1

I have a simple Windows Powershell script I would like to have run on an EC2 instance when it launches within an Elastic Beanstalk environment. It simply sets up a self-signed SSL certificate and binds it to the default web site in IIS.

I know this can be done with an EC2 instance individually by using UserData (as shown below)... but how do I do it with any instance spun up inside an EB environment?

<powershell>
Import-Module WebAdministration
Set-Location IIS:\SslBindings
New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
$c = New-SelfSignedCertificate -DnsName "domain.com" -CertStoreLocation cert:\LocalMachine\My
$c | New-Item 0.0.0.0!443
</powershell>
Improve this question

1 Answer 1

Reset to default
2

I'm not a Powershell expert but have you considered something like:

  • Create a folder called .ebextensions inside your source bundle
  • Create a file with any name but it should have .config extension (e.g. my script.config) and deploy it.
  • The content of myscript.confi should have two keys i.e. Files and Commands. Be careful with Yaml formatting here which might be off and might cause the deployment to fail
  files:  
        "c:/targetdirectory/my_script.ps1":
           content: |
       <powershell>
       Import-Module WebAdministration
       Set-Location IIS:\SslBindings
       New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
       $c = New-SelfSignedCertificate -DnsName "domain.com" -CertStoreLocation cert:\LocalMachine\My
       $c | New-Item 0.0.0.0!443
       </powershell> 
           encoding: (encoding format either plain or base64)
  commands:
        run_my_script: 
              command: ./my_script.ps1
              cwd: "c:/targetdirectory/"

So basically, you're just creating a file that contains the script and then running it. More info is here.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I read how EB doesn't care if the cert is self-signed, but does it look at the domain? My setup prevents me from knowing the environment's domain ahead of time, so wondering if putting something generic like domain.com in your example would work?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.