cloud engineer
Here’s how to launch a LightSail instance using Terraform. Create a main.tf file.
terraform { required_providers { aws = { version = >= 3.22.0" source = "hashicorp/aws" } } } provider "aws" { profile = "default" region = "us-east-1" } resource "aws_lightsail_instance" "yourinstance" { name = "yourinstance" availability_zone = "us-east-1a" blueprint_id = "amazon_linux_2" bundle_id = "nano_2_0" } |
To launch, run the following Terraform commands.
terraform init terraform apply |
Amazon Lightsail offers a variety of OS blueprints, starting from Amazon Linux 2, Ubuntu 20, Windows Server 2019 to Debian 10 to name just a few. Blueprints are a curated selection of operating systems and software that are preinstalled for the creation of instances. For brevity, only a subset of blueprints are displayed below. The description and licenseUrl portions are truncated. To display an entire list of LightSail blueprints, run this command.
aws lightsail get-blueprints --region us-east-1 |
Output:
{ "blueprints": [ { "blueprintId": "ubuntu_20_04", "name": "Ubuntu", "group": "ubuntu_20", "type": "os", "description": "Ubuntu 20.04 LTS - Focal. Lean, fast and powerful, Ubuntu Server delivers services reliably ...", "isActive": true, "minPower": 0, "version": "20.04 LTS", "versionCode": "1", "productUrl": "https://aws.amazon.com/marketplace/pp/B087QQNGF1", "licenseUrl": "https://d7umqicpi7263.cloudfront.net/eula/product/aced0818- ... .txt", "platform": "LINUX_UNIX" }, { "blueprintId": "wordpress", "name": "WordPress", "group": "wordpress", "type": "app", "description": "Bitnami, the leaders in application packaging, and Automattic, the experts behind WordPress .... ", "isActive": true, "minPower": 0, "version": "5.6.0", "versionCode": "1", "productUrl": "https://aws.amazon.com/marketplace/pp/B00NN8Y43U", "licenseUrl": "https://d7umqicpi7263.cloudfront.net/eula/product/7d426cb7- ... .txt", "platform": "LINUX_UNIX" } } |
In this example, I’m using the query option to display only the blueprints ids.
aws lightsail get-blueprints --query 'blueprints[*].[blueprintId]' --output text --region us-east-1 |
Output:
windows_server_2019 windows_server_2016 windows_server_2012 windows_server_2016_sql_2016_express amazon_linux_2 amazon_linux ubuntu_20_04 ubuntu_18_04 ubuntu_16_04_2 debian_10 debian_9_5 debian_8_7 freebsd_12 opensuse_15_1 centos_7_1901_01 wordpress wordpress_multisite lamp_7 nodejs joomla magento mean drupal gitlab redmine nginx ghost_bitnami django_bitnami plesk_ubuntu_18_0_28 cpanel_whm_linux |
Here’s a new script to reboot a Lightsail instance based on input.
#!/bin/bash echo 'Choose a server to reboot ...' echo '1) server-one' echo '2) server-two' echo '3) server-three' echo '4) server-four' echo '5) sever-five' echo 'q) Quit' read -p 'Choose a server to reboot: ' server case $server in 1) echo 'Rebooting server-one ...' aws lightsail reboot-instance --instance-name server-one echo 'Done' ;; 2) echo 'Rebooting server-two ...' aws lightsail reboot-instance --instance-name server-two echo 'Done' ;; 3) echo 'Rebooting server-three ...' aws lightsail reboot-instance --instance-name server-three echo 'Done' ;; 4) echo 'Rebooting server-four ...' aws lightsail reboot-instance --instance-name server-four echo 'Done' ;; 5) echo 'Rebooting server-five ...' aws lightsail reboot-instance --instance-name server-five echo 'Done' ;; q) echo 'Quit' ;; *) echo 'Invalid option' $server ;; esac |
Assuming awscli is working and correct permission is granted to user.
Instead of using AWS and JQ to get the snapshot names, you can do it with a single command using –query.
Here are the previous commands.
/usr/bin/aws lightsail get-instance-snapshots --region us-east-1 --profile default > $snaps cat $snaps | jq -r '.instanceSnapshots[] | .name' > $names |
Using query.
aws lightsail get-instance-snapshots \ --query 'instanceSnapshots[*].[name]' \ --region us-east-1 \ --profile default \ --output text > $names |
AWS LightSail now has the ability to restrict IP addresses in their firewall rules. LightSail instances can now be secured by limiting firewall rules from an IP CIDR block or a single IP address. For example, you can restrict who can SSH into your instance by limiting it to just your IP address, so only you can SSH into your machine. Another feature AWS added in their LightSail firewall is support for ping, which could be helpful for monitoring and checks.
