Bootstrapping EC2 with Pulumi

Scripting user-data the right way

Featured image

Using user-data scripts to bootstrap your servers with Pulumi using bash scripts. I had a task of using a big user-data script that install a bunch of software into the EC2 instances, and I was not able to find any useful documentation on how to do that, all the documentation around was just injecting some small lines for the user-data part, but we wanted to have the scripts apart and not live in the same Phyton file, so I had to do it myself from scratch, here is how it went down.

But first, a brief introduction to what IaC and Pulumi are.

Infrastructure as Code

Infrastructure as Code (IaC) is a practice of defining and managing your infrastructure using machine-readable files instead of manual processes. This approach has become increasingly popular over the past few years, as it provides a way to automate the provisioning and management of cloud resources, leading to greater efficiency and scalability.

One of the most popular tools for implementing IaC is Terraform, which allows developers to write code that defines their infrastructure as a set of declarative configuration files. Terraform has been widely adopted by organizations of all sizes and has become the de facto standard for implementing IaC in many industries.

However, in recent years, a new player has emerged in the IaC space: Pulumi. Pulumi is a cloud infrastructure management platform that allows developers to write code in their preferred programming language (such as Python, Go, or TypeScript) to define their infrastructure. Pulumi’s approach differs from Terraform’s in that it allows developers to write their infrastructure as real code, instead of configuration files. This makes it easier to reuse and share code across projects, and to integrate with existing development workflows and tools.

One reason for the growing popularity of Pulumi is its ease of use. While Terraform requires a significant amount of configuration and setup to get started, Pulumi is designed to be developer-friendly and easy to learn. With its simple and intuitive API, Pulumi allows developers to focus on writing code to define their infrastructure, instead of spending time on the details of configuration files and templates.

Another reason for the growth of Pulumi is its support for modern cloud-native technologies, such as Kubernetes and serverless computing. Pulumi allows developers to define and manage their infrastructure using these technologies, which are becoming increasingly popular for building and deploying modern applications. This support makes it easier for developers to adopt these technologies and integrate them into their existing infrastructure.

The actual work

We are using Python, in the we add the following in order to read the entire bash that lives in the same directory as the Phyton file.
with open('', 'r') as init_script:
    data =
amazing_script = data

def gen_ecs_user_data(api_key, bind_pw, ecs_cluster_name, add_luthor=False):
    user_data = {
        "packages": ["awscli"],
        "runcmd": [
            'echo "%sudo   ALL=(ALL)       NOPASSWD:ALL" | tee -a /etc/sudoers',

At the end we can see how we are using the multi-part user-script, and we have an echo command and then we just add the amazing_script variable, which now contains all the lines from the bash script. In this specific case, we are using a def gen_ecs_user_data to define a general user data, that later on we can reference in any EC2 related resource to add the user data, that is, a standalone EC2 instance or ASG and Launch Templates.

In conclusion, Infrastructure as Code is a powerful approach to managing cloud infrastructure that has gained significant traction in recent years. While Terraform has been the dominant tool in this space, Pulumi is emerging as a popular alternative, due to its ease of use, support for modern cloud-native technologies, and its ability to write infrastructure as real code. As more organizations adopt cloud infrastructure management platforms, it is likely that we will see a continued shift towards tools like Pulumi that make it easier for developers to manage their infrastructure using the tools and languages they are already familiar with.

I hope you find this blog useful.

Build On!