[SOLVED] EC2 User data - Disable it after all conditions are met in user data

Issue

I'm trying to rename hostname and add to AD of a spot instance. It is a simple powershell script. I've read the docs that by default user data will be disable after it gets executed once and if <persist>true</persist> is used it will not be disabled.

I think I saw somewhere this(enabling to be run at each startup) is done via taskscheduler but can't find the link.

Can someone point me to the task scheduler job or the way to manually disable the userdata once my if conditions are met.

<powershell>
Set-ExecutionPolicy unrestricted -Force

$instanceName = "test-name5"

$username = "domain\username"
$password = "password" | ConvertTo-SecureString -AsPlainText -Force
$cred = New-Object -typename System.Management.Automation.PSCredential($username, $password)


Start-Sleep -s 5

$hostname = hostname
$domain = (Get-WmiObject win32_computersystem).Domain
if (!($hostname -eq $instanceName)){
     Rename-Computer -NewName $instanceName -restart -force
}Elseif (!($domain -eq 'my.domain.local')){
     Start-Sleep -s 5
     Add-Computer -DomainName my.domain.local -OUPath "OU=Windows,OU=QAServers,OU=Servers,DC=my,DC=domain,DC=local" -Credential $cred -Force -Restart -erroraction 'stop'
}Else {
     ####code to disable the running of userdata once above conditions 
     are met####
}
</powershell>
<persist>true</persist>

Solution

It's worth reading the ec2config-service documentation, as the setting you want is referenced in there.

You want the Ec2HandleUserData setting, which is configured in the Config.xml.

Powershell can easily update this setting:

$path = 'C:\Program Files\Amazon\Ec2ConfigService\Settings\config.xml'
$xml = [xml](Get-Content $path)
$state = $xml.Ec2ConfigurationSettings.Plugins.Plugin | where {$_.Name -eq 'Ec2HandleUserData'}
$state.State = 'Disabled'
$xml.Save($path)

I use this code when creating custom AMI's to re-enable userdata handling ($state.State = 'Enabled').

---

EDIT: The above is for ec2config not ec2launch which is what the OP is using. I'd missed this originally.

I this case I think you need to change the way your script runs, rather than use <persist> and then try to disable its functionality, I would remove the persist tag and call InitializeInstance.ps1 –Schedule (documentation link) in your if for the conditions you want the userdata to re-run:

if ($hostname -ne $instanceName) {
    & C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 -Schedule
    Rename-Computer -NewName $instanceName -Restart -Force
}
elseif ($domain -ne 'my.domain.local') {
    & C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 -Schedule
    Add-Computer -DomainName aws.macmillan.local -OUPath "OU=Windows,OU=QAServers,OU=Servers,DC=my,DC=domain,DC=local" -Credential $cred -Force -Restart -ErrorAction 'stop'
}

Answered By - henrycarteruk

Answer Checked By - Timothy Miller (WPSolving Admin)