- Newest
- Most votes
- Most comments
To install the CodeDeployAgent via SSM on an EC2 instance in a private subnet, you need to create a Systems Manager (SSM) document that installs the CodeDeploy agent and modifies the configuration file to enable the enable_auth_policy setting.
Here are the steps to do this:
Create a new SSM document. This document will contain the commands to install the CodeDeploy agent and modify the configuration file. Here is an example of what the document might look like:
{
"schemaVersion": "2.2",
"description": "Install CodeDeploy Agent",
"parameters": {},
"mainSteps": [
{
"action": "aws:runShellScript",
"name": "installCodeDeployAgent",
"inputs": {
"runCommand": [
"#!/bin/bash",
"sudo yum update -y",
"sudo yum install ruby -y",
"sudo yum install wget -y",
"cd /home/ec2-user",
"wget https://aws-codedeploy-eu-west-2.s3.amazonaws.com/latest/install",
"chmod +x ./install",
"sudo ./install auto > /tmp/logfile",
"sudo service codedeploy-agent start"
]
}
},
{
"action": "aws:runShellScript",
"name": "enableAuthPolicy",
"inputs": {
"runCommand": [
"#!/bin/bash",
"echo ':enable_auth_policy: true' | sudo tee -a /etc/codedeploy-agent/conf/codedeployagent.yml",
"sudo service codedeploy-agent restart"
]
}
}
]
}
Save the document and then use the AWS Management Console, AWS CLI, or an SDK to execute the document on your EC2 instance. Here is an example of how to do this using the AWS CLI:
aws ssm send-command --document-name "NameOfYourDocument" --instance-ids "YourInstanceId"
Replace "NameOfYourDocument" with the name of the SSM document you created and "YourInstanceId" with the ID of your EC2 instance.
Please note that the EC2 instance needs to have an IAM role with the necessary permissions to execute SSM documents and the S3 bucket needs to be accessible from the EC2 instance.
Also, please replace the region code in the S3 URL with the region of your EC2 instance. The example provided is for the eu-west-2 region.
Relevant content
- asked 3 months ago
- Accepted Answerasked 5 years ago
- Accepted Answerasked 2 years ago
- asked 8 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 8 months ago
Wonderful, thanks a lot Had to do one change "sed -i 's/:enable_auth_policy: false/:enable_auth_policy: true/g' /etc/codedeploy-agent/conf/codedeployagent.yml",