我正在努力设置 imagebuilder 以从 Amazon Linux 2 实例上的 S3 文件填充 authorized_keys 文件。
IAM 角色正常运行且管道运行良好(无错误,亦无输出)
这是我正在使用的食谱
description: This is hello world testing document.
schemaVersion: 1.0
phases:
- name: build
steps:
- name: Download_Authorized_Keys_File
action: S3Download
onFailure: Abort
inputs:
- source: 's3://mysuperbucket/authorized_keys'
destination: '/home/ec2-user/.ssh/authorized_keys'
- name: Ensure_Correct_File_Permission
action: ExecuteBash
onFailure: Abort
inputs:
commands:
- 'chown ec2-user:ec2-user /home/ec2-user/.ssh/authorized_keys'
- 'chmod 600 /home/ec2-user/.ssh/authorized_keys'
此外,当调查并将该文件复制到其他地方时,它运行良好并且文件存在。
当手动将该文件复制到目标时,它也能正常工作。有人知道吗?
答案1
找到了,AWS 在创建 AMI 后删除了 /home/ec2-user/.ssh/authorized_keys 作为清理。(见https://docs.aws.amazon.com/imagebuilder/latest/userguide/imagebuilder-ug.pdf第97-98页)