How do I orchestrate EC2 instances with AWS Step Functions?
In this guide, we will demonstrate how to orchestrate AWS EC2 instances using AWS Step Functions with Pulumi. We will create an EC2 instance and a Step Function that manages the lifecycle of the instance. The Step Function will include states for starting, stopping, and terminating the EC2 instance.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Create an EC2 Key Pair
const keyPair = new aws.ec2.KeyPair("keyPair", {
publicKey: "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArvN3... user@hostname"
});
// Create an EC2 Security Group
const securityGroup = new aws.ec2.SecurityGroup("securityGroup", {
description: "Allow SSH",
ingress: [
{ protocol: "tcp", fromPort: 22, toPort: 22, cidrBlocks: ["0.0.0.0/0"] },
],
egress: [
{ protocol: "-1", fromPort: 0, toPort: 0, cidrBlocks: ["0.0.0.0/0"] },
],
});
// Create an EC2 instance
const ec2Instance = new aws.ec2.Instance("ec2Instance", {
instanceType: "t2.micro",
ami: "ami-0c55b159cbfafe1f0", // Amazon Linux 2 AMI
keyName: keyPair.keyName,
vpcSecurityGroupIds: [securityGroup.id],
tags: {
Name: "PulumiEC2Instance",
},
});
// Create an IAM Role for Step Functions
const role = new aws.iam.Role("role", {
assumeRolePolicy: aws.iam.assumeRolePolicyForPrincipal({ Service: "states.amazonaws.com" }),
});
// Attach the AWS managed policy for Step Functions to the role
const policyAttachment = new aws.iam.RolePolicyAttachment("policyAttachment", {
role: role.name,
policyArn: "arn:aws:iam::aws:policy/service-role/AWSStepFunctionsFullAccess",
});
// Define the Step Function
const stateMachine = new aws.sfn.StateMachine("stateMachine", {
roleArn: role.arn,
definition: JSON.stringify({
Comment: "A simple AWS Step Function to manage EC2 instance lifecycle",
StartAt: "StartInstance",
States: {
StartInstance: {
Type: "Task",
Resource: "arn:aws:states:::ec2:startInstances.sync",
Parameters: {
InstanceIds: [ec2Instance.id],
},
Next: "StopInstance",
},
StopInstance: {
Type: "Task",
Resource: "arn:aws:states:::ec2:stopInstances.sync",
Parameters: {
InstanceIds: [ec2Instance.id],
},
Next: "TerminateInstance",
},
TerminateInstance: {
Type: "Task",
Resource: "arn:aws:states:::ec2:terminateInstances.sync",
Parameters: {
InstanceIds: [ec2Instance.id],
},
End: true,
},
},
}),
});
// Export the instance ID and state machine ARN
export const instanceId = ec2Instance.id;
export const stateMachineArn = stateMachine.arn;
Key Points
- We created an EC2 instance with a security group that allows SSH access.
- We set up an IAM role and attached a policy to allow AWS Step Functions to manage EC2 instances.
- We defined a Step Function with tasks to start, stop, and terminate the EC2 instance.
- The instance ID and state machine ARN are exported for reference.
Summary
In this guide, we demonstrated how to use Pulumi to orchestrate AWS EC2 instances with AWS Step Functions. We created an EC2 instance, set up the necessary IAM role and policies, and defined a Step Function to manage the instance lifecycle. This setup can be used to automate the management of EC2 instances in your AWS environment.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.