This repository contains AWS CloudFormation template which deploys a VPC with public and private subnets, a work node in private subnet with admin access via SSM.
This project does not use containerised tools, for the lack of time for the project and assumes the tools are installed on the machine that deploys this project:
- AWS CLI
- GNU Makefile
- cfn-lint
The machine must have access to a AWS account with sufficient permissions to deploy cloudformation stacks with IAM capabilities, ec2 permissions.
$ make deployImageID parameter can be set to use specific AMI. If not set, Amazon Linux 2023 AMI will be selected using SSM query.
Couple tragets that can help stay up-to-date with trendiest images out there (get-ami does use a hard-coded value which is one of the options retreived from list-images):
$ make list-images
$ make get-amiAt the end of a successful deployment InstanceId will be printed to the terminal. It can be retrieved at any stage with make get-info or just connect automatically with ssm
$ make connectThis target uses ssm to connect to the instance: aws ssm start-session --target <instance-id>
Session Manager plugin may be needed to run this command.
make cleanupOfficial documentation comparison to AL2
SSM parameter used to find AMI image for this stack is /aws/service/ami-amazon-linux-latest/al2022-ami-kernel-5.15-x86_64.
Information on the produced OS can be found in the dump file stored in this repo here
Currently init script is used to install all the tools. Copy ./scripts/init.sh to the VM and run it.
Check BCC tools are installed:
sh-5.2$ sudo /usr/share/bcc/tools/execsnoop
PCOMM PID PPID RET ARGS
sh-5.2$ sudo /usr/share/bcc/tools/biosnoop
TIME(s) COMM PID DISK T SECTOR BYTES LAT(ms)
0.000000 kworker/u4:4 2222 nvme0n1 W 989072 4096 0.61
0.079939 kworker/u4:4 2222 nvme0n1 W 9206104 4096 0.64
2.720008 kworker/u4:4 2222 nvme0n1 W 9537952 4096 0.71