Giter Site home page Giter Site logo

autottd's Introduction

autottd ⚙️

Automate and sandbox TTD recording with AWS

Setup

autottd AMI

Create new role and policy

The EC2 instances must have some S3 permissions:

autottdBucketPolicy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:GetObjectTagging",
                "s3:ListBucket",
                "s3:DeleteObject"
            ],
            "Resource": [
                "arn:aws:s3:::autottd-bucket",
                "arn:aws:s3:::autottd-bucket/*"
            ]
        }
    ]
}

Create a new role autottdEC2Role with this policy.

Create a new AMI

Launch a classic Windows AMI, and execute this:

#Install aws
msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi

#Install TTD
Invoke-WebRequest https://aka.ms/ttd/download -OutFile ttd.appinstaller
Add-AppxPackage -AppInstallerFile ttd.appinstaller

Then, create a new AMI based on this image. Don't forget to change/save the password of the instance if you want to debug the AMI created later.

Lambda functions

Policy and Role

Create a new policy for lambda functions. Lambda must be able to:

  • Run and manage EC2 all instances (maybe be more granular)
  • Read and manage autottd S3 bucket
  • Log (lambda constraint)
  • Pass the role autottdEC2Role to the created instances

autottdHandlerPolicy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "EC2Managment",
            "Effect": "Allow",
            "Action": [
                "ec2:TerminateInstances",
                "ec2:CreateTags",
                "ec2:RunInstances",
                "ec2:DescribeInstances"
            ],
            "Resource": "*"
        },
        {
            "Sid": "S3",
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::autottd-bucket",
                "arn:aws:s3:::autottd-bucket/*"
            ]
        },
        {
            "Sid": "Logs",
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogStream",
                "logs:CreateLogGroup",
                "logs:PutLogEvents"
            ],
            "Ressource": [
                "arn:aws:logs:*:*:*"
            ]
        }
        {
            "Sid": "IAMForEC2Instance",
            "Effect": "Allow",
            "Action": [
                "iam:PassRole"
            ],
            "Resource": [
                "arn:aws:iam::<account>:role/autottdEC2Role"
            ]
        }
    ]
}

Create associated role autottdHandlerRole.

Todo Handler

Generate the lambda function with:

python .\generateTodoHandler.py

Create a new lambda autottdTodoHandler with this function and the role autottdHandlerRole. Use a simple S3 trigger that matches todo/*.exe:

Service principal: s3.amazonaws.com
Bucket arn: arn:aws:s3:::autottd-bucket
Event types: s3:ObjectCreated:*
Prefix: todo/
Suffix: .exe

Done Handler

Create a new lambda autottdDoneHandler with the function in autottdDoneHandler and the role autottdHandlerRole. Use a simple S3 trigger that matches done/*.zip:

Service principal: s3.amazonaws.com
Bucket arn: arn:aws:s3:::autottd-bucket
Event types: s3:ObjectCreated:*
Prefix: done/
Suffix: .zip

Usage

Coming soon...

autottd's People

Contributors

atxr avatar

Stargazers

Sylvain Peyrefitte avatar avatar

Watchers

avatar

autottd's Issues

Execute userdata script without using RDP

Currently, there is no way to execute the userdata script that performs the TTD record with connecting to the EC2 instance using RDP.
It seems that the logon script needs some incoming connection to be triggered.

For automation purposes, this isn't really convenient because it adds some useless user interaction.

Automate autottd deployment

Currently, the autottd setup is manual and quite long.
The idea would be to have a automated pipeline that could deploy the autottd architecture.
Maybe Terraform or aws cloudformation could do the job?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.