How to run aws ssm get marameter in instance user data?
0
Hello I am trying to automate instance autoupdate on it start. I am using for this userdata in launch template. One of them is update .env file which we are storing in AWS Parameter Store. So, user data looks like:
#!/bin/bash -x
aws ssm get-parameters --names /dev/microservices --with-decryption --output text > /home/ubuntu/microservices/.env && pm2 reload all --update-env --time
This commnd works fine when to run it locally on the server, but if to run it in userdata then .env file is just empty. How is that possible? I have instance profile attached to EC2 launch template, to be able to read the values from AWS Parameter Store. Should i also export AWS credentials in userdata?
aws configure set aws_access_key_id "AKIAI***************" --profile user2 && aws configure set aws_secret_access_key "*************************************" --profile user2 && aws configure set region "us-east-1" --profile user2 && aws configure set output "text" --profile user2
Sprache
English
gefragt vor 6 Monaten514 Aufrufe
1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
No, access/secret keys are not needed. When you use instance profile, instance will assume a role that you set up for instance profile. Check if this role has SSM permissions.
beantwortet vor 6 Monaten
Relevanter Inhalt
AWS OFFICIALAktualisiert vor 8 Monaten- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr
Hello. Issue was in "--region" option missing in the aws ssm get-parameters command.
Cat cloud-init-output.loghelped to resolve an issue. Now i can export data from the parameter store record to the .env file. Thanks.