Rainsbrook

User Tools

Site Tools

Trace:
aws:ec2

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

aws:ec2 [04/09/2024 10:42] – created - external edit 127.0.0.1aws:ec2 [28/05/2025 09:16] (current) – [EC2 metadata - get public ip address] andrew
Line 423: Line 423:
 52.25.145.1 52.25.145.1
 $ $
 +</code>
 +
 +
 +===== AWS NTP Time =====
 +
 +
 +Use 169.254.169.123 with ntp or chrony.
 +
 +  server 169.254.169.123 prefer iburst
 +
 +
 +==== Force timesync with chrony ====
 +
 +
 +If you get this message:-
 +
 +<code>
 +$ ./get_repos.sh
 +
 +An error occurred (InvalidSignatureException) when calling the ListRepositories operation: Signature expired: 20231207T141711Z is now earlier than 20231207T152038Z (20231207T153538Z - 15 min.)
 +</code>
 +
 +your time may be out by more than AWS allows, use this with chrony to force a reset. ''ntpdate'' will force a resync with the ntpd package. You will need to stop the ''ntpd'' daemon first and then restart it after.
 +
 +<code>
 +root@ubuntu20:~# chronyd -q 'server time.domain.com  iburst'
 +2023-10-26T15:32:22Z chronyd version 3.5 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASYNCDNS +SECHASH +IPV6 -DEBUG)
 +2023-10-26T15:32:22Z Initial frequency 5.379 ppm
 +2023-10-26T15:32:26Z System clock wrong by 1931.782000 seconds (step)
 +2023-10-26T16:04:38Z chronyd exiting
 +root@ubuntu20:~#
 +
 +</code>
 +
 +===== Getting info from within a running instance =====
 +
 +The 169.254.169.254 address allows access to metadata about an instance from within THAT instance, eg:-
 +
 +<code>
 +[root@ip-172-31-21-109 ~]# curl http://169.254.169.254/latest/meta-data/ami-id
 +ami-0f1229ec7823be3db
 +[root@ip-172-31-21-109 ~]# 
 +
 +[root@ip-172-31-21-109 ~]# curl http://169.254.169.254/latest/meta-data/public-keys/
 +0=AndrewAWS
 +[root@ip-172-31-21-109 ~]#
 +
 +[root@ip-172-31-21-109 ~]# curl http://169.254.169.254/latest/meta-data/network/interfaces/macs/06:b7:e8:98:98:0a/public-hostname/
 +ec2-34-244-253-26.eu-west-1.compute.amazonaws.com
 +[root@ip-172-31-21-109 ~]#
 +</code>
 +
 +
 +===== AWS cli =====
 +
 +<code>
 +[ec2-user@ip-10-96-10-231 ~]$ aws ec2 describe-instances --query 'Reservations[].Instances[].[InstanceId,Tags[?Key==`Name`].Value|[0], IamInstanceProfile.Arn]' --output table
 +-----------------------------------------------------------------------------------------------------------------------------------
 +|                                                        DescribeInstances                                                        |
 ++---------------------+---------------------------------+-------------------------------------------------------------------------+
 +|  i-0ec2f28f95c0b4396|  MadLib API Tier - AutoScaled    arn:aws:iam::399862743030:instance-profile/MadLib-APIrole              |
 +|  i-0fd0f2f4e072463b0|  MadLib Save Tier - AutoScaled  |  arn:aws:iam::399862743030:instance-profile/MadLib-Saverole             |
 +|  i-0ac39407f3b79e43b|  MadLib API Tier - AutoScaled    arn:aws:iam::399862743030:instance-profile/MadLib-APIrole              |
 +|  i-0eba4f6906abf1833|  MadLib Web Tier - AutoScaled    arn:aws:iam::399862743030:instance-profile/MadLib-AppRole              |
 +|  i-0b558db478ac2bdbc|  CommandHost                    |  arn:aws:iam::399862743030:instance-profile/CommandHostInstanceProfile  |
 +|  i-09a53d2758f4d749d|  MadLib Web Tier - AutoScaled    arn:aws:iam::399862743030:instance-profile/MadLib-AppRole              |
 +|  i-03804db70790dc0ed|  MadLib Save Tier - AutoScaled  |  arn:aws:iam::399862743030:instance-profile/MadLib-Saverole             |
 ++---------------------+---------------------------------+-------------------------------------------------------------------------+
 +[ec2-user@ip-10-96-10-231 ~]$ 
 +
 +[ec2-user@ip-10-96-10-231 ~]$ aws ec2 describe-instances --filter "Name=tag:Name,Values=MadLib Save*" --query 'Reservations[].Instances[].[InstanceId,Tags[?Key==`Name`].Value|[0], IamInstanceProfile.Arn]' --output table
 +------------------------------------------------------------------------------------------------------------------------
 +|                                                   DescribeInstances                                                  |
 ++---------------------+---------------------------------+--------------------------------------------------------------+
 +|  i-0fd0f2f4e072463b0|  MadLib Save Tier - AutoScaled  |  arn:aws:iam::399862743030:instance-profile/MadLib-Saverole  |
 +|  i-03804db70790dc0ed|  MadLib Save Tier - AutoScaled  |  arn:aws:iam::399862743030:instance-profile/MadLib-Saverole  |
 ++---------------------+---------------------------------+--------------------------------------------------------------+
 +[ec2-user@ip-10-96-10-231 ~]$ 
 +</code>
 +
 +
 +<code>
 +[ec2-user@ip-10-96-10-231 ~]$ aws ec2 describe-instances --filter "Name=tag:Name,Values=MadLib Web*" --query 'Reservations[0].Instances[0].IamInstanceProfile.Arn' --output text
 +arn:aws:iam::399862743030:instance-profile/MadLib-AppRole
 +[ec2-user@ip-10-96-10-231 ~]$
 +
 +
 +[ec2-user@ip-10-96-10-231 ~]$ appROLEARN=$(aws ec2 describe-instances --filter "Name=tag:Name,Values=MadLib Web*" --query 'Reservations[0].Instances[0].IamInstanceProfile.Arn' --output text)
 +[ec2-user@ip-10-96-10-231 ~]$ 
 +
 +[ec2-user@ip-10-96-10-231 ~]$ echo ${appROLEARN}
 +arn:aws:iam::399862743030:instance-profile/MadLib-AppRole
 +[ec2-user@ip-10-96-10-231 ~]$ 
 +
 +[ec2-user@ip-10-96-10-231 ~]$ aws iam list-instance-profiles --query "InstanceProfiles[?Arn=='$appROLEARN']"
 +[
 +    {
 +        "InstanceProfileId": "AIPAJJGZDTBTYGJDSLFVM", 
 +        "Roles": [
 +            {
 +                "AssumeRolePolicyDocument": {
 +                    "Version": "2008-10-17", 
 +                    "Statement": [
 +                        {
 +                            "Action": "sts:AssumeRole", 
 +                            "Effect": "Allow", 
 +                            "Principal": {
 +                                "Service": "ec2.amazonaws.com"
 +                            }
 +                        }
 +                    ]
 +                }, 
 +                "RoleId": "AROAJ7OSABF7346MV6RIY", 
 +                "CreateDate": "2018-10-09T08:06:50Z", 
 +                "RoleName": "qls-1577787-84859361afe35637-AppLayerWebSi-AppRole-5CZ1MUJYE8Y4", 
 +                "Path": "/", 
 +                "Arn": "arn:aws:iam::399862743030:role/qls-1577787-84859361afe35637-AppLayerWebSi-AppRole-5CZ1MUJYE8Y4"
 +            }
 +        ], 
 +        "CreateDate": "2018-10-09T08:07:07Z", 
 +        "InstanceProfileName": "MadLib-AppRole", 
 +        "Path": "/", 
 +        "Arn": "arn:aws:iam::399862743030:instance-profile/MadLib-AppRole"
 +    }
 +]
 +[ec2-user@ip-10-96-10-231 ~]$ 
 +
 +
 +[ec2-user@ip-10-96-10-231 ~]$ aws iam list-instance-profiles --query "InstanceProfiles[?Arn=='$appROLEARN'].Roles[0].RoleName"
 +[
 +    "qls-1577787-84859361afe35637-AppLayerWebSi-AppRole-5CZ1MUJYE8Y4"
 +]
 +[ec2-user@ip-10-96-10-231 ~]$
 +
 +
 +[ec2-user@ip-10-96-10-231 ~]$ appROLENAME=$(aws iam list-instance-profiles --query "InstanceProfiles[?Arn=='$appROLEARN'].Roles[0].RoleName" --output text)
 +[ec2-user@ip-10-96-10-231 ~]$ aws iam list-role-policies --role-name ${appROLENAME}
 +{
 +    "PolicyNames": [
 +        "MabLib-App-Policy"
 +    ]
 +}
 +[ec2-user@ip-10-96-10-231 ~]$ appPOLNAME=$(aws iam list-role-policies --role-name ${appROLENAME} --query PolicyNames[] --output text)
 +[ec2-user@ip-10-96-10-231 ~]$ 
 +[ec2-user@ip-10-96-10-231 ~]$ aws iam get-role-policy --role-name ${appROLENAME} --policy-name ${appPOLNAME}
 +{
 +    "RoleName": "qls-1577787-84859361afe35637-AppLayerWebSi-AppRole-5CZ1MUJYE8Y4", 
 +    "PolicyDocument": {
 +        "Statement": [
 +            {
 +                "Action": [
 +                    "s3:List*", 
 +                    "s3:Get*"
 +                ], 
 +                "Resource": "*", 
 +                "Effect": "Allow"
 +            }
 +        ]
 +    }, 
 +    "PolicyName": "MabLib-App-Policy"
 +}
 +[ec2-user@ip-10-96-10-231 ~]$ 
 +</code>
 +
 +
 +
 +<code>
 +[ec2-user@ip-10-96-10-231 ~]$ aws deploy list-applications
 +{
 +    "applications": [
 +        "qls-1577787-84859361afe35637-AppLayerWebSite-1P4CE84PXN67F-MadLibsSite-1AG3943MCP2N9", 
 +        "qls-1577787-84859361afe35637-AppStackAPI-FO024805JDNG-MadLibsAPI-1Q30CGWVEPZDA", 
 +        "qls-1577787-84859361afe35637-AppStackSave-1O3LTSI3CAKLB-MadLibsSave-XM6SBRZK607M"
 +    ]
 +}
 +[ec2-user@ip-10-96-10-231 ~]$ aws deploy list-deployments
 +{
 +    "deployments": [
 +        "d-W13R99NVV", 
 +        "d-Y639UTFVV", 
 +        "d-EAQ1SUMVV"
 +    ]
 +}
 +[ec2-user@ip-10-96-10-231 ~]$ DEPLOYARRAY=$(aws deploy list-deployments --output text)
 +[ec2-user@ip-10-96-10-231 ~]$ IFS=' ' read -r -a DEPLOYID <<< $DEPLOYARRAY
 +[ec2-user@ip-10-96-10-231 ~]$ echo "${DEPLOYID[1]}"
 +d-W13R99NVV
 +[ec2-user@ip-10-96-10-231 ~]$ echo "${DEPLOYID[3]}"
 +d-Y639UTFVV
 +[ec2-user@ip-10-96-10-231 ~]$ echo "${DEPLOYID[5]}"
 +d-EAQ1SUMVV
 +[ec2-user@ip-10-96-10-231 ~]$ 
 +[ec2-user@ip-10-96-10-231 ~]$ aws deploy list-deployment-instances --deployment-id ${DEPLOYID[1]}
 +{
 +    "instancesList": [
 +        "i-09a53d2758f4d749d", 
 +        "i-0eba4f6906abf1833"
 +    ]
 +}
 +[ec2-user@ip-10-96-10-231 ~]$ aws ec2 describe-instances --filter "Name=tag:Name,Values=MadLib*" --query 'Reservations[].Instances[].[InstanceId, Tags[?Key==`Name`].Value | [0]]' --output table
 +----------------------------------------------------------
 +|                    DescribeInstances                   |
 ++----------------------+---------------------------------+
 +|  i-0ec2f28f95c0b4396 |  MadLib API Tier - AutoScaled   |
 +|  i-0fd0f2f4e072463b0 |  MadLib Save Tier - AutoScaled  |
 +|  i-0ac39407f3b79e43b |  MadLib API Tier - AutoScaled   |
 +|  i-0eba4f6906abf1833 |  MadLib Web Tier - AutoScaled   |
 +|  i-09a53d2758f4d749d |  MadLib Web Tier - AutoScaled   |
 +|  i-03804db70790dc0ed |  MadLib Save Tier - AutoScaled  |
 ++----------------------+---------------------------------+
 +[ec2-user@ip-10-96-10-231 ~]$
 +
 +
 +[ec2-user@ip-10-96-10-231 ~]$ aws deploy get-deployment --deployment-id ${DEPLOYID[1]}
 +{
 +    "deploymentInfo": {
 +        "applicationName": "qls-1577787-84859361afe35637-AppLayerWebSite-1P4CE84PXN67F-MadLibsSite-1AG3943MCP2N9", 
 +        "status": "Succeeded", 
 +        "deploymentOverview": {
 +            "Skipped": 0, 
 +            "Succeeded": 2, 
 +            "Failed": 0, 
 +            "Ready": 0, 
 +            "InProgress": 0, 
 +            "Pending": 0
 +        }, 
 +        "description": "[CFN-DSHWMLJA] Deploying App MadLibs-Site Version-1.0\n", 
 +        "deploymentConfigName": "MadLibs-Site", 
 +        "creator": "user", 
 +        "fileExistsBehavior": "DISALLOW", 
 +        "deploymentId": "d-W13R99NVV", 
 +        "deploymentStatusMessages": [], 
 +        "ignoreApplicationStopFailures": true, 
 +        "autoRollbackConfiguration": {
 +            "enabled": false
 +        }, 
 +        "deploymentStyle": {
 +            "deploymentType": "IN_PLACE", 
 +            "deploymentOption": "WITHOUT_TRAFFIC_CONTROL"
 +        }, 
 +        "updateOutdatedInstancesOnly": false, 
 +        "instanceTerminationWaitTimeStarted": false, 
 +        "computePlatform": "Server", 
 +        "deploymentGroupName": "WebAppDeplyGroup", 
 +        "createTime": 1539072614.847, 
 +        "completeTime": 1539072703.42, 
 +        "revision": {
 +            "revisionType": "S3", 
 +            "s3Location": {
 +                "bundleType": "zip", 
 +                "bucket": "us-east-1-tcprod", 
 +                "key": "courses/AWS-200-DOP/v2.1.5/lab-1-CLI/scripts/MadLibs-WebSite-Package.zip"
 +            }
 +        }
 +    }
 +}
 +[ec2-user@ip-10-96-10-231 ~]$ 
 +
 </code> </code>
  
aws/ec2.1725446572.txt.gz · Last modified: by 127.0.0.1
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki