In This article, we’ll delve into fundamental concepts that are incredibly useful both in your everyday work and when utilizing AWS services.
Check Part-1
Provision EC2 instance, S3, SNS, and SQS using lambda service
- Create EC2 Instances With Lambda and boto3
Create IAM policy and role
- Create Policy
Insert the below Policy into the JSON editor
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"sns:*",
"logs:CreateLogStream",
"ec2:*",
"logs:CreateLogGroup",
"logs:PutLogEvents"
],
"Resource": "*"
}
]
}
- Create Role
Create a Lambda Function
In the code section copy and paste the below code and click on deploy
#lambda to luanch EC2
import boto3
import os
ec2 = boto3.resource('ec2')
INSTANCE_TYPE = os.environ['INSTANCE_TYPE'] # These will be environment variables that we must specify in lambda
KEY_NAME = os.environ['KEY_NAME']
AMI=os.environ['AMI']
SUBNET_ID=os.environ['SUBNET_ID']
def lambda_handler(event, context): #Start of our function
instance = ec2.create_instances(
InstanceType=INSTANCE_TYPE,
KeyName=KEY_NAME,
ImageId=AMI,
SubnetId=SUBNET_ID,
MaxCount=1,
MinCount=1,
TagSpecifications=[{ #This creates a tag for our resource
'ResourceType': 'instance',
'Tags': [{'Key': 'Name','Value': 'Dry-run'}]
}]
)
print("New instance created:", instance[0].id)
If you see the code we have used “os.environ”. So we need to declare environment variables by going to the configuration tab -> environment variables as below
don't forget to replace the key name with the jey name you have
- Testing the lambda function
to test click on the blue dropdown button and create a new test by clicking on the configure test event as below
click on save and click on the test button.
You will have an EC2 instance created
You can customize this EC2 instance creation using lambda on a click of a button by keeping some triggers
To know more see the below article which i find informational
https://aws.plainenglish.io/create-ec2-instances-with-lambda-a0a885e2b295
you can use the boto3 code for S3, SNS, and others to create the resources using lambda
Provision EC2 instance, S3, SNS, and SQS using cloud formation from CLI
Configure your CLI using the “AWS configure” command and provide the details needed
Create a file “01_ec2.yaml”
AWSTemplateFormatVersion: 2010-09-09
Description: Part 1 - Build a webapp stack with CloudFormation
Resources:
WebAppInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-03a6eaae9938c858c # ImageID valid only in us-east-1 region
InstanceType: t2.micro
KeyName: POC-key # <-- Change to use your key-pair name
SecurityGroupIds:
- !Ref WebAppSecurityGroup
WebAppSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: !Join ["-", [webapp-security-group, dev]]
GroupDescription: "Allow HTTP/HTTPS and SSH inbound and outbound traffic"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
Use the below command to create a stack and deploy the configuration
aws cloudformation create-stack --stack-name ec2-example --template-body file://01_ec2.yaml
you can see an EC2 instance created
Patch EC2 instance using systems manager
Steps install Ssm agent on EC2
Check the below article for more details
Add SSM policy to EC2 IAM role open inbound and outbound ports 0.0.0.0/0
coming soon …
Create a load balancer and access from ec2 or local and Enable lb access logs to s3
coming soon …
Setup end-end ci cd pipeline and deploy a sample package on the ec2 instance
coming soon …