1

我有一个 AMI 自动化模板,我用它来创建我的自定义 AMI。

在创建 AMI 期间,我想在关闭之前添加一个小延迟,以允许 EC2 实例完成一些首次启动优化。

下面是我的模板,我需要在步骤DoStep1和之间有一个延迟stopInstance

AWSTemplateFormatVersion: "2010-09-09"
Description: "SSM Automation Document for creating a new AMI"
Parameters:
  SubnetId:
    Description: "ID of subnet to use for launching EC2 instance"
    Type: "AWS::EC2::Subnet::Id"
  SecurityGroupIds:
    Description: "The IDs of security groups that are permitted access to EC2 instance"
    Type: "List<AWS::EC2::SecurityGroup::Id>"
Outputs:
  AmiAutomationDocumentName:
    Value: !Ref "AmiAutomationDoc"
Resources:
  AutomationRole:
    Type: "AWS::IAM::Role"
    Properties:
      Path: "/"
      AssumeRolePolicyDocument:
        Statement:
          - Action:
              - "sts:AssumeRole"
            Effect: "Allow"
            Principal:
              Service:
                - "ec2.amazonaws.com"
                - "ssm.amazonaws.com"
        Version: "2012-10-17"
      Policies:
        - PolicyName: "PassRole"
          PolicyDocument:
            Version: "2012-10-17"
            Statement:
              - Action:
                  - "iam:PassRole"
                Effect: "Allow"
                Resource: "*"
      ManagedPolicyArns:
        - "arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole"
  InstanceProfileRole:
    Type: "AWS::IAM::Role"
    Properties:
      Path: "/"
      AssumeRolePolicyDocument:
        Statement:
          - Action:
              - "sts:AssumeRole"
            Effect: "Allow"
            Principal:
              Service:
                - "ec2.amazonaws.com"
                - "ssm.amazonaws.com"
        Version: "2012-10-17"
      Policies:
        - PolicyName: "PassRole"
          PolicyDocument:
            Version: "2012-10-17"
            Statement:
              - Action:
                  - "iam:PassRole"
                Effect: "Allow"
                Resource: "*"
      ManagedPolicyArns:
        - "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM"
  InstanceProfile:
    Type: "AWS::IAM::InstanceProfile"
    Properties:
      Path: "/"
      Roles:
        - !Ref "InstanceProfileRole"
  AmiAutomationDoc:
    Type: "AWS::SSM::Document"
    Properties:
      DocumentType: "Automation"
      Content: 
        schemaVersion: "0.3"
        description: "Create a new AMI"
        parameters:
          SourceAmiId:
            type: "String"
            description: "AMI to patch"
          TargetAmiName:
            type: "String"
            description: "Name of new AMI"
        assumeRole: !GetAtt "AutomationRole.Arn"
        mainSteps:
          - name: "startInstance"
            action: "aws:runInstances"
            timeoutSeconds: 360
            maxAttempts: 1
            onFailure: "Abort"
            inputs:
              ImageId: "{{ SourceAmiId }}"
              InstanceType: "m4.large"
          - name: "DoStep1"
            action: "aws:runCommand"
            timeoutSeconds: 360
            maxAttempts: 1
            onFailure: "Abort"
            inputs:
              ImageId: "{{ SourceAmiId }}"
              InstanceType: "m4.large"
          - name: "stopInstance"
            action: "aws:changeInstanceState"
            maxAttempts: 1
            onFailure: "Continue"
            inputs:
              InstanceIds:
                - "{{ startInstance.InstanceIds }}"
              DesiredState: "stopped"
          - name: "createImage"
            action: "aws:createImage"
            maxAttempts: 1
            onFailure: "Continue"
            inputs:
              InstanceId: "{{ startInstance.InstanceIds }}"
              ImageName: "{{ TargetAmiName }}"
              ImageDescription: "AMI based on base image {{ SourceAmiId }}"
          - name: "terminateInstance"
            action: "aws:changeInstanceState"
            maxAttempts: 1
            onFailure: "Continue"
            inputs:
              InstanceIds:
                - "{{ startInstance.InstanceIds }}"
              DesiredState: "terminated"
        outputs:
          - createImage.ImageId
          - startInstance.InstanceIds
  DoStep1:
    Type: "AWS::SSM::Document"
    Properties:
      DocumentType: "Command"
      Content: 
        schemaVersion: "1.2"
        description: "Schedule scripts"
        runtimeConfig:
          aws:runPowerShellScript:
            properties:
              - runCommand:
                  - myScript.ps1
4

1 回答 1

1

aws:睡眠

最近,AWS 发布了新的 Amazon EC2 Systems Manager Automation 操作。其中之一是aws:sleep

aws:sleep将自动化执行延迟指定的时间。

使用此操作在您的工作流程中插入延迟。您可以将延迟设置为特定持续时间,或者直到达到特定时间。假设您有多个运行命令类型的步骤aws:runCommand,您正在运行这些步骤来配置一个实例,并且您希望确保它们之间有一个暂停。使用aws:sleep,您可以插入延迟。

以下示例显示了如何使用持续时间或时间戳定义睡眠间隔——两者均按照 ISO 8601 进行格式化。

使用 JSON

{  
   "name":"sleep",
   "action":"aws:sleep",
   "inputs":{  
      "Duration":"PT10M"
   }
}

作为参数传入的持续时间:

{  
   "name":"sleep",
   "action":"aws:sleep",
   "inputs":{  
      "Duration":"PT{{delayInMinutes}}M"
   }
}

使用时间戳终止睡眠间隔:

{  
   "name":"sleep",
   "action":"aws:sleep",
   "inputs":{  
      "Timestamp":"2017-05-30T01:00:00Z"
   }
}

使用 YAML

- name: "sleep"
  action: "aws:sleep"
  inputs:
    Duration: "PT10M"

作为参数传入的持续时间:

- name: "sleep"
  action: "aws:sleep"
  inputs:
    Duration: "PT{{ delayInMinutes }}M"

使用时间戳终止睡眠间隔:

- name: "sleep"
  action: "aws:sleep"
  inputs:
    Timestamp: "2017-05-30T01:00:00Z"
于 2017-05-30T03:36:37.100 回答