AWS Puppet configuration management cloud template examples

There are several options for configuring cloud templates to support Puppet based configuration management on AWS compute resources.

Puppet management on AWS with username and password

Example of...	Sample Blueprint YAML
authentication of cloud configuration on any supported Amazon Machine Image.	inputs: username: type: string title: Username default: puppet password: type: string title: Password encrypted: true default: VMware@123 resources: Webserver: type: Cloud.AWS.EC2.Instance properties: flavor: small image: centos cloudConfig: \| #cloud-config ssh_pwauth: yes chpasswd: list: \| ${input.username}:${input.password} expire: false users: - default - name: ${input.username} lock_passwd: false sudo: ['ALL=(ALL) NOPASSWD:ALL'] groups: [wheel, sudo, admin] shell: '/bin/bash' ssh-authorized-keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDytVL+Q6/+vGbmkXoRpX dmettem@dmettem-m01.vmware.com runcmd: - echo "Defaults:${input.username} !requiretty" >> /etc/sudoers.d/${input.username} Puppet_Agent: type: Cloud.Puppet properties: provider: PEOnAWS environment: production role: 'role::linux_webserver' host: '${Webserver.*}' osType: linux username: '${input.username}' password: '${input.password}' useSudo: true
Authentication of cloud configuration on a custom Amazon Machine Image with an existing user.	inputs: username: type: string title: Username default: puppet password: type: string title: Password encrypted: true default: VMware@123 resources: Webserver: type: Cloud.AWS.EC2.Instance properties: flavor: small image: centos cloudConfig: \| #cloud-config runcmd: - sudo sed -e 's/.PasswordAuthentication no./PasswordAuthentication yes/' -i /etc/ssh/sshd_config - sudo service sshd restart Puppet_Agent: type: Cloud.Puppet properties: provider: PEOnAWS environment: production role: 'role::linux_webserver' host: '${Webserver.*}' osType: linux username: '${input.username}' password: '${input.password}' useSudo: true

Example of...

Sample Blueprint YAML

authentication of cloud configuration on any supported Amazon Machine Image.

inputs:
  username:
    type: string
    title: Username
    default: puppet
  password:
    type: string
    title: Password
    encrypted: true
    default: VMware@123
resources:
  Webserver:
    type: Cloud.AWS.EC2.Instance
    properties:
      flavor: small
      image: centos
      cloudConfig: |
        #cloud-config
        ssh_pwauth: yes
        chpasswd:
          list: |
            ${input.username}:${input.password}
          expire: false
        users:
          - default
          - name: ${input.username}
            lock_passwd: false
            sudo: ['ALL=(ALL) NOPASSWD:ALL']
            groups: [wheel, sudo, admin]
            shell: '/bin/bash'
            ssh-authorized-keys:
              - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDytVL+Q6/+vGbmkXoRpX dmettem@dmettem-m01.vmware.com
        runcmd:
          - echo "Defaults:${input.username}  !requiretty" >> /etc/sudoers.d/${input.username}
  Puppet_Agent:
    type: Cloud.Puppet
    properties:
      provider: PEOnAWS
      environment: production
      role: 'role::linux_webserver'
      host: '${Webserver.*}'
      osType: linux
      username: '${input.username}'
      password: '${input.password}'
      useSudo: true

Authentication of cloud configuration on a custom Amazon Machine Image with an existing user.

inputs:
  username:
    type: string
    title: Username
    default: puppet
  password:
    type: string
    title: Password
    encrypted: true
    default: VMware@123
resources:
  Webserver:
    type: Cloud.AWS.EC2.Instance
    properties:
      flavor: small
      image: centos
      cloudConfig: |
        #cloud-config
        runcmd:
          - sudo sed -e 's/.*PasswordAuthentication no.*/PasswordAuthentication yes/' -i /etc/ssh/sshd_config
          - sudo service sshd restart
  Puppet_Agent:
    type: Cloud.Puppet
    properties:
      provider: PEOnAWS
      environment: production
      role: 'role::linux_webserver'
      host: '${Webserver.*}'
      osType: linux
      username: '${input.username}'
      password: '${input.password}'
      useSudo: true

Puppet management on AWS with generated PublicPrivateKey

Example of...	Sample Blueprint YAML
remoteAccess.authentication authentication on AWS with generatedPublicPrivateKey acces.	inputs: {} resources: Machine: type: Cloud.AWS.EC2.Instance properties: flavor: small imageRef: ami-a4dc46db remoteAccess: authentication: generatedPublicPrivateKey Puppet_Agent: type: Cloud.Puppet properties: provider: puppet-BlueprintProvisioningITSuite environment: production role: 'role::linux_webserver' host: '${Machine.*}’ osType: linux username: ubuntu useSudo: true agentConfiguration: runInterval: 15m certName: ‘${Machine.address}' useSudo: true

Example of...

Sample Blueprint YAML

remoteAccess.authentication authentication on AWS with generatedPublicPrivateKey acces.

inputs: {}
resources:
  Machine:
    type: Cloud.AWS.EC2.Instance
    properties:
      flavor: small
      imageRef: ami-a4dc46db
      remoteAccess:
        authentication: generatedPublicPrivateKey
  Puppet_Agent:
    type: Cloud.Puppet
    properties:
      provider: puppet-BlueprintProvisioningITSuite
      environment: production
      role: 'role::linux_webserver'
      host: '${Machine.*}’
      osType: linux
      username: ubuntu
      useSudo: true
      agentConfiguration:
        runInterval: 15m
        certName: ‘${Machine.address}'
      useSudo: true