Carlos Aguni

Highly motivated self-taught IT analyst. Always learning and ready to explore new skills. An eternal apprentice.

RunInstance with InstanceProfiles in Lambda

11 May 2020 » aws

First assign PassRole to your lambda role: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html

{
    "Version": "2012-10-17",
    "Statement": [{
        "Effect": "Allow",
        "Action": [
            "iam:GetRole",
            "iam:PassRole"
        ],
        "Resource": "*"
    }]
}

import json
import boto3

def lambda_handler(event, context):
    # TODO implement
    client = boto3.client('ec2', 'us-east-1')
    
    #keys = client.describe_key_pairs()
    #print(keys)
    
    #return
    userdata = """#!/bin/bash
exec > /tmp/log 2>&1
#whoami > /tmp/test
#aws s3 cp /tmp/test s3://<bucketname>/<keyname>

shutdown -h now
    """
    rs = client.run_instances(
        ImageId='ami-0fc61db8544a617ed',
        InstanceType='t2.micro',
        IamInstanceProfile={
            'Arn': '<your arn>'
        },
        SecurityGroupIds=['<security group id>'],
        KeyName='<ssh key name>',
        InstanceInitiatedShutdownBehavior='terminate',
        UserData=userdata,
        MaxCount=5,
        MinCount=5
    )
    print(rs)
    return {
        'statusCode': 200,
        'body': json.dumps('Hello from Lambda!')
    }

Related Posts