How to automate root device volume tags using CloudFormation

Question

How to automate root device volume tags using CloudFormation

I can’t tag the volume of the root device attached to EC2 using CloudFormation to display blocking devices because the tags do not apply to Amazon EBS volumes created from device block mappings . Can the tagging root device volume be automated using CloudFormation in any way? Thanks.

+4

amazon-web-services amazon-cloudformation

randhirkr Nov 10 '15 at 3:50

source share

1 answer

georgealton · Answer 1 · 2016-10-14T20:31:44+0000

This can be done using UserData - if you are using a linux host with cloudinit and awscli installed , you can run the following in the UserData script to mark all volumes associated with the instance

"VOLUME_IDS=$(aws ec2 describe-volumes --output text --filters Name=attachment.instance-id,Values=$(curl http://169.254.169.254/latest/meta-data/instance-id) --query 'Volumes[].VolumeId')",
"aws ec2 create-tags --resources ${VOLUME_IDS} --tags Key=my,Value=tag"

make sure that when you start your EC2 instance, it has an IAM instance policy that allows you to create tags and describe volumes

"PolicyDocument": {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "ec2:CreateTags",
                "ec2:DescribeVolumes"
            ],
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}

How to automate root device volume tags using CloudFormation

More articles: