvm-in-EC2#create-file-system there is an extra "". It shoudn't be there
Hi,
the web server that is built as a part of the CloudFormation is not possible to be accessed.
I get connection refused - is this to do with some of the commands on the linux machine is not supported anymore?
Or why do we get this issue - I did not get it before the first time I tried this code?
This is related to the code in setup-cloudformation-webserver
In file https://github.com/miztiik/AWS-Demos/tree/master/How-To/setup-lvm-in-EC2#create-file-system can we use "mkdir -p" instead of just "mkdir" it will create the whole directory tree if they are missing and will not throw an error if it already exists.
README.MD needs to be updated of setup-manual-elasticsearch-snapshots
AWS recently updated I was wondering what changes do we need to do to deploy S3 Security - Uploading Objects Using Pre-Signed URLs project or will it work as it is?
With reference to the repo titled " setup-pre-signed-s3-urls/"
When one uploads a file called "filename.png" - the filename is amended to some thing like this:
cd3223123_filename.png.
How can we stop this from happening and retain the original "filename.png"
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.