-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathinstance_with_awless.aws
23 lines (19 loc) · 1.16 KB
/
instance_with_awless.aws
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# Title: Create an instance with preinstalled awless with completion
# Tags: infra, awless
# role name variable
roleName = {awless.role-name}
# Create a AWS role that applies on a resource
create role name=$roleName principal-service="ec2.amazonaws.com" sleep-after=10
# Attach typical necessary awless readonly permissions to the role
attach policy role=$roleName service=ec2 access=readonly
attach policy role=$roleName service=s3 access=readonly
attach policy role=$roleName service=sns access=readonly
attach policy role=$roleName service=sqs access=readonly
attach policy role=$roleName service=vpc access=readonly
attach policy role=$roleName service=autoscaling access=readonly
attach policy role=$roleName service=iam access=readonly
attach policy role=$roleName service=rds access=readonly
attach policy role=$roleName service=route53 access=readonly
attach policy role=$roleName service=lambda access=readonly
# Launch new instance running remote user data script installing awless
create instance name=awless-commander type=t2.nano keypair={ssh.keypair} userdata=https://raw.githubusercontent.com/wallix/awless-templates/master/userdata/install_awless.yml role=$roleName