Menu
My base64 encoded user-data is ignored while running aws ec2 run-instances command.
Here is my user data:
$ cat user-data.sh
#!/bin/bash
cat >> /var/tmp/user-data-testing <<EOF
this is test line added at $(date)
EOF
here is base64 blob of above script:
IyEvYmluL2Jhc2gKY2F0ID4+IC92YXIvdG1wL3VzZXItZGF0YS10ZXN0aW5nIDw8RU9GCnRoaXMgaXMgdGVzdCBsaW5lIGFkZGVkIGF0ICQoZGF0ZSkKRU9GCg==
Now, My below command does read the user-data fine:
aws ec2 run-instances --image-id ami-8635a9b6 --instance-type t1.micro --placement AvailabilityZone=us-west-2a --security-groups quicklaunch-1 --key-name devops --user-data file://user-data.sh
I do see that file /var/tmp/user-data-testing is created.
However, when I try to pass-in user-data as a base64 encoded blob as below, then it gets ignored:
aws ec2 run-instances --image-id ami-8635a9b6 --instance-type t1.micro --placement AvailabilityZone=us-west-2a --security-groups quicklaunch-1 --key-name devops --user-data IyEvYmluL2Jhc2gKY2F0ID4+IC92YXIvdG1wL3VzZXItZGF0YS10ZXN0aW5nIDw8RU9GCnRoaXMgaXMgdGVzdCBsaW5lIGFkZGVkIGF0ICQoZGF0ZSkKRU9GCg==
Now, I do not see the file /var/tmp/user-data-testing created.
Also, I know that my base64 blob is healthy as I can decode it fine:
$ base64 --decode <<< IyEvYmluL2Jhc2gKY2F0ID4+IC92YXIvdG1wL3VzZXItZGF0YS10ZXN0aW5nIDw8RU9GCnRoaXMgaXMgdGVzdCBsaW5lIGFkZGVkIGF0ICQoZGF0ZSkKRU9GCg==
#!/bin/bash
cat >> /var/tmp/user-data-testing <<EOF
this is test line added at $(date)
EOF
However, I do see that instance metadata has my user data in base64 format:
$ curl -L http://169.254.169.254/latest/user-data/
IyEvYmluL2Jhc2gKY2F0ID4+IC92YXIvdG1wL3VzZXItZGF0YS10ZXN0aW5nIDw8RU9GCnRoaXMgaXMgdGVzdCBsaW5lIGFkZGVkIGF0ICQoZGF0ZSkKRU9GCg==
So, what am I doing wrong in using base64 user-data blob?
My instance meta-data is aware of it but seems like it is not really being executed (or decoded and executed) at the time of instance launch.
UPDATE:
If I pass the same base64 blob via AWS Console while launching the instance, It works. So seems like something is wrong in the way I am using it along with AWS-CLI.
UPDATE:
I just tried the same base64 blob with my ruby code as below and it worked as well:
ec2 = Aws::EC2.new
resp = ec2.run_instances(
min_count: 1,
max_count: 1,
image_id: 'ami-8635a9b6',
instance_type: 't1.micro',
placement: {
availability_zone: 'us-west-2a'
},
security_groups: ['quicklaunch-1'],
key_name: 'devops',
user_data: 'IyEvYmluL2Jhc2gKY2F0ID4+IC92YXIvdG1wL3VzZXItZGF0YS10ZXN0aW5nIDw8RU9GCnRoaXMgaXMgdGVzdCBsaW5lIGFkZGVkIGF0ICQoZGF0ZSkKRU9GCg=='
)
So, then WTF is wrong my implementation of AWS-CLI ?
511
You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives. You can also pass this data into the launch instance wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).
The new user data is visible on your instance after you restart it; however, user data scripts are not executed.
The intrinsic function Fn::Base64 returns the Base64 representation of the input string. This function is typically used to pass encoded data to Amazon EC2 instances by way of the UserData property.
It seems like awscli does the base64 encoding for you, so you should pass unencoded text to --user-data.
Apparently the documentation is not very clear on this. Check this link.
This syntax should then be:
aws ec2 run-instances --image-id ami-8635a9b6 --user-data "echo TEST"
or
aws ec2 run-instances --image-id ami-8635a9b6 --user-data file://path/to/file
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
