-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathinstance_with_awless_scheduler.aws
25 lines (20 loc) · 1.25 KB
/
instance_with_awless_scheduler.aws
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# Title: Create an instance with preconfigured awless and awless-scheduler
# Tags: infra, awless, awless-scheduler
# Awless scheduler role variable
roleName = {awless-scheduler.role-name}
# First we define a role that an EC2 instance can assume to use awless/awless-scheduler (write mode)
create role name=$roleName principal-service="ec2.amazonaws.com" sleep-after=10
# Attach typical necessary awless permissions to the role
attach policy role=$roleName service=ec2 access=full
attach policy role=$roleName service=s3 access=full
attach policy role=$roleName service=sns access=full
attach policy role=$roleName service=sqs access=full
attach policy role=$roleName service=vpc access=full
attach policy role=$roleName service=autoscaling access=full
attach policy role=$roleName service=rds access=full
attach policy role=$roleName service=route53 access=full
attach policy role=$roleName service=lambda access=full
# We keep IAM on read only mode
attach policy role=$roleName service=iam access=readonly
# Launch new instance running remote user data script installing awless
create instance name=AwlessWithScheduler type=t2.nano keypair={ssh.keypair} userdata=https://raw.githubusercontent.com/wallix/awless-templates/master/userdata/install_awless_suite.yml role=$roleName