Notice: The following post was originally published on another website. As the post is no longer accessible, it is being republished here on tommymaynard.com. The post was originally published on September 13, 2019.
This article began with Part a. Read that, if you haven’t already.
First off, the code-producing function has been renamed from New-AWSMultiRunTemplate to New-AWSUserDataMultipleRunTemplate. Sure, it’s longer in name, but it’s more clear (to me at least) when I see its name. Other small changes were the removal of unnecessary code comments. While these may have been in the New-AWSUserDataMultipleRunTemplate function itself, they were definitely changed in the produced code. Additionally, I’ve added a ProjectName parameter. The value, supplied to this parameter, is used throughout the generated code for naming purposes within the Registry. There are code changes to the produced code to run against Server 2016 and greater, as well. Therefore, it runs against Windows Server 2012 and 2012 R2 (and probably older), as well as Server 2016 and 2019. Hopefully, it will be extended further, but only AWS knows that for sure. Server 2012 R2 and earlier used EC2Config to configure a Windows instance, while 2016 and 2019 used EC2Launch.
If (test1) {
{<statement list 1>}
} # End If.
As seen above, I tend to comment on my closing language construct brackets (see # End If.). These are now included in the produced code, both statically and dynamically. It’s a personal preference (that you’ll have to deal with if you use this free, code offering).
This is the new, New-AWSUserDataMultipleRunTemplate code producing function. This isn’t in the PowerShell Gallery, or anywhere else. It probably will never be, either. In fact, this is likely the last time I’ll prep it for public consumption. So again, this is the code you run to create the code you enter in UserData. We won’t discuss what’s in this code; however, we’ll run it further below and discuss that at a minimum.
Function New-AWSUserDataMultipleRunTemplate {
[CmdletBinding()]
Param (
[Parameter(Mandatory)]
[string]$ProjectName,
[Parameter()]
[ValidateRange(1,10)]
[int]$CodeSectionCount = 2,
[Parameter()]
[ValidateSet('All','AllButLast')]
[string]$EnableUserData = 'AllButLast',
[Parameter()]
[ValidateSet('All','AllButLast')]
[string]$EnableRestart = 'AllButLast'
)
Begin {
#region Set Write-Verbose block location.
$BlockLocation = '[BEGIN ]'
Write-Verbose -Message "$BlockLocation Entering the Begin block [Function: $($MyInvocation.MyCommand.Name)]."
#endregion
Write-Verbose -Message "$BlockLocation Storing the $ProjectName template's function to memory."
Write-Verbose -Message "$BlockLocation Ensure the server where the code will reside does not already have the ""HKLM:\SOFTWARE\$ProjectName"" path."
$TemplateFunction = @"
# >> Add function to memory.
Function Set-SystemForNextRun {
Param (
[string]`$CodeSectionComplete,
[switch]`$ResetUserData,
[switch]`$RestartInstance
)
If (`$CodeSectionComplete) {
[System.Void](New-ItemProperty -Path 'HKLM:\SOFTWARE\$ProjectName' -Name "CodeSection`$CodeSectionComplete" -Value 'Complete')
} # End If.
If (`$ResetUserData) {
try {
`$Path = 'C:\Program Files\Amazon\Ec2ConfigService\Settings\config.xml'
[xml]`$ConfigXml = Get-Content -Path `$Path -ErrorAction Stop
(`$ConfigXml.Ec2ConfigurationSettings.Plugins.Plugin |
Where-Object -Property Name -eq 'Ec2HandleUserData').State = 'Enabled'
`$ConfigXml.Save(`$Path)
} catch {
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 -Schedule
} # End try-catch.
} # End If.
If (`$RestartInstance) {
Restart-Computer -Force
} # End If.
} # End Function: Set-SystemForNextRun.
# >> Create/Check for Registry Subkey.
If (-Not(Get-Item -Path 'HKLM:\SOFTWARE\$ProjectName' -ErrorAction SilentlyContinue)) {
[System.Void](New-Item -Path 'HKLM:\SOFTWARE\' -Name '$ProjectName')
} # End If.
# >> Run user code/invoke Set-SystemForNextRun function.
"@
} # End Begin.
Process {
#region Set Write-Verbose block location.
$BlockLocation = '[PROCESS]'
Write-Verbose -Message "$BlockLocation Entering the Process block [Function: $($MyInvocation.MyCommand.Name)]."
#endregion
Write-Verbose -Message "$BlockLocation Beginning to create the If-ElseIf code for the template."
1..$CodeSectionCount | ForEach-Object {
If ($_ -eq 1) {
$Start = 'If'
If ($CodeSectionCount -eq 1) {
$End = '# End If.'
} # End If.
} ElseIf ($_ -eq $CodeSectionCount -and $CodeSectionCount -eq 2) {
$Start = 'ElseIf'; $End = '# End If-ElseIf.'
} ElseIf ($_ -eq $CodeSectionCount -and $CodeSectionCount -ne 2) {
$End = "# End If-ElseIf x$($CodeSectionCount - 1)."
} Else {
$Start = 'ElseIf'
} # End If.
If ($EnableUserData -eq 'All') {
$UserData = '-ResetUserData '
} ElseIf ($_ -eq $CodeSectionCount) {
$UserData = $null
} Else {
$UserData = '-ResetUserData '
} # End If.
If ($EnableRestart -eq 'All') {
$Restart = '-RestartInstance'
} ElseIf ($_ -eq $CodeSectionCount) {
$Restart = $null
} Else {
$Restart = '-RestartInstance'
} # End If.
$TemplateIfElseIf += @"
$Start (-Not((Get-ItemProperty -Path 'HKLM:\SOFTWARE\$ProjectName').CodeSection$_ -eq 'Complete')) {
# CodeSection $_.
Set-SystemForNextRun -CodeSectionComplete $_ $UserData$Restart
} $End
"@
} # End ForEach-Object.
} # End Process.
End {
#region Set Write-Verbose block location.
$BlockLocation = '[END ]'
Write-Verbose -Message "$BlockLocation Entering the End block [Function: $($MyInvocation.MyCommand.Name)]."
#endregion
Write-Verbose -Message "$BlockLocation Creating the AWS UserData Mulitple Run Framework code with $CodeSectionCount code section$(If ($CodeSectionCount -gt 1) {'s'})."
"$TemplateFunction$TemplateIfElseIf"
} # End End.
} # End Function: New-AWSUserDataMultipleRunTemplate.
Copy and paste the above, New-AWSUserDataMultipleRunTemplate function into VS Code, or another preferred PowerShell development environment, if there is such a thing. You’re not still using the ISE, are you? Then, add the function to memory for use (in VS Code, that’s Ctrl + A to select all, then F8 to run the selection). Once the function is sitting in memory, we can use it to create our UserData code, as seen below. In this version—it doesn’t even really have a version number, which is weird—there’s now a mandatory ProjectName parameter. Keep this short and simple, and if it were me, I keep spaces and odd characters out of it. This is the value that will be used in the Windows Registry, and within the code that’s produced for UserData.
PS > New-AWSUserDataMultipleRunTemplate -ProjectName MistFit
# >> Add function to memory.
Function Set-SystemForNextRun {
Param (
[string]$CodeSectionComplete,
[switch]$ResetUserData,
[switch]$RestartInstance
)
If ($CodeSectionComplete) {
[System.Void](New-ItemProperty -Path 'HKLM:\SOFTWARE\MistFit' -Name "CodeSection$CodeSectionComplete" -Value 'Complete')
} # End If.
If ($ResetUserData) {
try {
$Path = 'C:\Program Files\Amazon\Ec2ConfigService\Settings\config.xml'
[xml]$ConfigXml = Get-Content -Path $Path -ErrorAction Stop
($ConfigXml.Ec2ConfigurationSettings.Plugins.Plugin |
Where-Object -Property Name -eq 'Ec2HandleUserData').State = 'Enabled'
$ConfigXml.Save($Path)
} catch {
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 -Schedule
} # End try-catch.
} # End If.
If ($RestartInstance) {
Restart-Computer -Force
} # End If.
} # End Function: Set-SystemForNextRun.
# >> Create/Check for Registry Subkey.
If (-Not(Get-Item -Path 'HKLM:\SOFTWARE\MistFit' -ErrorAction SilentlyContinue)) {
[System.Void](New-Item -Path 'HKLM:\SOFTWARE\' -Name 'MistFit')
} # End If.
# >> Run user code/invoke Set-SystemForNextRun function.
If (-Not((Get-ItemProperty -Path 'HKLM:\SOFTWARE\MistFit').CodeSection1 -eq 'Complete')) {
# CodeSection 1.
Set-SystemForNextRun -CodeSectionComplete 1 -ResetUserData -RestartInstance
} ElseIf (-Not((Get-ItemProperty -Path 'HKLM:\SOFTWARE\MistFit').CodeSection2 -eq 'Complete')) {
# CodeSection 2.
Set-SystemForNextRun -CodeSectionComplete 2
} # End If-ElseIf.
PS C:>
By default, it still creates two code sections, as can be seen just above in the If-ElseIf statement. It can create just one, although that makes less sense for something that can provide multiple opportunities for configuration between restarts. Even if you only need one, this may still be the framework for you. Maybe you need a restart after a single configuration pass. It will do up to 10 code sections if, for some reason, you need that many opportunities to configure a single instance. Not me. I’ve only ever needed three or four total. The New-AWSUserDataMultipleRunTemplate function still includes the EnableUserData and EnableRestart switch parameters. Both have the default parameter value AllButLast, however, both parameters can accept All as the value, too. If this is used for the EnableRestart switch parameter, the EC2 instance will restart after the last time it’s configured (the last code section). In my experience, it’s not always necessary to restart an instance after its final configuration, but this would allow for the time it’s needed. Once you get to know the produced code well, you can manually edit it if necessary.
The produced code has three definitive sections. We’ll start with the below, third section. By default, the New-AWSUserDataMultipleRunTemplate function creates two code sections within the third section. Read that a few times; it’s confusing. It’s like this: The produced code consists of three sections (they each start with # >>). Inside the third one, is where you can have multiple code sections, where user code, that someone else provides, maybe you, is executed against an instance. Notice that there are two comments inside our If-ElseIf statement. On the first pass, it’ll run whatever the code that the user enters to replace “# CodeSection 1.” After the UserData is enabled and the instance is restarted, it’ll run whatever code is entered to replace “# CodeSection 2.” We’ll see more about how it does this shortly.
# >> Run user code/invoke Set-SystemForNextRun function.
If (-Not((Get-ItemProperty -Path 'HKLM:\SOFTWARE\MistFit').CodeSection1 -eq 'Complete')) {
# CodeSection 1.
Set-SystemForNextRun -CodeSectionComplete 1 -ResetUserData -RestartInstance
} ElseIf (-Not((Get-ItemProperty -Path 'HKLM:\SOFTWARE\MistFit').CodeSection2 -eq 'Complete')) {
# CodeSection 2.
Set-SystemForNextRun -CodeSectionComplete 2
} # End If-ElseIf.
Now that we’ve spent some time with the third section of our produced code, let’s move upward and focus on the middle, or second section, of the code that’s been produced. Here’s that second section, now. It’s real simple. If a specific Windows Registry Subkey doesn’t exist, it’s created. The need to create this will only happen once (the first run). Every other time this If statement fires, it’ll be false and therefore, it won’t attempt to create (something that’s already been created).
# >> Create/Check for Registry Subkey.
If (-Not(Get-Item -Path 'HKLM:\SOFTWARE\MistFit' -ErrorAction SilentlyContinue)) {
[System.Void](New-Item -Path 'HKLM:\SOFTWARE\' -Name 'MistFit')
} # End If.
And, here’s the first section, last. This function, Set-SystemForNextRun, is placed into memory after this portion of the UserData is executed. It’s invoked by the third section. If you go back up to where we discussed the third section, you’ll see where.
# >> Add function to memory.
Function Set-SystemForNextRun {
Param (
[string]$CodeSectionComplete,
[switch]$ResetUserData,
[switch]$RestartInstance
)
If ($CodeSectionComplete) {
[System.Void](New-ItemProperty -Path 'HKLM:\SOFTWARE\MistFit' -Name "CodeSection$CodeSectionComplete" -Value 'Complete')
} # End If.
If ($ResetUserData) {
try {
$Path = 'C:\Program Files\Amazon\Ec2ConfigService\Settings\config.xml'
[xml]$ConfigXml = Get-Content -Path $Path -ErrorAction Stop
($ConfigXml.Ec2ConfigurationSettings.Plugins.Plugin |
Where-Object -Property Name -eq 'Ec2HandleUserData').State = 'Enabled'
$ConfigXml.Save($Path)
} catch {
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 -Schedule
} # End try-catch.
} # End If.
If ($RestartInstance) {
Restart-Computer -Force
} # End If.
} # End Function: Set-SystemForNextRun.
In the first code section of the third overall section, Set-SystemForNextRun was first invoked with all three possible parameters. The first parameter is sent in a numeric 1 to the CodeSectionComplete parameter. This created a new Registry value in the “HKLM:\SOFTWARE\MistFit” path. It coerced the number into a string, creating a Registry value named CodeSection1 that had a string value of Complete. These values are how the code knows what’s been done before, and what still needs to be completed. The second parameter was the ResetUserData switch parameter, indicating to enable UserData to run again, the next time the computer is restarted. The third parameter, RestartInstance, as seen below, restarts the computer, right then and there.
Set-SystemForNextRun -CodeSectionComplete 1 -ResetUserData -RestartInstance
In the second code section, it was invoked differently. This time it only updated the Registry. As it was the last code section to execute against the instance, we didn’t opt to enable UserData again or restart the instance. This won’t always be the case. It’s Windows; we may want a final, nerve-calming restart to take place.
Set-SystemForNextRun -CodeSectionComplete 2
This is a good amount of information in which to wrap your head around. The whole PowerShell function to create PowerShell can make it difficult. I did a bunch of renaming of parameters in this version and tripped myself up a few times. Luckily, it was only briefly. Had it not been, I wouldn’t be able to finish writing now and go to bed. All that said, if you have any questions, I shouldn’t be too difficult to track down.