Managing AWS resources using Puppet

29 / Jun / 2015 by Sharad Aggarwal 2 comments

This post showcases the latest functionality added to puppet resource library to manage AWS resources. Various AWS resources like EC2 instances, route53, RDS and ELB etc. can be managed, described and created using this module. This will also help to keep track of launching an instance in a new security group or an existing one and various other similar problems.

The remainder of this post discusses how to enable Puppet AWS module and running a few use cases using the same. Puppet Labs AWS module only works with puppet version 3.4 or above. The blog assumes that puppetmaster/agent setup with AWS CLI installed. This blog post will not discuss setting up puppetmaster/agent setup, however, you can refer here for the same. Commands to setup this module on puppet v3.7.4 on Amazon Linux AMI release 2015.03 are illustrated below.

Configure AWS CLI using below command,

[js]aws configure[/js]


Install aws-SDK-core and retries gem using below command,

[js]gem install aws-sdk-core
gem install retries[/js]

Finally, install the module, using below command

[js]puppet module install puppetlabs-aws[/js]

After successful installation and configuration of AWS module, we can test the setup by performing a few functions as listed below,

1) Command to Describe all the existing instances is given below and the output will hold various details of an instance, for eg, its state, AZ, AMI ID, instance ID etc. as shown in the snapshot.

[js]puppet resource ec2_instance[/js]


2) The second use case to check if everything is up and running, create a manifest file with name site.pp with the below-provided code and run the command “puppet apply site.pp” at puppetmaster itself as shown below.

This module, if applied successfully will launch a new t2.micro type instance with tagname “puppetcreated”.

In the similar fashion, AWS security group, Elastic Load Balancer can also be created. AWS module is still in the development phase and possesses control of only a few AWS resources. However, refer here to get more information about the available puppet resource types for managing AWS resources.

Sharad Aggarwal


comments (2)

  1. ace garza

    Hello I followed everything and tried to create ec2_instance in site.pp using puppet but there is some issue with security group. When I put ‘default’ it tells me that :
    Error: Security groups ‘default’ not found in VPCs ‘vpc-a37c53c6, vpc-82320fe7, vpc-e9f04e8c’
    Error: /Stage[main]/Main/Ec2_instance[puppetcreatedme]/ensure: change from absent to present failed: Security groups ‘default’ not found in VPCs ‘vpc-a37c53c6, vpc-82320fe7, vpc-e9f04e8c’

    and when I put the security group I had created, it still tells me the same error.

    Please guide

    here is the puppet code i put in site.pp:
    ec2_instance { ‘puppetcreatedme’:
    ensure => ‘present’,
    region => ‘us-west-1’,
    image_id => ‘ami-d1315fb1’,
    instance_type => ‘t2.micro’,
    security_groups => ‘default’,
    key_name => ‘aayush_puppet_cali1’,


Leave a Reply

Your email address will not be published. Required fields are marked *