-1

I have a requirement to add my AWS access key and secret key in a set of servers (more than 100). I am trying to automate this process. The only way I have now is to create a .aws directory for the user and copy the aws credentials and config file to that directory.

Is there anyway else we can do this?

Arjun Prasad
  • 163
  • 1
  • 11
  • What about this is confusing to you? You know what needs to happen, so just do it. It's easily scriptable using bash or any other scripting language. – EEAA Dec 30 '16 at 06:26
  • Yes. This is what I did. I need to know if there are any alternate ways to achieve it. can it be done using aws cli? – Arjun Prasad Dec 30 '16 at 06:33

1 Answers1

0

I would focus your efforts on applying an IAM Role to each instance, rather than copying your keys across to each one manually. EC2 instances making API calls outbound to your other services is a solved problem.

This requires you to re-launch your instances, but means you can easily adjust permissions via the role in the event you need to rotate your credentials.

More information is available in the AWS EC2 Documentation.

Luke Peterson
  • 477
  • 6
  • 14
  • This is my production environment and relaunching my instances will be used as a last resort only. I am trying to automate the deployment process using jenkins, my only way to get the conf files from s3 bucket is to use the aws cli right now. – Arjun Prasad Dec 30 '16 at 07:01
  • Yep, I understand it's a painful step. But consider the time that one relaunch will save you in messing about copying `config` and `credential` files every time. :) I guarantee that one day you're going to have to go back to each of those 100 instances and update them again if you've done it manually. – Luke Peterson Dec 30 '16 at 07:07
  • If you really don't want to relaunch, you could also look into using the Run command via EC2 Systems Manager: https://ap-southeast-2.console.aws.amazon.com/ec2/v2/home?region=ap-southeast-2#Commands:sort=CommandId – Luke Peterson Dec 30 '16 at 07:08
  • 2
    @ArjunPrasad If you are looking into automating your deployment process, I'd recommend looking into automating your 'setup' process too. Life on AWS is much easier when you can click a few buttons and run up a brand new copy of your production environment. Once you've automated instance setup, you can autoscale, develop faster, test harder and sleep sounder. I personally use AWS Opsworks for this. This works well for us, as Jenkins can spin up and shut down development and testing environments, as well as trigger deploys that are managed by AWS. – KHobbits Jan 03 '17 at 01:54