AWS CloudFormation
User Guide (API Version 2010-05-15)
AWS Documentation » AWS CloudFormation » User Guide » Template Reference » CloudFormation Helper Scripts Reference » cfn-init
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.Did this page help you?  Yes | No |  Tell us about it...

cfn-init

Description

The cfn-init helper script reads template metadata from the AWS::CloudFormation::Init key and acts accordingly to:

  • Fetch and parse metadata from CloudFormation

  • Install packages

  • Write files to disk

  • Enable/disable and start/stop services

Note

cfn-init does not require credentials, so you do not need to use the --access-key, --secret-key, --role, or --credential-file options.

For information about the template metadata that cfn-init uses, see AWS::CloudFormation::Init.

Syntax

cfn-init --stack|-s stack.name.or.id \
         --resource|-r logical.resource.id \
         --region region
         --access-key access.key \
         --secret-key secret.key \
         --role rolename\
         --credential-file|-f credential.file \
         --configsets|-c config.sets \
         --url|-u service.url \
         -v

Options

NameDescriptionRequired

-s, --stack

Name of the Stack.

Type: String.

Default: None

Example: -s { "Ref" : "AWS::StackName" },

Yes

-r, --resource

The logical resource ID of the resource that contains the metadata.

Type: String.

Example: -r WebServerHost

Yes

--region

The region to derive the CloudFormation URL from.

Type: String.

Default: None

Example: --region ", { "Ref" : "AWS::Region" },

No

--access-key

AWS Access Key for an account with permission to call DescribeStackResource on CloudFormation.

Type: String.

Condition: The credential file parameter supercedes this parameter.

Conditional

--secret-key

AWS Secret Key that corresponds to the specified AWS Access Key.

Type: String.

Condition: The credential file parameter supercedes this parameter.

Conditional

--role

The IAM role name.

Type: String.

Condition: The credential file parameter supercedes this parameter.

 

-f, --credential-file

A file that contains both a secret key and an access key.

Type: String.

Condition: The credential file parameter supercedes the --access-key and --secret-key parameters.

Conditional

-c, --configsets

A comma-separated list of configsets to run (in order).

Type: String.

Default: default

No

-u, --url

The CloudFormation service URL to hit.

Type: String.

Condition: The credential file parameter supercedes the --access-key and --secret-key parameters.

No

-v

Verbose output. This is useful for debugging cases where cfn-init is failing to initialize.

Note

To debug initialization events, you should turn DisableRollback on. You can do this by using the CloudFormation console, selecting Show Advanced Options, and then setting "Rollback on failure" to "No". You can then SSH into the console and read the logs at /var/log/cfn-init.log.

No

Examples

The following snippet is associated with a resource named WebServer.

"/opt/aws/bin/cfn-init -s ", { "Ref" : "AWS::StackName" },
"    -r WebServer ",
"    --region ", { "Ref" : "AWS::Region" }, \n",

Several AWS CloudFormation sample templates use cfn-init, including the following templates.

Document Conventions« PreviousNext »
Terms of UseDid this page help you?  Yes | No |  Tell us about it...