DEVHIDE
Login Or Sign up

Launch Configurations Created using AWS-Console VS Programmatically

69 Views Asked by At

I would like to find out if there is an easy way to find out whether given launch configuration is created using AWS Console or Programmatically?

Usecase:

We are planning to avoid copying/creating launch configuration using AWS-Console, so we would like to implement some alert system if there is any launch configuration created using AWS-Console.

So is there any way we can look at a flag on the launch configuration and differentiate if the launch configuration is created using AWS Console or not?

amazon-web-services amazon-ec2 amazon-ecs programmatically-created launch-configuration
Original Q&A
2

There are 2 best solutions below

1
On

My suggestion would be: Use only CloudFormation to create the LaunchConfigs and then check for the existence of relevant CF-tags.

Added bonus: you can create a specific role for CF to launch EC2 instances and then revoke all permissions for your users.

4
On

Quick thought

Approach 1

  1. Revoke permissions to launch configuration from all users with the console access.
  2. Use separate user for the program, who has permission to launch configuration.

Approach 2

Write a program which is monitoring CloutTrail logs. because all the things we do whether via console or API are/can_be logged in CloudTrail

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-EC2

Related Questions in AMAZON-ECS

Related Questions in PROGRAMMATICALLY-CREATED

Related Questions in LAUNCH-CONFIGURATION

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.