AWS CloudFormation
User Guide (API Version 2010-05-15)

CloudFormation Helper Scripts Reference

AWS CloudFormation provides a set of Python helper scripts that you can use to install software and start services on an Amazon EC2 instance that you create as part of your stack. You can call the helper scripts directly from your template. The scripts work in conjunction with resource metadata that you define in the same template. The helper scripts run on the Amazon EC2 instance as part of the stack creation process.

The helper scripts are pre-installed on the latest versions of the Amazon Linux AMI. The helper scripts are also available from the Amazon Linux yum repository for use with other UNIX/Linux AMIs.

Currently, AWS CloudFormation provides the following helpers:

  • cfn-init: Used to retrieve and interpret the resource metadata, installing packages, creating files and starting services.

  • cfn-signal: A simple wrapper to signal an AWS CloudFormation CreationPolicy or WaitCondition, enabling you to synchronize other resources in the stack with the application being ready.

  • cfn-get-metadata: A wrapper script making it easy to retrieve either all metadata defined for a resource or path to a specific key or subtree of the resource metadata.

  • cfn-hup: A daemon to check for updates to metadata and execute custom hooks when the changes are detected.

These scripts are installed by default on the latest Amazon Linux AMI in /opt/aws/bin. They are also available in the Amazon Linux AMI yum repository for previous versions of the Amazon Linux AMI as well as via RPM for other Linux/Unix distributions. You can also install the scripts on Microsoft Windows (2008 or later) by using Python for Windows.

The scripts are not executed by default. You must include calls to execute specific helper scripts.

The AWS CloudFormation helper scripts are available from the following locations:

The helper scripts are updated periodically. If you use the helper scripts, ensure your launched instances are using the latest version of the scripts:

  • Include the following command in the UserData property of your template before you call the scripts. This command ensures that you get the latest version:

    yum install -y aws-cfn-bootstrap

  • If you don't include the yum install command and you use the cfn-init, cfn-signal, or cfn-get-metadata scripts, then you'll need to manually update the scripts in each Amazon EC2 Linux instance using this command:

    sudo yum install -y aws-cfn-bootstrap

  • If you don't include the yum install command and you use the cfn-hup script, then you'll need to manually update the script in each Amazon EC2 Linux instance using these commands:

    sudo yum install -y aws-cfn-bootstrap

    sudo /sbin/service cfn-hup restart

  • If you use the source code for the scripts to work with another version of Linux or a different platform, and you have created your own certificate trust store, you'll also need to keep the trust store updated.