CloudFormation Helper Scripts Reference
AWS CloudFormation provides a set of Python helper scripts that you can use to install software and start services on an Amazon EC2 instance that you create as part of your stack. You can call the helper scripts directly from your template. The scripts work in conjunction with resource metadata that you define in the same template. The helper scripts run on the Amazon EC2 instance as part of the stack creation process.
The helper scripts are pre-installed on the latest versions of the Amazon Linux AMI. The helper scripts are also available from the Amazon Linux yum repository for use with other UNIX/Linux AMIs.
Currently, AWS CloudFormation provides the following helpers:
-
cfn-init: Used to retrieve and interpret the resource metadata, installing packages, creating files and starting services.
-
cfn-signal: A simple wrapper to signal an AWS CloudFormation CreationPolicy or WaitCondition, enabling you to synchronize other resources in the stack with the application being ready.
-
cfn-get-metadata: A wrapper script making it easy to retrieve either all metadata defined for a resource or path to a specific key or subtree of the resource metadata.
-
cfn-hup: A daemon to check for updates to metadata and execute custom hooks when the changes are detected.
These scripts are installed by default on the latest Amazon Linux AMI in /opt/aws/bin. They are also available in the Amazon Linux AMI yum repository for previous versions of the Amazon Linux AMI as well as via RPM for other Linux/Unix distributions. You can also install the scripts on Microsoft Windows (2008 or later) by using Python for Windows.
The scripts are not executed by default. You must include calls to execute specific helper scripts.
The AWS CloudFormation helper scripts are available from the following locations:
-
The latest version of the Amazon Linux AMI has the AWS CloudFormation helper scripts installed by default in /opt/aws/bin.
-
The AWS helper scripts are available in the Amazon Linux AMI yum repository (the package name is aws-cfn-bootstrap) for previous versions of the Amazon Linux AMI.
-
The helpers are also available in other formats:
-
https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.amzn1.noarch.rpm
-
https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz to install the helper scripts via the Python easy-install tools. For Ubuntu, to complete installation, you must create a symlink:
ln -s /root/aws-cfn-bootstrap-latest/init/ubuntu/cfn-hup /etc/init.d/cfn-hup. -
https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.zip
-
32 bit: https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.msi or 64 bit: https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-win64-latest.msi for installation on Microsoft Windows.
-
-
The source for the scripts is available at https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.src.rpm, which can be used for Linux distributions other than the Amazon Linux AMI.
The helper scripts are updated periodically. If you use the helper scripts, ensure your launched instances are using the latest version of the scripts:
-
Include the following command in the
UserDataproperty of your template before you call the scripts. This command ensures that you get the latest version:yum install -y aws-cfn-bootstrap -
If you don't include the
yum installcommand and you use thecfn-init,cfn-signal, orcfn-get-metadatascripts, then you'll need to manually update the scripts in each Amazon EC2 Linux instance using this command:sudo yum install -y aws-cfn-bootstrap -
If you don't include the
yum installcommand and you use thecfn-hupscript, then you'll need to manually update the script in each Amazon EC2 Linux instance using these commands:sudo yum install -y aws-cfn-bootstrapsudo /sbin/service cfn-hup restart -
If you use the source code for the scripts to work with another version of Linux or a different platform, and you have created your own certificate trust store, you'll also need to keep the trust store updated.
