- Más nuevo
- Más votos
- Más comentarios
I asked AWS Support, and they came back with the following reply:
Thank you for reaching out to AWS Support.
I understand that you would like your Windows instance deployed by CloudFormation to run a cleanup script just before the termination through the stack.
Unfortunately there is no native way in CloudFormation to run scripts on an EC2 instances before the stack is deleted (instance is terminated).
However, there are several options that can allow you do this:
- OpsWorks Stack implementation:
In case you are familiar with Chef, you may consider deploying OpsWorks Stacks through CloudFormation. OpsWorks Stacks lifecycle events can handle running specific commands on instances registered under your OpsWorks Stack.
These commands however, need to specified through Chef recipes.
This solution may provide you with a native execution of your commands, although in case you are not familiar with Chef, it may not be the best solution for you.
To deploy OpsWorks Stack's elements through CloudFormation, you will need the following resoruce types:
Stack: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-stack.html
Layer: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-layer.html
Instance: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-instance.html
General information about OpsWorks stacks can be found here:
https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks.html
- Auto Scaling implementation:
Instead of defining specific instances, you can use Auto Scaling Group deployed through CloudFormation, which will launch your instances for you. Auto Scaling has a feature called Lifecycle hooks, which can be used to pause instance action (launch/termination) in order to do some other action through another service. You could configure your Lifecycle hook which will, on instance termination, report to an SNS topic and this SNS topic can trigger Lambda function which can run System Service Manager run command action on the instance.
I believe this solution would suit your need better as it will set the instance to Termination:Wait status while the SSM run command is executed. I understand that this scenario will require configuration of several other services, that is why I would suggest to test configuring the services manually and then setup the CloudFormation template with the required configuration.
The resources you will need for this scenario are as follows:
ASG: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-group.html
- LifecycleHookSpecificationList: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-lifecyclehookspecification.html
- ASG Launch Configuration: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html
SNS: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic.html - Subscribtion: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-subscription.html
Lambda: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html
SSM: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html
Documentation links to this scenario:
ASG lifecycle hooks: https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html
SNS: https://docs.aws.amazon.com/sns/latest/dg/welcome.html
Lambda: https://docs.aws.amazon.com/lambda/latest/dg/welcome.html
SSM: https://docs.aws.amazon.com/systems-manager/latest/userguide/rc-sns-notifications.html#rc-send-notifications
Similar scenario is also describe on the diagram attached, although instead of SNS, CloudWatch is used to trigger Lambda function.
I asked AWS Support the same question, and posted the reply in this thread.
Contenido relevante
- OFICIAL DE AWSActualizada hace 3 años
- OFICIAL DE AWSActualizada hace un año