I was able to successfully setup and run tests on ec2 instance by setting up JMeter, Grafana (UI to display results) and a database called influxDB. The only issue is that a user has to logon to the instance to run the test as the test plans need to be uploaded on the instance for the same.
I was hoping if I could leverage SSM (aws run command) by which I can store the test plan in an S3 bucket and then use SSM to take this test plan and run the test from AWS SSM directly instead of logging onto the ec2 instance?
Please note, I would like to still run the test on the ec2 instance but as a user I don't want to login to the instance directly but rather have aws ssm take care of this.
Any insight on the same will be helpful. Thanks!!
I was able to mount an S3 bucket and fix the problem.
Related
Right now I am testing to see if I am able to write
touch test.txt
simply to another ec2 instance.
I have looked into both ssh and ssm but I do not understand where to begin the code. Any ideas to remotely send commands?
If you want to send a command remotely you can make use of the AWS run command functionality of SSM.
To do this you will need to ensure that you’re both running SSM agent and have a valid IAM role setup on the remote instance. The getting started section should help that.
Finally you can call the remote instance using the send-command function. Either create your own document or use the existing ‘AWS-RunShellScript’ document.
I'm trying to execute a Script on a Google VM through Terraform.
First I tried it via Google Startup Scripts. But since the metadata is visible in the Google Console (startup scripts count as metadata) and that would mean that anybody with read access can see that script which is not acceptable.
So i tried to get the script from a Storage Account. But for that i need to attach a service account to the VM so the VM has the rights to access the Storage Account. Now people that have access to the VM also have access to my script as long as the service account is attached to the VM. In order to "detach" the service account i would have to stop the VM. Also if i don't want to permanently keep the attachment of the service account i would have to attach the service account via a script which requires another stop and start of the VM. This is probably not possible and also really ugly.
I don't understand how the remote-exec ressource works on GCP VMs. Because i have to specify a user and a userpassword to connect to the VM and then execute the script. But the windows password needs to be set manually via the google console, so i can't specify those things at this point in time.
So does anybody know how I can execute a Script where not anybody has access to my script via Terraform?
Greetings :) and Thanks in advance
I ended up just running a gcloud script in which i removed the Metadata from the VM after the Terraform apply was finished. In my Gitlab pipeline i just called the script in the "after_script"-section. Unfortunately the credentials are visible for approximately 3min.
There is a document in system manager which is used to kill the process running inside the EC2 Instance and it is working correctly through AWS Console.Everytime i used to put the value the service to kill and it is killing it. But I want to revoke this System Manager "Run Command" from the Lambda.
Please help me.. I am new on Lambda.
Assuming your Lambda function's IAM role has SSM related necessary permissions, you can use the AWS SDK for the SSM service to run the SSM document to solve your purpose. For example, if you're using Python runtime for your Lambda function, you initiate a Boto3 SSM client, and use send_command() to run the SSM document you wish to run. Hope this helps!
I want to create a simple Web UI that can be used to list the active EC2 instance and give my developer an easy way to start and stop the EC2 server without having log into the AWS console.
I was wondering if anyone has seen something like this before?
Use IAM to create a user, assign a policy that only allows describe, start and stop actions on the EC2 resource you want. AWS console is then your simple GUI.
You can certainly create a web page like this. The easiest would be to call the commands via the JavaScript API, but you'd have to find a way to provide credentials.
Another option is to give them Elastic Wolf, which is a desktop application. Give them a set of credentials that has the required permissions and they can view/start/stop instances via a graphical UI.
Or, just let them use the AWS Console, with scoped-down permissions to only view instances, and then start/stop.
Finally, you could just give them the AWS Command-Line Interface (CLI) and a simple script to turn on/off desired instances, eg:
aws ec2 start-instances --instance-ids i-123471b4 --region us-east-1
aws ec2 stop-instances --instance-ids i-123471b4 --region us-east-1
I have a running AWS instance. I want to set user-data for this instance.
Question is how do I do it either using AWS console or using AWS CLI tools.
You have to stop your instance to change the user-data. The AWS EC2 User Guide has instructions on how to do it: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_ChangingAttributesWhileInstanceStopped