I have an AMI Automation template which I use to create my custom AMI.
During the AMI creation I want to add a small delay before shutting down, to allow the EC2 instance to finish some first-boot optimization.
Below is my template and I need a delay between steps DoStep1 and stopInstance:
AWSTemplateFormatVersion: "2010-09-09"
Description: "SSM Automation Document for creating a new AMI"
Parameters:
SubnetId:
Description: "ID of subnet to use for launching EC2 instance"
Type: "AWS::EC2::Subnet::Id"
SecurityGroupIds:
Description: "The IDs of security groups that are permitted access to EC2 instance"
Type: "List<AWS::EC2::SecurityGroup::Id>"
Outputs:
AmiAutomationDocumentName:
Value: !Ref "AmiAutomationDoc"
Resources:
AutomationRole:
Type: "AWS::IAM::Role"
Properties:
Path: "/"
AssumeRolePolicyDocument:
Statement:
- Action:
- "sts:AssumeRole"
Effect: "Allow"
Principal:
Service:
- "ec2.amazonaws.com"
- "ssm.amazonaws.com"
Version: "2012-10-17"
Policies:
- PolicyName: "PassRole"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Action:
- "iam:PassRole"
Effect: "Allow"
Resource: "*"
ManagedPolicyArns:
- "arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole"
InstanceProfileRole:
Type: "AWS::IAM::Role"
Properties:
Path: "/"
AssumeRolePolicyDocument:
Statement:
- Action:
- "sts:AssumeRole"
Effect: "Allow"
Principal:
Service:
- "ec2.amazonaws.com"
- "ssm.amazonaws.com"
Version: "2012-10-17"
Policies:
- PolicyName: "PassRole"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Action:
- "iam:PassRole"
Effect: "Allow"
Resource: "*"
ManagedPolicyArns:
- "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM"
InstanceProfile:
Type: "AWS::IAM::InstanceProfile"
Properties:
Path: "/"
Roles:
- !Ref "InstanceProfileRole"
AmiAutomationDoc:
Type: "AWS::SSM::Document"
Properties:
DocumentType: "Automation"
Content:
schemaVersion: "0.3"
description: "Create a new AMI"
parameters:
SourceAmiId:
type: "String"
description: "AMI to patch"
TargetAmiName:
type: "String"
description: "Name of new AMI"
assumeRole: !GetAtt "AutomationRole.Arn"
mainSteps:
- name: "startInstance"
action: "aws:runInstances"
timeoutSeconds: 360
maxAttempts: 1
onFailure: "Abort"
inputs:
ImageId: "{{ SourceAmiId }}"
InstanceType: "m4.large"
- name: "DoStep1"
action: "aws:runCommand"
timeoutSeconds: 360
maxAttempts: 1
onFailure: "Abort"
inputs:
ImageId: "{{ SourceAmiId }}"
InstanceType: "m4.large"
- name: "stopInstance"
action: "aws:changeInstanceState"
maxAttempts: 1
onFailure: "Continue"
inputs:
InstanceIds:
- "{{ startInstance.InstanceIds }}"
DesiredState: "stopped"
- name: "createImage"
action: "aws:createImage"
maxAttempts: 1
onFailure: "Continue"
inputs:
InstanceId: "{{ startInstance.InstanceIds }}"
ImageName: "{{ TargetAmiName }}"
ImageDescription: "AMI based on base image {{ SourceAmiId }}"
- name: "terminateInstance"
action: "aws:changeInstanceState"
maxAttempts: 1
onFailure: "Continue"
inputs:
InstanceIds:
- "{{ startInstance.InstanceIds }}"
DesiredState: "terminated"
outputs:
- createImage.ImageId
- startInstance.InstanceIds
DoStep1:
Type: "AWS::SSM::Document"
Properties:
DocumentType: "Command"
Content:
schemaVersion: "1.2"
description: "Schedule scripts"
runtimeConfig:
aws:runPowerShellScript:
properties:
- runCommand:
- myScript.ps1
aws:sleep
Recently, AWS released new Amazon EC2 Systems Manager Automation actions. One of them is
aws:sleep.aws:sleepdelays Automation execution for a specified amount of time.Use this action to insert a delay in your workflow. You can set the delay over a specific duration, or until a specific time is reached. Let’s say you have multiple Run Command steps of type
aws:runCommandthat you’re running to configure an instance, and you’d like to ensure a pause between them. Usingaws:sleep, you can insert a delay.The following examples show how to define the sleep interval using either a duration or timestamp―both are formatted following ISO 8601.
Using JSON
Duration passed in as a parameter:
Using a timestamp to terminate the sleep interval:
Using YAML
Duration passed in as a parameter:
Using a timestamp to terminate the sleep interval: