CloudFormation provides the following Python helper scripts that you can use to install software and start services on an Amazon EC2 instance that you create as part of your stack:
cfn-init â Use to retrieve and interpret resource metadata, install packages, create files, and start services.
cfn-signal â Use to signal with a CreationPolicy or WaitCondition, so you can synchronize other resources in the stack when the prerequisite resource or application is ready.
cfn-get-metadata â Use to retrieve metadata for a resource or path to a specific key.
cfn-hup â Use to check for updates to metadata and execute custom hooks when changes are detected.
You call the scripts directly from your template. The scripts work in conjunction with resource metadata that's defined in the same template. The scripts run on the Amazon EC2 instance during the stack creation process.
NoteThe scripts aren't executed by default. You must include calls in your template to execute specific helper scripts.
Amazon Linux AMI imagesThe CloudFormation helper scripts are preinstalled on Amazon Linux AMI images that have bootstrap scripts installed.
On the latest Amazon Linux AMI version, the scripts are installed in /opt/aws/bin.
On previous Amazon Linux AMI versions, the aws-cfn-bootstrap package that contains the scripts is located in the Yum repository.
The helper scripts are pre-installed on the latest versions of the Amazon Linux AMI and not on Optimized AMIs, such as ECS Optimized Image that uses Amazon Linux as base.
Downloading packages for other platformsFor Linux/Unix distributions other than Amazon Linux AMI images and for Microsoft Windows (2008 or later), you can download the aws-cfn-bootstrap package.
By default, helper scripts don't require credentials, so you don't need to use the --access-key, --secret-key, --role, or --credential-file options. However, if no credentials are specified, CloudFormation checks for stack membership and limits the scope of the call to the stack that the instance belongs to.
If you choose to specify an option, we recommend that you specify only one of the following:
--role
--credential-file
--access-key together with --secret-key
If you do specify an option, keep in mind which permissions the various helper scripts require:
cfn-signal requires cloudformation:SignalResource
All other helper scripts require cloudformation:DescribeStackResource
For more information on using CloudFormation-specific actions and condition context keys in IAM policies, see Control CloudFormation access with AWS Identity and Access Management in the AWS CloudFormation User Guide.
Using the latest versionThe helper scripts are updated periodically. If you use the helper scripts, ensure that your launched instances are using the latest version of the scripts:
Include the following command in the UserData property of your template before you call the scripts. This command ensures that you get the latest version:
yum install -y aws-cfn-bootstrap
If you don't include the yum install command and you use the cfn-init, cfn-signal, or cfn-get-metadata scripts, then you'll need to manually update the scripts in each Amazon EC2 Linux instance using this command:
sudo yum install -y aws-cfn-bootstrap
Running sudo yum install -y aws-cfn-bootstrap installs the helper scripts from the yum repository.
If you don't include the yum install command and you use the cfn-hup script, then you'll need to manually update the script in each Amazon EC2 Linux instance using these commands:
sudo yum install -y aws-cfn-bootstrap
sudo /sbin/service cfn-hup restart
Running sudo yum install -y aws-cfn-bootstrap installs the helper scripts from the yum repository.
If you use the source code for the scripts to work with another version of Linux or a different platform, and you have created your own certificate trust store, you'll also need to keep the trust store updated.
For the version history of the aws-cfn-bootstrap package, see Release history for AWS CloudFormation helper scripts.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4