cfn-init
Description
The cfn-init helper script reads template metadata from the
AWS::CloudFormation::Init key and acts accordingly to:
-
Fetch and parse metadata from CloudFormation
-
Install packages
-
Write files to disk
-
Enable/disable and start/stop services
If you use cfn-init to update an existing file, it creates a backup copy of the
original file in the same directory with a .bak extension. For example, if you update
/,
the action produces two files:
path/to/file_name/
contains the original file's contents and
path/to/file_name.bak/
contains the updated contents.path/to/file_name
For information about the template metadata, see AWS::CloudFormation::Init.
cfn-init doesn't require credentials, so you don't need to use the
--access-key, --secret-key, --role, or
--credential-file options. However, if no credentials are specified,
CloudFormation checks for stack membership and limits the scope of the call to the stack
that the instance belongs to.
Syntax
cfn-init --stack|-sstack.name.or.id\ --resource|-rlogical.resource.id\ --regionregion\ --access-keyaccess.key\ --secret-keysecret.key\ --rolerolename\ --credential-file|-fcredential.file\ --configsets|-cconfig.sets\ --url|-uservice.url\ --http-proxyHTTP.proxy\ --https-proxyHTTPS.proxy\ --verbose|-v
Options
| Name | Description | Required |
|---|---|---|
|
|
Stack name or stack ID. Type: String Default: None Example: |
Yes |
|
|
The logical resource ID of the resource that contains the metadata. Type: String Example: |
Yes |
|
|
The CloudFormation regional endpoint to use. Type: String Default: Example: |
No |
|
|
AWS access key for an account with permission to call
Type: String |
No |
|
|
AWS secret access key that corresponds to the specified AWS access key. Type: String |
No |
|
|
The name of an IAM role that's associated with the instance. Type: String Condition: The credential file parameter supersedes this parameter. |
No |
|
|
A file that contains both a secret access key and an access key. The credential file parameter supersedes the --role, --access-key, and --secret-key parameters. Type: String |
No |
|
|
A comma-separated list of configsets to run (in order). Type: String Default: |
No |
|
|
The CloudFormation endpoint to use. Type: String |
No |
|
|
An HTTP proxy (non-SSL). Use the following format:
Type: String |
No |
|
|
An HTTPS proxy. Use the following format:
Type: String |
No |
|
|
Verbose output. This is useful for debugging cases where cfn-init is failing to initialize. To debug initialization events, you should turn DisableRollback on. You can do this by using the CloudFormation console, selecting Show Advanced Options, and then setting Rollback on failure to No. You can then SSH into the console and read the logs at /var/log/cfn-init.log. |
No |
|
Shows the help message and exits. |
No |
Example
Amazon Linux example
The following snippet shows the UserData property of an EC2 instance,
which runs the InstallAndRun configset that's associated with the
WebServerInstance resource.
For a complete example template, see Deploying applications on Amazon EC2 with AWS CloudFormation.
JSON
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [ "#!/bin/bash -xe\n", "# Install the files and packages from the metadata\n", "/opt/aws/bin/cfn-init -v ", " --stack ", { "Ref" : "AWS::StackName" }, " --resource WebServerInstance ", " --configsets InstallAndRun ", " --region ", { "Ref" : "AWS::Region" }, "\n" ]]} }
YAML
UserData: !Base64 'Fn::Join': - '' - - | #!/bin/bash -xe - | # Install the files and packages from the metadata - '/opt/aws/bin/cfn-init -v ' - ' --stack ' - !Ref 'AWS::StackName' - ' --resource WebServerInstance ' - ' --configsets InstallAndRun ' - ' --region ' - !Ref 'AWS::Region' - |+
